diff --git a/go.mod b/go.mod index e23b08c93..b2d3710e8 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,6 @@ require ( k8s.io/component-base v0.35.0 k8s.io/controller-manager v0.35.0 k8s.io/klog/v2 v2.130.1 - k8s.io/kubernetes v1.35.0 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 ) @@ -30,7 +29,6 @@ require ( github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/distribution/reference v0.6.0 // indirect github.com/emicklei/go-restful/v3 v3.12.2 // indirect github.com/felixge/fgprof v0.9.4 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect @@ -59,13 +57,11 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/opencontainers/go-digest v1.0.0 // indirect github.com/pkg/profile v1.7.0 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/common v0.66.1 // indirect github.com/prometheus/procfs v0.16.1 // indirect - github.com/robfig/cron/v3 v3.0.1 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.9 // indirect github.com/stoewer/go-strcase v1.3.0 // indirect @@ -104,12 +100,9 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.35.0 // indirect k8s.io/apiserver v0.35.0 // indirect - k8s.io/component-helpers v0.35.0 // indirect k8s.io/kms v0.35.0 // indirect k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect - k8s.io/kubelet v0.35.0 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 // indirect sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect diff --git a/go.sum b/go.sum index a58270100..4fe7257bb 100644 --- a/go.sum +++ b/go.sum @@ -33,8 +33,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= -github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= @@ -138,8 +136,6 @@ github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k= -github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= -github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/openshift/api v0.0.0-20251214014457-bfa868a22401 h1:goMf6pBtRFSQaVElFk6K+GIAqnv7O84p7PJHH6pDz/E= github.com/openshift/api v0.0.0-20251214014457-bfa868a22401/go.mod h1:d5uzF0YN2nQQFA0jIEWzzOZ+edmo6wzlGLvx5Fhz4uY= github.com/openshift/build-machinery-go v0.0.0-20250602125535-1b6d00b8c37c h1:gJvhduWIrpzoUTwrJjjeul+hGETKkhRhEZosBg/X3Hg= @@ -162,8 +158,6 @@ github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9Z github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= -github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= -github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -319,8 +313,6 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY= k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA= -k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4= -k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU= k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8= k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns= k8s.io/apiserver v0.35.0 h1:CUGo5o+7hW9GcAEF3x3usT3fX4f9r8xmgQeCBDaOgX4= @@ -329,8 +321,6 @@ k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE= k8s.io/client-go v0.35.0/go.mod h1:q2E5AAyqcbeLGPdoRB+Nxe3KYTfPce1Dnu1myQdqz9o= k8s.io/component-base v0.35.0 h1:+yBrOhzri2S1BVqyVSvcM3PtPyx5GUxCK2tinZz1G94= k8s.io/component-base v0.35.0/go.mod h1:85SCX4UCa6SCFt6p3IKAPej7jSnF3L8EbfSyMZayJR0= -k8s.io/component-helpers v0.35.0 h1:wcXv7HJRksgVjM4VlXJ1CNFBpyDHruRI99RrBtrJceA= -k8s.io/component-helpers v0.35.0/go.mod h1:ahX0m/LTYmu7fL3W8zYiIwnQ/5gT28Ex4o2pymF63Co= k8s.io/controller-manager v0.35.0 h1:KteodmfVIRzfZ3RDaxhnHb72rswBxEngvdL9vuZOA9A= k8s.io/controller-manager v0.35.0/go.mod h1:1bVuPNUG6/dpWpevsJpXioS0E0SJnZ7I/Wqc9Awyzm4= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= @@ -339,10 +329,6 @@ k8s.io/kms v0.35.0 h1:/x87FED2kDSo66csKtcYCEHsxF/DBlNl7LfJ1fVQs1o= k8s.io/kms v0.35.0/go.mod h1:VT+4ekZAdrZDMgShK37vvlyHUVhwI9t/9tvh0AyCWmQ= k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= -k8s.io/kubelet v0.35.0 h1:8cgJHCBCKLYuuQ7/Pxb/qWbJfX1LXIw7790ce9xHq7c= -k8s.io/kubelet v0.35.0/go.mod h1:ciRzAXn7C4z5iB7FhG1L2CGPPXLTVCABDlbXt/Zz8YA= -k8s.io/kubernetes v1.35.0 h1:PUOojD8c8E3csMP5NX+nLLne6SGqZjrYCscptyBfWMY= -k8s.io/kubernetes v1.35.0/go.mod h1:Tzk9Y9W/XUFFFgTUVg+BAowoFe+Pc7koGLuaiLHdcFg= k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 h1:jpcvIRr3GLoUoEKRkHKSmGjxb6lWwrBlJsXc+eUYQHM= diff --git a/pkg/route/ingress/ingress.go b/pkg/route/ingress/ingress.go index 82e02ff93..4177fd116 100644 --- a/pkg/route/ingress/ingress.go +++ b/pkg/route/ingress/ingress.go @@ -27,6 +27,7 @@ import ( "k8s.io/apimachinery/pkg/util/wait" coreinformers "k8s.io/client-go/informers/core/v1" networkingv1informers "k8s.io/client-go/informers/networking/v1" + "k8s.io/client-go/kubernetes/scheme" kv1core "k8s.io/client-go/kubernetes/typed/core/v1" kv1networking "k8s.io/client-go/kubernetes/typed/networking/v1" corelisters "k8s.io/client-go/listers/core/v1" @@ -35,7 +36,6 @@ import ( "k8s.io/client-go/tools/record" "k8s.io/client-go/util/workqueue" "k8s.io/component-base/metrics/legacyregistry" - "k8s.io/kubernetes/pkg/api/legacyscheme" routev1 "github.com/openshift/api/route/v1" routeclient "github.com/openshift/client-go/route/clientset/versioned/typed/route/v1" @@ -177,7 +177,7 @@ func NewController(eventsClient kv1core.EventsGetter, routeClient routeclient.Ro broadcaster.StartLogging(klog.Infof) // TODO: remove the wrapper when every clients have moved to use the clientset. broadcaster.StartRecordingToSink(&kv1core.EventSinkImpl{Interface: eventsClient.Events("")}) - recorder := broadcaster.NewRecorder(legacyscheme.Scheme, corev1.EventSource{Component: "ingress-to-route-controller"}) + recorder := broadcaster.NewRecorder(scheme.Scheme, corev1.EventSource{Component: "ingress-to-route-controller"}) c := &Controller{ eventRecorder: recorder, diff --git a/pkg/route/ingressip/service_ingressip_controller.go b/pkg/route/ingressip/service_ingressip_controller.go index 5f20dcae5..fbbff11eb 100644 --- a/pkg/route/ingressip/service_ingressip_controller.go +++ b/pkg/route/ingressip/service_ingressip_controller.go @@ -18,15 +18,14 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/wait" kclientset "k8s.io/client-go/kubernetes" + "k8s.io/client-go/kubernetes/scheme" kcoreclient "k8s.io/client-go/kubernetes/typed/core/v1" kv1core "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/client-go/tools/cache" "k8s.io/client-go/tools/record" "k8s.io/client-go/util/workqueue" - "k8s.io/kubernetes/pkg/api/legacyscheme" - "k8s.io/kubernetes/pkg/controller" - "k8s.io/kubernetes/pkg/registry/core/service/allocator" - "k8s.io/kubernetes/pkg/registry/core/service/ipallocator" + + "github.com/openshift/route-controller-manager/pkg/utils/ipallocator" ) const ( @@ -85,7 +84,7 @@ type serviceChange struct { func NewIngressIPController(services cache.SharedIndexInformer, kc kclientset.Interface, ipNet *net.IPNet, resyncInterval time.Duration) *IngressIPController { eventBroadcaster := record.NewBroadcaster() eventBroadcaster.StartRecordingToSink(&kv1core.EventSinkImpl{Interface: kc.CoreV1().Events("")}) - recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: "ingressip-controller"}) + recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "ingressip-controller"}) ic := &IngressIPController{ client: kc.CoreV1(), @@ -115,9 +114,7 @@ func NewIngressIPController(services cache.SharedIndexInformer, kc kclientset.In ic.changeHandler = ic.processChange ic.persistenceHandler = persistService - ic.ipAllocator, _ = ipallocator.New(ipNet, func(max int, rangeSpec string, offset int) (allocator.Interface, error) { - return allocator.NewAllocationMap(max, rangeSpec), nil - }) + ic.ipAllocator, _ = ipallocator.NewInMemory(ipNet) ic.allocationMap = make(map[string]string) ic.requeuedAllocations = sets.NewString() @@ -138,7 +135,7 @@ func (ic *IngressIPController) enqueueChange(new interface{}, old interface{}) { if new != nil { // Queue the key needed to retrieve the lastest state from the // cache when the change is processed. - key, err := controller.KeyFunc(new) + key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(new) if err != nil { utilruntime.HandleError(fmt.Errorf("Couldn't get key for object %+v: %v", new, err)) return @@ -274,7 +271,7 @@ func (ic *IngressIPController) processInitialSync() bool { // Add pending service additions back to the queue in consistent order. sort.Sort(serviceAge(pendingServices)) for _, service := range pendingServices { - if key, err := controller.KeyFunc(service); err == nil { + if key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(service); err == nil { klog.V(5).Infof("Adding service back to queue: %v ", key) change := &serviceChange{key: key} ic.queue.Add(change) @@ -443,7 +440,7 @@ func (ic *IngressIPController) clearOldAllocation(new, old *v1.Service) bool { // New allocation differs from old due to update or deletion // Get the key from the old service since the new service may be nil - if key, err := controller.KeyFunc(old); err == nil { + if key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(old); err == nil { ic.clearLocalAllocation(key, oldIP) return true } else { diff --git a/pkg/route/ingressip/service_ingressip_controller_test.go b/pkg/route/ingressip/service_ingressip_controller_test.go index 73d29467f..1b93e4ecd 100644 --- a/pkg/route/ingressip/service_ingressip_controller_test.go +++ b/pkg/route/ingressip/service_ingressip_controller_test.go @@ -19,8 +19,8 @@ import ( clientgotesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/cache" "k8s.io/client-go/util/workqueue" - "k8s.io/kubernetes/pkg/controller" - "k8s.io/kubernetes/pkg/registry/core/service/ipallocator" + + "github.com/openshift/route-controller-manager/pkg/utils/ipallocator" ) const namespace = "ns" @@ -33,7 +33,7 @@ func newController(t *testing.T, client *fake.Clientset, stopCh <-chan struct{}) if client == nil { client = fake.NewSimpleClientset() } - informerFactory := informers.NewSharedInformerFactory(client, controller.NoResyncPeriodFunc()) + informerFactory := informers.NewSharedInformerFactory(client, 0) controller := NewIngressIPController( informerFactory.Core().V1().Services().Informer(), client, ipNet, 10*time.Minute, diff --git a/pkg/utils/ipallocator/README.md b/pkg/utils/ipallocator/README.md new file mode 100644 index 000000000..f5e0b550f --- /dev/null +++ b/pkg/utils/ipallocator/README.md @@ -0,0 +1,23 @@ +# ipallocator + +Minimal in-memory IP range allocator for assigning IPs from a CIDR block. + +## Provenance + +This code is copied from two packages in **k8s.io/kubernetes v1.35.0**: + +- `k8s.io/kubernetes/pkg/registry/core/service/allocator` — bitmap allocator +- `k8s.io/kubernetes/pkg/registry/core/service/ipallocator` — IP range wrapper + +Only the code paths used by the IngressIP controller (`pkg/route/ingressip/`) are +included. The following features from the original were removed: + +- Metrics recording (`metricsRecorderInterface`, Prometheus counters) +- Dry-run support (`DryRun()`, `dryRunRange`) +- Snapshot/restore (`Snapshot()`, `Restore()`, `NewFromSnapshot`) +- IPFamily tracking (`IPFamily()`, `api.IPFamily` dependency) +- Factory pattern (`New()` with `AllocatorWithOffsetFactory`) +- Unused methods: `ForEach()`, `Destroy()`, `CIDR()`, `Used()`, `EnableMetrics()` + +This eliminates the dependency on `k8s.io/kubernetes` (the monorepo). +IP math uses `k8s.io/utils/net` which is a standalone module. diff --git a/pkg/utils/ipallocator/allocator.go b/pkg/utils/ipallocator/allocator.go new file mode 100644 index 000000000..fd07023de --- /dev/null +++ b/pkg/utils/ipallocator/allocator.go @@ -0,0 +1,176 @@ +/* +Copyright 2015 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package ipallocator + +import ( + "fmt" + "math/big" + "math/rand" + "sync" + "time" +) + +// allocatorInterface manages the allocation of items out of a range. +type allocatorInterface interface { + Allocate(int) (bool, error) + AllocateNext() (int, bool, error) + Release(int) error + Has(int) bool + Free() int +} + +// allocationBitmap is a contiguous block of resources that can be allocated atomically. +// +// Each resource has an offset. The internal structure is a bitmap, with a bit for each offset. +// +// If a resource is taken, the bit at that offset is set to one. +// r.count is always equal to the number of set bits and can be recalculated at any time +// by counting the set bits in r.allocated. +type allocationBitmap struct { + strategy bitAllocator + max int + rangeSpec string + + lock sync.Mutex + count int + allocated *big.Int +} + +var _ allocatorInterface = &allocationBitmap{} + +// bitAllocator represents a search strategy in the allocation map for a valid item. +type bitAllocator interface { + AllocateBit(allocated *big.Int, max, count int) (int, bool) +} + +// newAllocationMapWithOffset creates an allocation bitmap using a random scan strategy that +// allows to pass an offset that divides the allocation bitmap in two blocks. +// The first block of values will not be used for random value assigned by the AllocateNext() +// method until the second block of values has been exhausted. +func newAllocationMapWithOffset(max int, rangeSpec string, offset int) *allocationBitmap { + return &allocationBitmap{ + strategy: randomScanStrategyWithOffset{ + rand: rand.New(rand.NewSource(time.Now().UnixNano())), + offset: offset, + }, + allocated: big.NewInt(0), + count: 0, + max: max, + rangeSpec: rangeSpec, + } +} + +// Allocate attempts to reserve the provided item. +// Returns true if it was allocated, false if it was already in use. +func (r *allocationBitmap) Allocate(offset int) (bool, error) { + r.lock.Lock() + defer r.lock.Unlock() + + if offset < 0 || offset >= r.max { + return false, fmt.Errorf("offset %d out of range [0,%d]", offset, r.max) + } + if r.allocated.Bit(offset) == 1 { + return false, nil + } + r.allocated = r.allocated.SetBit(r.allocated, offset, 1) + r.count++ + return true, nil +} + +// AllocateNext reserves one of the items from the pool. +// (0, false, nil) may be returned if there are no items left. +func (r *allocationBitmap) AllocateNext() (int, bool, error) { + r.lock.Lock() + defer r.lock.Unlock() + + next, ok := r.strategy.AllocateBit(r.allocated, r.max, r.count) + if !ok { + return 0, false, nil + } + r.count++ + r.allocated = r.allocated.SetBit(r.allocated, next, 1) + return next, true, nil +} + +// Release releases the item back to the pool. Releasing an +// unallocated item or an item out of the range is a no-op and +// returns no error. +func (r *allocationBitmap) Release(offset int) error { + r.lock.Lock() + defer r.lock.Unlock() + + if r.allocated.Bit(offset) == 0 { + return nil + } + + r.allocated = r.allocated.SetBit(r.allocated, offset, 0) + r.count-- + return nil +} + +// Has returns true if the provided item is already allocated and a call +// to Allocate(offset) would fail. +func (r *allocationBitmap) Has(offset int) bool { + r.lock.Lock() + defer r.lock.Unlock() + + return r.allocated.Bit(offset) == 1 +} + +// Free returns the count of items left in the range. +func (r *allocationBitmap) Free() int { + r.lock.Lock() + defer r.lock.Unlock() + return r.max - r.count +} + +// randomScanStrategyWithOffset chooses a random address from the provided big.Int and then scans +// forward looking for the next available address. The big.Int range is subdivided so it will try +// to allocate first from the reserved upper range of addresses (it will wrap the upper subrange if necessary). +// If there is no free address it will try to allocate one from the lower range too. +type randomScanStrategyWithOffset struct { + rand *rand.Rand + offset int +} + +func (rss randomScanStrategyWithOffset) AllocateBit(allocated *big.Int, max, count int) (int, bool) { + if count >= max { + return 0, false + } + subrangeMax := max - rss.offset + start := rss.rand.Intn(subrangeMax) + for i := 0; i < subrangeMax; i++ { + at := rss.offset + ((start + i) % subrangeMax) + if allocated.Bit(at) == 0 { + return at, true + } + } + + // Guard against rand.Intn(0) panic when offset is 0. + if rss.offset > 0 { + start = rss.rand.Intn(rss.offset) + for i := 0; i < rss.offset; i++ { + at := (start + i) % rss.offset + if allocated.Bit(at) == 0 { + return at, true + } + } + } + return 0, false +} + +var _ bitAllocator = randomScanStrategyWithOffset{} diff --git a/pkg/utils/ipallocator/ipallocator.go b/pkg/utils/ipallocator/ipallocator.go new file mode 100644 index 000000000..77450783f --- /dev/null +++ b/pkg/utils/ipallocator/ipallocator.go @@ -0,0 +1,210 @@ +/* +Copyright 2015 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package ipallocator + +import ( + "errors" + "fmt" + "math/big" + "net" + + netutils "k8s.io/utils/net" +) + +var ( + ErrFull = errors.New("range is full") + ErrAllocated = errors.New("provided IP is already allocated") +) + +type ErrNotInRange struct { + IP net.IP + ValidRange string +} + +func (e *ErrNotInRange) Error() string { + return fmt.Sprintf("the provided IP (%v) is not in the valid range. The range of valid IPs is %s", e.IP, e.ValidRange) +} + +// Range is a contiguous block of IPs that can be allocated atomically. +// +// The internal structure of the range is: +// +// For CIDR 10.0.0.0/24 +// 254 addresses usable out of 256 total (minus base and broadcast IPs) +// The number of usable addresses is r.max +// +// CIDR base IP CIDR broadcast IP +// 10.0.0.0 10.0.0.255 +// | | +// 0 1 2 3 4 5 ... ... 253 254 255 +// | | +// r.base r.base + r.max +// | | +// offset #0 of r.allocated last offset of r.allocated +type Range struct { + net *net.IPNet + base *big.Int + max int + + alloc allocatorInterface +} + +// NewInMemory creates an in-memory IP allocator over a net.IPNet. +func NewInMemory(cidr *net.IPNet) (*Range, error) { + max := netutils.RangeSize(cidr) + base := netutils.BigForIP(cidr.IP) + rangeSpec := cidr.String() + + if netutils.IsIPv6CIDR(cidr) { + if max > 65536 { + max = 65536 + } + } else { + // Don't use the IPv4 network's broadcast address. + max-- + } + + // Don't use the network's ".0" address. + base.Add(base, big.NewInt(1)) + max-- + + if max < 0 { + max = 0 + } + + r := Range{ + net: cidr, + base: base, + max: maximum(0, int(max)), + } + + offset := calculateRangeOffset(cidr) + r.alloc = newAllocationMapWithOffset(r.max, rangeSpec, offset) + return &r, nil +} + +func maximum(a, b int) int { + if a > b { + return a + } + return b +} + +// Free returns the count of IP addresses left in the range. +func (r *Range) Free() int { + return r.alloc.Free() +} + +// Allocate attempts to reserve the provided IP. ErrNotInRange or +// ErrAllocated will be returned if the IP is not valid for this range +// or has already been reserved. ErrFull will be returned if there +// are no addresses left. +func (r *Range) Allocate(ip net.IP) error { + ok, offset := r.contains(ip) + if !ok { + return &ErrNotInRange{ip, r.net.String()} + } + + allocated, err := r.alloc.Allocate(offset) + if err != nil { + return err + } + if !allocated { + return ErrAllocated + } + return nil +} + +// AllocateNext reserves one of the IPs from the pool. ErrFull may +// be returned if there are no addresses left. +func (r *Range) AllocateNext() (net.IP, error) { + offset, ok, err := r.alloc.AllocateNext() + if err != nil { + return nil, err + } + if !ok { + return nil, ErrFull + } + return netutils.AddIPOffset(r.base, offset), nil +} + +// Release releases the IP back to the pool. Releasing an +// unallocated IP or an IP out of the range is a no-op and +// returns no error. +func (r *Range) Release(ip net.IP) error { + ok, offset := r.contains(ip) + if !ok { + return nil + } + return r.alloc.Release(offset) +} + +// Has returns true if the provided IP is already allocated and a call +// to Allocate(ip) would fail with ErrAllocated. +func (r *Range) Has(ip net.IP) bool { + ok, offset := r.contains(ip) + if !ok { + return false + } + return r.alloc.Has(offset) +} + +// contains returns true and the offset if the ip is in the range, and false +// and 0 otherwise. The first and last addresses of the CIDR are omitted. +func (r *Range) contains(ip net.IP) (bool, int) { + if !r.net.Contains(ip) { + return false, 0 + } + + offset := calculateIPOffset(r.base, ip) + if offset < 0 || offset >= r.max { + return false, 0 + } + return true, offset +} + +// calculateIPOffset calculates the integer offset of ip from base such that +// base + offset = ip. It requires ip >= base. +func calculateIPOffset(base *big.Int, ip net.IP) int { + return int(big.NewInt(0).Sub(netutils.BigForIP(ip), base).Int64()) +} + +// calculateRangeOffset estimates the offset used on the range for static allocation based on +// the following formula `min(max($min, cidrSize/$step), $max)`, described as ~never less than +// $min or more than $max, with a graduated step function between them~. The function returns 0 +// if any of the parameters is invalid. +func calculateRangeOffset(cidr *net.IPNet) int { + const ( + min = 16 + max = 256 + step = 16 + ) + + cidrSize := netutils.RangeSize(cidr) + if cidrSize <= min { + return 0 + } + + offset := cidrSize / step + if offset < min { + return min + } + if offset > max { + return max + } + return int(offset) +} diff --git a/pkg/utils/ipallocator/ipallocator_test.go b/pkg/utils/ipallocator/ipallocator_test.go new file mode 100644 index 000000000..e68771ab8 --- /dev/null +++ b/pkg/utils/ipallocator/ipallocator_test.go @@ -0,0 +1,176 @@ +/* +Copyright 2015 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package ipallocator + +import ( + "net" + "testing" +) + +func parseCIDR(t *testing.T, cidr string) *net.IPNet { + t.Helper() + _, ipNet, err := net.ParseCIDR(cidr) + if err != nil { + t.Fatalf("unexpected error parsing CIDR %q: %v", cidr, err) + } + return ipNet +} + +func TestNewInMemory(t *testing.T) { + r, err := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + // /28 = 16 addresses, minus network and broadcast = 14 usable + if r.Free() != 14 { + t.Errorf("expected 14 free addresses, got %d", r.Free()) + } +} + +func TestAllocateSpecific(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + ip := net.ParseIP("172.16.0.1") + + if err := r.Allocate(ip); err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !r.Has(ip) { + t.Error("expected ip to be allocated") + } +} + +func TestAllocateNext(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + freeBefore := r.Free() + + ip, err := r.AllocateNext() + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if ip == nil { + t.Fatal("expected non-nil IP") + } + if !r.Has(ip) { + t.Error("allocated IP should be marked as in use") + } + if r.Free() != freeBefore-1 { + t.Errorf("expected %d free, got %d", freeBefore-1, r.Free()) + } +} + +func TestRelease(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + ip := net.ParseIP("172.16.0.1") + + r.Allocate(ip) + freeBefore := r.Free() + + if err := r.Release(ip); err != nil { + t.Fatalf("unexpected error releasing: %v", err) + } + if r.Has(ip) { + t.Error("expected ip to be released") + } + if r.Free() != freeBefore+1 { + t.Errorf("expected %d free, got %d", freeBefore+1, r.Free()) + } +} + +func TestReleaseOutOfRange(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + if err := r.Release(net.ParseIP("10.0.0.1")); err != nil { + t.Errorf("releasing out-of-range IP should be a no-op, got error: %v", err) + } +} + +func TestErrNotInRange(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + + err := r.Allocate(net.ParseIP("10.0.0.1")) + if err == nil { + t.Fatal("expected error for out-of-range IP") + } + if _, ok := err.(*ErrNotInRange); !ok { + t.Errorf("expected *ErrNotInRange, got %T: %v", err, err) + } +} + +func TestErrAllocated(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + ip := net.ParseIP("172.16.0.1") + + r.Allocate(ip) + err := r.Allocate(ip) + if err != ErrAllocated { + t.Errorf("expected ErrAllocated, got %v", err) + } +} + +func TestErrFull(t *testing.T) { + // /30 = 4 addresses, minus network and broadcast = 2 usable + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/30")) + total := r.Free() + for i := 0; i < total; i++ { + if _, err := r.AllocateNext(); err != nil { + t.Fatalf("unexpected error on allocation %d: %v", i, err) + } + } + _, err := r.AllocateNext() + if err != ErrFull { + t.Errorf("expected ErrFull, got %v", err) + } +} + +func TestHasNotAllocated(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + if r.Has(net.ParseIP("172.16.0.1")) { + t.Error("expected Has to return false for unallocated IP") + } +} + +func TestHasOutOfRange(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + if r.Has(net.ParseIP("10.0.0.1")) { + t.Error("expected Has to return false for out-of-range IP") + } +} + +func TestAllocateAndReleaseAll(t *testing.T) { + r, _ := NewInMemory(parseCIDR(t, "172.16.0.0/28")) + total := r.Free() + ips := make([]net.IP, 0, total) + + for i := 0; i < total; i++ { + ip, err := r.AllocateNext() + if err != nil { + t.Fatalf("unexpected error on allocation %d: %v", i, err) + } + ips = append(ips, ip) + } + if r.Free() != 0 { + t.Errorf("expected 0 free, got %d", r.Free()) + } + + for _, ip := range ips { + if err := r.Release(ip); err != nil { + t.Fatalf("unexpected error releasing %v: %v", ip, err) + } + } + if r.Free() != total { + t.Errorf("expected %d free after releasing all, got %d", total, r.Free()) + } +} diff --git a/vendor/github.com/distribution/reference/.gitattributes b/vendor/github.com/distribution/reference/.gitattributes deleted file mode 100644 index d207b1802..000000000 --- a/vendor/github.com/distribution/reference/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -*.go text eol=lf diff --git a/vendor/github.com/distribution/reference/.gitignore b/vendor/github.com/distribution/reference/.gitignore deleted file mode 100644 index dc07e6b04..000000000 --- a/vendor/github.com/distribution/reference/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -# Cover profiles -*.out diff --git a/vendor/github.com/distribution/reference/.golangci.yml b/vendor/github.com/distribution/reference/.golangci.yml deleted file mode 100644 index 793f0bb7e..000000000 --- a/vendor/github.com/distribution/reference/.golangci.yml +++ /dev/null @@ -1,18 +0,0 @@ -linters: - enable: - - bodyclose - - dupword # Checks for duplicate words in the source code - - gofmt - - goimports - - ineffassign - - misspell - - revive - - staticcheck - - unconvert - - unused - - vet - disable: - - errcheck - -run: - deadline: 2m diff --git a/vendor/github.com/distribution/reference/CODE-OF-CONDUCT.md b/vendor/github.com/distribution/reference/CODE-OF-CONDUCT.md deleted file mode 100644 index 48f6704c6..000000000 --- a/vendor/github.com/distribution/reference/CODE-OF-CONDUCT.md +++ /dev/null @@ -1,5 +0,0 @@ -# Code of Conduct - -We follow the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). - -Please contact the [CNCF Code of Conduct Committee](mailto:conduct@cncf.io) in order to report violations of the Code of Conduct. diff --git a/vendor/github.com/distribution/reference/CONTRIBUTING.md b/vendor/github.com/distribution/reference/CONTRIBUTING.md deleted file mode 100644 index ab2194665..000000000 --- a/vendor/github.com/distribution/reference/CONTRIBUTING.md +++ /dev/null @@ -1,114 +0,0 @@ -# Contributing to the reference library - -## Community help - -If you need help, please ask in the [#distribution](https://cloud-native.slack.com/archives/C01GVR8SY4R) channel on CNCF community slack. -[Click here for an invite to the CNCF community slack](https://slack.cncf.io/) - -## Reporting security issues - -The maintainers take security seriously. If you discover a security -issue, please bring it to their attention right away! - -Please **DO NOT** file a public issue, instead send your report privately to -[cncf-distribution-security@lists.cncf.io](mailto:cncf-distribution-security@lists.cncf.io). - -## Reporting an issue properly - -By following these simple rules you will get better and faster feedback on your issue. - - - search the bugtracker for an already reported issue - -### If you found an issue that describes your problem: - - - please read other user comments first, and confirm this is the same issue: a given error condition might be indicative of different problems - you may also find a workaround in the comments - - please refrain from adding "same thing here" or "+1" comments - - you don't need to comment on an issue to get notified of updates: just hit the "subscribe" button - - comment if you have some new, technical and relevant information to add to the case - - __DO NOT__ comment on closed issues or merged PRs. If you think you have a related problem, open up a new issue and reference the PR or issue. - -### If you have not found an existing issue that describes your problem: - - 1. create a new issue, with a succinct title that describes your issue: - - bad title: "It doesn't work with my docker" - - good title: "Private registry push fail: 400 error with E_INVALID_DIGEST" - 2. copy the output of (or similar for other container tools): - - `docker version` - - `docker info` - - `docker exec registry --version` - 3. copy the command line you used to launch your Registry - 4. restart your docker daemon in debug mode (add `-D` to the daemon launch arguments) - 5. reproduce your problem and get your docker daemon logs showing the error - 6. if relevant, copy your registry logs that show the error - 7. provide any relevant detail about your specific Registry configuration (e.g., storage backend used) - 8. indicate if you are using an enterprise proxy, Nginx, or anything else between you and your Registry - -## Contributing Code - -Contributions should be made via pull requests. Pull requests will be reviewed -by one or more maintainers or reviewers and merged when acceptable. - -You should follow the basic GitHub workflow: - - 1. Use your own [fork](https://help.github.com/en/articles/about-forks) - 2. Create your [change](https://github.com/containerd/project/blob/master/CONTRIBUTING.md#successful-changes) - 3. Test your code - 4. [Commit](https://github.com/containerd/project/blob/master/CONTRIBUTING.md#commit-messages) your work, always [sign your commits](https://github.com/containerd/project/blob/master/CONTRIBUTING.md#commit-messages) - 5. Push your change to your fork and create a [Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork) - -Refer to [containerd's contribution guide](https://github.com/containerd/project/blob/master/CONTRIBUTING.md#successful-changes) -for tips on creating a successful contribution. - -## Sign your work - -The sign-off is a simple line at the end of the explanation for the patch. Your -signature certifies that you wrote the patch or otherwise have the right to pass -it on as an open-source patch. The rules are pretty simple: if you can certify -the below (from [developercertificate.org](http://developercertificate.org/)): - -``` -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. -660 York Street, Suite 102, -San Francisco, CA 94110 USA - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -Then you just add a line to every git commit message: - - Signed-off-by: Joe Smith - -Use your real name (sorry, no pseudonyms or anonymous contributions.) - -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. diff --git a/vendor/github.com/distribution/reference/GOVERNANCE.md b/vendor/github.com/distribution/reference/GOVERNANCE.md deleted file mode 100644 index 200045b05..000000000 --- a/vendor/github.com/distribution/reference/GOVERNANCE.md +++ /dev/null @@ -1,144 +0,0 @@ -# distribution/reference Project Governance - -Distribution [Code of Conduct](./CODE-OF-CONDUCT.md) can be found here. - -For specific guidance on practical contribution steps please -see our [CONTRIBUTING.md](./CONTRIBUTING.md) guide. - -## Maintainership - -There are different types of maintainers, with different responsibilities, but -all maintainers have 3 things in common: - -1) They share responsibility in the project's success. -2) They have made a long-term, recurring time investment to improve the project. -3) They spend that time doing whatever needs to be done, not necessarily what -is the most interesting or fun. - -Maintainers are often under-appreciated, because their work is harder to appreciate. -It's easy to appreciate a really cool and technically advanced feature. It's harder -to appreciate the absence of bugs, the slow but steady improvement in stability, -or the reliability of a release process. But those things distinguish a good -project from a great one. - -## Reviewers - -A reviewer is a core role within the project. -They share in reviewing issues and pull requests and their LGTM counts towards the -required LGTM count to merge a code change into the project. - -Reviewers are part of the organization but do not have write access. -Becoming a reviewer is a core aspect in the journey to becoming a maintainer. - -## Adding maintainers - -Maintainers are first and foremost contributors that have shown they are -committed to the long term success of a project. Contributors wanting to become -maintainers are expected to be deeply involved in contributing code, pull -request review, and triage of issues in the project for more than three months. - -Just contributing does not make you a maintainer, it is about building trust -with the current maintainers of the project and being a person that they can -depend on and trust to make decisions in the best interest of the project. - -Periodically, the existing maintainers curate a list of contributors that have -shown regular activity on the project over the prior months. From this list, -maintainer candidates are selected and proposed in a pull request or a -maintainers communication channel. - -After a candidate has been announced to the maintainers, the existing -maintainers are given five business days to discuss the candidate, raise -objections and cast their vote. Votes may take place on the communication -channel or via pull request comment. Candidates must be approved by at least 66% -of the current maintainers by adding their vote on the mailing list. The -reviewer role has the same process but only requires 33% of current maintainers. -Only maintainers of the repository that the candidate is proposed for are -allowed to vote. - -If a candidate is approved, a maintainer will contact the candidate to invite -the candidate to open a pull request that adds the contributor to the -MAINTAINERS file. The voting process may take place inside a pull request if a -maintainer has already discussed the candidacy with the candidate and a -maintainer is willing to be a sponsor by opening the pull request. The candidate -becomes a maintainer once the pull request is merged. - -## Stepping down policy - -Life priorities, interests, and passions can change. If you're a maintainer but -feel you must remove yourself from the list, inform other maintainers that you -intend to step down, and if possible, help find someone to pick up your work. -At the very least, ensure your work can be continued where you left off. - -After you've informed other maintainers, create a pull request to remove -yourself from the MAINTAINERS file. - -## Removal of inactive maintainers - -Similar to the procedure for adding new maintainers, existing maintainers can -be removed from the list if they do not show significant activity on the -project. Periodically, the maintainers review the list of maintainers and their -activity over the last three months. - -If a maintainer has shown insufficient activity over this period, a neutral -person will contact the maintainer to ask if they want to continue being -a maintainer. If the maintainer decides to step down as a maintainer, they -open a pull request to be removed from the MAINTAINERS file. - -If the maintainer wants to remain a maintainer, but is unable to perform the -required duties they can be removed with a vote of at least 66% of the current -maintainers. In this case, maintainers should first propose the change to -maintainers via the maintainers communication channel, then open a pull request -for voting. The voting period is five business days. The voting pull request -should not come as a surpise to any maintainer and any discussion related to -performance must not be discussed on the pull request. - -## How are decisions made? - -Docker distribution is an open-source project with an open design philosophy. -This means that the repository is the source of truth for EVERY aspect of the -project, including its philosophy, design, road map, and APIs. *If it's part of -the project, it's in the repo. If it's in the repo, it's part of the project.* - -As a result, all decisions can be expressed as changes to the repository. An -implementation change is a change to the source code. An API change is a change -to the API specification. A philosophy change is a change to the philosophy -manifesto, and so on. - -All decisions affecting distribution, big and small, follow the same 3 steps: - -* Step 1: Open a pull request. Anyone can do this. - -* Step 2: Discuss the pull request. Anyone can do this. - -* Step 3: Merge or refuse the pull request. Who does this depends on the nature -of the pull request and which areas of the project it affects. - -## Helping contributors with the DCO - -The [DCO or `Sign your work`](./CONTRIBUTING.md#sign-your-work) -requirement is not intended as a roadblock or speed bump. - -Some contributors are not as familiar with `git`, or have used a web -based editor, and thus asking them to `git commit --amend -s` is not the best -way forward. - -In this case, maintainers can update the commits based on clause (c) of the DCO. -The most trivial way for a contributor to allow the maintainer to do this, is to -add a DCO signature in a pull requests's comment, or a maintainer can simply -note that the change is sufficiently trivial that it does not substantially -change the existing contribution - i.e., a spelling change. - -When you add someone's DCO, please also add your own to keep a log. - -## I'm a maintainer. Should I make pull requests too? - -Yes. Nobody should ever push to master directly. All changes should be -made through a pull request. - -## Conflict Resolution - -If you have a technical dispute that you feel has reached an impasse with a -subset of the community, any contributor may open an issue, specifically -calling for a resolution vote of the current core maintainers to resolve the -dispute. The same voting quorums required (2/3) for adding and removing -maintainers will apply to conflict resolution. diff --git a/vendor/github.com/distribution/reference/LICENSE b/vendor/github.com/distribution/reference/LICENSE deleted file mode 100644 index e06d20818..000000000 --- a/vendor/github.com/distribution/reference/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ -Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/vendor/github.com/distribution/reference/MAINTAINERS b/vendor/github.com/distribution/reference/MAINTAINERS deleted file mode 100644 index 9e0a60c8b..000000000 --- a/vendor/github.com/distribution/reference/MAINTAINERS +++ /dev/null @@ -1,26 +0,0 @@ -# Distribution project maintainers & reviewers -# -# See GOVERNANCE.md for maintainer versus reviewer roles -# -# MAINTAINERS (cncf-distribution-maintainers@lists.cncf.io) -# GitHub ID, Name, Email address -"chrispat","Chris Patterson","chrispat@github.com" -"clarkbw","Bryan Clark","clarkbw@github.com" -"corhere","Cory Snider","csnider@mirantis.com" -"deleteriousEffect","Hayley Swimelar","hswimelar@gitlab.com" -"heww","He Weiwei","hweiwei@vmware.com" -"joaodrp","João Pereira","jpereira@gitlab.com" -"justincormack","Justin Cormack","justin.cormack@docker.com" -"squizzi","Kyle Squizzato","ksquizzato@mirantis.com" -"milosgajdos","Milos Gajdos","milosthegajdos@gmail.com" -"sargun","Sargun Dhillon","sargun@sargun.me" -"wy65701436","Wang Yan","wangyan@vmware.com" -"stevelasker","Steve Lasker","steve.lasker@microsoft.com" -# -# REVIEWERS -# GitHub ID, Name, Email address -"dmcgowan","Derek McGowan","derek@mcgstyle.net" -"stevvooe","Stephen Day","stevvooe@gmail.com" -"thajeztah","Sebastiaan van Stijn","github@gone.nl" -"DavidSpek", "David van der Spek", "vanderspek.david@gmail.com" -"Jamstah", "James Hewitt", "james.hewitt@gmail.com" diff --git a/vendor/github.com/distribution/reference/Makefile b/vendor/github.com/distribution/reference/Makefile deleted file mode 100644 index c78576b75..000000000 --- a/vendor/github.com/distribution/reference/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Project packages. -PACKAGES=$(shell go list ./...) - -# Flags passed to `go test` -BUILDFLAGS ?= -TESTFLAGS ?= - -.PHONY: all build test coverage -.DEFAULT: all - -all: build - -build: ## no binaries to build, so just check compilation suceeds - go build ${BUILDFLAGS} ./... - -test: ## run tests - go test ${TESTFLAGS} ./... - -coverage: ## generate coverprofiles from the unit tests - rm -f coverage.txt - go test ${TESTFLAGS} -cover -coverprofile=cover.out ./... - -.PHONY: help -help: - @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_\/%-]+:.*?##/ { printf " \033[36m%-27s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) diff --git a/vendor/github.com/distribution/reference/README.md b/vendor/github.com/distribution/reference/README.md deleted file mode 100644 index 172a02e0b..000000000 --- a/vendor/github.com/distribution/reference/README.md +++ /dev/null @@ -1,30 +0,0 @@ -# Distribution reference - -Go library to handle references to container images. - - - -[![Build Status](https://github.com/distribution/reference/actions/workflows/test.yml/badge.svg?branch=main&event=push)](https://github.com/distribution/reference/actions?query=workflow%3ACI) -[![GoDoc](https://img.shields.io/badge/go.dev-reference-007d9c?logo=go&logoColor=white&style=flat-square)](https://pkg.go.dev/github.com/distribution/reference) -[![License: Apache-2.0](https://img.shields.io/badge/License-Apache--2.0-blue.svg)](LICENSE) -[![codecov](https://codecov.io/gh/distribution/reference/branch/main/graph/badge.svg)](https://codecov.io/gh/distribution/reference) -[![FOSSA Status](https://app.fossa.com/api/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Freference.svg?type=shield)](https://app.fossa.com/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Freference?ref=badge_shield) - -This repository contains a library for handling references to container images held in container registries. Please see [godoc](https://pkg.go.dev/github.com/distribution/reference) for details. - -## Contribution - -Please see [CONTRIBUTING.md](CONTRIBUTING.md) for details on how to contribute -issues, fixes, and patches to this project. - -## Communication - -For async communication and long running discussions please use issues and pull requests on the github repo. -This will be the best place to discuss design and implementation. - -For sync communication we have a #distribution channel in the [CNCF Slack](https://slack.cncf.io/) -that everyone is welcome to join and chat about development. - -## Licenses - -The distribution codebase is released under the [Apache 2.0 license](LICENSE). diff --git a/vendor/github.com/distribution/reference/SECURITY.md b/vendor/github.com/distribution/reference/SECURITY.md deleted file mode 100644 index aaf983c0f..000000000 --- a/vendor/github.com/distribution/reference/SECURITY.md +++ /dev/null @@ -1,7 +0,0 @@ -# Security Policy - -## Reporting a Vulnerability - -The maintainers take security seriously. If you discover a security issue, please bring it to their attention right away! - -Please DO NOT file a public issue, instead send your report privately to cncf-distribution-security@lists.cncf.io. diff --git a/vendor/github.com/distribution/reference/distribution-logo.svg b/vendor/github.com/distribution/reference/distribution-logo.svg deleted file mode 100644 index cc9f4073b..000000000 --- a/vendor/github.com/distribution/reference/distribution-logo.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/vendor/github.com/distribution/reference/helpers.go b/vendor/github.com/distribution/reference/helpers.go deleted file mode 100644 index d10c7ef83..000000000 --- a/vendor/github.com/distribution/reference/helpers.go +++ /dev/null @@ -1,42 +0,0 @@ -package reference - -import "path" - -// IsNameOnly returns true if reference only contains a repo name. -func IsNameOnly(ref Named) bool { - if _, ok := ref.(NamedTagged); ok { - return false - } - if _, ok := ref.(Canonical); ok { - return false - } - return true -} - -// FamiliarName returns the familiar name string -// for the given named, familiarizing if needed. -func FamiliarName(ref Named) string { - if nn, ok := ref.(normalizedNamed); ok { - return nn.Familiar().Name() - } - return ref.Name() -} - -// FamiliarString returns the familiar string representation -// for the given reference, familiarizing if needed. -func FamiliarString(ref Reference) string { - if nn, ok := ref.(normalizedNamed); ok { - return nn.Familiar().String() - } - return ref.String() -} - -// FamiliarMatch reports whether ref matches the specified pattern. -// See [path.Match] for supported patterns. -func FamiliarMatch(pattern string, ref Reference) (bool, error) { - matched, err := path.Match(pattern, FamiliarString(ref)) - if namedRef, isNamed := ref.(Named); isNamed && !matched { - matched, _ = path.Match(pattern, FamiliarName(namedRef)) - } - return matched, err -} diff --git a/vendor/github.com/distribution/reference/normalize.go b/vendor/github.com/distribution/reference/normalize.go deleted file mode 100644 index f4128314c..000000000 --- a/vendor/github.com/distribution/reference/normalize.go +++ /dev/null @@ -1,255 +0,0 @@ -package reference - -import ( - "fmt" - "strings" - - "github.com/opencontainers/go-digest" -) - -const ( - // legacyDefaultDomain is the legacy domain for Docker Hub (which was - // originally named "the Docker Index"). This domain is still used for - // authentication and image search, which were part of the "v1" Docker - // registry specification. - // - // This domain will continue to be supported, but there are plans to consolidate - // legacy domains to new "canonical" domains. Once those domains are decided - // on, we must update the normalization functions, but preserve compatibility - // with existing installs, clients, and user configuration. - legacyDefaultDomain = "index.docker.io" - - // defaultDomain is the default domain used for images on Docker Hub. - // It is used to normalize "familiar" names to canonical names, for example, - // to convert "ubuntu" to "docker.io/library/ubuntu:latest". - // - // Note that actual domain of Docker Hub's registry is registry-1.docker.io. - // This domain will continue to be supported, but there are plans to consolidate - // legacy domains to new "canonical" domains. Once those domains are decided - // on, we must update the normalization functions, but preserve compatibility - // with existing installs, clients, and user configuration. - defaultDomain = "docker.io" - - // officialRepoPrefix is the namespace used for official images on Docker Hub. - // It is used to normalize "familiar" names to canonical names, for example, - // to convert "ubuntu" to "docker.io/library/ubuntu:latest". - officialRepoPrefix = "library/" - - // defaultTag is the default tag if no tag is provided. - defaultTag = "latest" -) - -// normalizedNamed represents a name which has been -// normalized and has a familiar form. A familiar name -// is what is used in Docker UI. An example normalized -// name is "docker.io/library/ubuntu" and corresponding -// familiar name of "ubuntu". -type normalizedNamed interface { - Named - Familiar() Named -} - -// ParseNormalizedNamed parses a string into a named reference -// transforming a familiar name from Docker UI to a fully -// qualified reference. If the value may be an identifier -// use ParseAnyReference. -func ParseNormalizedNamed(s string) (Named, error) { - if ok := anchoredIdentifierRegexp.MatchString(s); ok { - return nil, fmt.Errorf("invalid repository name (%s), cannot specify 64-byte hexadecimal strings", s) - } - domain, remainder := splitDockerDomain(s) - var remote string - if tagSep := strings.IndexRune(remainder, ':'); tagSep > -1 { - remote = remainder[:tagSep] - } else { - remote = remainder - } - if strings.ToLower(remote) != remote { - return nil, fmt.Errorf("invalid reference format: repository name (%s) must be lowercase", remote) - } - - ref, err := Parse(domain + "/" + remainder) - if err != nil { - return nil, err - } - named, isNamed := ref.(Named) - if !isNamed { - return nil, fmt.Errorf("reference %s has no name", ref.String()) - } - return named, nil -} - -// namedTaggedDigested is a reference that has both a tag and a digest. -type namedTaggedDigested interface { - NamedTagged - Digested -} - -// ParseDockerRef normalizes the image reference following the docker convention, -// which allows for references to contain both a tag and a digest. It returns a -// reference that is either tagged or digested. For references containing both -// a tag and a digest, it returns a digested reference. For example, the following -// reference: -// -// docker.io/library/busybox:latest@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa -// -// Is returned as a digested reference (with the ":latest" tag removed): -// -// docker.io/library/busybox@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa -// -// References that are already "tagged" or "digested" are returned unmodified: -// -// // Already a digested reference -// docker.io/library/busybox@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa -// -// // Already a named reference -// docker.io/library/busybox:latest -func ParseDockerRef(ref string) (Named, error) { - named, err := ParseNormalizedNamed(ref) - if err != nil { - return nil, err - } - if canonical, ok := named.(namedTaggedDigested); ok { - // The reference is both tagged and digested; only return digested. - newNamed, err := WithName(canonical.Name()) - if err != nil { - return nil, err - } - return WithDigest(newNamed, canonical.Digest()) - } - return TagNameOnly(named), nil -} - -// splitDockerDomain splits a repository name to domain and remote-name. -// If no valid domain is found, the default domain is used. Repository name -// needs to be already validated before. -func splitDockerDomain(name string) (domain, remoteName string) { - maybeDomain, maybeRemoteName, ok := strings.Cut(name, "/") - if !ok { - // Fast-path for single element ("familiar" names), such as "ubuntu" - // or "ubuntu:latest". Familiar names must be handled separately, to - // prevent them from being handled as "hostname:port". - // - // Canonicalize them as "docker.io/library/name[:tag]" - - // FIXME(thaJeztah): account for bare "localhost" or "example.com" names, which SHOULD be considered a domain. - return defaultDomain, officialRepoPrefix + name - } - - switch { - case maybeDomain == localhost: - // localhost is a reserved namespace and always considered a domain. - domain, remoteName = maybeDomain, maybeRemoteName - case maybeDomain == legacyDefaultDomain: - // canonicalize the Docker Hub and legacy "Docker Index" domains. - domain, remoteName = defaultDomain, maybeRemoteName - case strings.ContainsAny(maybeDomain, ".:"): - // Likely a domain or IP-address: - // - // - contains a "." (e.g., "example.com" or "127.0.0.1") - // - contains a ":" (e.g., "example:5000", "::1", or "[::1]:5000") - domain, remoteName = maybeDomain, maybeRemoteName - case strings.ToLower(maybeDomain) != maybeDomain: - // Uppercase namespaces are not allowed, so if the first element - // is not lowercase, we assume it to be a domain-name. - domain, remoteName = maybeDomain, maybeRemoteName - default: - // None of the above: it's not a domain, so use the default, and - // use the name input the remote-name. - domain, remoteName = defaultDomain, name - } - - if domain == defaultDomain && !strings.ContainsRune(remoteName, '/') { - // Canonicalize "familiar" names, but only on Docker Hub, not - // on other domains: - // - // "docker.io/ubuntu[:tag]" => "docker.io/library/ubuntu[:tag]" - remoteName = officialRepoPrefix + remoteName - } - - return domain, remoteName -} - -// familiarizeName returns a shortened version of the name familiar -// to the Docker UI. Familiar names have the default domain -// "docker.io" and "library/" repository prefix removed. -// For example, "docker.io/library/redis" will have the familiar -// name "redis" and "docker.io/dmcgowan/myapp" will be "dmcgowan/myapp". -// Returns a familiarized named only reference. -func familiarizeName(named namedRepository) repository { - repo := repository{ - domain: named.Domain(), - path: named.Path(), - } - - if repo.domain == defaultDomain { - repo.domain = "" - // Handle official repositories which have the pattern "library/" - if strings.HasPrefix(repo.path, officialRepoPrefix) { - // TODO(thaJeztah): this check may be too strict, as it assumes the - // "library/" namespace does not have nested namespaces. While this - // is true (currently), technically it would be possible for Docker - // Hub to use those (e.g. "library/distros/ubuntu:latest"). - // See https://github.com/distribution/distribution/pull/3769#issuecomment-1302031785. - if remainder := strings.TrimPrefix(repo.path, officialRepoPrefix); !strings.ContainsRune(remainder, '/') { - repo.path = remainder - } - } - } - return repo -} - -func (r reference) Familiar() Named { - return reference{ - namedRepository: familiarizeName(r.namedRepository), - tag: r.tag, - digest: r.digest, - } -} - -func (r repository) Familiar() Named { - return familiarizeName(r) -} - -func (t taggedReference) Familiar() Named { - return taggedReference{ - namedRepository: familiarizeName(t.namedRepository), - tag: t.tag, - } -} - -func (c canonicalReference) Familiar() Named { - return canonicalReference{ - namedRepository: familiarizeName(c.namedRepository), - digest: c.digest, - } -} - -// TagNameOnly adds the default tag "latest" to a reference if it only has -// a repo name. -func TagNameOnly(ref Named) Named { - if IsNameOnly(ref) { - namedTagged, err := WithTag(ref, defaultTag) - if err != nil { - // Default tag must be valid, to create a NamedTagged - // type with non-validated input the WithTag function - // should be used instead - panic(err) - } - return namedTagged - } - return ref -} - -// ParseAnyReference parses a reference string as a possible identifier, -// full digest, or familiar name. -func ParseAnyReference(ref string) (Reference, error) { - if ok := anchoredIdentifierRegexp.MatchString(ref); ok { - return digestReference("sha256:" + ref), nil - } - if dgst, err := digest.Parse(ref); err == nil { - return digestReference(dgst), nil - } - - return ParseNormalizedNamed(ref) -} diff --git a/vendor/github.com/distribution/reference/reference.go b/vendor/github.com/distribution/reference/reference.go deleted file mode 100644 index 900398bde..000000000 --- a/vendor/github.com/distribution/reference/reference.go +++ /dev/null @@ -1,432 +0,0 @@ -// Package reference provides a general type to represent any way of referencing images within the registry. -// Its main purpose is to abstract tags and digests (content-addressable hash). -// -// Grammar -// -// reference := name [ ":" tag ] [ "@" digest ] -// name := [domain '/'] remote-name -// domain := host [':' port-number] -// host := domain-name | IPv4address | \[ IPv6address \] ; rfc3986 appendix-A -// domain-name := domain-component ['.' domain-component]* -// domain-component := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ -// port-number := /[0-9]+/ -// path-component := alpha-numeric [separator alpha-numeric]* -// path (or "remote-name") := path-component ['/' path-component]* -// alpha-numeric := /[a-z0-9]+/ -// separator := /[_.]|__|[-]*/ -// -// tag := /[\w][\w.-]{0,127}/ -// -// digest := digest-algorithm ":" digest-hex -// digest-algorithm := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ]* -// digest-algorithm-separator := /[+.-_]/ -// digest-algorithm-component := /[A-Za-z][A-Za-z0-9]*/ -// digest-hex := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value -// -// identifier := /[a-f0-9]{64}/ -package reference - -import ( - "errors" - "fmt" - "strings" - - "github.com/opencontainers/go-digest" -) - -const ( - // RepositoryNameTotalLengthMax is the maximum total number of characters in a repository name. - RepositoryNameTotalLengthMax = 255 - - // NameTotalLengthMax is the maximum total number of characters in a repository name. - // - // Deprecated: use [RepositoryNameTotalLengthMax] instead. - NameTotalLengthMax = RepositoryNameTotalLengthMax -) - -var ( - // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. - ErrReferenceInvalidFormat = errors.New("invalid reference format") - - // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. - ErrTagInvalidFormat = errors.New("invalid tag format") - - // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. - ErrDigestInvalidFormat = errors.New("invalid digest format") - - // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. - ErrNameContainsUppercase = errors.New("repository name must be lowercase") - - // ErrNameEmpty is returned for empty, invalid repository names. - ErrNameEmpty = errors.New("repository name must have at least one component") - - // ErrNameTooLong is returned when a repository name is longer than RepositoryNameTotalLengthMax. - ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", RepositoryNameTotalLengthMax) - - // ErrNameNotCanonical is returned when a name is not canonical. - ErrNameNotCanonical = errors.New("repository name must be canonical") -) - -// Reference is an opaque object reference identifier that may include -// modifiers such as a hostname, name, tag, and digest. -type Reference interface { - // String returns the full reference - String() string -} - -// Field provides a wrapper type for resolving correct reference types when -// working with encoding. -type Field struct { - reference Reference -} - -// AsField wraps a reference in a Field for encoding. -func AsField(reference Reference) Field { - return Field{reference} -} - -// Reference unwraps the reference type from the field to -// return the Reference object. This object should be -// of the appropriate type to further check for different -// reference types. -func (f Field) Reference() Reference { - return f.reference -} - -// MarshalText serializes the field to byte text which -// is the string of the reference. -func (f Field) MarshalText() (p []byte, err error) { - return []byte(f.reference.String()), nil -} - -// UnmarshalText parses text bytes by invoking the -// reference parser to ensure the appropriately -// typed reference object is wrapped by field. -func (f *Field) UnmarshalText(p []byte) error { - r, err := Parse(string(p)) - if err != nil { - return err - } - - f.reference = r - return nil -} - -// Named is an object with a full name -type Named interface { - Reference - Name() string -} - -// Tagged is an object which has a tag -type Tagged interface { - Reference - Tag() string -} - -// NamedTagged is an object including a name and tag. -type NamedTagged interface { - Named - Tag() string -} - -// Digested is an object which has a digest -// in which it can be referenced by -type Digested interface { - Reference - Digest() digest.Digest -} - -// Canonical reference is an object with a fully unique -// name including a name with domain and digest -type Canonical interface { - Named - Digest() digest.Digest -} - -// namedRepository is a reference to a repository with a name. -// A namedRepository has both domain and path components. -type namedRepository interface { - Named - Domain() string - Path() string -} - -// Domain returns the domain part of the [Named] reference. -func Domain(named Named) string { - if r, ok := named.(namedRepository); ok { - return r.Domain() - } - domain, _ := splitDomain(named.Name()) - return domain -} - -// Path returns the name without the domain part of the [Named] reference. -func Path(named Named) (name string) { - if r, ok := named.(namedRepository); ok { - return r.Path() - } - _, path := splitDomain(named.Name()) - return path -} - -// splitDomain splits a named reference into a hostname and path string. -// If no valid hostname is found, the hostname is empty and the full value -// is returned as name -func splitDomain(name string) (string, string) { - match := anchoredNameRegexp.FindStringSubmatch(name) - if len(match) != 3 { - return "", name - } - return match[1], match[2] -} - -// Parse parses s and returns a syntactically valid Reference. -// If an error was encountered it is returned, along with a nil Reference. -func Parse(s string) (Reference, error) { - matches := ReferenceRegexp.FindStringSubmatch(s) - if matches == nil { - if s == "" { - return nil, ErrNameEmpty - } - if ReferenceRegexp.FindStringSubmatch(strings.ToLower(s)) != nil { - return nil, ErrNameContainsUppercase - } - return nil, ErrReferenceInvalidFormat - } - - var repo repository - - nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) - if len(nameMatch) == 3 { - repo.domain = nameMatch[1] - repo.path = nameMatch[2] - } else { - repo.domain = "" - repo.path = matches[1] - } - - if len(repo.path) > RepositoryNameTotalLengthMax { - return nil, ErrNameTooLong - } - - ref := reference{ - namedRepository: repo, - tag: matches[2], - } - if matches[3] != "" { - var err error - ref.digest, err = digest.Parse(matches[3]) - if err != nil { - return nil, err - } - } - - r := getBestReferenceType(ref) - if r == nil { - return nil, ErrNameEmpty - } - - return r, nil -} - -// ParseNamed parses s and returns a syntactically valid reference implementing -// the Named interface. The reference must have a name and be in the canonical -// form, otherwise an error is returned. -// If an error was encountered it is returned, along with a nil Reference. -func ParseNamed(s string) (Named, error) { - named, err := ParseNormalizedNamed(s) - if err != nil { - return nil, err - } - if named.String() != s { - return nil, ErrNameNotCanonical - } - return named, nil -} - -// WithName returns a named object representing the given string. If the input -// is invalid ErrReferenceInvalidFormat will be returned. -func WithName(name string) (Named, error) { - match := anchoredNameRegexp.FindStringSubmatch(name) - if match == nil || len(match) != 3 { - return nil, ErrReferenceInvalidFormat - } - - if len(match[2]) > RepositoryNameTotalLengthMax { - return nil, ErrNameTooLong - } - - return repository{ - domain: match[1], - path: match[2], - }, nil -} - -// WithTag combines the name from "name" and the tag from "tag" to form a -// reference incorporating both the name and the tag. -func WithTag(name Named, tag string) (NamedTagged, error) { - if !anchoredTagRegexp.MatchString(tag) { - return nil, ErrTagInvalidFormat - } - var repo repository - if r, ok := name.(namedRepository); ok { - repo.domain = r.Domain() - repo.path = r.Path() - } else { - repo.path = name.Name() - } - if canonical, ok := name.(Canonical); ok { - return reference{ - namedRepository: repo, - tag: tag, - digest: canonical.Digest(), - }, nil - } - return taggedReference{ - namedRepository: repo, - tag: tag, - }, nil -} - -// WithDigest combines the name from "name" and the digest from "digest" to form -// a reference incorporating both the name and the digest. -func WithDigest(name Named, digest digest.Digest) (Canonical, error) { - if !anchoredDigestRegexp.MatchString(digest.String()) { - return nil, ErrDigestInvalidFormat - } - var repo repository - if r, ok := name.(namedRepository); ok { - repo.domain = r.Domain() - repo.path = r.Path() - } else { - repo.path = name.Name() - } - if tagged, ok := name.(Tagged); ok { - return reference{ - namedRepository: repo, - tag: tagged.Tag(), - digest: digest, - }, nil - } - return canonicalReference{ - namedRepository: repo, - digest: digest, - }, nil -} - -// TrimNamed removes any tag or digest from the named reference. -func TrimNamed(ref Named) Named { - repo := repository{} - if r, ok := ref.(namedRepository); ok { - repo.domain, repo.path = r.Domain(), r.Path() - } else { - repo.domain, repo.path = splitDomain(ref.Name()) - } - return repo -} - -func getBestReferenceType(ref reference) Reference { - if ref.Name() == "" { - // Allow digest only references - if ref.digest != "" { - return digestReference(ref.digest) - } - return nil - } - if ref.tag == "" { - if ref.digest != "" { - return canonicalReference{ - namedRepository: ref.namedRepository, - digest: ref.digest, - } - } - return ref.namedRepository - } - if ref.digest == "" { - return taggedReference{ - namedRepository: ref.namedRepository, - tag: ref.tag, - } - } - - return ref -} - -type reference struct { - namedRepository - tag string - digest digest.Digest -} - -func (r reference) String() string { - return r.Name() + ":" + r.tag + "@" + r.digest.String() -} - -func (r reference) Tag() string { - return r.tag -} - -func (r reference) Digest() digest.Digest { - return r.digest -} - -type repository struct { - domain string - path string -} - -func (r repository) String() string { - return r.Name() -} - -func (r repository) Name() string { - if r.domain == "" { - return r.path - } - return r.domain + "/" + r.path -} - -func (r repository) Domain() string { - return r.domain -} - -func (r repository) Path() string { - return r.path -} - -type digestReference digest.Digest - -func (d digestReference) String() string { - return digest.Digest(d).String() -} - -func (d digestReference) Digest() digest.Digest { - return digest.Digest(d) -} - -type taggedReference struct { - namedRepository - tag string -} - -func (t taggedReference) String() string { - return t.Name() + ":" + t.tag -} - -func (t taggedReference) Tag() string { - return t.tag -} - -type canonicalReference struct { - namedRepository - digest digest.Digest -} - -func (c canonicalReference) String() string { - return c.Name() + "@" + c.digest.String() -} - -func (c canonicalReference) Digest() digest.Digest { - return c.digest -} diff --git a/vendor/github.com/distribution/reference/regexp.go b/vendor/github.com/distribution/reference/regexp.go deleted file mode 100644 index 65bc49d79..000000000 --- a/vendor/github.com/distribution/reference/regexp.go +++ /dev/null @@ -1,163 +0,0 @@ -package reference - -import ( - "regexp" - "strings" -) - -// DigestRegexp matches well-formed digests, including algorithm (e.g. "sha256:"). -var DigestRegexp = regexp.MustCompile(digestPat) - -// DomainRegexp matches hostname or IP-addresses, optionally including a port -// number. It defines the structure of potential domain components that may be -// part of image names. This is purposely a subset of what is allowed by DNS to -// ensure backwards compatibility with Docker image names. It may be a subset of -// DNS domain name, an IPv4 address in decimal format, or an IPv6 address between -// square brackets (excluding zone identifiers as defined by [RFC 6874] or special -// addresses such as IPv4-Mapped). -// -// [RFC 6874]: https://www.rfc-editor.org/rfc/rfc6874. -var DomainRegexp = regexp.MustCompile(domainAndPort) - -// IdentifierRegexp is the format for string identifier used as a -// content addressable identifier using sha256. These identifiers -// are like digests without the algorithm, since sha256 is used. -var IdentifierRegexp = regexp.MustCompile(identifier) - -// NameRegexp is the format for the name component of references, including -// an optional domain and port, but without tag or digest suffix. -var NameRegexp = regexp.MustCompile(namePat) - -// ReferenceRegexp is the full supported format of a reference. The regexp -// is anchored and has capturing groups for name, tag, and digest -// components. -var ReferenceRegexp = regexp.MustCompile(referencePat) - -// TagRegexp matches valid tag names. From [docker/docker:graph/tags.go]. -// -// [docker/docker:graph/tags.go]: https://github.com/moby/moby/blob/v1.6.0/graph/tags.go#L26-L28 -var TagRegexp = regexp.MustCompile(tag) - -const ( - // alphanumeric defines the alphanumeric atom, typically a - // component of names. This only allows lower case characters and digits. - alphanumeric = `[a-z0-9]+` - - // separator defines the separators allowed to be embedded in name - // components. This allows one period, one or two underscore and multiple - // dashes. Repeated dashes and underscores are intentionally treated - // differently. In order to support valid hostnames as name components, - // supporting repeated dash was added. Additionally double underscore is - // now allowed as a separator to loosen the restriction for previously - // supported names. - separator = `(?:[._]|__|[-]+)` - - // localhost is treated as a special value for domain-name. Any other - // domain-name without a "." or a ":port" are considered a path component. - localhost = `localhost` - - // domainNameComponent restricts the registry domain component of a - // repository name to start with a component as defined by DomainRegexp. - domainNameComponent = `(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])` - - // optionalPort matches an optional port-number including the port separator - // (e.g. ":80"). - optionalPort = `(?::[0-9]+)?` - - // tag matches valid tag names. From docker/docker:graph/tags.go. - tag = `[\w][\w.-]{0,127}` - - // digestPat matches well-formed digests, including algorithm (e.g. "sha256:"). - // - // TODO(thaJeztah): this should follow the same rules as https://pkg.go.dev/github.com/opencontainers/go-digest@v1.0.0#DigestRegexp - // so that go-digest defines the canonical format. Note that the go-digest is - // more relaxed: - // - it allows multiple algorithms (e.g. "sha256+b64:") to allow - // future expansion of supported algorithms. - // - it allows the "" value to use urlsafe base64 encoding as defined - // in [rfc4648, section 5]. - // - // [rfc4648, section 5]: https://www.rfc-editor.org/rfc/rfc4648#section-5. - digestPat = `[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}` - - // identifier is the format for a content addressable identifier using sha256. - // These identifiers are like digests without the algorithm, since sha256 is used. - identifier = `([a-f0-9]{64})` - - // ipv6address are enclosed between square brackets and may be represented - // in many ways, see rfc5952. Only IPv6 in compressed or uncompressed format - // are allowed, IPv6 zone identifiers (rfc6874) or Special addresses such as - // IPv4-Mapped are deliberately excluded. - ipv6address = `\[(?:[a-fA-F0-9:]+)\]` -) - -var ( - // domainName defines the structure of potential domain components - // that may be part of image names. This is purposely a subset of what is - // allowed by DNS to ensure backwards compatibility with Docker image - // names. This includes IPv4 addresses on decimal format. - domainName = domainNameComponent + anyTimes(`\.`+domainNameComponent) - - // host defines the structure of potential domains based on the URI - // Host subcomponent on rfc3986. It may be a subset of DNS domain name, - // or an IPv4 address in decimal format, or an IPv6 address between square - // brackets (excluding zone identifiers as defined by rfc6874 or special - // addresses such as IPv4-Mapped). - host = `(?:` + domainName + `|` + ipv6address + `)` - - // allowed by the URI Host subcomponent on rfc3986 to ensure backwards - // compatibility with Docker image names. - domainAndPort = host + optionalPort - - // anchoredTagRegexp matches valid tag names, anchored at the start and - // end of the matched string. - anchoredTagRegexp = regexp.MustCompile(anchored(tag)) - - // anchoredDigestRegexp matches valid digests, anchored at the start and - // end of the matched string. - anchoredDigestRegexp = regexp.MustCompile(anchored(digestPat)) - - // pathComponent restricts path-components to start with an alphanumeric - // character, with following parts able to be separated by a separator - // (one period, one or two underscore and multiple dashes). - pathComponent = alphanumeric + anyTimes(separator+alphanumeric) - - // remoteName matches the remote-name of a repository. It consists of one - // or more forward slash (/) delimited path-components: - // - // pathComponent[[/pathComponent] ...] // e.g., "library/ubuntu" - remoteName = pathComponent + anyTimes(`/`+pathComponent) - namePat = optional(domainAndPort+`/`) + remoteName - - // anchoredNameRegexp is used to parse a name value, capturing the - // domain and trailing components. - anchoredNameRegexp = regexp.MustCompile(anchored(optional(capture(domainAndPort), `/`), capture(remoteName))) - - referencePat = anchored(capture(namePat), optional(`:`, capture(tag)), optional(`@`, capture(digestPat))) - - // anchoredIdentifierRegexp is used to check or match an - // identifier value, anchored at start and end of string. - anchoredIdentifierRegexp = regexp.MustCompile(anchored(identifier)) -) - -// optional wraps the expression in a non-capturing group and makes the -// production optional. -func optional(res ...string) string { - return `(?:` + strings.Join(res, "") + `)?` -} - -// anyTimes wraps the expression in a non-capturing group that can occur -// any number of times. -func anyTimes(res ...string) string { - return `(?:` + strings.Join(res, "") + `)*` -} - -// capture wraps the expression in a capturing group. -func capture(res ...string) string { - return `(` + strings.Join(res, "") + `)` -} - -// anchored anchors the regular expression by adding start and end delimiters. -func anchored(res ...string) string { - return `^` + strings.Join(res, "") + `$` -} diff --git a/vendor/github.com/distribution/reference/sort.go b/vendor/github.com/distribution/reference/sort.go deleted file mode 100644 index 416c37b07..000000000 --- a/vendor/github.com/distribution/reference/sort.go +++ /dev/null @@ -1,75 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package reference - -import ( - "sort" -) - -// Sort sorts string references preferring higher information references. -// -// The precedence is as follows: -// -// 1. [Named] + [Tagged] + [Digested] (e.g., "docker.io/library/busybox:latest@sha256:") -// 2. [Named] + [Tagged] (e.g., "docker.io/library/busybox:latest") -// 3. [Named] + [Digested] (e.g., "docker.io/library/busybo@sha256:") -// 4. [Named] (e.g., "docker.io/library/busybox") -// 5. [Digested] (e.g., "docker.io@sha256:") -// 6. Parse error -func Sort(references []string) []string { - var prefs []Reference - var bad []string - - for _, ref := range references { - pref, err := ParseAnyReference(ref) - if err != nil { - bad = append(bad, ref) - } else { - prefs = append(prefs, pref) - } - } - sort.Slice(prefs, func(a, b int) bool { - ar := refRank(prefs[a]) - br := refRank(prefs[b]) - if ar == br { - return prefs[a].String() < prefs[b].String() - } - return ar < br - }) - sort.Strings(bad) - var refs []string - for _, pref := range prefs { - refs = append(refs, pref.String()) - } - return append(refs, bad...) -} - -func refRank(ref Reference) uint8 { - if _, ok := ref.(Named); ok { - if _, ok = ref.(Tagged); ok { - if _, ok = ref.(Digested); ok { - return 1 - } - return 2 - } - if _, ok = ref.(Digested); ok { - return 3 - } - return 4 - } - return 5 -} diff --git a/vendor/github.com/opencontainers/go-digest/.mailmap b/vendor/github.com/opencontainers/go-digest/.mailmap deleted file mode 100644 index eaf8b2f9e..000000000 --- a/vendor/github.com/opencontainers/go-digest/.mailmap +++ /dev/null @@ -1,4 +0,0 @@ -Aaron Lehmann -Derek McGowan -Stephen J Day -Haibing Zhou diff --git a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml b/vendor/github.com/opencontainers/go-digest/.pullapprove.yml deleted file mode 100644 index b6165f83c..000000000 --- a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: 2 - -requirements: - signed_off_by: - required: true - -always_pending: - title_regex: '^WIP' - explanation: 'Work in progress...' - -group_defaults: - required: 2 - approve_by_comment: - enabled: true - approve_regex: '^LGTM' - reject_regex: '^Rejected' - reset_on_push: - enabled: true - author_approval: - ignored: true - conditions: - branches: - - master - -groups: - go-digest: - teams: - - go-digest-maintainers diff --git a/vendor/github.com/opencontainers/go-digest/.travis.yml b/vendor/github.com/opencontainers/go-digest/.travis.yml deleted file mode 100644 index 5775f885c..000000000 --- a/vendor/github.com/opencontainers/go-digest/.travis.yml +++ /dev/null @@ -1,5 +0,0 @@ -language: go -go: - - 1.12.x - - 1.13.x - - master diff --git a/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md b/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md deleted file mode 100644 index e4d962ac1..000000000 --- a/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md +++ /dev/null @@ -1,72 +0,0 @@ -# Contributing to Docker open source projects - -Want to hack on this project? Awesome! Here are instructions to get you started. - -This project is a part of the [Docker](https://www.docker.com) project, and follows -the same rules and principles. If you're already familiar with the way -Docker does things, you'll feel right at home. - -Otherwise, go read Docker's -[contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md), -[issue triaging](https://github.com/docker/docker/blob/master/project/ISSUE-TRIAGE.md), -[review process](https://github.com/docker/docker/blob/master/project/REVIEWING.md) and -[branches and tags](https://github.com/docker/docker/blob/master/project/BRANCHES-AND-TAGS.md). - -For an in-depth description of our contribution process, visit the -contributors guide: [Understand how to contribute](https://docs.docker.com/opensource/workflow/make-a-contribution/) - -### Sign your work - -The sign-off is a simple line at the end of the explanation for the patch. Your -signature certifies that you wrote the patch or otherwise have the right to pass -it on as an open-source patch. The rules are pretty simple: if you can certify -the below (from [developercertificate.org](http://developercertificate.org/)): - -``` -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. -1 Letterman Drive -Suite D4700 -San Francisco, CA, 94129 - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -Then you just add a line to every git commit message: - - Signed-off-by: Joe Smith - -Use your real name (sorry, no pseudonyms or anonymous contributions.) - -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE b/vendor/github.com/opencontainers/go-digest/LICENSE deleted file mode 100644 index 3ac8ab648..000000000 --- a/vendor/github.com/opencontainers/go-digest/LICENSE +++ /dev/null @@ -1,192 +0,0 @@ - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2019, 2020 OCI Contributors - Copyright 2016 Docker, Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.docs b/vendor/github.com/opencontainers/go-digest/LICENSE.docs deleted file mode 100644 index e26cd4fc8..000000000 --- a/vendor/github.com/opencontainers/go-digest/LICENSE.docs +++ /dev/null @@ -1,425 +0,0 @@ -Attribution-ShareAlike 4.0 International - -======================================================================= - -Creative Commons Corporation ("Creative Commons") is not a law firm and -does not provide legal services or legal advice. Distribution of -Creative Commons public licenses does not create a lawyer-client or -other relationship. Creative Commons makes its licenses and related -information available on an "as-is" basis. Creative Commons gives no -warranties regarding its licenses, any material licensed under their -terms and conditions, or any related information. Creative Commons -disclaims all liability for damages resulting from their use to the -fullest extent possible. - -Using Creative Commons Public Licenses - -Creative Commons public licenses provide a standard set of terms and -conditions that creators and other rights holders may use to share -original works of authorship and other material subject to copyright -and certain other rights specified in the public license below. The -following considerations are for informational purposes only, are not -exhaustive, and do not form part of our licenses. - - Considerations for licensors: Our public licenses are - intended for use by those authorized to give the public - permission to use material in ways otherwise restricted by - copyright and certain other rights. Our licenses are - irrevocable. Licensors should read and understand the terms - and conditions of the license they choose before applying it. - Licensors should also secure all rights necessary before - applying our licenses so that the public can reuse the - material as expected. Licensors should clearly mark any - material not subject to the license. This includes other CC- - licensed material, or material used under an exception or - limitation to copyright. More considerations for licensors: - wiki.creativecommons.org/Considerations_for_licensors - - Considerations for the public: By using one of our public - licenses, a licensor grants the public permission to use the - licensed material under specified terms and conditions. If - the licensor's permission is not necessary for any reason--for - example, because of any applicable exception or limitation to - copyright--then that use is not regulated by the license. Our - licenses grant only permissions under copyright and certain - other rights that a licensor has authority to grant. Use of - the licensed material may still be restricted for other - reasons, including because others have copyright or other - rights in the material. A licensor may make special requests, - such as asking that all changes be marked or described. - Although not required by our licenses, you are encouraged to - respect those requests where reasonable. More_considerations - for the public: - wiki.creativecommons.org/Considerations_for_licensees - -======================================================================= - -Creative Commons Attribution-ShareAlike 4.0 International Public -License - -By exercising the Licensed Rights (defined below), You accept and agree -to be bound by the terms and conditions of this Creative Commons -Attribution-ShareAlike 4.0 International Public License ("Public -License"). To the extent this Public License may be interpreted as a -contract, You are granted the Licensed Rights in consideration of Your -acceptance of these terms and conditions, and the Licensor grants You -such rights in consideration of benefits the Licensor receives from -making the Licensed Material available under these terms and -conditions. - - -Section 1 -- Definitions. - - a. Adapted Material means material subject to Copyright and Similar - Rights that is derived from or based upon the Licensed Material - and in which the Licensed Material is translated, altered, - arranged, transformed, or otherwise modified in a manner requiring - permission under the Copyright and Similar Rights held by the - Licensor. For purposes of this Public License, where the Licensed - Material is a musical work, performance, or sound recording, - Adapted Material is always produced where the Licensed Material is - synched in timed relation with a moving image. - - b. Adapter's License means the license You apply to Your Copyright - and Similar Rights in Your contributions to Adapted Material in - accordance with the terms and conditions of this Public License. - - c. BY-SA Compatible License means a license listed at - creativecommons.org/compatiblelicenses, approved by Creative - Commons as essentially the equivalent of this Public License. - - d. Copyright and Similar Rights means copyright and/or similar rights - closely related to copyright including, without limitation, - performance, broadcast, sound recording, and Sui Generis Database - Rights, without regard to how the rights are labeled or - categorized. For purposes of this Public License, the rights - specified in Section 2(b)(1)-(2) are not Copyright and Similar - Rights. - - e. Effective Technological Measures means those measures that, in the - absence of proper authority, may not be circumvented under laws - fulfilling obligations under Article 11 of the WIPO Copyright - Treaty adopted on December 20, 1996, and/or similar international - agreements. - - f. Exceptions and Limitations means fair use, fair dealing, and/or - any other exception or limitation to Copyright and Similar Rights - that applies to Your use of the Licensed Material. - - g. License Elements means the license attributes listed in the name - of a Creative Commons Public License. The License Elements of this - Public License are Attribution and ShareAlike. - - h. Licensed Material means the artistic or literary work, database, - or other material to which the Licensor applied this Public - License. - - i. Licensed Rights means the rights granted to You subject to the - terms and conditions of this Public License, which are limited to - all Copyright and Similar Rights that apply to Your use of the - Licensed Material and that the Licensor has authority to license. - - j. Licensor means the individual(s) or entity(ies) granting rights - under this Public License. - - k. Share means to provide material to the public by any means or - process that requires permission under the Licensed Rights, such - as reproduction, public display, public performance, distribution, - dissemination, communication, or importation, and to make material - available to the public including in ways that members of the - public may access the material from a place and at a time - individually chosen by them. - - l. Sui Generis Database Rights means rights other than copyright - resulting from Directive 96/9/EC of the European Parliament and of - the Council of 11 March 1996 on the legal protection of databases, - as amended and/or succeeded, as well as other essentially - equivalent rights anywhere in the world. - - m. You means the individual or entity exercising the Licensed Rights - under this Public License. Your has a corresponding meaning. - - -Section 2 -- Scope. - - a. License grant. - - 1. Subject to the terms and conditions of this Public License, - the Licensor hereby grants You a worldwide, royalty-free, - non-sublicensable, non-exclusive, irrevocable license to - exercise the Licensed Rights in the Licensed Material to: - - a. reproduce and Share the Licensed Material, in whole or - in part; and - - b. produce, reproduce, and Share Adapted Material. - - 2. Exceptions and Limitations. For the avoidance of doubt, where - Exceptions and Limitations apply to Your use, this Public - License does not apply, and You do not need to comply with - its terms and conditions. - - 3. Term. The term of this Public License is specified in Section - 6(a). - - 4. Media and formats; technical modifications allowed. The - Licensor authorizes You to exercise the Licensed Rights in - all media and formats whether now known or hereafter created, - and to make technical modifications necessary to do so. The - Licensor waives and/or agrees not to assert any right or - authority to forbid You from making technical modifications - necessary to exercise the Licensed Rights, including - technical modifications necessary to circumvent Effective - Technological Measures. For purposes of this Public License, - simply making modifications authorized by this Section 2(a) - (4) never produces Adapted Material. - - 5. Downstream recipients. - - a. Offer from the Licensor -- Licensed Material. Every - recipient of the Licensed Material automatically - receives an offer from the Licensor to exercise the - Licensed Rights under the terms and conditions of this - Public License. - - b. Additional offer from the Licensor -- Adapted Material. - Every recipient of Adapted Material from You - automatically receives an offer from the Licensor to - exercise the Licensed Rights in the Adapted Material - under the conditions of the Adapter's License You apply. - - c. No downstream restrictions. You may not offer or impose - any additional or different terms or conditions on, or - apply any Effective Technological Measures to, the - Licensed Material if doing so restricts exercise of the - Licensed Rights by any recipient of the Licensed - Material. - - 6. No endorsement. Nothing in this Public License constitutes or - may be construed as permission to assert or imply that You - are, or that Your use of the Licensed Material is, connected - with, or sponsored, endorsed, or granted official status by, - the Licensor or others designated to receive attribution as - provided in Section 3(a)(1)(A)(i). - - b. Other rights. - - 1. Moral rights, such as the right of integrity, are not - licensed under this Public License, nor are publicity, - privacy, and/or other similar personality rights; however, to - the extent possible, the Licensor waives and/or agrees not to - assert any such rights held by the Licensor to the limited - extent necessary to allow You to exercise the Licensed - Rights, but not otherwise. - - 2. Patent and trademark rights are not licensed under this - Public License. - - 3. To the extent possible, the Licensor waives any right to - collect royalties from You for the exercise of the Licensed - Rights, whether directly or through a collecting society - under any voluntary or waivable statutory or compulsory - licensing scheme. In all other cases the Licensor expressly - reserves any right to collect such royalties. - - -Section 3 -- License Conditions. - -Your exercise of the Licensed Rights is expressly made subject to the -following conditions. - - a. Attribution. - - 1. If You Share the Licensed Material (including in modified - form), You must: - - a. retain the following if it is supplied by the Licensor - with the Licensed Material: - - i. identification of the creator(s) of the Licensed - Material and any others designated to receive - attribution, in any reasonable manner requested by - the Licensor (including by pseudonym if - designated); - - ii. a copyright notice; - - iii. a notice that refers to this Public License; - - iv. a notice that refers to the disclaimer of - warranties; - - v. a URI or hyperlink to the Licensed Material to the - extent reasonably practicable; - - b. indicate if You modified the Licensed Material and - retain an indication of any previous modifications; and - - c. indicate the Licensed Material is licensed under this - Public License, and include the text of, or the URI or - hyperlink to, this Public License. - - 2. You may satisfy the conditions in Section 3(a)(1) in any - reasonable manner based on the medium, means, and context in - which You Share the Licensed Material. For example, it may be - reasonable to satisfy the conditions by providing a URI or - hyperlink to a resource that includes the required - information. - - 3. If requested by the Licensor, You must remove any of the - information required by Section 3(a)(1)(A) to the extent - reasonably practicable. - - b. ShareAlike. - - In addition to the conditions in Section 3(a), if You Share - Adapted Material You produce, the following conditions also apply. - - 1. The Adapter's License You apply must be a Creative Commons - license with the same License Elements, this version or - later, or a BY-SA Compatible License. - - 2. You must include the text of, or the URI or hyperlink to, the - Adapter's License You apply. You may satisfy this condition - in any reasonable manner based on the medium, means, and - context in which You Share Adapted Material. - - 3. You may not offer or impose any additional or different terms - or conditions on, or apply any Effective Technological - Measures to, Adapted Material that restrict exercise of the - rights granted under the Adapter's License You apply. - - -Section 4 -- Sui Generis Database Rights. - -Where the Licensed Rights include Sui Generis Database Rights that -apply to Your use of the Licensed Material: - - a. for the avoidance of doubt, Section 2(a)(1) grants You the right - to extract, reuse, reproduce, and Share all or a substantial - portion of the contents of the database; - - b. if You include all or a substantial portion of the database - contents in a database in which You have Sui Generis Database - Rights, then the database in which You have Sui Generis Database - Rights (but not its individual contents) is Adapted Material, - - including for purposes of Section 3(b); and - c. You must comply with the conditions in Section 3(a) if You Share - all or a substantial portion of the contents of the database. - -For the avoidance of doubt, this Section 4 supplements and does not -replace Your obligations under this Public License where the Licensed -Rights include other Copyright and Similar Rights. - - -Section 5 -- Disclaimer of Warranties and Limitation of Liability. - - a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE - EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS - AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF - ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, - IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, - WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR - PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, - ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT - KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT - ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. - - b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE - TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, - NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, - INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, - COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR - USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN - ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR - DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR - IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - - c. The disclaimer of warranties and limitation of liability provided - above shall be interpreted in a manner that, to the extent - possible, most closely approximates an absolute disclaimer and - waiver of all liability. - - -Section 6 -- Term and Termination. - - a. This Public License applies for the term of the Copyright and - Similar Rights licensed here. However, if You fail to comply with - this Public License, then Your rights under this Public License - terminate automatically. - - b. Where Your right to use the Licensed Material has terminated under - Section 6(a), it reinstates: - - 1. automatically as of the date the violation is cured, provided - it is cured within 30 days of Your discovery of the - violation; or - - 2. upon express reinstatement by the Licensor. - - For the avoidance of doubt, this Section 6(b) does not affect any - right the Licensor may have to seek remedies for Your violations - of this Public License. - - c. For the avoidance of doubt, the Licensor may also offer the - Licensed Material under separate terms or conditions or stop - distributing the Licensed Material at any time; however, doing so - will not terminate this Public License. - - d. Sections 1, 5, 6, 7, and 8 survive termination of this Public - License. - - -Section 7 -- Other Terms and Conditions. - - a. The Licensor shall not be bound by any additional or different - terms or conditions communicated by You unless expressly agreed. - - b. Any arrangements, understandings, or agreements regarding the - Licensed Material not stated herein are separate from and - independent of the terms and conditions of this Public License. - - -Section 8 -- Interpretation. - - a. For the avoidance of doubt, this Public License does not, and - shall not be interpreted to, reduce, limit, restrict, or impose - conditions on any use of the Licensed Material that could lawfully - be made without permission under this Public License. - - b. To the extent possible, if any provision of this Public License is - deemed unenforceable, it shall be automatically reformed to the - minimum extent necessary to make it enforceable. If the provision - cannot be reformed, it shall be severed from this Public License - without affecting the enforceability of the remaining terms and - conditions. - - c. No term or condition of this Public License will be waived and no - failure to comply consented to unless expressly agreed to by the - Licensor. - - d. Nothing in this Public License constitutes or may be interpreted - as a limitation upon, or waiver of, any privileges and immunities - that apply to the Licensor or You, including from the legal - processes of any jurisdiction or authority. - - -======================================================================= - -Creative Commons is not a party to its public licenses. -Notwithstanding, Creative Commons may elect to apply one of its public -licenses to material it publishes and in those instances will be -considered the "Licensor." Except for the limited purpose of indicating -that material is shared under a Creative Commons public license or as -otherwise permitted by the Creative Commons policies published at -creativecommons.org/policies, Creative Commons does not authorize the -use of the trademark "Creative Commons" or any other trademark or logo -of Creative Commons without its prior written consent including, -without limitation, in connection with any unauthorized modifications -to any of its public licenses or any other arrangements, -understandings, or agreements concerning use of licensed material. For -the avoidance of doubt, this paragraph does not form part of the public -licenses. - -Creative Commons may be contacted at creativecommons.org. diff --git a/vendor/github.com/opencontainers/go-digest/MAINTAINERS b/vendor/github.com/opencontainers/go-digest/MAINTAINERS deleted file mode 100644 index 843b1b206..000000000 --- a/vendor/github.com/opencontainers/go-digest/MAINTAINERS +++ /dev/null @@ -1,5 +0,0 @@ -Derek McGowan (@dmcgowan) -Stephen Day (@stevvooe) -Vincent Batts (@vbatts) -Akihiro Suda (@AkihiroSuda) -Sebastiaan van Stijn (@thaJeztah) diff --git a/vendor/github.com/opencontainers/go-digest/README.md b/vendor/github.com/opencontainers/go-digest/README.md deleted file mode 100644 index a11287207..000000000 --- a/vendor/github.com/opencontainers/go-digest/README.md +++ /dev/null @@ -1,96 +0,0 @@ -# go-digest - -[![GoDoc](https://godoc.org/github.com/opencontainers/go-digest?status.svg)](https://godoc.org/github.com/opencontainers/go-digest) [![Go Report Card](https://goreportcard.com/badge/github.com/opencontainers/go-digest)](https://goreportcard.com/report/github.com/opencontainers/go-digest) [![Build Status](https://travis-ci.org/opencontainers/go-digest.svg?branch=master)](https://travis-ci.org/opencontainers/go-digest) - -Common digest package used across the container ecosystem. - -Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) for more information. - -# What is a digest? - -A digest is just a [hash](https://en.wikipedia.org/wiki/Hash_function). - -The most common use case for a digest is to create a content identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) systems: - -```go -id := digest.FromBytes([]byte("my content")) -``` - -In the example above, the id can be used to uniquely identify the byte slice "my content". -This allows two disparate applications to agree on a verifiable identifier without having to trust one another. - -An identifying digest can be verified, as follows: - -```go -if id != digest.FromBytes([]byte("my content")) { - return errors.New("the content has changed!") -} -``` - -A `Verifier` type can be used to handle cases where an `io.Reader` makes more sense: - -```go -rd := getContent() -verifier := id.Verifier() -io.Copy(verifier, rd) - -if !verifier.Verified() { - return errors.New("the content has changed!") -} -``` - -Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this can power a rich, safe, content distribution system. - -# Usage - -While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is considered the best resource, a few important items need to be called out when using this package. - -1. Make sure to import the hash implementations into your application or the package will panic. - You should have something like the following in the main (or other entrypoint) of your application: - - ```go - import ( - _ "crypto/sha256" - _ "crypto/sha512" - ) - ``` - This may seem inconvenient but it allows you replace the hash - implementations with others, such as https://github.com/stevvooe/resumable. - -2. Even though `digest.Digest` may be assemblable as a string, _always_ verify your input with `digest.Parse` or use `Digest.Validate` when accepting untrusted input. - While there are measures to avoid common problems, this will ensure you have valid digests in the rest of your application. - -3. While alternative encodings of hash values (digests) are possible (for example, base64), this package deals exclusively with hex-encoded digests. - -# Stability - -The Go API, at this stage, is considered stable, unless otherwise noted. - -As always, before using a package export, read the [godoc](https://godoc.org/github.com/opencontainers/go-digest). - -# Contributing - -This package is considered fairly complete. -It has been in production in thousands (millions?) of deployments and is fairly battle-hardened. -New additions will be met with skepticism. -If you think there is a missing feature, please file a bug clearly describing the problem and the alternatives you tried before submitting a PR. - -## Code of Conduct - -Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct][code-of-conduct]. - -## Security - -If you find an issue, please follow the [security][security] protocol to report it. - -# Copyright and license - -Copyright © 2019, 2020 OCI Contributors -Copyright © 2016 Docker, Inc. -All rights reserved, except as follows. -Code is released under the [Apache 2.0 license](LICENSE). -This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). -You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. - -[security]: https://github.com/opencontainers/org/blob/master/security -[code-of-conduct]: https://github.com/opencontainers/org/blob/master/CODE_OF_CONDUCT.md diff --git a/vendor/github.com/opencontainers/go-digest/algorithm.go b/vendor/github.com/opencontainers/go-digest/algorithm.go deleted file mode 100644 index 490951dc3..000000000 --- a/vendor/github.com/opencontainers/go-digest/algorithm.go +++ /dev/null @@ -1,193 +0,0 @@ -// Copyright 2019, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "crypto" - "fmt" - "hash" - "io" - "regexp" -) - -// Algorithm identifies and implementation of a digester by an identifier. -// Note the that this defines both the hash algorithm used and the string -// encoding. -type Algorithm string - -// supported digest types -const ( - SHA256 Algorithm = "sha256" // sha256 with hex encoding (lower case only) - SHA384 Algorithm = "sha384" // sha384 with hex encoding (lower case only) - SHA512 Algorithm = "sha512" // sha512 with hex encoding (lower case only) - - // Canonical is the primary digest algorithm used with the distribution - // project. Other digests may be used but this one is the primary storage - // digest. - Canonical = SHA256 -) - -var ( - // TODO(stevvooe): Follow the pattern of the standard crypto package for - // registration of digests. Effectively, we are a registerable set and - // common symbol access. - - // algorithms maps values to hash.Hash implementations. Other algorithms - // may be available but they cannot be calculated by the digest package. - algorithms = map[Algorithm]crypto.Hash{ - SHA256: crypto.SHA256, - SHA384: crypto.SHA384, - SHA512: crypto.SHA512, - } - - // anchoredEncodedRegexps contains anchored regular expressions for hex-encoded digests. - // Note that /A-F/ disallowed. - anchoredEncodedRegexps = map[Algorithm]*regexp.Regexp{ - SHA256: regexp.MustCompile(`^[a-f0-9]{64}$`), - SHA384: regexp.MustCompile(`^[a-f0-9]{96}$`), - SHA512: regexp.MustCompile(`^[a-f0-9]{128}$`), - } -) - -// Available returns true if the digest type is available for use. If this -// returns false, Digester and Hash will return nil. -func (a Algorithm) Available() bool { - h, ok := algorithms[a] - if !ok { - return false - } - - // check availability of the hash, as well - return h.Available() -} - -func (a Algorithm) String() string { - return string(a) -} - -// Size returns number of bytes returned by the hash. -func (a Algorithm) Size() int { - h, ok := algorithms[a] - if !ok { - return 0 - } - return h.Size() -} - -// Set implemented to allow use of Algorithm as a command line flag. -func (a *Algorithm) Set(value string) error { - if value == "" { - *a = Canonical - } else { - // just do a type conversion, support is queried with Available. - *a = Algorithm(value) - } - - if !a.Available() { - return ErrDigestUnsupported - } - - return nil -} - -// Digester returns a new digester for the specified algorithm. If the algorithm -// does not have a digester implementation, nil will be returned. This can be -// checked by calling Available before calling Digester. -func (a Algorithm) Digester() Digester { - return &digester{ - alg: a, - hash: a.Hash(), - } -} - -// Hash returns a new hash as used by the algorithm. If not available, the -// method will panic. Check Algorithm.Available() before calling. -func (a Algorithm) Hash() hash.Hash { - if !a.Available() { - // Empty algorithm string is invalid - if a == "" { - panic(fmt.Sprintf("empty digest algorithm, validate before calling Algorithm.Hash()")) - } - - // NOTE(stevvooe): A missing hash is usually a programming error that - // must be resolved at compile time. We don't import in the digest - // package to allow users to choose their hash implementation (such as - // when using stevvooe/resumable or a hardware accelerated package). - // - // Applications that may want to resolve the hash at runtime should - // call Algorithm.Available before call Algorithm.Hash(). - panic(fmt.Sprintf("%v not available (make sure it is imported)", a)) - } - - return algorithms[a].New() -} - -// Encode encodes the raw bytes of a digest, typically from a hash.Hash, into -// the encoded portion of the digest. -func (a Algorithm) Encode(d []byte) string { - // TODO(stevvooe): Currently, all algorithms use a hex encoding. When we - // add support for back registration, we can modify this accordingly. - return fmt.Sprintf("%x", d) -} - -// FromReader returns the digest of the reader using the algorithm. -func (a Algorithm) FromReader(rd io.Reader) (Digest, error) { - digester := a.Digester() - - if _, err := io.Copy(digester.Hash(), rd); err != nil { - return "", err - } - - return digester.Digest(), nil -} - -// FromBytes digests the input and returns a Digest. -func (a Algorithm) FromBytes(p []byte) Digest { - digester := a.Digester() - - if _, err := digester.Hash().Write(p); err != nil { - // Writes to a Hash should never fail. None of the existing - // hash implementations in the stdlib or hashes vendored - // here can return errors from Write. Having a panic in this - // condition instead of having FromBytes return an error value - // avoids unnecessary error handling paths in all callers. - panic("write to hash function returned error: " + err.Error()) - } - - return digester.Digest() -} - -// FromString digests the string input and returns a Digest. -func (a Algorithm) FromString(s string) Digest { - return a.FromBytes([]byte(s)) -} - -// Validate validates the encoded portion string -func (a Algorithm) Validate(encoded string) error { - r, ok := anchoredEncodedRegexps[a] - if !ok { - return ErrDigestUnsupported - } - // Digests much always be hex-encoded, ensuring that their hex portion will - // always be size*2 - if a.Size()*2 != len(encoded) { - return ErrDigestInvalidLength - } - if r.MatchString(encoded) { - return nil - } - return ErrDigestInvalidFormat -} diff --git a/vendor/github.com/opencontainers/go-digest/digest.go b/vendor/github.com/opencontainers/go-digest/digest.go deleted file mode 100644 index 518b5e715..000000000 --- a/vendor/github.com/opencontainers/go-digest/digest.go +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright 2019, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "fmt" - "hash" - "io" - "regexp" - "strings" -) - -// Digest allows simple protection of hex formatted digest strings, prefixed -// by their algorithm. Strings of type Digest have some guarantee of being in -// the correct format and it provides quick access to the components of a -// digest string. -// -// The following is an example of the contents of Digest types: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// This allows to abstract the digest behind this type and work only in those -// terms. -type Digest string - -// NewDigest returns a Digest from alg and a hash.Hash object. -func NewDigest(alg Algorithm, h hash.Hash) Digest { - return NewDigestFromBytes(alg, h.Sum(nil)) -} - -// NewDigestFromBytes returns a new digest from the byte contents of p. -// Typically, this can come from hash.Hash.Sum(...) or xxx.SumXXX(...) -// functions. This is also useful for rebuilding digests from binary -// serializations. -func NewDigestFromBytes(alg Algorithm, p []byte) Digest { - return NewDigestFromEncoded(alg, alg.Encode(p)) -} - -// NewDigestFromHex is deprecated. Please use NewDigestFromEncoded. -func NewDigestFromHex(alg, hex string) Digest { - return NewDigestFromEncoded(Algorithm(alg), hex) -} - -// NewDigestFromEncoded returns a Digest from alg and the encoded digest. -func NewDigestFromEncoded(alg Algorithm, encoded string) Digest { - return Digest(fmt.Sprintf("%s:%s", alg, encoded)) -} - -// DigestRegexp matches valid digest types. -var DigestRegexp = regexp.MustCompile(`[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+`) - -// DigestRegexpAnchored matches valid digest types, anchored to the start and end of the match. -var DigestRegexpAnchored = regexp.MustCompile(`^` + DigestRegexp.String() + `$`) - -var ( - // ErrDigestInvalidFormat returned when digest format invalid. - ErrDigestInvalidFormat = fmt.Errorf("invalid checksum digest format") - - // ErrDigestInvalidLength returned when digest has invalid length. - ErrDigestInvalidLength = fmt.Errorf("invalid checksum digest length") - - // ErrDigestUnsupported returned when the digest algorithm is unsupported. - ErrDigestUnsupported = fmt.Errorf("unsupported digest algorithm") -) - -// Parse parses s and returns the validated digest object. An error will -// be returned if the format is invalid. -func Parse(s string) (Digest, error) { - d := Digest(s) - return d, d.Validate() -} - -// FromReader consumes the content of rd until io.EOF, returning canonical digest. -func FromReader(rd io.Reader) (Digest, error) { - return Canonical.FromReader(rd) -} - -// FromBytes digests the input and returns a Digest. -func FromBytes(p []byte) Digest { - return Canonical.FromBytes(p) -} - -// FromString digests the input and returns a Digest. -func FromString(s string) Digest { - return Canonical.FromString(s) -} - -// Validate checks that the contents of d is a valid digest, returning an -// error if not. -func (d Digest) Validate() error { - s := string(d) - i := strings.Index(s, ":") - if i <= 0 || i+1 == len(s) { - return ErrDigestInvalidFormat - } - algorithm, encoded := Algorithm(s[:i]), s[i+1:] - if !algorithm.Available() { - if !DigestRegexpAnchored.MatchString(s) { - return ErrDigestInvalidFormat - } - return ErrDigestUnsupported - } - return algorithm.Validate(encoded) -} - -// Algorithm returns the algorithm portion of the digest. This will panic if -// the underlying digest is not in a valid format. -func (d Digest) Algorithm() Algorithm { - return Algorithm(d[:d.sepIndex()]) -} - -// Verifier returns a writer object that can be used to verify a stream of -// content against the digest. If the digest is invalid, the method will panic. -func (d Digest) Verifier() Verifier { - return hashVerifier{ - hash: d.Algorithm().Hash(), - digest: d, - } -} - -// Encoded returns the encoded portion of the digest. This will panic if the -// underlying digest is not in a valid format. -func (d Digest) Encoded() string { - return string(d[d.sepIndex()+1:]) -} - -// Hex is deprecated. Please use Digest.Encoded. -func (d Digest) Hex() string { - return d.Encoded() -} - -func (d Digest) String() string { - return string(d) -} - -func (d Digest) sepIndex() int { - i := strings.Index(string(d), ":") - - if i < 0 { - panic(fmt.Sprintf("no ':' separator in digest %q", d)) - } - - return i -} diff --git a/vendor/github.com/opencontainers/go-digest/digester.go b/vendor/github.com/opencontainers/go-digest/digester.go deleted file mode 100644 index ede907757..000000000 --- a/vendor/github.com/opencontainers/go-digest/digester.go +++ /dev/null @@ -1,40 +0,0 @@ -// Copyright 2019, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import "hash" - -// Digester calculates the digest of written data. Writes should go directly -// to the return value of Hash, while calling Digest will return the current -// value of the digest. -type Digester interface { - Hash() hash.Hash // provides direct access to underlying hash instance. - Digest() Digest -} - -// digester provides a simple digester definition that embeds a hasher. -type digester struct { - alg Algorithm - hash hash.Hash -} - -func (d *digester) Hash() hash.Hash { - return d.hash -} - -func (d *digester) Digest() Digest { - return NewDigest(d.alg, d.hash) -} diff --git a/vendor/github.com/opencontainers/go-digest/doc.go b/vendor/github.com/opencontainers/go-digest/doc.go deleted file mode 100644 index 83d3a936c..000000000 --- a/vendor/github.com/opencontainers/go-digest/doc.go +++ /dev/null @@ -1,62 +0,0 @@ -// Copyright 2019, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package digest provides a generalized type to opaquely represent message -// digests and their operations within the registry. The Digest type is -// designed to serve as a flexible identifier in a content-addressable system. -// More importantly, it provides tools and wrappers to work with -// hash.Hash-based digests with little effort. -// -// Basics -// -// The format of a digest is simply a string with two parts, dubbed the -// "algorithm" and the "digest", separated by a colon: -// -// : -// -// An example of a sha256 digest representation follows: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// The "algorithm" portion defines both the hashing algorithm used to calculate -// the digest and the encoding of the resulting digest, which defaults to "hex" -// if not otherwise specified. Currently, all supported algorithms have their -// digests encoded in hex strings. -// -// In the example above, the string "sha256" is the algorithm and the hex bytes -// are the "digest". -// -// Because the Digest type is simply a string, once a valid Digest is -// obtained, comparisons are cheap, quick and simple to express with the -// standard equality operator. -// -// Verification -// -// The main benefit of using the Digest type is simple verification against a -// given digest. The Verifier interface, modeled after the stdlib hash.Hash -// interface, provides a common write sink for digest verification. After -// writing is complete, calling the Verifier.Verified method will indicate -// whether or not the stream of bytes matches the target digest. -// -// Missing Features -// -// In addition to the above, we intend to add the following features to this -// package: -// -// 1. A Digester type that supports write sink digest calculation. -// -// 2. Suspend and resume of ongoing digest calculations to support efficient digest verification in the registry. -// -package digest diff --git a/vendor/github.com/opencontainers/go-digest/verifiers.go b/vendor/github.com/opencontainers/go-digest/verifiers.go deleted file mode 100644 index afef506f4..000000000 --- a/vendor/github.com/opencontainers/go-digest/verifiers.go +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2019, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "hash" - "io" -) - -// Verifier presents a general verification interface to be used with message -// digests and other byte stream verifications. Users instantiate a Verifier -// from one of the various methods, write the data under test to it then check -// the result with the Verified method. -type Verifier interface { - io.Writer - - // Verified will return true if the content written to Verifier matches - // the digest. - Verified() bool -} - -type hashVerifier struct { - digest Digest - hash hash.Hash -} - -func (hv hashVerifier) Write(p []byte) (n int, err error) { - return hv.hash.Write(p) -} - -func (hv hashVerifier) Verified() bool { - return hv.digest == NewDigest(hv.digest.Algorithm(), hv.hash) -} diff --git a/vendor/github.com/robfig/cron/v3/.gitignore b/vendor/github.com/robfig/cron/v3/.gitignore deleted file mode 100644 index 00268614f..000000000 --- a/vendor/github.com/robfig/cron/v3/.gitignore +++ /dev/null @@ -1,22 +0,0 @@ -# Compiled Object files, Static and Dynamic libs (Shared Objects) -*.o -*.a -*.so - -# Folders -_obj -_test - -# Architecture specific extensions/prefixes -*.[568vq] -[568vq].out - -*.cgo1.go -*.cgo2.c -_cgo_defun.c -_cgo_gotypes.go -_cgo_export.* - -_testmain.go - -*.exe diff --git a/vendor/github.com/robfig/cron/v3/.travis.yml b/vendor/github.com/robfig/cron/v3/.travis.yml deleted file mode 100644 index 4f2ee4d97..000000000 --- a/vendor/github.com/robfig/cron/v3/.travis.yml +++ /dev/null @@ -1 +0,0 @@ -language: go diff --git a/vendor/github.com/robfig/cron/v3/LICENSE b/vendor/github.com/robfig/cron/v3/LICENSE deleted file mode 100644 index 3a0f627ff..000000000 --- a/vendor/github.com/robfig/cron/v3/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -Copyright (C) 2012 Rob Figueiredo -All Rights Reserved. - -MIT LICENSE - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/vendor/github.com/robfig/cron/v3/README.md b/vendor/github.com/robfig/cron/v3/README.md deleted file mode 100644 index 984c537c0..000000000 --- a/vendor/github.com/robfig/cron/v3/README.md +++ /dev/null @@ -1,125 +0,0 @@ -[![GoDoc](http://godoc.org/github.com/robfig/cron?status.png)](http://godoc.org/github.com/robfig/cron) -[![Build Status](https://travis-ci.org/robfig/cron.svg?branch=master)](https://travis-ci.org/robfig/cron) - -# cron - -Cron V3 has been released! - -To download the specific tagged release, run: - - go get github.com/robfig/cron/v3@v3.0.0 - -Import it in your program as: - - import "github.com/robfig/cron/v3" - -It requires Go 1.11 or later due to usage of Go Modules. - -Refer to the documentation here: -http://godoc.org/github.com/robfig/cron - -The rest of this document describes the the advances in v3 and a list of -breaking changes for users that wish to upgrade from an earlier version. - -## Upgrading to v3 (June 2019) - -cron v3 is a major upgrade to the library that addresses all outstanding bugs, -feature requests, and rough edges. It is based on a merge of master which -contains various fixes to issues found over the years and the v2 branch which -contains some backwards-incompatible features like the ability to remove cron -jobs. In addition, v3 adds support for Go Modules, cleans up rough edges like -the timezone support, and fixes a number of bugs. - -New features: - -- Support for Go modules. Callers must now import this library as - `github.com/robfig/cron/v3`, instead of `gopkg.in/...` - -- Fixed bugs: - - 0f01e6b parser: fix combining of Dow and Dom (#70) - - dbf3220 adjust times when rolling the clock forward to handle non-existent midnight (#157) - - eeecf15 spec_test.go: ensure an error is returned on 0 increment (#144) - - 70971dc cron.Entries(): update request for snapshot to include a reply channel (#97) - - 1cba5e6 cron: fix: removing a job causes the next scheduled job to run too late (#206) - -- Standard cron spec parsing by default (first field is "minute"), with an easy - way to opt into the seconds field (quartz-compatible). Although, note that the - year field (optional in Quartz) is not supported. - -- Extensible, key/value logging via an interface that complies with - the https://github.com/go-logr/logr project. - -- The new Chain & JobWrapper types allow you to install "interceptors" to add - cross-cutting behavior like the following: - - Recover any panics from jobs - - Delay a job's execution if the previous run hasn't completed yet - - Skip a job's execution if the previous run hasn't completed yet - - Log each job's invocations - - Notification when jobs are completed - -It is backwards incompatible with both v1 and v2. These updates are required: - -- The v1 branch accepted an optional seconds field at the beginning of the cron - spec. This is non-standard and has led to a lot of confusion. The new default - parser conforms to the standard as described by [the Cron wikipedia page]. - - UPDATING: To retain the old behavior, construct your Cron with a custom - parser: - - // Seconds field, required - cron.New(cron.WithSeconds()) - - // Seconds field, optional - cron.New( - cron.WithParser( - cron.SecondOptional | cron.Minute | cron.Hour | cron.Dom | cron.Month | cron.Dow | cron.Descriptor)) - -- The Cron type now accepts functional options on construction rather than the - previous ad-hoc behavior modification mechanisms (setting a field, calling a setter). - - UPDATING: Code that sets Cron.ErrorLogger or calls Cron.SetLocation must be - updated to provide those values on construction. - -- CRON_TZ is now the recommended way to specify the timezone of a single - schedule, which is sanctioned by the specification. The legacy "TZ=" prefix - will continue to be supported since it is unambiguous and easy to do so. - - UPDATING: No update is required. - -- By default, cron will no longer recover panics in jobs that it runs. - Recovering can be surprising (see issue #192) and seems to be at odds with - typical behavior of libraries. Relatedly, the `cron.WithPanicLogger` option - has been removed to accommodate the more general JobWrapper type. - - UPDATING: To opt into panic recovery and configure the panic logger: - - cron.New(cron.WithChain( - cron.Recover(logger), // or use cron.DefaultLogger - )) - -- In adding support for https://github.com/go-logr/logr, `cron.WithVerboseLogger` was - removed, since it is duplicative with the leveled logging. - - UPDATING: Callers should use `WithLogger` and specify a logger that does not - discard `Info` logs. For convenience, one is provided that wraps `*log.Logger`: - - cron.New( - cron.WithLogger(cron.VerbosePrintfLogger(logger))) - - -### Background - Cron spec format - -There are two cron spec formats in common usage: - -- The "standard" cron format, described on [the Cron wikipedia page] and used by - the cron Linux system utility. - -- The cron format used by [the Quartz Scheduler], commonly used for scheduled - jobs in Java software - -[the Cron wikipedia page]: https://en.wikipedia.org/wiki/Cron -[the Quartz Scheduler]: http://www.quartz-scheduler.org/documentation/quartz-2.3.0/tutorials/tutorial-lesson-06.html - -The original version of this package included an optional "seconds" field, which -made it incompatible with both of these formats. Now, the "standard" format is -the default format accepted, and the Quartz format is opt-in. diff --git a/vendor/github.com/robfig/cron/v3/chain.go b/vendor/github.com/robfig/cron/v3/chain.go deleted file mode 100644 index 9565b418e..000000000 --- a/vendor/github.com/robfig/cron/v3/chain.go +++ /dev/null @@ -1,92 +0,0 @@ -package cron - -import ( - "fmt" - "runtime" - "sync" - "time" -) - -// JobWrapper decorates the given Job with some behavior. -type JobWrapper func(Job) Job - -// Chain is a sequence of JobWrappers that decorates submitted jobs with -// cross-cutting behaviors like logging or synchronization. -type Chain struct { - wrappers []JobWrapper -} - -// NewChain returns a Chain consisting of the given JobWrappers. -func NewChain(c ...JobWrapper) Chain { - return Chain{c} -} - -// Then decorates the given job with all JobWrappers in the chain. -// -// This: -// NewChain(m1, m2, m3).Then(job) -// is equivalent to: -// m1(m2(m3(job))) -func (c Chain) Then(j Job) Job { - for i := range c.wrappers { - j = c.wrappers[len(c.wrappers)-i-1](j) - } - return j -} - -// Recover panics in wrapped jobs and log them with the provided logger. -func Recover(logger Logger) JobWrapper { - return func(j Job) Job { - return FuncJob(func() { - defer func() { - if r := recover(); r != nil { - const size = 64 << 10 - buf := make([]byte, size) - buf = buf[:runtime.Stack(buf, false)] - err, ok := r.(error) - if !ok { - err = fmt.Errorf("%v", r) - } - logger.Error(err, "panic", "stack", "...\n"+string(buf)) - } - }() - j.Run() - }) - } -} - -// DelayIfStillRunning serializes jobs, delaying subsequent runs until the -// previous one is complete. Jobs running after a delay of more than a minute -// have the delay logged at Info. -func DelayIfStillRunning(logger Logger) JobWrapper { - return func(j Job) Job { - var mu sync.Mutex - return FuncJob(func() { - start := time.Now() - mu.Lock() - defer mu.Unlock() - if dur := time.Since(start); dur > time.Minute { - logger.Info("delay", "duration", dur) - } - j.Run() - }) - } -} - -// SkipIfStillRunning skips an invocation of the Job if a previous invocation is -// still running. It logs skips to the given logger at Info level. -func SkipIfStillRunning(logger Logger) JobWrapper { - return func(j Job) Job { - var ch = make(chan struct{}, 1) - ch <- struct{}{} - return FuncJob(func() { - select { - case v := <-ch: - j.Run() - ch <- v - default: - logger.Info("skip") - } - }) - } -} diff --git a/vendor/github.com/robfig/cron/v3/constantdelay.go b/vendor/github.com/robfig/cron/v3/constantdelay.go deleted file mode 100644 index cd6e7b1be..000000000 --- a/vendor/github.com/robfig/cron/v3/constantdelay.go +++ /dev/null @@ -1,27 +0,0 @@ -package cron - -import "time" - -// ConstantDelaySchedule represents a simple recurring duty cycle, e.g. "Every 5 minutes". -// It does not support jobs more frequent than once a second. -type ConstantDelaySchedule struct { - Delay time.Duration -} - -// Every returns a crontab Schedule that activates once every duration. -// Delays of less than a second are not supported (will round up to 1 second). -// Any fields less than a Second are truncated. -func Every(duration time.Duration) ConstantDelaySchedule { - if duration < time.Second { - duration = time.Second - } - return ConstantDelaySchedule{ - Delay: duration - time.Duration(duration.Nanoseconds())%time.Second, - } -} - -// Next returns the next time this should be run. -// This rounds so that the next activation time will be on the second. -func (schedule ConstantDelaySchedule) Next(t time.Time) time.Time { - return t.Add(schedule.Delay - time.Duration(t.Nanosecond())*time.Nanosecond) -} diff --git a/vendor/github.com/robfig/cron/v3/cron.go b/vendor/github.com/robfig/cron/v3/cron.go deleted file mode 100644 index c7e917665..000000000 --- a/vendor/github.com/robfig/cron/v3/cron.go +++ /dev/null @@ -1,355 +0,0 @@ -package cron - -import ( - "context" - "sort" - "sync" - "time" -) - -// Cron keeps track of any number of entries, invoking the associated func as -// specified by the schedule. It may be started, stopped, and the entries may -// be inspected while running. -type Cron struct { - entries []*Entry - chain Chain - stop chan struct{} - add chan *Entry - remove chan EntryID - snapshot chan chan []Entry - running bool - logger Logger - runningMu sync.Mutex - location *time.Location - parser ScheduleParser - nextID EntryID - jobWaiter sync.WaitGroup -} - -// ScheduleParser is an interface for schedule spec parsers that return a Schedule -type ScheduleParser interface { - Parse(spec string) (Schedule, error) -} - -// Job is an interface for submitted cron jobs. -type Job interface { - Run() -} - -// Schedule describes a job's duty cycle. -type Schedule interface { - // Next returns the next activation time, later than the given time. - // Next is invoked initially, and then each time the job is run. - Next(time.Time) time.Time -} - -// EntryID identifies an entry within a Cron instance -type EntryID int - -// Entry consists of a schedule and the func to execute on that schedule. -type Entry struct { - // ID is the cron-assigned ID of this entry, which may be used to look up a - // snapshot or remove it. - ID EntryID - - // Schedule on which this job should be run. - Schedule Schedule - - // Next time the job will run, or the zero time if Cron has not been - // started or this entry's schedule is unsatisfiable - Next time.Time - - // Prev is the last time this job was run, or the zero time if never. - Prev time.Time - - // WrappedJob is the thing to run when the Schedule is activated. - WrappedJob Job - - // Job is the thing that was submitted to cron. - // It is kept around so that user code that needs to get at the job later, - // e.g. via Entries() can do so. - Job Job -} - -// Valid returns true if this is not the zero entry. -func (e Entry) Valid() bool { return e.ID != 0 } - -// byTime is a wrapper for sorting the entry array by time -// (with zero time at the end). -type byTime []*Entry - -func (s byTime) Len() int { return len(s) } -func (s byTime) Swap(i, j int) { s[i], s[j] = s[j], s[i] } -func (s byTime) Less(i, j int) bool { - // Two zero times should return false. - // Otherwise, zero is "greater" than any other time. - // (To sort it at the end of the list.) - if s[i].Next.IsZero() { - return false - } - if s[j].Next.IsZero() { - return true - } - return s[i].Next.Before(s[j].Next) -} - -// New returns a new Cron job runner, modified by the given options. -// -// Available Settings -// -// Time Zone -// Description: The time zone in which schedules are interpreted -// Default: time.Local -// -// Parser -// Description: Parser converts cron spec strings into cron.Schedules. -// Default: Accepts this spec: https://en.wikipedia.org/wiki/Cron -// -// Chain -// Description: Wrap submitted jobs to customize behavior. -// Default: A chain that recovers panics and logs them to stderr. -// -// See "cron.With*" to modify the default behavior. -func New(opts ...Option) *Cron { - c := &Cron{ - entries: nil, - chain: NewChain(), - add: make(chan *Entry), - stop: make(chan struct{}), - snapshot: make(chan chan []Entry), - remove: make(chan EntryID), - running: false, - runningMu: sync.Mutex{}, - logger: DefaultLogger, - location: time.Local, - parser: standardParser, - } - for _, opt := range opts { - opt(c) - } - return c -} - -// FuncJob is a wrapper that turns a func() into a cron.Job -type FuncJob func() - -func (f FuncJob) Run() { f() } - -// AddFunc adds a func to the Cron to be run on the given schedule. -// The spec is parsed using the time zone of this Cron instance as the default. -// An opaque ID is returned that can be used to later remove it. -func (c *Cron) AddFunc(spec string, cmd func()) (EntryID, error) { - return c.AddJob(spec, FuncJob(cmd)) -} - -// AddJob adds a Job to the Cron to be run on the given schedule. -// The spec is parsed using the time zone of this Cron instance as the default. -// An opaque ID is returned that can be used to later remove it. -func (c *Cron) AddJob(spec string, cmd Job) (EntryID, error) { - schedule, err := c.parser.Parse(spec) - if err != nil { - return 0, err - } - return c.Schedule(schedule, cmd), nil -} - -// Schedule adds a Job to the Cron to be run on the given schedule. -// The job is wrapped with the configured Chain. -func (c *Cron) Schedule(schedule Schedule, cmd Job) EntryID { - c.runningMu.Lock() - defer c.runningMu.Unlock() - c.nextID++ - entry := &Entry{ - ID: c.nextID, - Schedule: schedule, - WrappedJob: c.chain.Then(cmd), - Job: cmd, - } - if !c.running { - c.entries = append(c.entries, entry) - } else { - c.add <- entry - } - return entry.ID -} - -// Entries returns a snapshot of the cron entries. -func (c *Cron) Entries() []Entry { - c.runningMu.Lock() - defer c.runningMu.Unlock() - if c.running { - replyChan := make(chan []Entry, 1) - c.snapshot <- replyChan - return <-replyChan - } - return c.entrySnapshot() -} - -// Location gets the time zone location -func (c *Cron) Location() *time.Location { - return c.location -} - -// Entry returns a snapshot of the given entry, or nil if it couldn't be found. -func (c *Cron) Entry(id EntryID) Entry { - for _, entry := range c.Entries() { - if id == entry.ID { - return entry - } - } - return Entry{} -} - -// Remove an entry from being run in the future. -func (c *Cron) Remove(id EntryID) { - c.runningMu.Lock() - defer c.runningMu.Unlock() - if c.running { - c.remove <- id - } else { - c.removeEntry(id) - } -} - -// Start the cron scheduler in its own goroutine, or no-op if already started. -func (c *Cron) Start() { - c.runningMu.Lock() - defer c.runningMu.Unlock() - if c.running { - return - } - c.running = true - go c.run() -} - -// Run the cron scheduler, or no-op if already running. -func (c *Cron) Run() { - c.runningMu.Lock() - if c.running { - c.runningMu.Unlock() - return - } - c.running = true - c.runningMu.Unlock() - c.run() -} - -// run the scheduler.. this is private just due to the need to synchronize -// access to the 'running' state variable. -func (c *Cron) run() { - c.logger.Info("start") - - // Figure out the next activation times for each entry. - now := c.now() - for _, entry := range c.entries { - entry.Next = entry.Schedule.Next(now) - c.logger.Info("schedule", "now", now, "entry", entry.ID, "next", entry.Next) - } - - for { - // Determine the next entry to run. - sort.Sort(byTime(c.entries)) - - var timer *time.Timer - if len(c.entries) == 0 || c.entries[0].Next.IsZero() { - // If there are no entries yet, just sleep - it still handles new entries - // and stop requests. - timer = time.NewTimer(100000 * time.Hour) - } else { - timer = time.NewTimer(c.entries[0].Next.Sub(now)) - } - - for { - select { - case now = <-timer.C: - now = now.In(c.location) - c.logger.Info("wake", "now", now) - - // Run every entry whose next time was less than now - for _, e := range c.entries { - if e.Next.After(now) || e.Next.IsZero() { - break - } - c.startJob(e.WrappedJob) - e.Prev = e.Next - e.Next = e.Schedule.Next(now) - c.logger.Info("run", "now", now, "entry", e.ID, "next", e.Next) - } - - case newEntry := <-c.add: - timer.Stop() - now = c.now() - newEntry.Next = newEntry.Schedule.Next(now) - c.entries = append(c.entries, newEntry) - c.logger.Info("added", "now", now, "entry", newEntry.ID, "next", newEntry.Next) - - case replyChan := <-c.snapshot: - replyChan <- c.entrySnapshot() - continue - - case <-c.stop: - timer.Stop() - c.logger.Info("stop") - return - - case id := <-c.remove: - timer.Stop() - now = c.now() - c.removeEntry(id) - c.logger.Info("removed", "entry", id) - } - - break - } - } -} - -// startJob runs the given job in a new goroutine. -func (c *Cron) startJob(j Job) { - c.jobWaiter.Add(1) - go func() { - defer c.jobWaiter.Done() - j.Run() - }() -} - -// now returns current time in c location -func (c *Cron) now() time.Time { - return time.Now().In(c.location) -} - -// Stop stops the cron scheduler if it is running; otherwise it does nothing. -// A context is returned so the caller can wait for running jobs to complete. -func (c *Cron) Stop() context.Context { - c.runningMu.Lock() - defer c.runningMu.Unlock() - if c.running { - c.stop <- struct{}{} - c.running = false - } - ctx, cancel := context.WithCancel(context.Background()) - go func() { - c.jobWaiter.Wait() - cancel() - }() - return ctx -} - -// entrySnapshot returns a copy of the current cron entry list. -func (c *Cron) entrySnapshot() []Entry { - var entries = make([]Entry, len(c.entries)) - for i, e := range c.entries { - entries[i] = *e - } - return entries -} - -func (c *Cron) removeEntry(id EntryID) { - var entries []*Entry - for _, e := range c.entries { - if e.ID != id { - entries = append(entries, e) - } - } - c.entries = entries -} diff --git a/vendor/github.com/robfig/cron/v3/doc.go b/vendor/github.com/robfig/cron/v3/doc.go deleted file mode 100644 index fa5d08b4d..000000000 --- a/vendor/github.com/robfig/cron/v3/doc.go +++ /dev/null @@ -1,231 +0,0 @@ -/* -Package cron implements a cron spec parser and job runner. - -Installation - -To download the specific tagged release, run: - - go get github.com/robfig/cron/v3@v3.0.0 - -Import it in your program as: - - import "github.com/robfig/cron/v3" - -It requires Go 1.11 or later due to usage of Go Modules. - -Usage - -Callers may register Funcs to be invoked on a given schedule. Cron will run -them in their own goroutines. - - c := cron.New() - c.AddFunc("30 * * * *", func() { fmt.Println("Every hour on the half hour") }) - c.AddFunc("30 3-6,20-23 * * *", func() { fmt.Println(".. in the range 3-6am, 8-11pm") }) - c.AddFunc("CRON_TZ=Asia/Tokyo 30 04 * * *", func() { fmt.Println("Runs at 04:30 Tokyo time every day") }) - c.AddFunc("@hourly", func() { fmt.Println("Every hour, starting an hour from now") }) - c.AddFunc("@every 1h30m", func() { fmt.Println("Every hour thirty, starting an hour thirty from now") }) - c.Start() - .. - // Funcs are invoked in their own goroutine, asynchronously. - ... - // Funcs may also be added to a running Cron - c.AddFunc("@daily", func() { fmt.Println("Every day") }) - .. - // Inspect the cron job entries' next and previous run times. - inspect(c.Entries()) - .. - c.Stop() // Stop the scheduler (does not stop any jobs already running). - -CRON Expression Format - -A cron expression represents a set of times, using 5 space-separated fields. - - Field name | Mandatory? | Allowed values | Allowed special characters - ---------- | ---------- | -------------- | -------------------------- - Minutes | Yes | 0-59 | * / , - - Hours | Yes | 0-23 | * / , - - Day of month | Yes | 1-31 | * / , - ? - Month | Yes | 1-12 or JAN-DEC | * / , - - Day of week | Yes | 0-6 or SUN-SAT | * / , - ? - -Month and Day-of-week field values are case insensitive. "SUN", "Sun", and -"sun" are equally accepted. - -The specific interpretation of the format is based on the Cron Wikipedia page: -https://en.wikipedia.org/wiki/Cron - -Alternative Formats - -Alternative Cron expression formats support other fields like seconds. You can -implement that by creating a custom Parser as follows. - - cron.New( - cron.WithParser( - cron.NewParser( - cron.SecondOptional | cron.Minute | cron.Hour | cron.Dom | cron.Month | cron.Dow | cron.Descriptor))) - -Since adding Seconds is the most common modification to the standard cron spec, -cron provides a builtin function to do that, which is equivalent to the custom -parser you saw earlier, except that its seconds field is REQUIRED: - - cron.New(cron.WithSeconds()) - -That emulates Quartz, the most popular alternative Cron schedule format: -http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html - -Special Characters - -Asterisk ( * ) - -The asterisk indicates that the cron expression will match for all values of the -field; e.g., using an asterisk in the 5th field (month) would indicate every -month. - -Slash ( / ) - -Slashes are used to describe increments of ranges. For example 3-59/15 in the -1st field (minutes) would indicate the 3rd minute of the hour and every 15 -minutes thereafter. The form "*\/..." is equivalent to the form "first-last/...", -that is, an increment over the largest possible range of the field. The form -"N/..." is accepted as meaning "N-MAX/...", that is, starting at N, use the -increment until the end of that specific range. It does not wrap around. - -Comma ( , ) - -Commas are used to separate items of a list. For example, using "MON,WED,FRI" in -the 5th field (day of week) would mean Mondays, Wednesdays and Fridays. - -Hyphen ( - ) - -Hyphens are used to define ranges. For example, 9-17 would indicate every -hour between 9am and 5pm inclusive. - -Question mark ( ? ) - -Question mark may be used instead of '*' for leaving either day-of-month or -day-of-week blank. - -Predefined schedules - -You may use one of several pre-defined schedules in place of a cron expression. - - Entry | Description | Equivalent To - ----- | ----------- | ------------- - @yearly (or @annually) | Run once a year, midnight, Jan. 1st | 0 0 1 1 * - @monthly | Run once a month, midnight, first of month | 0 0 1 * * - @weekly | Run once a week, midnight between Sat/Sun | 0 0 * * 0 - @daily (or @midnight) | Run once a day, midnight | 0 0 * * * - @hourly | Run once an hour, beginning of hour | 0 * * * * - -Intervals - -You may also schedule a job to execute at fixed intervals, starting at the time it's added -or cron is run. This is supported by formatting the cron spec like this: - - @every - -where "duration" is a string accepted by time.ParseDuration -(http://golang.org/pkg/time/#ParseDuration). - -For example, "@every 1h30m10s" would indicate a schedule that activates after -1 hour, 30 minutes, 10 seconds, and then every interval after that. - -Note: The interval does not take the job runtime into account. For example, -if a job takes 3 minutes to run, and it is scheduled to run every 5 minutes, -it will have only 2 minutes of idle time between each run. - -Time zones - -By default, all interpretation and scheduling is done in the machine's local -time zone (time.Local). You can specify a different time zone on construction: - - cron.New( - cron.WithLocation(time.UTC)) - -Individual cron schedules may also override the time zone they are to be -interpreted in by providing an additional space-separated field at the beginning -of the cron spec, of the form "CRON_TZ=Asia/Tokyo". - -For example: - - # Runs at 6am in time.Local - cron.New().AddFunc("0 6 * * ?", ...) - - # Runs at 6am in America/New_York - nyc, _ := time.LoadLocation("America/New_York") - c := cron.New(cron.WithLocation(nyc)) - c.AddFunc("0 6 * * ?", ...) - - # Runs at 6am in Asia/Tokyo - cron.New().AddFunc("CRON_TZ=Asia/Tokyo 0 6 * * ?", ...) - - # Runs at 6am in Asia/Tokyo - c := cron.New(cron.WithLocation(nyc)) - c.SetLocation("America/New_York") - c.AddFunc("CRON_TZ=Asia/Tokyo 0 6 * * ?", ...) - -The prefix "TZ=(TIME ZONE)" is also supported for legacy compatibility. - -Be aware that jobs scheduled during daylight-savings leap-ahead transitions will -not be run! - -Job Wrappers - -A Cron runner may be configured with a chain of job wrappers to add -cross-cutting functionality to all submitted jobs. For example, they may be used -to achieve the following effects: - - - Recover any panics from jobs (activated by default) - - Delay a job's execution if the previous run hasn't completed yet - - Skip a job's execution if the previous run hasn't completed yet - - Log each job's invocations - -Install wrappers for all jobs added to a cron using the `cron.WithChain` option: - - cron.New(cron.WithChain( - cron.SkipIfStillRunning(logger), - )) - -Install wrappers for individual jobs by explicitly wrapping them: - - job = cron.NewChain( - cron.SkipIfStillRunning(logger), - ).Then(job) - -Thread safety - -Since the Cron service runs concurrently with the calling code, some amount of -care must be taken to ensure proper synchronization. - -All cron methods are designed to be correctly synchronized as long as the caller -ensures that invocations have a clear happens-before ordering between them. - -Logging - -Cron defines a Logger interface that is a subset of the one defined in -github.com/go-logr/logr. It has two logging levels (Info and Error), and -parameters are key/value pairs. This makes it possible for cron logging to plug -into structured logging systems. An adapter, [Verbose]PrintfLogger, is provided -to wrap the standard library *log.Logger. - -For additional insight into Cron operations, verbose logging may be activated -which will record job runs, scheduling decisions, and added or removed jobs. -Activate it with a one-off logger as follows: - - cron.New( - cron.WithLogger( - cron.VerbosePrintfLogger(log.New(os.Stdout, "cron: ", log.LstdFlags)))) - - -Implementation - -Cron entries are stored in an array, sorted by their next activation time. Cron -sleeps until the next job is due to be run. - -Upon waking: - - it runs each entry that is active on that second - - it calculates the next run times for the jobs that were run - - it re-sorts the array of entries by next activation time. - - it goes to sleep until the soonest job. -*/ -package cron diff --git a/vendor/github.com/robfig/cron/v3/logger.go b/vendor/github.com/robfig/cron/v3/logger.go deleted file mode 100644 index b4efcc053..000000000 --- a/vendor/github.com/robfig/cron/v3/logger.go +++ /dev/null @@ -1,86 +0,0 @@ -package cron - -import ( - "io/ioutil" - "log" - "os" - "strings" - "time" -) - -// DefaultLogger is used by Cron if none is specified. -var DefaultLogger Logger = PrintfLogger(log.New(os.Stdout, "cron: ", log.LstdFlags)) - -// DiscardLogger can be used by callers to discard all log messages. -var DiscardLogger Logger = PrintfLogger(log.New(ioutil.Discard, "", 0)) - -// Logger is the interface used in this package for logging, so that any backend -// can be plugged in. It is a subset of the github.com/go-logr/logr interface. -type Logger interface { - // Info logs routine messages about cron's operation. - Info(msg string, keysAndValues ...interface{}) - // Error logs an error condition. - Error(err error, msg string, keysAndValues ...interface{}) -} - -// PrintfLogger wraps a Printf-based logger (such as the standard library "log") -// into an implementation of the Logger interface which logs errors only. -func PrintfLogger(l interface{ Printf(string, ...interface{}) }) Logger { - return printfLogger{l, false} -} - -// VerbosePrintfLogger wraps a Printf-based logger (such as the standard library -// "log") into an implementation of the Logger interface which logs everything. -func VerbosePrintfLogger(l interface{ Printf(string, ...interface{}) }) Logger { - return printfLogger{l, true} -} - -type printfLogger struct { - logger interface{ Printf(string, ...interface{}) } - logInfo bool -} - -func (pl printfLogger) Info(msg string, keysAndValues ...interface{}) { - if pl.logInfo { - keysAndValues = formatTimes(keysAndValues) - pl.logger.Printf( - formatString(len(keysAndValues)), - append([]interface{}{msg}, keysAndValues...)...) - } -} - -func (pl printfLogger) Error(err error, msg string, keysAndValues ...interface{}) { - keysAndValues = formatTimes(keysAndValues) - pl.logger.Printf( - formatString(len(keysAndValues)+2), - append([]interface{}{msg, "error", err}, keysAndValues...)...) -} - -// formatString returns a logfmt-like format string for the number of -// key/values. -func formatString(numKeysAndValues int) string { - var sb strings.Builder - sb.WriteString("%s") - if numKeysAndValues > 0 { - sb.WriteString(", ") - } - for i := 0; i < numKeysAndValues/2; i++ { - if i > 0 { - sb.WriteString(", ") - } - sb.WriteString("%v=%v") - } - return sb.String() -} - -// formatTimes formats any time.Time values as RFC3339. -func formatTimes(keysAndValues []interface{}) []interface{} { - var formattedArgs []interface{} - for _, arg := range keysAndValues { - if t, ok := arg.(time.Time); ok { - arg = t.Format(time.RFC3339) - } - formattedArgs = append(formattedArgs, arg) - } - return formattedArgs -} diff --git a/vendor/github.com/robfig/cron/v3/option.go b/vendor/github.com/robfig/cron/v3/option.go deleted file mode 100644 index 09e4278e7..000000000 --- a/vendor/github.com/robfig/cron/v3/option.go +++ /dev/null @@ -1,45 +0,0 @@ -package cron - -import ( - "time" -) - -// Option represents a modification to the default behavior of a Cron. -type Option func(*Cron) - -// WithLocation overrides the timezone of the cron instance. -func WithLocation(loc *time.Location) Option { - return func(c *Cron) { - c.location = loc - } -} - -// WithSeconds overrides the parser used for interpreting job schedules to -// include a seconds field as the first one. -func WithSeconds() Option { - return WithParser(NewParser( - Second | Minute | Hour | Dom | Month | Dow | Descriptor, - )) -} - -// WithParser overrides the parser used for interpreting job schedules. -func WithParser(p ScheduleParser) Option { - return func(c *Cron) { - c.parser = p - } -} - -// WithChain specifies Job wrappers to apply to all jobs added to this cron. -// Refer to the Chain* functions in this package for provided wrappers. -func WithChain(wrappers ...JobWrapper) Option { - return func(c *Cron) { - c.chain = NewChain(wrappers...) - } -} - -// WithLogger uses the provided logger. -func WithLogger(logger Logger) Option { - return func(c *Cron) { - c.logger = logger - } -} diff --git a/vendor/github.com/robfig/cron/v3/parser.go b/vendor/github.com/robfig/cron/v3/parser.go deleted file mode 100644 index 3cf8879f7..000000000 --- a/vendor/github.com/robfig/cron/v3/parser.go +++ /dev/null @@ -1,434 +0,0 @@ -package cron - -import ( - "fmt" - "math" - "strconv" - "strings" - "time" -) - -// Configuration options for creating a parser. Most options specify which -// fields should be included, while others enable features. If a field is not -// included the parser will assume a default value. These options do not change -// the order fields are parse in. -type ParseOption int - -const ( - Second ParseOption = 1 << iota // Seconds field, default 0 - SecondOptional // Optional seconds field, default 0 - Minute // Minutes field, default 0 - Hour // Hours field, default 0 - Dom // Day of month field, default * - Month // Month field, default * - Dow // Day of week field, default * - DowOptional // Optional day of week field, default * - Descriptor // Allow descriptors such as @monthly, @weekly, etc. -) - -var places = []ParseOption{ - Second, - Minute, - Hour, - Dom, - Month, - Dow, -} - -var defaults = []string{ - "0", - "0", - "0", - "*", - "*", - "*", -} - -// A custom Parser that can be configured. -type Parser struct { - options ParseOption -} - -// NewParser creates a Parser with custom options. -// -// It panics if more than one Optional is given, since it would be impossible to -// correctly infer which optional is provided or missing in general. -// -// Examples -// -// // Standard parser without descriptors -// specParser := NewParser(Minute | Hour | Dom | Month | Dow) -// sched, err := specParser.Parse("0 0 15 */3 *") -// -// // Same as above, just excludes time fields -// subsParser := NewParser(Dom | Month | Dow) -// sched, err := specParser.Parse("15 */3 *") -// -// // Same as above, just makes Dow optional -// subsParser := NewParser(Dom | Month | DowOptional) -// sched, err := specParser.Parse("15 */3") -// -func NewParser(options ParseOption) Parser { - optionals := 0 - if options&DowOptional > 0 { - optionals++ - } - if options&SecondOptional > 0 { - optionals++ - } - if optionals > 1 { - panic("multiple optionals may not be configured") - } - return Parser{options} -} - -// Parse returns a new crontab schedule representing the given spec. -// It returns a descriptive error if the spec is not valid. -// It accepts crontab specs and features configured by NewParser. -func (p Parser) Parse(spec string) (Schedule, error) { - if len(spec) == 0 { - return nil, fmt.Errorf("empty spec string") - } - - // Extract timezone if present - var loc = time.Local - if strings.HasPrefix(spec, "TZ=") || strings.HasPrefix(spec, "CRON_TZ=") { - var err error - i := strings.Index(spec, " ") - eq := strings.Index(spec, "=") - if loc, err = time.LoadLocation(spec[eq+1 : i]); err != nil { - return nil, fmt.Errorf("provided bad location %s: %v", spec[eq+1:i], err) - } - spec = strings.TrimSpace(spec[i:]) - } - - // Handle named schedules (descriptors), if configured - if strings.HasPrefix(spec, "@") { - if p.options&Descriptor == 0 { - return nil, fmt.Errorf("parser does not accept descriptors: %v", spec) - } - return parseDescriptor(spec, loc) - } - - // Split on whitespace. - fields := strings.Fields(spec) - - // Validate & fill in any omitted or optional fields - var err error - fields, err = normalizeFields(fields, p.options) - if err != nil { - return nil, err - } - - field := func(field string, r bounds) uint64 { - if err != nil { - return 0 - } - var bits uint64 - bits, err = getField(field, r) - return bits - } - - var ( - second = field(fields[0], seconds) - minute = field(fields[1], minutes) - hour = field(fields[2], hours) - dayofmonth = field(fields[3], dom) - month = field(fields[4], months) - dayofweek = field(fields[5], dow) - ) - if err != nil { - return nil, err - } - - return &SpecSchedule{ - Second: second, - Minute: minute, - Hour: hour, - Dom: dayofmonth, - Month: month, - Dow: dayofweek, - Location: loc, - }, nil -} - -// normalizeFields takes a subset set of the time fields and returns the full set -// with defaults (zeroes) populated for unset fields. -// -// As part of performing this function, it also validates that the provided -// fields are compatible with the configured options. -func normalizeFields(fields []string, options ParseOption) ([]string, error) { - // Validate optionals & add their field to options - optionals := 0 - if options&SecondOptional > 0 { - options |= Second - optionals++ - } - if options&DowOptional > 0 { - options |= Dow - optionals++ - } - if optionals > 1 { - return nil, fmt.Errorf("multiple optionals may not be configured") - } - - // Figure out how many fields we need - max := 0 - for _, place := range places { - if options&place > 0 { - max++ - } - } - min := max - optionals - - // Validate number of fields - if count := len(fields); count < min || count > max { - if min == max { - return nil, fmt.Errorf("expected exactly %d fields, found %d: %s", min, count, fields) - } - return nil, fmt.Errorf("expected %d to %d fields, found %d: %s", min, max, count, fields) - } - - // Populate the optional field if not provided - if min < max && len(fields) == min { - switch { - case options&DowOptional > 0: - fields = append(fields, defaults[5]) // TODO: improve access to default - case options&SecondOptional > 0: - fields = append([]string{defaults[0]}, fields...) - default: - return nil, fmt.Errorf("unknown optional field") - } - } - - // Populate all fields not part of options with their defaults - n := 0 - expandedFields := make([]string, len(places)) - copy(expandedFields, defaults) - for i, place := range places { - if options&place > 0 { - expandedFields[i] = fields[n] - n++ - } - } - return expandedFields, nil -} - -var standardParser = NewParser( - Minute | Hour | Dom | Month | Dow | Descriptor, -) - -// ParseStandard returns a new crontab schedule representing the given -// standardSpec (https://en.wikipedia.org/wiki/Cron). It requires 5 entries -// representing: minute, hour, day of month, month and day of week, in that -// order. It returns a descriptive error if the spec is not valid. -// -// It accepts -// - Standard crontab specs, e.g. "* * * * ?" -// - Descriptors, e.g. "@midnight", "@every 1h30m" -func ParseStandard(standardSpec string) (Schedule, error) { - return standardParser.Parse(standardSpec) -} - -// getField returns an Int with the bits set representing all of the times that -// the field represents or error parsing field value. A "field" is a comma-separated -// list of "ranges". -func getField(field string, r bounds) (uint64, error) { - var bits uint64 - ranges := strings.FieldsFunc(field, func(r rune) bool { return r == ',' }) - for _, expr := range ranges { - bit, err := getRange(expr, r) - if err != nil { - return bits, err - } - bits |= bit - } - return bits, nil -} - -// getRange returns the bits indicated by the given expression: -// number | number "-" number [ "/" number ] -// or error parsing range. -func getRange(expr string, r bounds) (uint64, error) { - var ( - start, end, step uint - rangeAndStep = strings.Split(expr, "/") - lowAndHigh = strings.Split(rangeAndStep[0], "-") - singleDigit = len(lowAndHigh) == 1 - err error - ) - - var extra uint64 - if lowAndHigh[0] == "*" || lowAndHigh[0] == "?" { - start = r.min - end = r.max - extra = starBit - } else { - start, err = parseIntOrName(lowAndHigh[0], r.names) - if err != nil { - return 0, err - } - switch len(lowAndHigh) { - case 1: - end = start - case 2: - end, err = parseIntOrName(lowAndHigh[1], r.names) - if err != nil { - return 0, err - } - default: - return 0, fmt.Errorf("too many hyphens: %s", expr) - } - } - - switch len(rangeAndStep) { - case 1: - step = 1 - case 2: - step, err = mustParseInt(rangeAndStep[1]) - if err != nil { - return 0, err - } - - // Special handling: "N/step" means "N-max/step". - if singleDigit { - end = r.max - } - if step > 1 { - extra = 0 - } - default: - return 0, fmt.Errorf("too many slashes: %s", expr) - } - - if start < r.min { - return 0, fmt.Errorf("beginning of range (%d) below minimum (%d): %s", start, r.min, expr) - } - if end > r.max { - return 0, fmt.Errorf("end of range (%d) above maximum (%d): %s", end, r.max, expr) - } - if start > end { - return 0, fmt.Errorf("beginning of range (%d) beyond end of range (%d): %s", start, end, expr) - } - if step == 0 { - return 0, fmt.Errorf("step of range should be a positive number: %s", expr) - } - - return getBits(start, end, step) | extra, nil -} - -// parseIntOrName returns the (possibly-named) integer contained in expr. -func parseIntOrName(expr string, names map[string]uint) (uint, error) { - if names != nil { - if namedInt, ok := names[strings.ToLower(expr)]; ok { - return namedInt, nil - } - } - return mustParseInt(expr) -} - -// mustParseInt parses the given expression as an int or returns an error. -func mustParseInt(expr string) (uint, error) { - num, err := strconv.Atoi(expr) - if err != nil { - return 0, fmt.Errorf("failed to parse int from %s: %s", expr, err) - } - if num < 0 { - return 0, fmt.Errorf("negative number (%d) not allowed: %s", num, expr) - } - - return uint(num), nil -} - -// getBits sets all bits in the range [min, max], modulo the given step size. -func getBits(min, max, step uint) uint64 { - var bits uint64 - - // If step is 1, use shifts. - if step == 1 { - return ^(math.MaxUint64 << (max + 1)) & (math.MaxUint64 << min) - } - - // Else, use a simple loop. - for i := min; i <= max; i += step { - bits |= 1 << i - } - return bits -} - -// all returns all bits within the given bounds. (plus the star bit) -func all(r bounds) uint64 { - return getBits(r.min, r.max, 1) | starBit -} - -// parseDescriptor returns a predefined schedule for the expression, or error if none matches. -func parseDescriptor(descriptor string, loc *time.Location) (Schedule, error) { - switch descriptor { - case "@yearly", "@annually": - return &SpecSchedule{ - Second: 1 << seconds.min, - Minute: 1 << minutes.min, - Hour: 1 << hours.min, - Dom: 1 << dom.min, - Month: 1 << months.min, - Dow: all(dow), - Location: loc, - }, nil - - case "@monthly": - return &SpecSchedule{ - Second: 1 << seconds.min, - Minute: 1 << minutes.min, - Hour: 1 << hours.min, - Dom: 1 << dom.min, - Month: all(months), - Dow: all(dow), - Location: loc, - }, nil - - case "@weekly": - return &SpecSchedule{ - Second: 1 << seconds.min, - Minute: 1 << minutes.min, - Hour: 1 << hours.min, - Dom: all(dom), - Month: all(months), - Dow: 1 << dow.min, - Location: loc, - }, nil - - case "@daily", "@midnight": - return &SpecSchedule{ - Second: 1 << seconds.min, - Minute: 1 << minutes.min, - Hour: 1 << hours.min, - Dom: all(dom), - Month: all(months), - Dow: all(dow), - Location: loc, - }, nil - - case "@hourly": - return &SpecSchedule{ - Second: 1 << seconds.min, - Minute: 1 << minutes.min, - Hour: all(hours), - Dom: all(dom), - Month: all(months), - Dow: all(dow), - Location: loc, - }, nil - - } - - const every = "@every " - if strings.HasPrefix(descriptor, every) { - duration, err := time.ParseDuration(descriptor[len(every):]) - if err != nil { - return nil, fmt.Errorf("failed to parse duration %s: %s", descriptor, err) - } - return Every(duration), nil - } - - return nil, fmt.Errorf("unrecognized descriptor: %s", descriptor) -} diff --git a/vendor/github.com/robfig/cron/v3/spec.go b/vendor/github.com/robfig/cron/v3/spec.go deleted file mode 100644 index fa1e241e5..000000000 --- a/vendor/github.com/robfig/cron/v3/spec.go +++ /dev/null @@ -1,188 +0,0 @@ -package cron - -import "time" - -// SpecSchedule specifies a duty cycle (to the second granularity), based on a -// traditional crontab specification. It is computed initially and stored as bit sets. -type SpecSchedule struct { - Second, Minute, Hour, Dom, Month, Dow uint64 - - // Override location for this schedule. - Location *time.Location -} - -// bounds provides a range of acceptable values (plus a map of name to value). -type bounds struct { - min, max uint - names map[string]uint -} - -// The bounds for each field. -var ( - seconds = bounds{0, 59, nil} - minutes = bounds{0, 59, nil} - hours = bounds{0, 23, nil} - dom = bounds{1, 31, nil} - months = bounds{1, 12, map[string]uint{ - "jan": 1, - "feb": 2, - "mar": 3, - "apr": 4, - "may": 5, - "jun": 6, - "jul": 7, - "aug": 8, - "sep": 9, - "oct": 10, - "nov": 11, - "dec": 12, - }} - dow = bounds{0, 6, map[string]uint{ - "sun": 0, - "mon": 1, - "tue": 2, - "wed": 3, - "thu": 4, - "fri": 5, - "sat": 6, - }} -) - -const ( - // Set the top bit if a star was included in the expression. - starBit = 1 << 63 -) - -// Next returns the next time this schedule is activated, greater than the given -// time. If no time can be found to satisfy the schedule, return the zero time. -func (s *SpecSchedule) Next(t time.Time) time.Time { - // General approach - // - // For Month, Day, Hour, Minute, Second: - // Check if the time value matches. If yes, continue to the next field. - // If the field doesn't match the schedule, then increment the field until it matches. - // While incrementing the field, a wrap-around brings it back to the beginning - // of the field list (since it is necessary to re-verify previous field - // values) - - // Convert the given time into the schedule's timezone, if one is specified. - // Save the original timezone so we can convert back after we find a time. - // Note that schedules without a time zone specified (time.Local) are treated - // as local to the time provided. - origLocation := t.Location() - loc := s.Location - if loc == time.Local { - loc = t.Location() - } - if s.Location != time.Local { - t = t.In(s.Location) - } - - // Start at the earliest possible time (the upcoming second). - t = t.Add(1*time.Second - time.Duration(t.Nanosecond())*time.Nanosecond) - - // This flag indicates whether a field has been incremented. - added := false - - // If no time is found within five years, return zero. - yearLimit := t.Year() + 5 - -WRAP: - if t.Year() > yearLimit { - return time.Time{} - } - - // Find the first applicable month. - // If it's this month, then do nothing. - for 1< 12 { - t = t.Add(time.Duration(24-t.Hour()) * time.Hour) - } else { - t = t.Add(time.Duration(-t.Hour()) * time.Hour) - } - } - - if t.Day() == 1 { - goto WRAP - } - } - - for 1< 0 - dowMatch bool = 1< 0 - ) - if s.Dom&starBit > 0 || s.Dow&starBit > 0 { - return domMatch && dowMatch - } - return domMatch || dowMatch -} diff --git a/vendor/k8s.io/apiextensions-apiserver/LICENSE b/vendor/k8s.io/apiextensions-apiserver/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/vendor/k8s.io/apiextensions-apiserver/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/features/OWNERS b/vendor/k8s.io/apiextensions-apiserver/pkg/features/OWNERS deleted file mode 100644 index 3e1dd9f08..000000000 --- a/vendor/k8s.io/apiextensions-apiserver/pkg/features/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -approvers: - - feature-approvers diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go deleted file mode 100644 index e59d6213f..000000000 --- a/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go +++ /dev/null @@ -1,79 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package features - -import ( - "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/version" - utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/component-base/featuregate" -) - -// Every feature gate should have an entry here following this template: -// -// // owner: @username -// MyFeature() bool -// -// Feature gates should be listed in alphabetical, case-sensitive -// (upper before any lower case character) order. This reduces the risk -// of code conflicts because changes are more likely to be scattered -// across the file. -const ( - // owner: @michaelasp - // kep: https://kep.k8s.io/4192 - // - // Enables the tracking of observed generation in CRD status and conditions. - CRDObservedGenerationTracking featuregate.Feature = "CRDObservedGenerationTracking" - - // owner: @alexzielenski - // - // Ignores errors raised on unchanged fields of Custom Resources - // across UPDATE/PATCH requests. - CRDValidationRatcheting featuregate.Feature = "CRDValidationRatcheting" - - // owner: @jpbetz - // - // CustomResourceDefinitions may include SelectableFields to declare which fields - // may be used as field selectors. - CustomResourceFieldSelectors featuregate.Feature = "CustomResourceFieldSelectors" -) - -func init() { - runtime.Must(utilfeature.DefaultMutableFeatureGate.AddVersioned(defaultVersionedKubernetesFeatureGates)) -} - -// defaultVersionedKubernetesFeatureGates consists of all known Kubernetes-specific feature keys with VersionedSpecs. -// To add a new feature, define a key for it above and add it below. The features will be -// available throughout Kubernetes binaries. -// To support n-3 compatibility version, features may only be removed 3 releases after graduation. -// -// Entries are alphabetized. -var defaultVersionedKubernetesFeatureGates = map[featuregate.Feature]featuregate.VersionedSpecs{ - CRDObservedGenerationTracking: { - {Version: version.MustParse("1.35"), PreRelease: featuregate.Beta, Default: false}, - }, - CRDValidationRatcheting: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, LockToDefault: true, PreRelease: featuregate.GA}, - }, - CustomResourceFieldSelectors: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, LockToDefault: true, PreRelease: featuregate.GA}, - }, -} diff --git a/vendor/k8s.io/client-go/util/retry/OWNERS b/vendor/k8s.io/client-go/util/retry/OWNERS deleted file mode 100644 index 75736b5aa..000000000 --- a/vendor/k8s.io/client-go/util/retry/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - caesarxuchao diff --git a/vendor/k8s.io/client-go/util/retry/util.go b/vendor/k8s.io/client-go/util/retry/util.go deleted file mode 100644 index 57d3cd49c..000000000 --- a/vendor/k8s.io/client-go/util/retry/util.go +++ /dev/null @@ -1,105 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package retry - -import ( - "time" - - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/util/wait" -) - -// DefaultRetry is the recommended retry for a conflict where multiple clients -// are making changes to the same resource. -var DefaultRetry = wait.Backoff{ - Steps: 5, - Duration: 10 * time.Millisecond, - Factor: 1.0, - Jitter: 0.1, -} - -// DefaultBackoff is the recommended backoff for a conflict where a client -// may be attempting to make an unrelated modification to a resource under -// active management by one or more controllers. -var DefaultBackoff = wait.Backoff{ - Steps: 4, - Duration: 10 * time.Millisecond, - Factor: 5.0, - Jitter: 0.1, -} - -// OnError allows the caller to retry fn in case the error returned by fn is retriable -// according to the provided function. backoff defines the maximum retries and the wait -// interval between two retries. -func OnError(backoff wait.Backoff, retriable func(error) bool, fn func() error) error { - var lastErr error - err := wait.ExponentialBackoff(backoff, func() (bool, error) { - err := fn() - switch { - case err == nil: - return true, nil - case retriable(err): - lastErr = err - return false, nil - default: - return false, err - } - }) - if wait.Interrupted(err) { - err = lastErr - } - return err -} - -// RetryOnConflict is used to make an update to a resource when you have to worry about -// conflicts caused by other code making unrelated updates to the resource at the same -// time. fn should fetch the resource to be modified, make appropriate changes to it, try -// to update it, and return (unmodified) the error from the update function. On a -// successful update, RetryOnConflict will return nil. If the update function returns a -// "Conflict" error, RetryOnConflict will wait some amount of time as described by -// backoff, and then try again. On a non-"Conflict" error, or if it retries too many times -// and gives up, RetryOnConflict will return an error to the caller. -// -// err := retry.RetryOnConflict(retry.DefaultRetry, func() error { -// // Fetch the resource here; you need to refetch it on every try, since -// // if you got a conflict on the last update attempt then you need to get -// // the current version before making your own changes. -// pod, err := c.Pods("mynamespace").Get(name, metav1.GetOptions{}) -// if err != nil { -// return err -// } -// -// // Make whatever updates to the resource are needed -// pod.Status.Phase = v1.PodFailed -// -// // Try to update -// _, err = c.Pods("mynamespace").UpdateStatus(pod) -// // You have to return err itself here (not wrapped inside another error) -// // so that RetryOnConflict can identify it correctly. -// return err -// }) -// if err != nil { -// // May be conflict if max retries were hit, or may be something unrelated -// // like permissions or a network error -// return err -// } -// ... -// -// TODO: Make Backoff an interface? -func RetryOnConflict(backoff wait.Backoff, fn func() error) error { - return OnError(backoff, errors.IsConflict, fn) -} diff --git a/vendor/k8s.io/component-helpers/LICENSE b/vendor/k8s.io/component-helpers/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/vendor/k8s.io/component-helpers/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/k8s.io/component-helpers/node/util/sysctl/namespace.go b/vendor/k8s.io/component-helpers/node/util/sysctl/namespace.go deleted file mode 100644 index 7042766ad..000000000 --- a/vendor/k8s.io/component-helpers/node/util/sysctl/namespace.go +++ /dev/null @@ -1,104 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package sysctl - -import ( - "strings" -) - -// Namespace represents a kernel namespace name. -type Namespace string - -const ( - // refer to https://man7.org/linux/man-pages/man7/ipc_namespaces.7.html - // the Linux IPC namespace - IPCNamespace = Namespace("IPC") - - // refer to https://man7.org/linux/man-pages/man7/network_namespaces.7.html - // the network namespace - NetNamespace = Namespace("Net") - - // the zero value if no namespace is known - UnknownNamespace = Namespace("") -) - -var nameToNamespace = map[string]Namespace{ - // kernel semaphore parameters: SEMMSL, SEMMNS, SEMOPM, and SEMMNI. - "kernel.sem": IPCNamespace, - // kernel shared memory limits include shmall, shmmax, shmmni, and shm_rmid_forced. - "kernel.shmall": IPCNamespace, - "kernel.shmmax": IPCNamespace, - "kernel.shmmni": IPCNamespace, - "kernel.shm_rmid_forced": IPCNamespace, - // make backward compatibility to know the namespace of kernel.shm* - "kernel.shm": IPCNamespace, - // kernel messages include msgmni, msgmax and msgmnb. - "kernel.msgmax": IPCNamespace, - "kernel.msgmnb": IPCNamespace, - "kernel.msgmni": IPCNamespace, - // make backward compatibility to know the namespace of kernel.msg* - "kernel.msg": IPCNamespace, -} - -var prefixToNamespace = map[string]Namespace{ - "net": NetNamespace, - // mqueue filesystem provides the necessary kernel features to enable the creation - // of a user space library that implements the POSIX message queues API. - "fs.mqueue": IPCNamespace, -} - -// namespaceOf returns the namespace of the Linux kernel for a sysctl, or -// unknownNamespace if the sysctl is not known to be namespaced. -// The second return is prefixed bool. -// It returns true if the key is prefixed with a key in the prefix map -func namespaceOf(val string) Namespace { - if ns, found := nameToNamespace[val]; found { - return ns - } - for p, ns := range prefixToNamespace { - if strings.HasPrefix(val, p+".") { - return ns - } - } - return UnknownNamespace -} - -// GetNamespace extracts information from a sysctl string. It returns: -// 1. The sysctl namespace, which can be one of the following: IPC, Net, or unknown. -// 2. sysctlOrPrefix: the prefix of the sysctl parameter until the first '*'. -// If there is no '*', it will be the original string. -// 3. 'prefixed' is set to true if the sysctl parameter contains '*' or it is in the prefixToNamespace key list, in most cases, it is a suffix *. -// -// For example, if the input sysctl is 'net.ipv6.neigh.*', GetNamespace will return: -// - The Net namespace -// - The sysctlOrPrefix as 'net.ipv6.neigh' -// - 'prefixed' set to true -// -// For the input sysctl 'net.ipv6.conf.all.disable_ipv6', GetNamespace will return: -// - The Net namespace -// - The sysctlOrPrefix as 'net.ipv6.conf.all.disable_ipv6' -// - 'prefixed' set to false. -func GetNamespace(sysctl string) (ns Namespace, sysctlOrPrefix string, prefixed bool) { - sysctlOrPrefix = NormalizeName(sysctl) - firstIndex := strings.IndexAny(sysctlOrPrefix, "*") - if firstIndex != -1 { - sysctlOrPrefix = sysctlOrPrefix[:firstIndex] - prefixed = true - } - ns = namespaceOf(sysctlOrPrefix) - return -} diff --git a/vendor/k8s.io/component-helpers/node/util/sysctl/sysctl.go b/vendor/k8s.io/component-helpers/node/util/sysctl/sysctl.go deleted file mode 100644 index 3233c7d18..000000000 --- a/vendor/k8s.io/component-helpers/node/util/sysctl/sysctl.go +++ /dev/null @@ -1,131 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package sysctl - -import ( - "os" - "path" - "strconv" - "strings" -) - -const ( - sysctlBase = "/proc/sys" - // VMOvercommitMemory refers to the sysctl variable responsible for defining - // the memory over-commit policy used by kernel. - VMOvercommitMemory = "vm/overcommit_memory" - // VMPanicOnOOM refers to the sysctl variable responsible for defining - // the OOM behavior used by kernel. - VMPanicOnOOM = "vm/panic_on_oom" - // KernelPanic refers to the sysctl variable responsible for defining - // the timeout after a panic for the kernel to reboot. - KernelPanic = "kernel/panic" - // KernelPanicOnOops refers to the sysctl variable responsible for defining - // the kernel behavior when an oops or BUG is encountered. - KernelPanicOnOops = "kernel/panic_on_oops" - // RootMaxKeys refers to the sysctl variable responsible for defining - // the maximum number of keys that the root user (UID 0 in the root user namespace) may own. - RootMaxKeys = "kernel/keys/root_maxkeys" - // RootMaxBytes refers to the sysctl variable responsible for defining - // the maximum number of bytes of data that the root user (UID 0 in the root user namespace) - // can hold in the payloads of the keys owned by root. - RootMaxBytes = "kernel/keys/root_maxbytes" - - // VMOvercommitMemoryAlways represents that kernel performs no memory over-commit handling. - VMOvercommitMemoryAlways = 1 - // VMPanicOnOOMInvokeOOMKiller represents that kernel calls the oom_killer function when OOM occurs. - VMPanicOnOOMInvokeOOMKiller = 0 - - // KernelPanicOnOopsAlways represents that kernel panics on kernel oops. - KernelPanicOnOopsAlways = 1 - // KernelPanicRebootTimeout is the timeout seconds after a panic for the kernel to reboot. - KernelPanicRebootTimeout = 10 - - // RootMaxKeysSetting is the maximum number of keys that the root user (UID 0 in the root user namespace) may own. - // Needed since docker creates a new key per container. - RootMaxKeysSetting = 1000000 - // RootMaxBytesSetting is the maximum number of bytes of data that the root user (UID 0 in the root user namespace) - // can hold in the payloads of the keys owned by root. - // Allocate 25 bytes per key * number of MaxKeys. - RootMaxBytesSetting = RootMaxKeysSetting * 25 -) - -// Interface is an injectable interface for running sysctl commands. -type Interface interface { - // GetSysctl returns the value for the specified sysctl setting - GetSysctl(sysctl string) (int, error) - // SetSysctl modifies the specified sysctl flag to the new value - SetSysctl(sysctl string, newVal int) error -} - -// New returns a new Interface for accessing sysctl -func New() Interface { - return &procSysctl{} -} - -// procSysctl implements Interface by reading and writing files under /proc/sys -type procSysctl struct { -} - -// GetSysctl returns the value for the specified sysctl setting -func (*procSysctl) GetSysctl(sysctl string) (int, error) { - data, err := os.ReadFile(path.Join(sysctlBase, sysctl)) - if err != nil { - return -1, err - } - val, err := strconv.Atoi(strings.Trim(string(data), " \n")) - if err != nil { - return -1, err - } - return val, nil -} - -// SetSysctl modifies the specified sysctl flag to the new value -func (*procSysctl) SetSysctl(sysctl string, newVal int) error { - return os.WriteFile(path.Join(sysctlBase, sysctl), []byte(strconv.Itoa(newVal)), 0640) -} - -// NormalizeName can return sysctl variables in dots separator format. -// The '/' separator is also accepted in place of a '.'. -// Convert the sysctl variables to dots separator format for validation. -// More info: -// -// https://man7.org/linux/man-pages/man8/sysctl.8.html -// https://man7.org/linux/man-pages/man5/sysctl.d.5.html -func NormalizeName(val string) string { - if val == "" { - return val - } - firstSepIndex := strings.IndexAny(val, "./") - // if the first found is `.` like `net.ipv4.conf.eno2/100.rp_filter` - if firstSepIndex == -1 || val[firstSepIndex] == '.' { - return val - } - - // for `net/ipv4/conf/eno2.100/rp_filter`, swap the use of `.` and `/` - // to `net.ipv4.conf.eno2/100.rp_filter` - f := func(r rune) rune { - switch r { - case '.': - return '/' - case '/': - return '.' - } - return r - } - return strings.Map(f, val) -} diff --git a/vendor/k8s.io/component-helpers/resource/OWNERS b/vendor/k8s.io/component-helpers/resource/OWNERS deleted file mode 100644 index d238eb22d..000000000 --- a/vendor/k8s.io/component-helpers/resource/OWNERS +++ /dev/null @@ -1,13 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -options: - no_parent_owners: true -approvers: - - api-approvers -reviewers: - - sig-node-reviewers - - sig-scheduling -labels: - - sig/node - - sig/scheduling - - kind/api-change diff --git a/vendor/k8s.io/component-helpers/resource/helpers.go b/vendor/k8s.io/component-helpers/resource/helpers.go deleted file mode 100644 index c8b3c7ece..000000000 --- a/vendor/k8s.io/component-helpers/resource/helpers.go +++ /dev/null @@ -1,507 +0,0 @@ -/* -Copyright 2024 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package resource - -import ( - "strings" - - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/sets" -) - -// ContainerType signifies container type -type ContainerType int - -const ( - // Containers is for normal containers - Containers ContainerType = 1 << iota - // InitContainers is for init containers - InitContainers -) - -// PodResourcesOptions controls the behavior of PodRequests and PodLimits. -type PodResourcesOptions struct { - // Reuse, if provided will be reused to accumulate resources and returned by the PodRequests or PodLimits - // functions. All existing values in Reuse will be lost. - Reuse v1.ResourceList - // UseStatusResources indicates whether resources reported by the PodStatus should be considered - // when evaluating the pod resources. This MUST be false if the InPlacePodVerticalScaling - // feature is not enabled. - UseStatusResources bool - // InPlacePodLevelResourcesVerticalScalingEnabled indicates whether resources reported by the - // PodStatus should be considered when evaluating the pod resources. - // This MUST be false if the InPlacePodLevelResourcesVerticalScaling - // feature is not enabled. - InPlacePodLevelResourcesVerticalScalingEnabled bool - // ExcludeOverhead controls if pod overhead is excluded from the calculation. - ExcludeOverhead bool - // ContainerFn is called with the effective resources required for each container within the pod. - ContainerFn func(res v1.ResourceList, containerType ContainerType) - // NonMissingContainerRequests if provided will replace any missing container level requests for the specified resources - // with the given values. If the requests for those resources are explicitly set, even if zero, they will not be modified. - NonMissingContainerRequests v1.ResourceList - // SkipPodLevelResources controls whether pod-level resources should be skipped - // from the calculation. If pod-level resources are not set in PodSpec, - // pod-level resources will always be skipped. - SkipPodLevelResources bool - // SkipContainerLevelResources - SkipContainerLevelResources bool -} - -var supportedPodLevelResources = sets.New(v1.ResourceCPU, v1.ResourceMemory) - -func SupportedPodLevelResources() sets.Set[v1.ResourceName] { - return supportedPodLevelResources.Clone().Insert(v1.ResourceHugePagesPrefix) -} - -// IsSupportedPodLevelResources checks if a given resource is supported by pod-level -// resource management through the PodLevelResources feature. Returns true if -// the resource is supported. -func IsSupportedPodLevelResource(name v1.ResourceName) bool { - return supportedPodLevelResources.Has(name) || strings.HasPrefix(string(name), v1.ResourceHugePagesPrefix) -} - -// IsPodLevelResourcesSet check if PodLevelResources pod-level resources are set. -// It returns true if either the Requests or Limits maps are non-empty. -func IsPodLevelResourcesSet(pod *v1.Pod) bool { - if pod.Spec.Resources == nil { - return false - } - - if (len(pod.Spec.Resources.Requests) + len(pod.Spec.Resources.Limits)) == 0 { - return false - } - - for resourceName := range pod.Spec.Resources.Requests { - if IsSupportedPodLevelResource(resourceName) { - return true - } - } - - for resourceName := range pod.Spec.Resources.Limits { - if IsSupportedPodLevelResource(resourceName) { - return true - } - } - - return false -} - -// IsPodLevelRequestsSet checks if pod-level requests are set. It returns true if -// Requests map is non-empty. -func IsPodLevelRequestsSet(pod *v1.Pod) bool { - if pod.Spec.Resources == nil { - return false - } - - if len(pod.Spec.Resources.Requests) == 0 { - return false - } - - for resourceName := range pod.Spec.Resources.Requests { - if IsSupportedPodLevelResource(resourceName) { - return true - } - } - - return false -} - -// IsPodLevelLimitsSet checks if pod-level limits are set. It returns true if -// Limits map is non-empty and contains at least one supported pod-level resource. -func IsPodLevelLimitsSet(pod *v1.Pod) bool { - if pod.Spec.Resources == nil { - return false - } - - if len(pod.Spec.Resources.Limits) == 0 { - return false - } - - for resourceName := range pod.Spec.Resources.Limits { - if IsSupportedPodLevelResource(resourceName) { - return true - } - } - - return false -} - -// PodRequests computes the total pod requests per the PodResourcesOptions supplied. -// If PodResourcesOptions is nil, then the requests are returned including pod overhead. -// If the PodLevelResources feature is enabled AND the pod-level resources are set, -// those pod-level values are used in calculating Pod Requests. -// The computation is part of the API and must be reviewed as an API change. -func PodRequests(pod *v1.Pod, opts PodResourcesOptions) v1.ResourceList { - reqs := v1.ResourceList{} - if !opts.SkipContainerLevelResources { - reqs = AggregateContainerRequests(pod, opts) - } - - if !opts.SkipPodLevelResources && IsPodLevelRequestsSet(pod) { - - var effectiveReqs v1.ResourceList - if opts.InPlacePodLevelResourcesVerticalScalingEnabled && opts.UseStatusResources { - if pod.Status.Resources != nil { - effectiveReqs = determineEffectiveRequests(pod, &ResourceState{ - Spec: pod.Spec.Resources.Requests, - Actuated: pod.Status.Resources.Requests, - Allocated: pod.Status.AllocatedResources, - }) - } - } - - for resourceName, quantity := range pod.Spec.Resources.Requests { - if IsSupportedPodLevelResource(resourceName) { - reqs[resourceName] = quantity - if effectiveReqs != nil { - reqs[resourceName] = effectiveReqs[resourceName] - } - - } - } - } - - // Add overhead for running a pod to the sum of requests if requested: - if !opts.ExcludeOverhead && pod.Spec.Overhead != nil { - addResourceList(reqs, pod.Spec.Overhead) - } - - return reqs -} - -// AggregateContainerRequests computes the total resource requests of all the containers -// in a pod. This computation folows the formula defined in the KEP for sidecar -// containers. See https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/753-sidecar-containers#resources-calculation-for-scheduling-and-pod-admission -// for more details. -func AggregateContainerRequests(pod *v1.Pod, opts PodResourcesOptions) v1.ResourceList { - // attempt to reuse the maps if passed, or allocate otherwise - reqs := reuseOrClearResourceList(opts.Reuse) - var containerStatuses map[string]*v1.ContainerStatus - if opts.UseStatusResources { - containerStatuses = make(map[string]*v1.ContainerStatus, len(pod.Status.ContainerStatuses)+len(pod.Status.InitContainerStatuses)) - for i := range pod.Status.ContainerStatuses { - containerStatuses[pod.Status.ContainerStatuses[i].Name] = &pod.Status.ContainerStatuses[i] - } - for i := range pod.Status.InitContainerStatuses { - containerStatuses[pod.Status.InitContainerStatuses[i].Name] = &pod.Status.InitContainerStatuses[i] - } - } - - for _, container := range pod.Spec.Containers { - containerReqs := container.Resources.Requests - if opts.UseStatusResources { - cs, found := containerStatuses[container.Name] - if found && cs.Resources != nil { - containerReqs = determineEffectiveRequests(pod, &ResourceState{ - Spec: container.Resources.Requests, - Actuated: cs.Resources.Requests, - Allocated: cs.AllocatedResources, - }) - } - } - - if len(opts.NonMissingContainerRequests) > 0 { - containerReqs = applyNonMissing(containerReqs, opts.NonMissingContainerRequests) - } - - if opts.ContainerFn != nil { - opts.ContainerFn(containerReqs, Containers) - } - - addResourceList(reqs, containerReqs) - } - - restartableInitContainerReqs := v1.ResourceList{} - initContainerReqs := v1.ResourceList{} - // init containers define the minimum of any resource - // - // Let's say `InitContainerUse(i)` is the resource requirements when the i-th - // init container is initializing, then - // `InitContainerUse(i) = sum(Resources of restartable init containers with index < i) + Resources of i-th init container`. - // - // See https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/753-sidecar-containers#exposing-pod-resource-requirements for the detail. - for _, container := range pod.Spec.InitContainers { - containerReqs := container.Resources.Requests - if opts.UseStatusResources { - if container.RestartPolicy != nil && *container.RestartPolicy == v1.ContainerRestartPolicyAlways { - cs, found := containerStatuses[container.Name] - if found && cs.Resources != nil { - containerReqs = determineEffectiveRequests(pod, &ResourceState{ - Spec: container.Resources.Requests, - Actuated: cs.Resources.Requests, - Allocated: cs.AllocatedResources, - }) - } - } - } - - if len(opts.NonMissingContainerRequests) > 0 { - containerReqs = applyNonMissing(containerReqs, opts.NonMissingContainerRequests) - } - - if container.RestartPolicy != nil && *container.RestartPolicy == v1.ContainerRestartPolicyAlways { - // and add them to the resulting cumulative container requests - addResourceList(reqs, containerReqs) - - // track our cumulative restartable init container resources - addResourceList(restartableInitContainerReqs, containerReqs) - containerReqs = restartableInitContainerReqs - } else { - tmp := v1.ResourceList{} - addResourceList(tmp, containerReqs) - addResourceList(tmp, restartableInitContainerReqs) - containerReqs = tmp - } - - if opts.ContainerFn != nil { - opts.ContainerFn(containerReqs, InitContainers) - } - maxResourceList(initContainerReqs, containerReqs) - } - - maxResourceList(reqs, initContainerReqs) - return reqs -} - -type ResourceState struct { - Spec v1.ResourceList - Actuated v1.ResourceList - Allocated v1.ResourceList -} - -func determineEffectiveRequests(pod *v1.Pod, rs *ResourceState) v1.ResourceList { - if IsPodResizeInfeasible(pod) { - return max(rs.Actuated, rs.Allocated) - } - return max(rs.Spec, rs.Actuated, rs.Allocated) -} - -func determineEffectiveLimits(pod *v1.Pod, rs *ResourceState) v1.ResourceList { - if IsPodResizeInfeasible(pod) { - return rs.Actuated.DeepCopy() - } - return max(rs.Spec, rs.Actuated) -} - -// IsPodResizeInfeasible returns true if the pod condition PodResizePending is set to infeasible. -func IsPodResizeInfeasible(pod *v1.Pod) bool { - for _, condition := range pod.Status.Conditions { - if condition.Type == v1.PodResizePending { - return condition.Reason == v1.PodReasonInfeasible - } - } - return false -} - -// IsPodResizeDeferred returns true if the pod condition PodResizePending is set to deferred. -func IsPodResizeDeferred(pod *v1.Pod) bool { - for _, condition := range pod.Status.Conditions { - if condition.Type == v1.PodResizePending { - return condition.Reason == v1.PodReasonDeferred - } - } - return false -} - -// applyNonMissing will return a copy of the given resource list with any missing values replaced by the nonMissing values -func applyNonMissing(reqs v1.ResourceList, nonMissing v1.ResourceList) v1.ResourceList { - cp := v1.ResourceList{} - for k, v := range reqs { - cp[k] = v.DeepCopy() - } - - for k, v := range nonMissing { - if _, found := reqs[k]; !found { - rk := cp[k] - rk.Add(v) - cp[k] = rk - } - } - return cp -} - -// PodLimits computes the pod limits per the PodResourcesOptions supplied. If PodResourcesOptions is nil, then -// the limits are returned including pod overhead for any non-zero limits. The computation is part of the API and must be reviewed -// as an API change. -func PodLimits(pod *v1.Pod, opts PodResourcesOptions) v1.ResourceList { - // attempt to reuse the maps if passed, or allocate otherwise - limits := AggregateContainerLimits(pod, opts) - if !opts.SkipPodLevelResources && IsPodLevelResourcesSet(pod) { - - var effectiveLims v1.ResourceList - if opts.InPlacePodLevelResourcesVerticalScalingEnabled && opts.UseStatusResources { - if pod.Status.Resources != nil { - effectiveLims = determineEffectiveLimits(pod, &ResourceState{ - Spec: pod.Spec.Resources.Limits, - Actuated: pod.Status.Resources.Limits, - }) - } - } - for resourceName, quantity := range pod.Spec.Resources.Limits { - if IsSupportedPodLevelResource(resourceName) { - limits[resourceName] = quantity - if effectiveLims != nil { - limits[resourceName] = effectiveLims[resourceName] - } - } - } - } - - // Add overhead to non-zero limits if requested: - if !opts.ExcludeOverhead && pod.Spec.Overhead != nil { - for name, quantity := range pod.Spec.Overhead { - if value, ok := limits[name]; ok && !value.IsZero() { - value.Add(quantity) - limits[name] = value - } - } - } - - return limits -} - -// AggregateContainerLimits computes the aggregated resource limits of all the containers -// in a pod. This computation follows the formula defined in the KEP for sidecar -// containers. See https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/753-sidecar-containers#resources-calculation-for-scheduling-and-pod-admission -// for more details. -func AggregateContainerLimits(pod *v1.Pod, opts PodResourcesOptions) v1.ResourceList { - // attempt to reuse the maps if passed, or allocate otherwise - limits := reuseOrClearResourceList(opts.Reuse) - var containerStatuses map[string]*v1.ContainerStatus - if opts.UseStatusResources { - containerStatuses = make(map[string]*v1.ContainerStatus, len(pod.Status.ContainerStatuses)+len(pod.Status.InitContainerStatuses)) - for i := range pod.Status.ContainerStatuses { - containerStatuses[pod.Status.ContainerStatuses[i].Name] = &pod.Status.ContainerStatuses[i] - } - for i := range pod.Status.InitContainerStatuses { - containerStatuses[pod.Status.InitContainerStatuses[i].Name] = &pod.Status.InitContainerStatuses[i] - } - } - - for _, container := range pod.Spec.Containers { - containerLimits := container.Resources.Limits - if opts.UseStatusResources { - cs, found := containerStatuses[container.Name] - if found && cs.Resources != nil { - containerLimits = determineEffectiveLimits(pod, &ResourceState{ - Spec: containerLimits, - Actuated: cs.Resources.Limits, - }) - } - } - - if opts.ContainerFn != nil { - opts.ContainerFn(containerLimits, Containers) - } - addResourceList(limits, containerLimits) - } - - restartableInitContainerLimits := v1.ResourceList{} - initContainerLimits := v1.ResourceList{} - // init containers define the minimum of any resource - // - // Let's say `InitContainerUse(i)` is the resource requirements when the i-th - // init container is initializing, then - // `InitContainerUse(i) = sum(Resources of restartable init containers with index < i) + Resources of i-th init container`. - // - // See https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/753-sidecar-containers#exposing-pod-resource-requirements for the detail. - for _, container := range pod.Spec.InitContainers { - containerLimits := container.Resources.Limits - if opts.UseStatusResources { - if container.RestartPolicy != nil && *container.RestartPolicy == v1.ContainerRestartPolicyAlways { - cs, found := containerStatuses[container.Name] - if found && cs.Resources != nil { - containerLimits = determineEffectiveLimits(pod, &ResourceState{ - Spec: containerLimits, - Actuated: cs.Resources.Limits, - }) - } - } - } - - // Is the init container marked as a restartable init container? - if container.RestartPolicy != nil && *container.RestartPolicy == v1.ContainerRestartPolicyAlways { - addResourceList(limits, containerLimits) - - // track our cumulative restartable init container resources - addResourceList(restartableInitContainerLimits, containerLimits) - containerLimits = restartableInitContainerLimits - } else { - tmp := v1.ResourceList{} - addResourceList(tmp, containerLimits) - addResourceList(tmp, restartableInitContainerLimits) - containerLimits = tmp - } - - if opts.ContainerFn != nil { - opts.ContainerFn(containerLimits, InitContainers) - } - maxResourceList(initContainerLimits, containerLimits) - } - - maxResourceList(limits, initContainerLimits) - return limits -} - -// addResourceList adds the resources in newList to list. -func addResourceList(list, newList v1.ResourceList) { - for name, quantity := range newList { - if value, ok := list[name]; !ok { - list[name] = quantity.DeepCopy() - } else { - value.Add(quantity) - list[name] = value - } - } -} - -// maxResourceList sets list to the greater of list/newList for every resource in newList -func maxResourceList(list, newList v1.ResourceList) { - for name, quantity := range newList { - if value, ok := list[name]; !ok || quantity.Cmp(value) > 0 { - list[name] = quantity.DeepCopy() - } - } -} - -// max returns the result of max(a, b...) for each named resource and is only used if we can't -// accumulate into an existing resource list -func max(a v1.ResourceList, b ...v1.ResourceList) v1.ResourceList { - var result v1.ResourceList - if a != nil { - result = a.DeepCopy() - } else { - result = v1.ResourceList{} - } - for _, other := range b { - maxResourceList(result, other) - } - return result -} - -// reuseOrClearResourceList is a helper for avoiding excessive allocations of -// resource lists within the inner loop of resource calculations. -func reuseOrClearResourceList(reuse v1.ResourceList) v1.ResourceList { - if reuse == nil { - return make(v1.ResourceList, 4) - } - for k := range reuse { - delete(reuse, k) - } - return reuse -} diff --git a/vendor/k8s.io/component-helpers/scheduling/corev1/doc.go b/vendor/k8s.io/component-helpers/scheduling/corev1/doc.go deleted file mode 100644 index 98c82aadd..000000000 --- a/vendor/k8s.io/component-helpers/scheduling/corev1/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package corev1 defines functions which should satisfy one of the following: -// -// - Be used by more than one core component (kube-scheduler, kubelet, kube-apiserver, etc.) -// - Be used by a core component and another kubernetes project (cluster-autoscaler, descheduler) -// -// And be a scheduling feature. -package corev1 diff --git a/vendor/k8s.io/component-helpers/scheduling/corev1/helpers.go b/vendor/k8s.io/component-helpers/scheduling/corev1/helpers.go deleted file mode 100644 index 5e311df98..000000000 --- a/vendor/k8s.io/component-helpers/scheduling/corev1/helpers.go +++ /dev/null @@ -1,102 +0,0 @@ -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package corev1 - -import ( - "encoding/json" - - v1 "k8s.io/api/core/v1" - "k8s.io/component-helpers/scheduling/corev1/nodeaffinity" - "k8s.io/klog/v2" -) - -// PodPriority returns priority of the given pod. -func PodPriority(pod *v1.Pod) int32 { - if pod.Spec.Priority != nil { - return *pod.Spec.Priority - } - // When priority of a running pod is nil, it means it was created at a time - // that there was no global default priority class and the priority class - // name of the pod was empty. So, we resolve to the static default priority. - return 0 -} - -// MatchNodeSelectorTerms checks whether the node labels and fields match node selector terms in ORed; -// nil or empty term matches no objects. -func MatchNodeSelectorTerms( - node *v1.Node, - nodeSelector *v1.NodeSelector, -) (bool, error) { - if node == nil { - return false, nil - } - return nodeaffinity.NewLazyErrorNodeSelector(nodeSelector).Match(node) -} - -// GetAvoidPodsFromNodeAnnotations scans the list of annotations and -// returns the pods that needs to be avoided for this node from scheduling -func GetAvoidPodsFromNodeAnnotations(annotations map[string]string) (v1.AvoidPods, error) { - var avoidPods v1.AvoidPods - if len(annotations) > 0 && annotations[v1.PreferAvoidPodsAnnotationKey] != "" { - err := json.Unmarshal([]byte(annotations[v1.PreferAvoidPodsAnnotationKey]), &avoidPods) - if err != nil { - return avoidPods, err - } - } - return avoidPods, nil -} - -// TolerationsTolerateTaint checks if taint is tolerated by any of the tolerations. -func TolerationsTolerateTaint(logger klog.Logger, tolerations []v1.Toleration, taint *v1.Taint, enableComparisonOperators bool) bool { - for i := range tolerations { - if tolerations[i].ToleratesTaint(logger, taint, enableComparisonOperators) { - return true - } - } - return false -} - -type taintsFilterFunc func(*v1.Taint) bool - -// FindMatchingUntoleratedTaint checks if the given tolerations tolerates -// all the filtered taints, and returns the first taint without a toleration -// Returns true if there is an untolerated taint -// Returns false if all taints are tolerated -func FindMatchingUntoleratedTaint(logger klog.Logger, taints []v1.Taint, tolerations []v1.Toleration, inclusionFilter taintsFilterFunc, enableComparisonOperators bool) (v1.Taint, bool) { - filteredTaints := getFilteredTaints(taints, inclusionFilter) - for _, taint := range filteredTaints { - if !TolerationsTolerateTaint(logger, tolerations, &taint, enableComparisonOperators) { - return taint, true - } - } - return v1.Taint{}, false -} - -// getFilteredTaints returns a list of taints satisfying the filter predicate -func getFilteredTaints(taints []v1.Taint, inclusionFilter taintsFilterFunc) []v1.Taint { - if inclusionFilter == nil { - return taints - } - filteredTaints := []v1.Taint{} - for _, taint := range taints { - if !inclusionFilter(&taint) { - continue - } - filteredTaints = append(filteredTaints, taint) - } - return filteredTaints -} diff --git a/vendor/k8s.io/component-helpers/scheduling/corev1/nodeaffinity/nodeaffinity.go b/vendor/k8s.io/component-helpers/scheduling/corev1/nodeaffinity/nodeaffinity.go deleted file mode 100644 index 88aa8efc2..000000000 --- a/vendor/k8s.io/component-helpers/scheduling/corev1/nodeaffinity/nodeaffinity.go +++ /dev/null @@ -1,333 +0,0 @@ -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package nodeaffinity - -import ( - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/fields" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/selection" - "k8s.io/apimachinery/pkg/util/errors" - "k8s.io/apimachinery/pkg/util/validation/field" -) - -// NodeSelector is a runtime representation of v1.NodeSelector. -type NodeSelector struct { - lazy LazyErrorNodeSelector -} - -// LazyErrorNodeSelector is a runtime representation of v1.NodeSelector that -// only reports parse errors when no terms match. -type LazyErrorNodeSelector struct { - terms []nodeSelectorTerm -} - -// NewNodeSelector returns a NodeSelector or aggregate parsing errors found. -func NewNodeSelector(ns *v1.NodeSelector, opts ...field.PathOption) (*NodeSelector, error) { - lazy := NewLazyErrorNodeSelector(ns, opts...) - var errs []error - for _, term := range lazy.terms { - if len(term.parseErrs) > 0 { - errs = append(errs, term.parseErrs...) - } - } - if len(errs) != 0 { - return nil, errors.Flatten(errors.NewAggregate(errs)) - } - return &NodeSelector{lazy: *lazy}, nil -} - -// NewLazyErrorNodeSelector creates a NodeSelector that only reports parse -// errors when no terms match. -func NewLazyErrorNodeSelector(ns *v1.NodeSelector, opts ...field.PathOption) *LazyErrorNodeSelector { - p := field.ToPath(opts...) - parsedTerms := make([]nodeSelectorTerm, 0, len(ns.NodeSelectorTerms)) - path := p.Child("nodeSelectorTerms") - for i, term := range ns.NodeSelectorTerms { - // nil or empty term selects no objects - if isEmptyNodeSelectorTerm(&term) { - continue - } - p := path.Index(i) - parsedTerms = append(parsedTerms, newNodeSelectorTerm(&term, p)) - } - return &LazyErrorNodeSelector{ - terms: parsedTerms, - } -} - -// Match checks whether the node labels and fields match the selector terms, ORed; -// nil or empty term matches no objects. -func (ns *NodeSelector) Match(node *v1.Node) bool { - // parse errors are reported in NewNodeSelector. - match, _ := ns.lazy.Match(node) - return match -} - -// Match checks whether the node labels and fields match the selector terms, ORed; -// nil or empty term matches no objects. -// Parse errors are only returned if no terms matched. -func (ns *LazyErrorNodeSelector) Match(node *v1.Node) (bool, error) { - if node == nil { - return false, nil - } - nodeLabels := labels.Set(node.Labels) - nodeFields := extractNodeFields(node) - - var errs []error - for _, term := range ns.terms { - match, tErrs := term.match(nodeLabels, nodeFields) - if len(tErrs) > 0 { - errs = append(errs, tErrs...) - continue - } - if match { - return true, nil - } - } - return false, errors.Flatten(errors.NewAggregate(errs)) -} - -// PreferredSchedulingTerms is a runtime representation of []v1.PreferredSchedulingTerms. -type PreferredSchedulingTerms struct { - terms []preferredSchedulingTerm -} - -// NewPreferredSchedulingTerms returns a PreferredSchedulingTerms or all the parsing errors found. -// If a v1.PreferredSchedulingTerm has a 0 weight, its parsing is skipped. -func NewPreferredSchedulingTerms(terms []v1.PreferredSchedulingTerm, opts ...field.PathOption) (*PreferredSchedulingTerms, error) { - p := field.ToPath(opts...) - var errs []error - parsedTerms := make([]preferredSchedulingTerm, 0, len(terms)) - for i, term := range terms { - path := p.Index(i) - if term.Weight == 0 || isEmptyNodeSelectorTerm(&term.Preference) { - continue - } - parsedTerm := preferredSchedulingTerm{ - nodeSelectorTerm: newNodeSelectorTerm(&term.Preference, path), - weight: int(term.Weight), - } - if len(parsedTerm.parseErrs) > 0 { - errs = append(errs, parsedTerm.parseErrs...) - } else { - parsedTerms = append(parsedTerms, parsedTerm) - } - } - if len(errs) != 0 { - return nil, errors.Flatten(errors.NewAggregate(errs)) - } - return &PreferredSchedulingTerms{terms: parsedTerms}, nil -} - -// Score returns a score for a Node: the sum of the weights of the terms that -// match the Node. -func (t *PreferredSchedulingTerms) Score(node *v1.Node) int64 { - var score int64 - nodeLabels := labels.Set(node.Labels) - nodeFields := extractNodeFields(node) - for _, term := range t.terms { - // parse errors are reported in NewPreferredSchedulingTerms. - if ok, _ := term.match(nodeLabels, nodeFields); ok { - score += int64(term.weight) - } - } - return score -} - -func isEmptyNodeSelectorTerm(term *v1.NodeSelectorTerm) bool { - return len(term.MatchExpressions) == 0 && len(term.MatchFields) == 0 -} - -func extractNodeFields(n *v1.Node) fields.Set { - f := make(fields.Set) - if len(n.Name) > 0 { - f["metadata.name"] = n.Name - } - return f -} - -type nodeSelectorTerm struct { - matchLabels labels.Selector - matchFields fields.Selector - parseErrs []error -} - -func newNodeSelectorTerm(term *v1.NodeSelectorTerm, path *field.Path) nodeSelectorTerm { - var parsedTerm nodeSelectorTerm - var errs []error - if len(term.MatchExpressions) != 0 { - p := path.Child("matchExpressions") - parsedTerm.matchLabels, errs = nodeSelectorRequirementsAsSelector(term.MatchExpressions, p) - if errs != nil { - parsedTerm.parseErrs = append(parsedTerm.parseErrs, errs...) - } - } - if len(term.MatchFields) != 0 { - p := path.Child("matchFields") - parsedTerm.matchFields, errs = nodeSelectorRequirementsAsFieldSelector(term.MatchFields, p) - if errs != nil { - parsedTerm.parseErrs = append(parsedTerm.parseErrs, errs...) - } - } - return parsedTerm -} - -func (t *nodeSelectorTerm) match(nodeLabels labels.Set, nodeFields fields.Set) (bool, []error) { - if t.parseErrs != nil { - return false, t.parseErrs - } - if t.matchLabels != nil && !t.matchLabels.Matches(nodeLabels) { - return false, nil - } - if t.matchFields != nil && len(nodeFields) > 0 && !t.matchFields.Matches(nodeFields) { - return false, nil - } - return true, nil -} - -var validSelectorOperators = []v1.NodeSelectorOperator{ - v1.NodeSelectorOpIn, - v1.NodeSelectorOpNotIn, - v1.NodeSelectorOpExists, - v1.NodeSelectorOpDoesNotExist, - v1.NodeSelectorOpGt, - v1.NodeSelectorOpLt, -} - -// nodeSelectorRequirementsAsSelector converts the []NodeSelectorRequirement api type into a struct that implements -// labels.Selector. -func nodeSelectorRequirementsAsSelector(nsm []v1.NodeSelectorRequirement, path *field.Path) (labels.Selector, []error) { - if len(nsm) == 0 { - return labels.Nothing(), nil - } - var errs []error - selector := labels.NewSelector() - for i, expr := range nsm { - p := path.Index(i) - var op selection.Operator - switch expr.Operator { - case v1.NodeSelectorOpIn: - op = selection.In - case v1.NodeSelectorOpNotIn: - op = selection.NotIn - case v1.NodeSelectorOpExists: - op = selection.Exists - case v1.NodeSelectorOpDoesNotExist: - op = selection.DoesNotExist - case v1.NodeSelectorOpGt: - op = selection.GreaterThan - case v1.NodeSelectorOpLt: - op = selection.LessThan - default: - errs = append(errs, field.NotSupported(p.Child("operator"), expr.Operator, validSelectorOperators)) - continue - } - r, err := labels.NewRequirement(expr.Key, op, expr.Values, field.WithPath(p)) - if err != nil { - errs = append(errs, err) - } else { - selector = selector.Add(*r) - } - } - if len(errs) != 0 { - return nil, errs - } - return selector, nil -} - -var validFieldSelectorOperators = []v1.NodeSelectorOperator{ - v1.NodeSelectorOpIn, - v1.NodeSelectorOpNotIn, -} - -// nodeSelectorRequirementsAsFieldSelector converts the []NodeSelectorRequirement core type into a struct that implements -// fields.Selector. -func nodeSelectorRequirementsAsFieldSelector(nsr []v1.NodeSelectorRequirement, path *field.Path) (fields.Selector, []error) { - if len(nsr) == 0 { - return fields.Nothing(), nil - } - var errs []error - - var selectors []fields.Selector - for i, expr := range nsr { - p := path.Index(i) - switch expr.Operator { - case v1.NodeSelectorOpIn: - if len(expr.Values) != 1 { - errs = append(errs, field.Invalid(p.Child("values"), expr.Values, "must have one element")) - } else { - selectors = append(selectors, fields.OneTermEqualSelector(expr.Key, expr.Values[0])) - } - - case v1.NodeSelectorOpNotIn: - if len(expr.Values) != 1 { - errs = append(errs, field.Invalid(p.Child("values"), expr.Values, "must have one element")) - } else { - selectors = append(selectors, fields.OneTermNotEqualSelector(expr.Key, expr.Values[0])) - } - - default: - errs = append(errs, field.NotSupported(p.Child("operator"), expr.Operator, validFieldSelectorOperators)) - } - } - - if len(errs) != 0 { - return nil, errs - } - return fields.AndSelectors(selectors...), nil -} - -type preferredSchedulingTerm struct { - nodeSelectorTerm - weight int -} - -type RequiredNodeAffinity struct { - labelSelector labels.Selector - nodeSelector *LazyErrorNodeSelector -} - -// GetRequiredNodeAffinity returns the parsing result of pod's nodeSelector and nodeAffinity. -func GetRequiredNodeAffinity(pod *v1.Pod) RequiredNodeAffinity { - var selector labels.Selector - if len(pod.Spec.NodeSelector) > 0 { - selector = labels.SelectorFromSet(pod.Spec.NodeSelector) - } - // Use LazyErrorNodeSelector for backwards compatibility of parsing errors. - var affinity *LazyErrorNodeSelector - if pod.Spec.Affinity != nil && - pod.Spec.Affinity.NodeAffinity != nil && - pod.Spec.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution != nil { - affinity = NewLazyErrorNodeSelector(pod.Spec.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution) - } - return RequiredNodeAffinity{labelSelector: selector, nodeSelector: affinity} -} - -// Match checks whether the pod is schedulable onto nodes according to -// the requirements in both nodeSelector and nodeAffinity. -func (s RequiredNodeAffinity) Match(node *v1.Node) (bool, error) { - if s.labelSelector != nil { - if !s.labelSelector.Matches(labels.Set(node.Labels)) { - return false, nil - } - } - if s.nodeSelector != nil { - return s.nodeSelector.Match(node) - } - return true, nil -} diff --git a/vendor/k8s.io/controller-manager/pkg/features/OWNERS b/vendor/k8s.io/controller-manager/pkg/features/OWNERS deleted file mode 100644 index 3e1dd9f08..000000000 --- a/vendor/k8s.io/controller-manager/pkg/features/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -approvers: - - feature-approvers diff --git a/vendor/k8s.io/controller-manager/pkg/features/kube_features.go b/vendor/k8s.io/controller-manager/pkg/features/kube_features.go deleted file mode 100644 index da82429bc..000000000 --- a/vendor/k8s.io/controller-manager/pkg/features/kube_features.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package features - -import ( - "k8s.io/apimachinery/pkg/util/version" - "k8s.io/component-base/featuregate" -) - -// Every feature gate should have an entry here following this template: -// -// // owner: @username -// MyFeature featuregate.Feature = "MyFeature" -// -// Feature gates should be listed in alphabetical, case-sensitive -// (upper before any lower case character) order. This reduces the risk -// of code conflicts because changes are more likely to be scattered -// across the file. -const ( - // owner: @lukasmetzner - // kep: http://kep.k8s.io/5237 - // Use watch based route controller reconciliation instead of frequent periodic reconciliation. - CloudControllerManagerWatchBasedRoutesReconciliation featuregate.Feature = "CloudControllerManagerWatchBasedRoutesReconciliation" - - // owner: @nckturner - // kep: http://kep.k8s.io/2699 - // Enable webhook in cloud controller manager - CloudControllerManagerWebhook featuregate.Feature = "CloudControllerManagerWebhook" -) - -func SetupCurrentKubernetesSpecificFeatureGates(featuregates featuregate.MutableVersionedFeatureGate) error { - return featuregates.AddVersioned(versionedCloudPublicFeatureGates) -} - -// versionedCloudPublicFeatureGates consists of versioned cloud-specific feature keys. -// To add a new feature, define a key for it above and add it here. -var versionedCloudPublicFeatureGates = map[featuregate.Feature]featuregate.VersionedSpecs{ - CloudControllerManagerWatchBasedRoutesReconciliation: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - CloudControllerManagerWebhook: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - }, -} diff --git a/vendor/k8s.io/kubelet/LICENSE b/vendor/k8s.io/kubelet/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/vendor/k8s.io/kubelet/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/k8s.io/kubelet/pkg/apis/OWNERS b/vendor/k8s.io/kubelet/pkg/apis/OWNERS deleted file mode 100644 index d147d935b..000000000 --- a/vendor/k8s.io/kubelet/pkg/apis/OWNERS +++ /dev/null @@ -1,10 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -# Disable inheritance as this is an api owners file -options: - no_parent_owners: true -approvers: - - api-approvers -labels: - - area/kubelet - - sig/node diff --git a/vendor/k8s.io/kubelet/pkg/apis/well_known_labels.go b/vendor/k8s.io/kubelet/pkg/apis/well_known_labels.go deleted file mode 100644 index 96890b553..000000000 --- a/vendor/k8s.io/kubelet/pkg/apis/well_known_labels.go +++ /dev/null @@ -1,87 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apis - -import ( - "strings" - - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/sets" -) - -const ( - // LabelOS is a label to indicate the operating system of the node. - // The OS labels are promoted to GA in 1.14. kubelet applies GA labels and stop applying the beta OS labels in Kubernetes 1.19. - LabelOS = "beta.kubernetes.io/os" - // LabelArch is a label to indicate the architecture of the node. - // The Arch labels are promoted to GA in 1.14. kubelet applies GA labels and stop applying the beta Arch labels in Kubernetes 1.19. - LabelArch = "beta.kubernetes.io/arch" -) - -var kubeletLabels = sets.NewString( - v1.LabelHostname, - v1.LabelTopologyZone, - v1.LabelTopologyRegion, - v1.LabelFailureDomainBetaZone, - v1.LabelFailureDomainBetaRegion, - v1.LabelInstanceType, - v1.LabelInstanceTypeStable, - v1.LabelOSStable, - v1.LabelArchStable, - - LabelOS, - LabelArch, -) - -var kubeletLabelNamespaces = sets.NewString( - v1.LabelNamespaceSuffixKubelet, - v1.LabelNamespaceSuffixNode, -) - -// KubeletLabels returns the list of label keys kubelets are allowed to set on their own Node objects -func KubeletLabels() []string { - return kubeletLabels.List() -} - -// KubeletLabelNamespaces returns the list of label key namespaces kubelets are allowed to set on their own Node objects -func KubeletLabelNamespaces() []string { - return kubeletLabelNamespaces.List() -} - -// IsKubeletLabel returns true if the label key is one that kubelets are allowed to set on their own Node object. -// This checks if the key is in the KubeletLabels() list, or has a namespace in the KubeletLabelNamespaces() list. -func IsKubeletLabel(key string) bool { - if kubeletLabels.Has(key) { - return true - } - - namespace := getLabelNamespace(key) - for allowedNamespace := range kubeletLabelNamespaces { - if namespace == allowedNamespace || strings.HasSuffix(namespace, "."+allowedNamespace) { - return true - } - } - - return false -} - -func getLabelNamespace(key string) string { - if parts := strings.SplitN(key, "/", 2); len(parts) == 2 { - return parts[0] - } - return "" -} diff --git a/vendor/k8s.io/kubernetes/LICENSE b/vendor/k8s.io/kubernetes/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/vendor/k8s.io/kubernetes/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/k8s.io/kubernetes/pkg/api/legacyscheme/scheme.go b/vendor/k8s.io/kubernetes/pkg/api/legacyscheme/scheme.go deleted file mode 100644 index f9baf7a01..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/legacyscheme/scheme.go +++ /dev/null @@ -1,37 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package legacyscheme - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer" -) - -var ( - // Scheme is the default instance of runtime.Scheme to which types in the Kubernetes API are already registered. - // NOTE: If you are copying this file to start a new api group, STOP! Copy the - // extensions group instead. This Scheme is special and should appear ONLY in - // the api group, unless you really know what you're doing. - // TODO(lavalamp): make the above error impossible. - Scheme = runtime.NewScheme() - - // Codecs provides access to encoding and decoding for the scheme - Codecs = serializer.NewCodecFactory(Scheme) - - // ParameterCodec handles versioning of objects that are converted to query parameters. - ParameterCodec = runtime.NewParameterCodec(Scheme) -) diff --git a/vendor/k8s.io/kubernetes/pkg/api/service/OWNERS b/vendor/k8s.io/kubernetes/pkg/api/service/OWNERS deleted file mode 100644 index a1efa9b2a..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/service/OWNERS +++ /dev/null @@ -1,5 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - justinsb - - freehan diff --git a/vendor/k8s.io/kubernetes/pkg/api/service/util.go b/vendor/k8s.io/kubernetes/pkg/api/service/util.go deleted file mode 100644 index fefb13b2b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/service/util.go +++ /dev/null @@ -1,93 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package service - -import ( - "fmt" - "strings" - - api "k8s.io/kubernetes/pkg/apis/core" - utilnet "k8s.io/utils/net" -) - -const ( - defaultLoadBalancerSourceRanges = "0.0.0.0/0" -) - -// IsAllowAll checks whether the utilnet.IPNet allows traffic from 0.0.0.0/0 -func IsAllowAll(ipnets utilnet.IPNetSet) bool { - for _, s := range ipnets.StringSlice() { - if s == "0.0.0.0/0" { - return true - } - } - return false -} - -// GetLoadBalancerSourceRanges first try to parse and verify LoadBalancerSourceRanges field from a service. -// If the field is not specified, turn to parse and verify the AnnotationLoadBalancerSourceRangesKey annotation from a service, -// extracting the source ranges to allow, and if not present returns a default (allow-all) value. -func GetLoadBalancerSourceRanges(service *api.Service) (utilnet.IPNetSet, error) { - var ipnets utilnet.IPNetSet - var err error - // if SourceRange field is specified, ignore sourceRange annotation - if len(service.Spec.LoadBalancerSourceRanges) > 0 { - specs := service.Spec.LoadBalancerSourceRanges - ipnets, err = utilnet.ParseIPNets(specs...) - - if err != nil { - return nil, fmt.Errorf("service.Spec.LoadBalancerSourceRanges: %v is not valid. Expecting a list of IP ranges. For example, 10.0.0.0/24. Error msg: %v", specs, err) - } - } else { - val := service.Annotations[api.AnnotationLoadBalancerSourceRangesKey] - val = strings.TrimSpace(val) - if val == "" { - val = defaultLoadBalancerSourceRanges - } - specs := strings.Split(val, ",") - ipnets, err = utilnet.ParseIPNets(specs...) - if err != nil { - return nil, fmt.Errorf("%s: %s is not valid. Expecting a comma-separated list of source IP ranges. For example, 10.0.0.0/24,192.168.2.0/24", api.AnnotationLoadBalancerSourceRangesKey, val) - } - } - return ipnets, nil -} - -// ExternallyAccessible checks if service is externally accessible. -func ExternallyAccessible(service *api.Service) bool { - return service.Spec.Type == api.ServiceTypeLoadBalancer || - service.Spec.Type == api.ServiceTypeNodePort || - (service.Spec.Type == api.ServiceTypeClusterIP && len(service.Spec.ExternalIPs) > 0) -} - -// RequestsOnlyLocalTraffic checks if service requests OnlyLocal traffic. -func RequestsOnlyLocalTraffic(service *api.Service) bool { - if service.Spec.Type != api.ServiceTypeLoadBalancer && - service.Spec.Type != api.ServiceTypeNodePort { - return false - } - - return service.Spec.ExternalTrafficPolicy == api.ServiceExternalTrafficPolicyLocal -} - -// NeedsHealthCheck checks if service needs health check. -func NeedsHealthCheck(service *api.Service) bool { - if service.Spec.Type != api.ServiceTypeLoadBalancer { - return false - } - return RequestsOnlyLocalTraffic(service) -} diff --git a/vendor/k8s.io/kubernetes/pkg/api/service/warnings.go b/vendor/k8s.io/kubernetes/pkg/api/service/warnings.go deleted file mode 100644 index a9f0cdad2..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/service/warnings.go +++ /dev/null @@ -1,84 +0,0 @@ -/* -Copyright 2022 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package service - -import ( - "fmt" - - utilvalidation "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/validation/field" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/core/helper" -) - -func GetWarningsForService(service, oldService *api.Service) []string { - if service == nil { - return nil - } - var warnings []string - - if _, ok := service.Annotations[api.DeprecatedAnnotationTopologyAwareHints]; ok { - warnings = append(warnings, fmt.Sprintf("annotation %s is deprecated, please use %s instead", api.DeprecatedAnnotationTopologyAwareHints, api.AnnotationTopologyMode)) - } - - if helper.IsServiceIPSet(service) { - for i, clusterIP := range service.Spec.ClusterIPs { - warnings = append(warnings, utilvalidation.GetWarningsForIP(field.NewPath("spec").Child("clusterIPs").Index(i), clusterIP)...) - } - } - - if isHeadlessService(service) { - if service.Spec.LoadBalancerIP != "" { - warnings = append(warnings, "spec.loadBalancerIP is ignored for headless services") - } - if len(service.Spec.ExternalIPs) > 0 { - warnings = append(warnings, "spec.externalIPs is ignored for headless services") - } - if service.Spec.SessionAffinity != api.ServiceAffinityNone { - warnings = append(warnings, "spec.SessionAffinity is ignored for headless services") - } - } - - for i, externalIP := range service.Spec.ExternalIPs { - warnings = append(warnings, utilvalidation.GetWarningsForIP(field.NewPath("spec").Child("externalIPs").Index(i), externalIP)...) - } - - if len(service.Spec.LoadBalancerIP) > 0 { - warnings = append(warnings, utilvalidation.GetWarningsForIP(field.NewPath("spec").Child("loadBalancerIP"), service.Spec.LoadBalancerIP)...) - } - - for i, cidr := range service.Spec.LoadBalancerSourceRanges { - warnings = append(warnings, utilvalidation.GetWarningsForCIDR(field.NewPath("spec").Child("loadBalancerSourceRanges").Index(i), cidr)...) - } - - if service.Spec.Type == api.ServiceTypeExternalName && len(service.Spec.ExternalIPs) > 0 { - warnings = append(warnings, fmt.Sprintf("spec.externalIPs is ignored when spec.type is %q", api.ServiceTypeExternalName)) - } - if service.Spec.Type != api.ServiceTypeExternalName && service.Spec.ExternalName != "" { - warnings = append(warnings, fmt.Sprintf("spec.externalName is ignored when spec.type is not %q", api.ServiceTypeExternalName)) - } - - if service.Spec.TrafficDistribution != nil && *service.Spec.TrafficDistribution == api.ServiceTrafficDistributionPreferClose { - warnings = append(warnings, fmt.Sprintf("spec.trafficDistribution: %q is deprecated; use %q", api.ServiceTrafficDistributionPreferClose, api.ServiceTrafficDistributionPreferSameZone)) - } - - return warnings -} - -func isHeadlessService(service *api.Service) bool { - return service != nil && service.Spec.Type == api.ServiceTypeClusterIP && service.Spec.ClusterIP == api.ClusterIPNone -} diff --git a/vendor/k8s.io/kubernetes/pkg/api/servicecidr/servicecidr.go b/vendor/k8s.io/kubernetes/pkg/api/servicecidr/servicecidr.go deleted file mode 100644 index 51083fd88..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/servicecidr/servicecidr.go +++ /dev/null @@ -1,158 +0,0 @@ -/* -Copyright 2024 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package servicecidr - -import ( - "fmt" - "net" - "net/netip" - - networkingv1 "k8s.io/api/networking/v1" - "k8s.io/apimachinery/pkg/labels" - networkinglisters "k8s.io/client-go/listers/networking/v1" -) - -// OverlapsPrefix return the list of ServiceCIDR that overlaps with the prefix passed as argument -func OverlapsPrefix(serviceCIDRLister networkinglisters.ServiceCIDRLister, prefix netip.Prefix) []*networkingv1.ServiceCIDR { - result := []*networkingv1.ServiceCIDR{} - serviceCIDRList, err := serviceCIDRLister.List(labels.Everything()) - if err != nil { - return result - } - - for _, serviceCIDR := range serviceCIDRList { - for _, cidr := range serviceCIDR.Spec.CIDRs { - if p, err := netip.ParsePrefix(cidr); err == nil { // it can not fail since is already validated - if p.Overlaps(prefix) { - result = append(result, serviceCIDR) - } - } - } - } - return result -} - -// ContainsPrefix return the list of ServiceCIDR that contains the prefix passed as argument -func ContainsPrefix(serviceCIDRLister networkinglisters.ServiceCIDRLister, prefix netip.Prefix) []*networkingv1.ServiceCIDR { - result := []*networkingv1.ServiceCIDR{} - serviceCIDRList, err := serviceCIDRLister.List(labels.Everything()) - if err != nil { - return result - } - - for _, serviceCIDR := range serviceCIDRList { - for _, cidr := range serviceCIDR.Spec.CIDRs { - if p, err := netip.ParsePrefix(cidr); err == nil { // it can not fail since is already validated - if p.Overlaps(prefix) && p.Bits() <= prefix.Bits() { - result = append(result, serviceCIDR) - } - } - } - } - return result -} - -// ContainsIP return the list of ServiceCIDR that contains the IP address passed as argument -func ContainsIP(serviceCIDRLister networkinglisters.ServiceCIDRLister, ip net.IP) []*networkingv1.ServiceCIDR { - address := IPToAddr(ip) - return ContainsAddress(serviceCIDRLister, address) -} - -// ContainsAddress return the list of ServiceCIDR that contains the address passed as argument -func ContainsAddress(serviceCIDRLister networkinglisters.ServiceCIDRLister, address netip.Addr) []*networkingv1.ServiceCIDR { - result := []*networkingv1.ServiceCIDR{} - serviceCIDRList, err := serviceCIDRLister.List(labels.Everything()) - if err != nil { - return result - } - - for _, serviceCIDR := range serviceCIDRList { - for _, cidr := range serviceCIDR.Spec.CIDRs { - if prefix, err := netip.ParsePrefix(cidr); err == nil { // it can not fail since is already validated - if PrefixContainsIP(prefix, address) { - result = append(result, serviceCIDR) - } - } - } - } - return result -} - -// PrefixContainsIP returns true if the given IP is contained with the prefix, -// is not the network address and also, if IPv4, is not the broadcast address. -// This is required (rather than just `prefix.Contains(ip)`) because a ServiceCIDR -// covering prefix will not allocate those IPs, so a service with one of those IPs -// can't belong to that ServiceCIDR. -func PrefixContainsIP(prefix netip.Prefix, ip netip.Addr) bool { - // if the IP is the network address is not contained - if prefix.Masked().Addr() == ip { - return false - } - // the broadcast address is not considered contained for IPv4 - if ip.Is4() { - ipLast, err := broadcastAddress(prefix) - if err != nil || ipLast == ip { - return false - } - } - return prefix.Contains(ip) -} - -// broadcastAddress returns the broadcast address of the subnet -// The broadcast address is obtained by setting all the host bits -// in a subnet to 1. -// network 192.168.0.0/24 : subnet bits 24 host bits 32 - 24 = 8 -// broadcast address 192.168.0.255 -func broadcastAddress(subnet netip.Prefix) (netip.Addr, error) { - base := subnet.Masked().Addr() - bytes := base.AsSlice() - // get all the host bits from the subnet - n := 8*len(bytes) - subnet.Bits() - // set all the host bits to 1 - for i := len(bytes) - 1; i >= 0 && n > 0; i-- { - if n >= 8 { - bytes[i] = 0xff - n -= 8 - } else { - mask := ^uint8(0) >> (8 - n) - bytes[i] |= mask - break - } - } - - addr, ok := netip.AddrFromSlice(bytes) - if !ok { - return netip.Addr{}, fmt.Errorf("invalid address %v", bytes) - } - return addr, nil -} - -// IPToAddr converts a net.IP to a netip.Addr -// if the net.IP is not valid it returns an empty netip.Addr{} -func IPToAddr(ip net.IP) netip.Addr { - // https://pkg.go.dev/net/netip#AddrFromSlice can return an IPv4 in IPv6 format - // so we have to check the IP family to return exactly the format that we want - // address, _ := netip.AddrFromSlice(net.ParseIPSloppy(192.168.0.1)) returns - // an address like ::ffff:192.168.0.1/32 - bytes := ip.To4() - if bytes == nil { - bytes = ip.To16() - } - // AddrFromSlice returns Addr{}, false if the input is invalid. - address, _ := netip.AddrFromSlice(bytes) - return address -} diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go b/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go deleted file mode 100644 index 6533b38ee..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go +++ /dev/null @@ -1,546 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package pod - -import ( - "iter" - "time" - - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/kubernetes/pkg/features" -) - -// ContainerType signifies container type -type ContainerType int - -const ( - // Containers is for normal containers - Containers ContainerType = 1 << iota - // InitContainers is for init containers - InitContainers - // EphemeralContainers is for ephemeral containers - EphemeralContainers -) - -// AllContainers specifies that all containers be visited -const AllContainers ContainerType = InitContainers | Containers | EphemeralContainers - -// AllFeatureEnabledContainers returns a ContainerType mask which includes all container -// types except for the ones guarded by feature gate. -func AllFeatureEnabledContainers() ContainerType { - return AllContainers -} - -// ContainerVisitor is called with each container spec, and returns true -// if visiting should continue. -type ContainerVisitor func(container *v1.Container, containerType ContainerType) (shouldContinue bool) - -// Visitor is called with each object name, and returns true if visiting should continue -type Visitor func(name string) (shouldContinue bool) - -func skipEmptyNames(visitor Visitor) Visitor { - return func(name string) bool { - if len(name) == 0 { - // continue visiting - return true - } - // delegate to visitor - return visitor(name) - } -} - -// VisitContainers invokes the visitor function with a pointer to every container -// spec in the given pod spec with type set in mask. If visitor returns false, -// visiting is short-circuited. VisitContainers returns true if visiting completes, -// false if visiting was short-circuited. -func VisitContainers(podSpec *v1.PodSpec, mask ContainerType, visitor ContainerVisitor) bool { - for c, t := range ContainerIter(podSpec, mask) { - if !visitor(c, t) { - return false - } - } - return true -} - -// ContainerIter returns an iterator over all containers in the given pod spec with a masked type. -// The iteration order is InitContainers, then main Containers, then EphemeralContainers. -func ContainerIter(podSpec *v1.PodSpec, mask ContainerType) iter.Seq2[*v1.Container, ContainerType] { - return func(yield func(*v1.Container, ContainerType) bool) { - if mask&InitContainers != 0 { - for i := range podSpec.InitContainers { - if !yield(&podSpec.InitContainers[i], InitContainers) { - return - } - } - } - if mask&Containers != 0 { - for i := range podSpec.Containers { - if !yield(&podSpec.Containers[i], Containers) { - return - } - } - } - if mask&EphemeralContainers != 0 { - for i := range podSpec.EphemeralContainers { - if !yield((*v1.Container)(&podSpec.EphemeralContainers[i].EphemeralContainerCommon), EphemeralContainers) { - return - } - } - } - } -} - -// VisitPodSecretNames invokes the visitor function with the name of every secret -// referenced by the pod spec. If visitor returns false, visiting is short-circuited. -// Transitive references (e.g. pod -> pvc -> pv -> secret) are not visited. -// Returns true if visiting completed, false if visiting was short-circuited. -func VisitPodSecretNames(pod *v1.Pod, visitor Visitor) bool { - visitor = skipEmptyNames(visitor) - for _, reference := range pod.Spec.ImagePullSecrets { - if !visitor(reference.Name) { - return false - } - } - VisitContainers(&pod.Spec, AllContainers, func(c *v1.Container, containerType ContainerType) bool { - return visitContainerSecretNames(c, visitor) - }) - var source *v1.VolumeSource - - for i := range pod.Spec.Volumes { - source = &pod.Spec.Volumes[i].VolumeSource - switch { - case source.AzureFile != nil: - if len(source.AzureFile.SecretName) > 0 && !visitor(source.AzureFile.SecretName) { - return false - } - case source.CephFS != nil: - if source.CephFS.SecretRef != nil && !visitor(source.CephFS.SecretRef.Name) { - return false - } - case source.Cinder != nil: - if source.Cinder.SecretRef != nil && !visitor(source.Cinder.SecretRef.Name) { - return false - } - case source.FlexVolume != nil: - if source.FlexVolume.SecretRef != nil && !visitor(source.FlexVolume.SecretRef.Name) { - return false - } - case source.Projected != nil: - for j := range source.Projected.Sources { - if source.Projected.Sources[j].Secret != nil { - if !visitor(source.Projected.Sources[j].Secret.Name) { - return false - } - } - } - case source.RBD != nil: - if source.RBD.SecretRef != nil && !visitor(source.RBD.SecretRef.Name) { - return false - } - case source.Secret != nil: - if !visitor(source.Secret.SecretName) { - return false - } - case source.ScaleIO != nil: - if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) { - return false - } - case source.ISCSI != nil: - if source.ISCSI.SecretRef != nil && !visitor(source.ISCSI.SecretRef.Name) { - return false - } - case source.StorageOS != nil: - if source.StorageOS.SecretRef != nil && !visitor(source.StorageOS.SecretRef.Name) { - return false - } - case source.CSI != nil: - if source.CSI.NodePublishSecretRef != nil && !visitor(source.CSI.NodePublishSecretRef.Name) { - return false - } - } - } - return true -} - -// visitContainerSecretNames returns true unless the visitor returned false when invoked with a secret reference -func visitContainerSecretNames(container *v1.Container, visitor Visitor) bool { - for _, env := range container.EnvFrom { - if env.SecretRef != nil { - if !visitor(env.SecretRef.Name) { - return false - } - } - } - for _, envVar := range container.Env { - if envVar.ValueFrom != nil && envVar.ValueFrom.SecretKeyRef != nil { - if !visitor(envVar.ValueFrom.SecretKeyRef.Name) { - return false - } - } - } - return true -} - -// VisitPodConfigmapNames invokes the visitor function with the name of every configmap -// referenced by the pod spec. If visitor returns false, visiting is short-circuited. -// Transitive references (e.g. pod -> pvc -> pv -> secret) are not visited. -// Returns true if visiting completed, false if visiting was short-circuited. -func VisitPodConfigmapNames(pod *v1.Pod, visitor Visitor) bool { - visitor = skipEmptyNames(visitor) - VisitContainers(&pod.Spec, AllContainers, func(c *v1.Container, containerType ContainerType) bool { - return visitContainerConfigmapNames(c, visitor) - }) - var source *v1.VolumeSource - for i := range pod.Spec.Volumes { - source = &pod.Spec.Volumes[i].VolumeSource - switch { - case source.Projected != nil: - for j := range source.Projected.Sources { - if source.Projected.Sources[j].ConfigMap != nil { - if !visitor(source.Projected.Sources[j].ConfigMap.Name) { - return false - } - } - } - case source.ConfigMap != nil: - if !visitor(source.ConfigMap.Name) { - return false - } - } - } - return true -} - -// visitContainerConfigmapNames returns true unless the visitor returned false when invoked with a configmap reference -func visitContainerConfigmapNames(container *v1.Container, visitor Visitor) bool { - for _, env := range container.EnvFrom { - if env.ConfigMapRef != nil { - if !visitor(env.ConfigMapRef.Name) { - return false - } - } - } - for _, envVar := range container.Env { - if envVar.ValueFrom != nil && envVar.ValueFrom.ConfigMapKeyRef != nil { - if !visitor(envVar.ValueFrom.ConfigMapKeyRef.Name) { - return false - } - } - } - return true -} - -// GetContainerStatus extracts the status of container "name" from "statuses". -// It returns true if "name" exists, else returns false. -func GetContainerStatus(statuses []v1.ContainerStatus, name string) (v1.ContainerStatus, bool) { - for i := range statuses { - if statuses[i].Name == name { - return statuses[i], true - } - } - return v1.ContainerStatus{}, false -} - -// GetExistingContainerStatus extracts the status of container "name" from "statuses", -// It also returns if "name" exists. -func GetExistingContainerStatus(statuses []v1.ContainerStatus, name string) v1.ContainerStatus { - status, _ := GetContainerStatus(statuses, name) - return status -} - -// GetIndexOfContainerStatus gets the index of status of container "name" from "statuses", -// It returns (index, true) if "name" exists, else returns (0, false). -func GetIndexOfContainerStatus(statuses []v1.ContainerStatus, name string) (int, bool) { - for i := range statuses { - if statuses[i].Name == name { - return i, true - } - } - return 0, false -} - -// IsPodAvailable returns true if a pod is available; false otherwise. -// Precondition for an available pod is that it must be ready. On top -// of that, there are two cases when a pod can be considered available: -// 1. minReadySeconds == 0, or -// 2. LastTransitionTime (is set) + minReadySeconds <= current time -func IsPodAvailable(pod *v1.Pod, minReadySeconds int32, now metav1.Time) bool { - if !IsPodReady(pod) { - return false - } - - c := GetPodReadyCondition(pod.Status) - minReadySecondsDuration := time.Duration(minReadySeconds) * time.Second - if minReadySeconds == 0 || (!c.LastTransitionTime.IsZero() && c.LastTransitionTime.Add(minReadySecondsDuration).Compare(now.Time) <= 0) { - return true - } - return false -} - -// IsPodReady returns true if a pod is ready; false otherwise. -func IsPodReady(pod *v1.Pod) bool { - return IsPodReadyConditionTrue(pod.Status) -} - -// IsPodTerminal returns true if a pod is terminal, all containers are stopped and cannot ever regress. -func IsPodTerminal(pod *v1.Pod) bool { - return IsPodPhaseTerminal(pod.Status.Phase) -} - -// IsPodPhaseTerminal returns true if the pod's phase is terminal. -func IsPodPhaseTerminal(phase v1.PodPhase) bool { - return phase == v1.PodFailed || phase == v1.PodSucceeded -} - -// IsPodReadyConditionTrue returns true if a pod is ready; false otherwise. -func IsPodReadyConditionTrue(status v1.PodStatus) bool { - condition := GetPodReadyCondition(status) - return condition != nil && condition.Status == v1.ConditionTrue -} - -// IsContainersReadyConditionTrue returns true if a pod is ready; false otherwise. -func IsContainersReadyConditionTrue(status v1.PodStatus) bool { - condition := GetContainersReadyCondition(status) - return condition != nil && condition.Status == v1.ConditionTrue -} - -// GetPodReadyCondition extracts the pod ready condition from the given status and returns that. -// Returns nil if the condition is not present. -func GetPodReadyCondition(status v1.PodStatus) *v1.PodCondition { - _, condition := GetPodCondition(&status, v1.PodReady) - return condition -} - -// GetContainersReadyCondition extracts the containers ready condition from the given status and returns that. -// Returns nil if the condition is not present. -func GetContainersReadyCondition(status v1.PodStatus) *v1.PodCondition { - _, condition := GetPodCondition(&status, v1.ContainersReady) - return condition -} - -// GetPodCondition extracts the provided condition from the given status and returns that. -// Returns nil and -1 if the condition is not present, and the index of the located condition. -func GetPodCondition(status *v1.PodStatus, conditionType v1.PodConditionType) (int, *v1.PodCondition) { - if status == nil { - return -1, nil - } - return GetPodConditionFromList(status.Conditions, conditionType) -} - -// GetPodConditionFromList extracts the provided condition from the given list of condition and -// returns the index of the condition and the condition. Returns -1 and nil if the condition is not present. -func GetPodConditionFromList(conditions []v1.PodCondition, conditionType v1.PodConditionType) (int, *v1.PodCondition) { - if conditions == nil { - return -1, nil - } - for i := range conditions { - if conditions[i].Type == conditionType { - return i, &conditions[i] - } - } - return -1, nil -} - -// UpdatePodCondition updates existing pod condition or creates a new one. Sets LastTransitionTime to now if the -// status has changed. -// Returns true if pod condition has changed or has been added. -func UpdatePodCondition(status *v1.PodStatus, condition *v1.PodCondition) bool { - condition.LastTransitionTime = metav1.Now() - // Try to find this pod condition. - conditionIndex, oldCondition := GetPodCondition(status, condition.Type) - - if oldCondition == nil { - // We are adding new pod condition. - status.Conditions = append(status.Conditions, *condition) - return true - } - // We are updating an existing condition, so we need to check if it has changed. - if condition.Status == oldCondition.Status { - condition.LastTransitionTime = oldCondition.LastTransitionTime - } - - isEqual := condition.Status == oldCondition.Status && - condition.Reason == oldCondition.Reason && - condition.Message == oldCondition.Message && - condition.LastProbeTime.Equal(&oldCondition.LastProbeTime) && - condition.LastTransitionTime.Equal(&oldCondition.LastTransitionTime) - - status.Conditions[conditionIndex] = *condition - // Return true if one of the fields have changed. - return !isEqual -} - -// IsRestartableInitContainer returns true if the container has ContainerRestartPolicyAlways. -// This function is not checking if the container passed to it is indeed an init container. -// It is just checking if the container restart policy has been set to always. -func IsRestartableInitContainer(initContainer *v1.Container) bool { - if initContainer == nil || initContainer.RestartPolicy == nil { - return false - } - return *initContainer.RestartPolicy == v1.ContainerRestartPolicyAlways -} - -// IsContainerRestartable returns true if the container can be restarted. A container can be -// restarted if it has a pod-level restart policy "Always" or "OnFailure" and not override by -// container-level restart policy, or a container-level restart policy "Always" or "OnFailure", -// or a container level restart rule with action "Restart". -func IsContainerRestartable(pod v1.PodSpec, container v1.Container) bool { - if container.RestartPolicy != nil { - for _, rule := range container.RestartPolicyRules { - if rule.Action == v1.ContainerRestartRuleActionRestart { - return true - } - } - return *container.RestartPolicy != v1.ContainerRestartPolicyNever - } - return pod.RestartPolicy != v1.RestartPolicyNever -} - -// ContainerShouldRestart checks if a container should be restarted by its restart policy. -// First, the container-level restartPolicyRules are evaluated in order. An action is taken if any -// rules are matched. Second, the container-level restart policy is used. Lastly, if no container -// level policy are specified, pod-level restart policy is used. -func ContainerShouldRestart(container v1.Container, pod v1.PodSpec, exitCode int32) bool { - if container.RestartPolicy != nil { - rule, ok := FindMatchingContainerRestartRule(container, exitCode) - if ok { - switch rule.Action { - case v1.ContainerRestartRuleActionRestart: - return true - case v1.ContainerRestartRuleActionRestartAllContainers: - if utilfeature.DefaultFeatureGate.Enabled(features.RestartAllContainersOnContainerExits) { - return true - } - // If feature is not enabled, fallback to container-level policy. - default: - // Do nothing, fallback to container-level restart policy. - } - } - - // Check container-level restart policy if no rules matched. - switch *container.RestartPolicy { - case v1.ContainerRestartPolicyAlways: - return true - case v1.ContainerRestartPolicyOnFailure: - return exitCode != 0 - case v1.ContainerRestartPolicyNever: - return false - default: - // Do nothing, fallback to pod-level restart policy. - } - } - - switch pod.RestartPolicy { - case v1.RestartPolicyAlways: - return true - case v1.RestartPolicyOnFailure: - return exitCode != 0 - case v1.RestartPolicyNever: - return false - default: - // Default policy is Always, so we return true here. - return true - } -} - -// FindMatchingContainerRestartRule returns a rule and true if the exitCode matched -// one of the restart rules for the given container. Returns and empty rule and -// false if no rules matched. -func FindMatchingContainerRestartRule(container v1.Container, exitCode int32) (rule v1.ContainerRestartRule, found bool) { - for _, rule := range container.RestartPolicyRules { - if rule.ExitCodes != nil { - exitCodeMatched := false - for _, code := range rule.ExitCodes.Values { - if code == exitCode { - exitCodeMatched = true - } - } - switch rule.ExitCodes.Operator { - case v1.ContainerRestartRuleOnExitCodesOpIn: - if exitCodeMatched { - return rule, true - } - case v1.ContainerRestartRuleOnExitCodesOpNotIn: - if !exitCodeMatched { - return rule, true - } - default: - // Do nothing, continue to the next rule. - } - } - } - return v1.ContainerRestartRule{}, false -} - -// AllContainersCouldRestart returns true if all containers could be restarted -// for the given pod. This is true if any container has a RestartAllContainers -// action. -func AllContainersCouldRestart(pod *v1.PodSpec) bool { - if pod == nil { - return false - } - for _, container := range pod.InitContainers { - for _, rule := range container.RestartPolicyRules { - if rule.Action == v1.ContainerRestartRuleActionRestartAllContainers { - return true - } - } - } - for _, container := range pod.Containers { - for _, rule := range container.RestartPolicyRules { - if rule.Action == v1.ContainerRestartRuleActionRestartAllContainers { - return true - } - } - } - return false -} - -// CalculatePodStatusObservedGeneration calculates the observedGeneration for the pod status. -// This is used to track the generation of the pod that was observed by the kubelet. -// The observedGeneration is set to the pod's generation when the feature gate -// PodObservedGenerationTracking is enabled OR if status.observedGeneration is already set. -// This protects against an infinite loop of kubelet trying to clear the value after the FG is turned off, and -// the API server preserving existing values when an incoming update tries to clear it. -func CalculatePodStatusObservedGeneration(pod *v1.Pod) int64 { - if pod.Status.ObservedGeneration != 0 || utilfeature.DefaultFeatureGate.Enabled(features.PodObservedGenerationTracking) { - return pod.Generation - } - return 0 -} - -// CalculatePodConditionObservedGeneration calculates the observedGeneration for a particular pod condition. -// The observedGeneration is set to the pod's generation when the feature gate -// PodObservedGenerationTracking is enabled OR if condition[].observedGeneration is already set. -// This protects against an infinite loop of kubelet trying to clear the value after the FG is turned off, and -// the API server preserving existing values when an incoming update tries to clear it. -func CalculatePodConditionObservedGeneration(podStatus *v1.PodStatus, generation int64, conditionType v1.PodConditionType) int64 { - if podStatus == nil { - return 0 - } - if utilfeature.DefaultFeatureGate.Enabled(features.PodObservedGenerationTracking) { - return generation - } - for _, condition := range podStatus.Conditions { - if condition.Type == conditionType && condition.ObservedGeneration != 0 { - return generation - } - } - return 0 -} diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/service/util.go b/vendor/k8s.io/kubernetes/pkg/api/v1/service/util.go deleted file mode 100644 index b051c4179..000000000 --- a/vendor/k8s.io/kubernetes/pkg/api/v1/service/util.go +++ /dev/null @@ -1,99 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package service - -import ( - "fmt" - "strings" - - v1 "k8s.io/api/core/v1" - utilnet "k8s.io/utils/net" -) - -const ( - defaultLoadBalancerSourceRanges = "0.0.0.0/0" -) - -// IsAllowAll checks whether the utilnet.IPNet allows traffic from 0.0.0.0/0 -func IsAllowAll(ipnets utilnet.IPNetSet) bool { - for _, s := range ipnets.StringSlice() { - if s == "0.0.0.0/0" { - return true - } - } - return false -} - -// GetLoadBalancerSourceRanges first try to parse and verify LoadBalancerSourceRanges field from a service. -// If the field is not specified, turn to parse and verify the AnnotationLoadBalancerSourceRangesKey annotation from a service, -// extracting the source ranges to allow, and if not present returns a default (allow-all) value. -func GetLoadBalancerSourceRanges(service *v1.Service) (utilnet.IPNetSet, error) { - var ipnets utilnet.IPNetSet - var err error - // if SourceRange field is specified, ignore sourceRange annotation - if len(service.Spec.LoadBalancerSourceRanges) > 0 { - specs := service.Spec.LoadBalancerSourceRanges - ipnets, err = utilnet.ParseIPNets(specs...) - - if err != nil { - return nil, fmt.Errorf("service.Spec.LoadBalancerSourceRanges: %v is not valid. Expecting a list of IP ranges. For example, 10.0.0.0/24. Error msg: %v", specs, err) - } - } else { - val := service.Annotations[v1.AnnotationLoadBalancerSourceRangesKey] - val = strings.TrimSpace(val) - if val == "" { - val = defaultLoadBalancerSourceRanges - } - specs := strings.Split(val, ",") - ipnets, err = utilnet.ParseIPNets(specs...) - if err != nil { - return nil, fmt.Errorf("%s: %s is not valid. Expecting a comma-separated list of source IP ranges. For example, 10.0.0.0/24,192.168.2.0/24", v1.AnnotationLoadBalancerSourceRangesKey, val) - } - } - return ipnets, nil -} - -// ExternallyAccessible checks if service is externally accessible. -func ExternallyAccessible(service *v1.Service) bool { - return service.Spec.Type == v1.ServiceTypeLoadBalancer || - service.Spec.Type == v1.ServiceTypeNodePort || - (service.Spec.Type == v1.ServiceTypeClusterIP && len(service.Spec.ExternalIPs) > 0) -} - -// ExternalPolicyLocal checks if service is externally accessible and has ETP = Local. -func ExternalPolicyLocal(service *v1.Service) bool { - if !ExternallyAccessible(service) { - return false - } - return service.Spec.ExternalTrafficPolicy == v1.ServiceExternalTrafficPolicyLocal -} - -// InternalPolicyLocal checks if service has ITP = Local. -func InternalPolicyLocal(service *v1.Service) bool { - if service.Spec.InternalTrafficPolicy == nil { - return false - } - return *service.Spec.InternalTrafficPolicy == v1.ServiceInternalTrafficPolicyLocal -} - -// NeedsHealthCheck checks if service needs health check. -func NeedsHealthCheck(service *v1.Service) bool { - if service.Spec.Type != v1.ServiceTypeLoadBalancer { - return false - } - return ExternalPolicyLocal(service) -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS deleted file mode 100644 index 885cc9f3e..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -# approval on api packages bubbles to api-approvers -reviewers: - - sig-apps-api-reviewers - - sig-apps-api-approvers -labels: - - sig/apps diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/doc.go deleted file mode 100644 index 91d117598..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/apps/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package - -package apps diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/register.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/register.go deleted file mode 100644 index 4f5f20a34..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/apps/register.go +++ /dev/null @@ -1,66 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apps - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/kubernetes/pkg/apis/autoscaling" -) - -var ( - // SchemeBuilder stores functions to add things to a scheme. - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme applies all stored functions t oa scheme. - AddToScheme = SchemeBuilder.AddToScheme -) - -// GroupName is the group name use in this package -const GroupName = "apps" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - // TODO this will get cleaned up with the scheme types are fixed - scheme.AddKnownTypes(SchemeGroupVersion, - &DaemonSet{}, - &DaemonSetList{}, - &Deployment{}, - &DeploymentList{}, - &DeploymentRollback{}, - &autoscaling.Scale{}, - &StatefulSet{}, - &StatefulSetList{}, - &ControllerRevision{}, - &ControllerRevisionList{}, - &ReplicaSet{}, - &ReplicaSetList{}, - ) - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/types.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/types.go deleted file mode 100644 index b8d8a1e86..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/apps/types.go +++ /dev/null @@ -1,939 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apps - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/intstr" - api "k8s.io/kubernetes/pkg/apis/core" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// StatefulSet represents a set of pods with consistent identities. -// Identities are defined as: -// - Network: A single stable DNS and hostname. -// - Storage: As many VolumeClaims as requested. -// -// The StatefulSet guarantees that a given network identity will always -// map to the same storage identity. -type StatefulSet struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the desired identities of pods in this set. - // +optional - Spec StatefulSetSpec - - // Status is the current status of Pods in this StatefulSet. This data - // may be out of date by some window of time. - // +optional - Status StatefulSetStatus -} - -// PodManagementPolicyType defines the policy for creating pods under a stateful set. -type PodManagementPolicyType string - -const ( - // OrderedReadyPodManagement will create pods in strictly increasing order on - // scale up and strictly decreasing order on scale down, progressing only when - // the previous pod is ready or terminated. At most one pod will be changed - // at any time. - OrderedReadyPodManagement PodManagementPolicyType = "OrderedReady" - // ParallelPodManagement will create and delete pods as soon as the stateful set - // replica count is changed, and will not wait for pods to be ready or complete - // termination. - ParallelPodManagement PodManagementPolicyType = "Parallel" -) - -// StatefulSetUpdateStrategy indicates the strategy that the StatefulSet -// controller will use to perform updates. It includes any additional parameters -// necessary to perform the update for the indicated strategy. -type StatefulSetUpdateStrategy struct { - // Type indicates the type of the StatefulSetUpdateStrategy. - Type StatefulSetUpdateStrategyType - // RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - RollingUpdate *RollingUpdateStatefulSetStrategy -} - -// StatefulSetUpdateStrategyType is a string enumeration type that enumerates -// all possible update strategies for the StatefulSet controller. -type StatefulSetUpdateStrategyType string - -const ( - // RollingUpdateStatefulSetStrategyType indicates that update will be - // applied to all Pods in the StatefulSet with respect to the StatefulSet - // ordering constraints. When a scale operation is performed with this - // strategy, new Pods will be created from the specification version indicated - // by the StatefulSet's updateRevision. - RollingUpdateStatefulSetStrategyType StatefulSetUpdateStrategyType = "RollingUpdate" - // OnDeleteStatefulSetStrategyType triggers the legacy behavior. Version - // tracking and ordered rolling restarts are disabled. Pods are recreated - // from the StatefulSetSpec when they are manually deleted. When a scale - // operation is performed with this strategy,specification version indicated - // by the StatefulSet's currentRevision. - OnDeleteStatefulSetStrategyType StatefulSetUpdateStrategyType = "OnDelete" -) - -// RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType. -type RollingUpdateStatefulSetStrategy struct { - // Partition indicates the ordinal at which the StatefulSet should be partitioned - // for updates. During a rolling update, all pods from ordinal Replicas-1 to - // Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - // This is helpful in being able to do a canary based deployment. The default value is 0. - Partition int32 - // The maximum number of pods that can be unavailable during the update. - // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - // Absolute number is calculated from percentage by rounding up. This can not be 0. - // Defaults to 1. This field is beta-level and is enabled by default. The field applies to all pods in the range 0 to - // Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - // will be counted towards MaxUnavailable. - // This setting might not be effective for the OrderedReady podManagementPolicy. That policy ensures pods are created and become ready one at a time. - // - // +featureGate=MaxUnavailableStatefulSet - // +optional - MaxUnavailable *intstr.IntOrString -} - -// PersistentVolumeClaimRetentionPolicyType is a string enumeration of the policies that will determine -// when volumes from the VolumeClaimTemplates will be deleted when the controlling StatefulSet is -// deleted or scaled down. -type PersistentVolumeClaimRetentionPolicyType string - -const ( - // RetainPersistentVolumeClaimRetentionPolicyType is the default - // PersistentVolumeClaimRetentionPolicy and specifies that - // PersistentVolumeClaims associated with StatefulSet VolumeClaimTemplates - // will not be deleted. - RetainPersistentVolumeClaimRetentionPolicyType PersistentVolumeClaimRetentionPolicyType = "Retain" - // DeletePersistentVolumeClaimRetentionPolicyType specifies that - // PersistentVolumeClaims associated with StatefulSet VolumeClaimTemplates - // will be deleted in the scenario specified in - // StatefulSetPersistentVolumeClaimPolicy. - DeletePersistentVolumeClaimRetentionPolicyType PersistentVolumeClaimRetentionPolicyType = "Delete" -) - -// StatefulSetPersistentVolumeClaimRetentionPolicy describes the policy used for PVCs -// created from the StatefulSet VolumeClaimTemplates. -type StatefulSetPersistentVolumeClaimRetentionPolicy struct { - // WhenDeleted specifies what happens to PVCs created from StatefulSet - // VolumeClaimTemplates when the StatefulSet is deleted. The default policy - // of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - // `Delete` policy causes those PVCs to be deleted. - WhenDeleted PersistentVolumeClaimRetentionPolicyType - // WhenScaled specifies what happens to PVCs created from StatefulSet - // VolumeClaimTemplates when the StatefulSet is scaled down. The default - // policy of `Retain` causes PVCs to not be affected by a scaledown. The - // `Delete` policy causes the associated PVCs for any excess pods above - // the replica count to be deleted. - WhenScaled PersistentVolumeClaimRetentionPolicyType -} - -// StatefulSetOrdinals describes the policy used for replica ordinal assignment -// in this StatefulSet. -type StatefulSetOrdinals struct { - // start is the number representing the first replica's index. It may be used - // to number replicas from an alternate index (eg: 1-indexed) over the default - // 0-indexed names, or to orchestrate progressive movement of replicas from - // one StatefulSet to another. - // If set, replica indices will be in the range: - // [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). - // If unset, defaults to 0. Replica indices will be in the range: - // [0, .spec.replicas). - // +optional - Start int32 -} - -// A StatefulSetSpec is the specification of a StatefulSet. -type StatefulSetSpec struct { - // Replicas is the desired number of replicas of the given Template. - // These are replicas in the sense that they are instantiations of the - // same Template, but individual replicas also have a consistent identity. - // If unspecified, defaults to 1. - // TODO: Consider a rename of this field. - // +optional - Replicas int32 - - // Selector is a label query over pods that should match the replica count. - // If empty, defaulted to labels on the pod template. - // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors - // +optional - Selector *metav1.LabelSelector - - // Template is the object that describes the pod that will be created if - // insufficient replicas are detected. Each pod stamped out by the StatefulSet - // will fulfill this Template, but have a unique identity from the rest - // of the StatefulSet. Each pod will be named with the format - // -. For example, a pod in a StatefulSet named - // "web" with index number "3" would be named "web-3". - // The only allowed template.spec.restartPolicy value is "Always". - Template api.PodTemplateSpec - - // VolumeClaimTemplates is a list of claims that pods are allowed to reference. - // The StatefulSet controller is responsible for mapping network identities to - // claims in a way that maintains the identity of a pod. Every claim in - // this list must have at least one matching (by name) volumeMount in one - // container in the template. A claim in this list takes precedence over - // any volumes in the template, with the same name. - // TODO: Define the behavior if a claim already exists with the same name. - // +optional - VolumeClaimTemplates []api.PersistentVolumeClaim - - // ServiceName is the name of the service that governs this StatefulSet. - // This service must exist before the StatefulSet, and is responsible for - // the network identity of the set. Pods get DNS/hostnames that follow the - // pattern: pod-specific-string.serviceName.default.svc.cluster.local - // where "pod-specific-string" is managed by the StatefulSet controller. - // +optional - ServiceName string - - // PodManagementPolicy controls how pods are created during initial scale up, - // when replacing pods on nodes, or when scaling down. The default policy is - // `OrderedReady`, where pods are created in increasing order (pod-0, then - // pod-1, etc) and the controller will wait until each pod is ready before - // continuing. When scaling down, the pods are removed in the opposite order. - // The alternative policy is `Parallel` which will create pods in parallel - // to match the desired scale without waiting, and on scale down will delete - // all pods at once. - // +optional - PodManagementPolicy PodManagementPolicyType - - // updateStrategy indicates the StatefulSetUpdateStrategy that will be - // employed to update Pods in the StatefulSet when a revision is made to - // Template. - UpdateStrategy StatefulSetUpdateStrategy - - // revisionHistoryLimit is the maximum number of revisions that will - // be maintained in the StatefulSet's revision history. The revision history - // consists of all revisions not represented by a currently applied - // StatefulSetSpec version. The default value is 10. - RevisionHistoryLimit *int32 - - // Minimum number of seconds for which a newly created pod should be ready - // without any of its container crashing for it to be considered available. - // Defaults to 0 (pod will be considered available as soon as it is ready) - // +optional - MinReadySeconds int32 - - // persistentVolumeClaimRetentionPolicy describes the lifecycle of persistent - // volume claims created from volumeClaimTemplates. By default, all persistent - // volume claims are created as needed and retained until manually deleted. This - // policy allows the lifecycle to be altered, for example by deleting persistent - // volume claims when their stateful set is deleted, or when their pod is scaled - // down. - // +optional - PersistentVolumeClaimRetentionPolicy *StatefulSetPersistentVolumeClaimRetentionPolicy - - // ordinals controls the numbering of replica indices in a StatefulSet. The - // default ordinals behavior assigns a "0" index to the first replica and - // increments the index by one for each additional replica requested. - // +optional - Ordinals *StatefulSetOrdinals -} - -// StatefulSetStatus represents the current state of a StatefulSet. -type StatefulSetStatus struct { - // observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the - // StatefulSet's generation, which is updated on mutation by the API Server. - // +optional - ObservedGeneration *int64 - - // replicas is the number of Pods created by the StatefulSet controller. - Replicas int32 - - // readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition. - ReadyReplicas int32 - - // currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version - // indicated by currentRevision. - CurrentReplicas int32 - - // updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version - // indicated by updateRevision. - UpdatedReplicas int32 - - // currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the - // sequence [0,currentReplicas). - CurrentRevision string - - // updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence - // [replicas-updatedReplicas,replicas) - UpdateRevision string - - // collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller - // uses this field as a collision avoidance mechanism when it needs to create the name for the - // newest ControllerRevision. - // +optional - CollisionCount *int32 - - // Represents the latest available observations of a statefulset's current state. - Conditions []StatefulSetCondition - - // Total number of available pods (ready for at least minReadySeconds) targeted by this statefulset. - // +optional - AvailableReplicas int32 -} - -// StatefulSetConditionType describes the condition types of StatefulSets. -type StatefulSetConditionType string - -// TODO: Add valid condition types for Statefulsets. - -// StatefulSetCondition describes the state of a statefulset at a certain point. -type StatefulSetCondition struct { - // Type of statefulset condition. - Type StatefulSetConditionType - // Status of the condition, one of True, False, Unknown. - Status api.ConditionStatus - // The last time this condition was updated. - LastTransitionTime metav1.Time - // The reason for the condition's last transition. - Reason string - // A human readable message indicating details about the transition. - Message string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// StatefulSetList is a collection of StatefulSets. -type StatefulSetList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - Items []StatefulSet -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ControllerRevision implements an immutable snapshot of state data. Clients -// are responsible for serializing and deserializing the objects that contain -// their internal state. -// Once a ControllerRevision has been successfully created, it can not be updated. -// The API Server will fail validation of all requests that attempt to mutate -// the Data field. ControllerRevisions may, however, be deleted. -type ControllerRevision struct { - metav1.TypeMeta - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta - - // Data is the Object representing the state. - Data runtime.RawExtension - - // Revision indicates the revision of the state represented by Data. - Revision int64 -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ControllerRevisionList is a resource containing a list of ControllerRevision objects. -type ControllerRevisionList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is the list of ControllerRevision objects. - Items []ControllerRevision -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Deployment provides declarative updates for Pods and ReplicaSets. -type Deployment struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Specification of the desired behavior of the Deployment. - // +optional - Spec DeploymentSpec - - // Most recently observed status of the Deployment. - // +optional - Status DeploymentStatus -} - -// DeploymentSpec specifies the state of a Deployment. -type DeploymentSpec struct { - // Number of desired pods. - Replicas int32 - - // Label selector for pods. Existing ReplicaSets whose pods are - // selected by this will be the ones affected by this deployment. - // +optional - Selector *metav1.LabelSelector - - // Template describes the pods that will be created. - // The only allowed template.spec.restartPolicy value is "Always". - Template api.PodTemplateSpec - - // The deployment strategy to use to replace existing pods with new ones. - // +optional - Strategy DeploymentStrategy - - // Minimum number of seconds for which a newly created pod should be ready - // without any of its container crashing, for it to be considered available. - // Defaults to 0 (pod will be considered available as soon as it is ready) - // +optional - MinReadySeconds int32 - - // The number of old ReplicaSets to retain to allow rollback. - // This is a pointer to distinguish between explicit zero and not specified. - // This is set to the max value of int32 (i.e. 2147483647) by default, which means - // "retaining all old ReplicaSets". - // +optional - RevisionHistoryLimit *int32 - - // Indicates that the deployment is paused and will not be processed by the - // deployment controller. - // +optional - Paused bool - - // DEPRECATED. - // The config this deployment is rolling back to. Will be cleared after rollback is done. - // +optional - RollbackTo *RollbackConfig - - // The maximum time in seconds for a deployment to make progress before it - // is considered to be failed. The deployment controller will continue to - // process failed deployments and a condition with a ProgressDeadlineExceeded - // reason will be surfaced in the deployment status. Note that progress will - // not be estimated during the time a deployment is paused. This is set to - // the max value of int32 (i.e. 2147483647) by default, which means "no deadline". - // +optional - ProgressDeadlineSeconds *int32 -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DeploymentRollback stores the information required to rollback a deployment. -// DEPRECATED. -type DeploymentRollback struct { - metav1.TypeMeta - // Required: This must match the Name of a deployment. - Name string - // The annotations to be updated to a deployment - // +optional - UpdatedAnnotations map[string]string - // The config of this deployment rollback. - RollbackTo RollbackConfig -} - -// RollbackConfig specifies the state of a revision to roll back to. -// DEPRECATED. -type RollbackConfig struct { - // The revision to rollback to. If set to 0, rollback to the last revision. - // +optional - Revision int64 -} - -const ( - // DefaultDeploymentUniqueLabelKey is the default key of the selector that is added - // to existing RCs (and label key that is added to its pods) to prevent the existing RCs - // to select new pods (and old pods being select by new RC). - DefaultDeploymentUniqueLabelKey string = "pod-template-hash" -) - -// DeploymentStrategy stores information about the strategy and rolling-update -// behavior of a deployment. -type DeploymentStrategy struct { - // Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - // +optional - Type DeploymentStrategyType - - // Rolling update config params. Present only if DeploymentStrategyType = - // RollingUpdate. - //--- - // TODO: Update this to follow our convention for oneOf, whatever we decide it - // to be. - // +optional - RollingUpdate *RollingUpdateDeployment -} - -// DeploymentStrategyType defines strategies with a deployment. -type DeploymentStrategyType string - -const ( - // RecreateDeploymentStrategyType - kill all existing pods before creating new ones. - RecreateDeploymentStrategyType DeploymentStrategyType = "Recreate" - - // RollingUpdateDeploymentStrategyType - Replace the old RCs by new one using rolling update i.e gradually scale down the old RCs and scale up the new one. - RollingUpdateDeploymentStrategyType DeploymentStrategyType = "RollingUpdate" -) - -// RollingUpdateDeployment is the spec to control the desired behavior of rolling update. -type RollingUpdateDeployment struct { - // The maximum number of pods that can be unavailable during the update. - // Value can be an absolute number (ex: 5) or a percentage of total pods at the start of update (ex: 10%). - // Absolute number is calculated from percentage by rounding down. - // This can not be 0 if MaxSurge is 0. - // By default, a fixed value of 1 is used. - // Example: when this is set to 30%, the old RC can be scaled down by 30% - // immediately when the rolling update starts. Once new pods are ready, old RC - // can be scaled down further, followed by scaling up the new RC, ensuring - // that at least 70% of original number of pods are available at all times - // during the update. - // +optional - MaxUnavailable intstr.IntOrString - - // The maximum number of pods that can be scheduled above the original number of - // pods. - // Value can be an absolute number (ex: 5) or a percentage of total pods at - // the start of the update (ex: 10%). This can not be 0 if MaxUnavailable is 0. - // Absolute number is calculated from percentage by rounding up. - // By default, a value of 1 is used. - // Example: when this is set to 30%, the new RC can be scaled up by 30% - // immediately when the rolling update starts. Once old pods have been killed, - // new RC can be scaled up further, ensuring that total number of pods running - // at any time during the update is at most 130% of original pods. - // +optional - MaxSurge intstr.IntOrString -} - -// DeploymentStatus holds information about the observed status of a deployment. -type DeploymentStatus struct { - // The generation observed by the deployment controller. - // +optional - ObservedGeneration int64 - - // Total number of non-terminating pods targeted by this deployment (their labels match the selector). - // +optional - Replicas int32 - - // Total number of non-terminating pods targeted by this deployment that have the desired template spec. - // +optional - UpdatedReplicas int32 - - // Total number of non-terminating pods targeted by this Deployment with a Ready Condition. - // +optional - ReadyReplicas int32 - - // Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment. - // +optional - AvailableReplicas int32 - - // Total number of unavailable pods targeted by this deployment. This is the total number of - // pods that are still required for the deployment to have 100% available capacity. They may - // either be pods that are running but not yet available or pods that still have not been created. - // +optional - UnavailableReplicas int32 - - // Total number of terminating pods targeted by this deployment. Terminating pods have a non-null - // .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase. - // - // This is a beta field and requires enabling DeploymentReplicaSetTerminatingReplicas feature (enabled by default). - // +optional - TerminatingReplicas *int32 - - // Represents the latest available observations of a deployment's current state. - Conditions []DeploymentCondition - - // Count of hash collisions for the Deployment. The Deployment controller uses this - // field as a collision avoidance mechanism when it needs to create the name for the - // newest ReplicaSet. - // +optional - CollisionCount *int32 -} - -// DeploymentConditionType defines conditions of a deployment. -type DeploymentConditionType string - -// These are valid conditions of a deployment. -const ( - // Available means the deployment is available, ie. at least the minimum available - // replicas required are up and running for at least minReadySeconds. - DeploymentAvailable DeploymentConditionType = "Available" - // Progressing means the deployment is progressing. Progress for a deployment is - // considered when a new replica set is created or adopted, and when new pods scale - // up or old pods scale down. Progress is not estimated for paused deployments or - // when progressDeadlineSeconds is not specified. - DeploymentProgressing DeploymentConditionType = "Progressing" - // ReplicaFailure is added in a deployment when one of its pods fails to be created - // or deleted. - DeploymentReplicaFailure DeploymentConditionType = "ReplicaFailure" -) - -// DeploymentCondition describes the state of a deployment at a certain point. -type DeploymentCondition struct { - // Type of deployment condition. - Type DeploymentConditionType - // Status of the condition, one of True, False, Unknown. - Status api.ConditionStatus - // The last time this condition was updated. - LastUpdateTime metav1.Time - // Last time the condition transitioned from one status to another. - LastTransitionTime metav1.Time - // The reason for the condition's last transition. - Reason string - // A human readable message indicating details about the transition. - Message string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DeploymentList defines multiple deployments. -type DeploymentList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is the list of deployments. - Items []Deployment -} - -// DaemonSetUpdateStrategy defines a strategy to update a daemon set. -type DaemonSetUpdateStrategy struct { - // Type of daemon set update. Can be "RollingUpdate" or "OnDelete". - // +optional - Type DaemonSetUpdateStrategyType - - // Rolling update config params. Present only if type = "RollingUpdate". - //--- - // TODO: Update this to follow our convention for oneOf, whatever we decide it - // to be. Same as Deployment `strategy.rollingUpdate`. - // See https://github.com/kubernetes/kubernetes/issues/35345 - // +optional - RollingUpdate *RollingUpdateDaemonSet -} - -// DaemonSetUpdateStrategyType is a strategy according to which a daemon set -// gets updated. -type DaemonSetUpdateStrategyType string - -const ( - // RollingUpdateDaemonSetStrategyType - Replace the old daemons by new ones using rolling update i.e replace them on each node one after the other. - RollingUpdateDaemonSetStrategyType DaemonSetUpdateStrategyType = "RollingUpdate" - - // OnDeleteDaemonSetStrategyType - Replace the old daemons only when it's killed - OnDeleteDaemonSetStrategyType DaemonSetUpdateStrategyType = "OnDelete" -) - -// RollingUpdateDaemonSet is the spec to control the desired behavior of daemon set rolling update. -type RollingUpdateDaemonSet struct { - // The maximum number of DaemonSet pods that can be unavailable during the - // update. Value can be an absolute number (ex: 5) or a percentage of total - // number of DaemonSet pods at the start of the update (ex: 10%). Absolute - // number is calculated from percentage by rounding up. - // This cannot be 0 if MaxSurge is 0 - // Default value is 1. - // Example: when this is set to 30%, at most 30% of the total number of nodes - // that should be running the daemon pod (i.e. status.desiredNumberScheduled) - // can have their pods stopped for an update at any given time. The update - // starts by stopping at most 30% of those DaemonSet pods and then brings - // up new DaemonSet pods in their place. Once the new pods are available, - // it then proceeds onto other DaemonSet pods, thus ensuring that at least - // 70% of original number of DaemonSet pods are available at all times during - // the update. - // +optional - MaxUnavailable intstr.IntOrString - - // The maximum number of nodes with an existing available DaemonSet pod that - // can have an updated DaemonSet pod during during an update. - // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - // This can not be 0 if MaxUnavailable is 0. - // Absolute number is calculated from percentage by rounding up to a minimum of 1. - // Default value is 0. - // Example: when this is set to 30%, at most 30% of the total number of nodes - // that should be running the daemon pod (i.e. status.desiredNumberScheduled) - // can have their a new pod created before the old pod is marked as deleted. - // The update starts by launching new pods on 30% of nodes. Once an updated - // pod is available (Ready for at least minReadySeconds) the old DaemonSet pod - // on that node is marked deleted. If the old pod becomes unavailable for any - // reason (Ready transitions to false, is evicted, or is drained) an updated - // pod is immediately created on that node without considering surge limits. - // Allowing surge implies the possibility that the resources consumed by the - // daemonset on any given node can double if the readiness check fails, and - // so resource intensive daemonsets should take into account that they may - // cause evictions during disruption. - // +optional - MaxSurge intstr.IntOrString -} - -// DaemonSetSpec is the specification of a daemon set. -type DaemonSetSpec struct { - // A label query over pods that are managed by the daemon set. - // Must match in order to be controlled. - // If empty, defaulted to labels on Pod template. - // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors - // +optional - Selector *metav1.LabelSelector - - // An object that describes the pod that will be created. - // The DaemonSet will create exactly one copy of this pod on every node - // that matches the template's node selector (or on every node if no node - // selector is specified). - // The only allowed template.spec.restartPolicy value is "Always". - // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template - Template api.PodTemplateSpec - - // An update strategy to replace existing DaemonSet pods with new pods. - // +optional - UpdateStrategy DaemonSetUpdateStrategy - - // The minimum number of seconds for which a newly created DaemonSet pod should - // be ready without any of its container crashing, for it to be considered - // available. Defaults to 0 (pod will be considered available as soon as it - // is ready). - // +optional - MinReadySeconds int32 - - // DEPRECATED. - // A sequence number representing a specific generation of the template. - // Populated by the system. It can be set only during the creation. - // +optional - TemplateGeneration int64 - - // The number of old history to retain to allow rollback. - // This is a pointer to distinguish between explicit zero and not specified. - // Defaults to 10. - // +optional - RevisionHistoryLimit *int32 -} - -// DaemonSetStatus represents the current status of a daemon set. -type DaemonSetStatus struct { - // The number of nodes that are running at least 1 - // daemon pod and are supposed to run the daemon pod. - CurrentNumberScheduled int32 - - // The number of nodes that are running the daemon pod, but are - // not supposed to run the daemon pod. - NumberMisscheduled int32 - - // The total number of nodes that should be running the daemon - // pod (including nodes correctly running the daemon pod). - DesiredNumberScheduled int32 - - // The number of nodes that should be running the daemon pod and have one - // or more of the daemon pod running and ready. - NumberReady int32 - - // The most recent generation observed by the daemon set controller. - // +optional - ObservedGeneration int64 - - // The total number of nodes that are running updated daemon pod - // +optional - UpdatedNumberScheduled int32 - - // The number of nodes that should be running the - // daemon pod and have one or more of the daemon pod running and - // available (ready for at least spec.minReadySeconds) - // +optional - NumberAvailable int32 - - // The number of nodes that should be running the - // daemon pod and have none of the daemon pod running and available - // (ready for at least spec.minReadySeconds) - // +optional - NumberUnavailable int32 - - // Count of hash collisions for the DaemonSet. The DaemonSet controller - // uses this field as a collision avoidance mechanism when it needs to - // create the name for the newest ControllerRevision. - // +optional - CollisionCount *int32 - - // Represents the latest available observations of a DaemonSet's current state. - Conditions []DaemonSetCondition -} - -// DaemonSetConditionType defines a daemon set condition. -type DaemonSetConditionType string - -// TODO: Add valid condition types of a DaemonSet. - -// DaemonSetCondition describes the state of a DaemonSet at a certain point. -type DaemonSetCondition struct { - // Type of DaemonSet condition. - Type DaemonSetConditionType - // Status of the condition, one of True, False, Unknown. - Status api.ConditionStatus - // Last time the condition transitioned from one status to another. - LastTransitionTime metav1.Time - // The reason for the condition's last transition. - Reason string - // A human readable message indicating details about the transition. - Message string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DaemonSet represents the configuration of a daemon set. -type DaemonSet struct { - metav1.TypeMeta - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta - - // The desired behavior of this daemon set. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Spec DaemonSetSpec - - // The current status of this daemon set. This data may be - // out of date by some window of time. - // Populated by the system. - // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Status DaemonSetStatus -} - -const ( - // DaemonSetTemplateGenerationKey is the key of the labels that is added - // to daemon set pods to distinguish between old and new pod templates - // during DaemonSet template update. - // DEPRECATED: DefaultDaemonSetUniqueLabelKey is used instead. - DaemonSetTemplateGenerationKey string = "pod-template-generation" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DaemonSetList is a collection of daemon sets. -type DaemonSetList struct { - metav1.TypeMeta - // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ListMeta - - // A list of daemon sets. - Items []DaemonSet -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ReplicaSet ensures that a specified number of pod replicas are running at any given time. -type ReplicaSet struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the desired behavior of this ReplicaSet. - // +optional - Spec ReplicaSetSpec - - // Status is the current status of this ReplicaSet. This data may be - // out of date by some window of time. - // +optional - Status ReplicaSetStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ReplicaSetList is a collection of ReplicaSets. -type ReplicaSetList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []ReplicaSet -} - -// ReplicaSetSpec is the specification of a ReplicaSet. -// As the internal representation of a ReplicaSet, it must have -// a Template set. -type ReplicaSetSpec struct { - // Replicas is the number of desired replicas. - Replicas int32 - - // Minimum number of seconds for which a newly created pod should be ready - // without any of its container crashing, for it to be considered available. - // Defaults to 0 (pod will be considered available as soon as it is ready) - // +optional - MinReadySeconds int32 - - // Selector is a label query over pods that should match the replica count. - // Must match in order to be controlled. - // If empty, defaulted to labels on pod template. - // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors - // +optional - Selector *metav1.LabelSelector - - // Template is the object that describes the pod that will be created if - // insufficient replicas are detected. - // The only allowed template.spec.restartPolicy value is "Always". - // +optional - Template api.PodTemplateSpec -} - -// ReplicaSetStatus represents the current status of a ReplicaSet. -type ReplicaSetStatus struct { - // Replicas is the most recently observed number of non-terminating pods. - // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset - Replicas int32 - - // The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset. - // +optional - FullyLabeledReplicas int32 - - // The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition. - // +optional - ReadyReplicas int32 - - // The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set. - // +optional - AvailableReplicas int32 - - // The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp - // and have not yet reached the Failed or Succeeded .status.phase. - // - // This is a beta field and requires enabling DeploymentReplicaSetTerminatingReplicas feature (enabled by default). - // +optional - TerminatingReplicas *int32 - - // ObservedGeneration reflects the generation of the most recently observed ReplicaSet. - // +optional - ObservedGeneration int64 - - // Represents the latest available observations of a replica set's current state. - // +optional - Conditions []ReplicaSetCondition -} - -// ReplicaSetConditionType is a condition of a replica set. -type ReplicaSetConditionType string - -// These are valid conditions of a replica set. -const ( - // ReplicaSetReplicaFailure is added in a replica set when one of its pods fails to be created - // due to insufficient quota, limit ranges, pod security policy, node selectors, etc. or deleted - // due to kubelet being down or finalizers are failing. - ReplicaSetReplicaFailure ReplicaSetConditionType = "ReplicaFailure" -) - -// ReplicaSetCondition describes the state of a replica set at a certain point. -type ReplicaSetCondition struct { - // Type of replica set condition. - Type ReplicaSetConditionType - // Status of the condition, one of True, False, Unknown. - Status api.ConditionStatus - // The last time the condition transitioned from one status to another. - // +optional - LastTransitionTime metav1.Time - // The reason for the condition's last transition. - // +optional - Reason string - // A human readable message indicating details about the transition. - // +optional - Message string -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go deleted file mode 100644 index e9b214234..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go +++ /dev/null @@ -1,858 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package apps - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - intstr "k8s.io/apimachinery/pkg/util/intstr" - core "k8s.io/kubernetes/pkg/apis/core" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ControllerRevision) DeepCopyInto(out *ControllerRevision) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Data.DeepCopyInto(&out.Data) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerRevision. -func (in *ControllerRevision) DeepCopy() *ControllerRevision { - if in == nil { - return nil - } - out := new(ControllerRevision) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ControllerRevision) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ControllerRevisionList) DeepCopyInto(out *ControllerRevisionList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ControllerRevision, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerRevisionList. -func (in *ControllerRevisionList) DeepCopy() *ControllerRevisionList { - if in == nil { - return nil - } - out := new(ControllerRevisionList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ControllerRevisionList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSet) DeepCopyInto(out *DaemonSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSet. -func (in *DaemonSet) DeepCopy() *DaemonSet { - if in == nil { - return nil - } - out := new(DaemonSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DaemonSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSetCondition) DeepCopyInto(out *DaemonSetCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetCondition. -func (in *DaemonSetCondition) DeepCopy() *DaemonSetCondition { - if in == nil { - return nil - } - out := new(DaemonSetCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSetList) DeepCopyInto(out *DaemonSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DaemonSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetList. -func (in *DaemonSetList) DeepCopy() *DaemonSetList { - if in == nil { - return nil - } - out := new(DaemonSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DaemonSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSetSpec) DeepCopyInto(out *DaemonSetSpec) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - in.Template.DeepCopyInto(&out.Template) - in.UpdateStrategy.DeepCopyInto(&out.UpdateStrategy) - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetSpec. -func (in *DaemonSetSpec) DeepCopy() *DaemonSetSpec { - if in == nil { - return nil - } - out := new(DaemonSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSetStatus) DeepCopyInto(out *DaemonSetStatus) { - *out = *in - if in.CollisionCount != nil { - in, out := &in.CollisionCount, &out.CollisionCount - *out = new(int32) - **out = **in - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]DaemonSetCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetStatus. -func (in *DaemonSetStatus) DeepCopy() *DaemonSetStatus { - if in == nil { - return nil - } - out := new(DaemonSetStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonSetUpdateStrategy) DeepCopyInto(out *DaemonSetUpdateStrategy) { - *out = *in - if in.RollingUpdate != nil { - in, out := &in.RollingUpdate, &out.RollingUpdate - *out = new(RollingUpdateDaemonSet) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetUpdateStrategy. -func (in *DaemonSetUpdateStrategy) DeepCopy() *DaemonSetUpdateStrategy { - if in == nil { - return nil - } - out := new(DaemonSetUpdateStrategy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Deployment) DeepCopyInto(out *Deployment) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Deployment. -func (in *Deployment) DeepCopy() *Deployment { - if in == nil { - return nil - } - out := new(Deployment) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Deployment) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentCondition) DeepCopyInto(out *DeploymentCondition) { - *out = *in - in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentCondition. -func (in *DeploymentCondition) DeepCopy() *DeploymentCondition { - if in == nil { - return nil - } - out := new(DeploymentCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentList) DeepCopyInto(out *DeploymentList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Deployment, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentList. -func (in *DeploymentList) DeepCopy() *DeploymentList { - if in == nil { - return nil - } - out := new(DeploymentList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeploymentList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentRollback) DeepCopyInto(out *DeploymentRollback) { - *out = *in - out.TypeMeta = in.TypeMeta - if in.UpdatedAnnotations != nil { - in, out := &in.UpdatedAnnotations, &out.UpdatedAnnotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - out.RollbackTo = in.RollbackTo - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentRollback. -func (in *DeploymentRollback) DeepCopy() *DeploymentRollback { - if in == nil { - return nil - } - out := new(DeploymentRollback) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeploymentRollback) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - in.Template.DeepCopyInto(&out.Template) - in.Strategy.DeepCopyInto(&out.Strategy) - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - if in.RollbackTo != nil { - in, out := &in.RollbackTo, &out.RollbackTo - *out = new(RollbackConfig) - **out = **in - } - if in.ProgressDeadlineSeconds != nil { - in, out := &in.ProgressDeadlineSeconds, &out.ProgressDeadlineSeconds - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpec. -func (in *DeploymentSpec) DeepCopy() *DeploymentSpec { - if in == nil { - return nil - } - out := new(DeploymentSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) { - *out = *in - if in.TerminatingReplicas != nil { - in, out := &in.TerminatingReplicas, &out.TerminatingReplicas - *out = new(int32) - **out = **in - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]DeploymentCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.CollisionCount != nil { - in, out := &in.CollisionCount, &out.CollisionCount - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStatus. -func (in *DeploymentStatus) DeepCopy() *DeploymentStatus { - if in == nil { - return nil - } - out := new(DeploymentStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeploymentStrategy) DeepCopyInto(out *DeploymentStrategy) { - *out = *in - if in.RollingUpdate != nil { - in, out := &in.RollingUpdate, &out.RollingUpdate - *out = new(RollingUpdateDeployment) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStrategy. -func (in *DeploymentStrategy) DeepCopy() *DeploymentStrategy { - if in == nil { - return nil - } - out := new(DeploymentStrategy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicaSet) DeepCopyInto(out *ReplicaSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSet. -func (in *ReplicaSet) DeepCopy() *ReplicaSet { - if in == nil { - return nil - } - out := new(ReplicaSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ReplicaSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicaSetCondition) DeepCopyInto(out *ReplicaSetCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetCondition. -func (in *ReplicaSetCondition) DeepCopy() *ReplicaSetCondition { - if in == nil { - return nil - } - out := new(ReplicaSetCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicaSetList) DeepCopyInto(out *ReplicaSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ReplicaSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetList. -func (in *ReplicaSetList) DeepCopy() *ReplicaSetList { - if in == nil { - return nil - } - out := new(ReplicaSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ReplicaSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicaSetSpec) DeepCopyInto(out *ReplicaSetSpec) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - in.Template.DeepCopyInto(&out.Template) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetSpec. -func (in *ReplicaSetSpec) DeepCopy() *ReplicaSetSpec { - if in == nil { - return nil - } - out := new(ReplicaSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicaSetStatus) DeepCopyInto(out *ReplicaSetStatus) { - *out = *in - if in.TerminatingReplicas != nil { - in, out := &in.TerminatingReplicas, &out.TerminatingReplicas - *out = new(int32) - **out = **in - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]ReplicaSetCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetStatus. -func (in *ReplicaSetStatus) DeepCopy() *ReplicaSetStatus { - if in == nil { - return nil - } - out := new(ReplicaSetStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RollbackConfig) DeepCopyInto(out *RollbackConfig) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollbackConfig. -func (in *RollbackConfig) DeepCopy() *RollbackConfig { - if in == nil { - return nil - } - out := new(RollbackConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RollingUpdateDaemonSet) DeepCopyInto(out *RollingUpdateDaemonSet) { - *out = *in - out.MaxUnavailable = in.MaxUnavailable - out.MaxSurge = in.MaxSurge - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpdateDaemonSet. -func (in *RollingUpdateDaemonSet) DeepCopy() *RollingUpdateDaemonSet { - if in == nil { - return nil - } - out := new(RollingUpdateDaemonSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RollingUpdateDeployment) DeepCopyInto(out *RollingUpdateDeployment) { - *out = *in - out.MaxUnavailable = in.MaxUnavailable - out.MaxSurge = in.MaxSurge - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpdateDeployment. -func (in *RollingUpdateDeployment) DeepCopy() *RollingUpdateDeployment { - if in == nil { - return nil - } - out := new(RollingUpdateDeployment) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RollingUpdateStatefulSetStrategy) DeepCopyInto(out *RollingUpdateStatefulSetStrategy) { - *out = *in - if in.MaxUnavailable != nil { - in, out := &in.MaxUnavailable, &out.MaxUnavailable - *out = new(intstr.IntOrString) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpdateStatefulSetStrategy. -func (in *RollingUpdateStatefulSetStrategy) DeepCopy() *RollingUpdateStatefulSetStrategy { - if in == nil { - return nil - } - out := new(RollingUpdateStatefulSetStrategy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSet) DeepCopyInto(out *StatefulSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSet. -func (in *StatefulSet) DeepCopy() *StatefulSet { - if in == nil { - return nil - } - out := new(StatefulSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *StatefulSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetCondition) DeepCopyInto(out *StatefulSetCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetCondition. -func (in *StatefulSetCondition) DeepCopy() *StatefulSetCondition { - if in == nil { - return nil - } - out := new(StatefulSetCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetList) DeepCopyInto(out *StatefulSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]StatefulSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetList. -func (in *StatefulSetList) DeepCopy() *StatefulSetList { - if in == nil { - return nil - } - out := new(StatefulSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *StatefulSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetOrdinals) DeepCopyInto(out *StatefulSetOrdinals) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetOrdinals. -func (in *StatefulSetOrdinals) DeepCopy() *StatefulSetOrdinals { - if in == nil { - return nil - } - out := new(StatefulSetOrdinals) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetPersistentVolumeClaimRetentionPolicy) DeepCopyInto(out *StatefulSetPersistentVolumeClaimRetentionPolicy) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetPersistentVolumeClaimRetentionPolicy. -func (in *StatefulSetPersistentVolumeClaimRetentionPolicy) DeepCopy() *StatefulSetPersistentVolumeClaimRetentionPolicy { - if in == nil { - return nil - } - out := new(StatefulSetPersistentVolumeClaimRetentionPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetSpec) DeepCopyInto(out *StatefulSetSpec) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - in.Template.DeepCopyInto(&out.Template) - if in.VolumeClaimTemplates != nil { - in, out := &in.VolumeClaimTemplates, &out.VolumeClaimTemplates - *out = make([]core.PersistentVolumeClaim, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.UpdateStrategy.DeepCopyInto(&out.UpdateStrategy) - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - if in.PersistentVolumeClaimRetentionPolicy != nil { - in, out := &in.PersistentVolumeClaimRetentionPolicy, &out.PersistentVolumeClaimRetentionPolicy - *out = new(StatefulSetPersistentVolumeClaimRetentionPolicy) - **out = **in - } - if in.Ordinals != nil { - in, out := &in.Ordinals, &out.Ordinals - *out = new(StatefulSetOrdinals) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetSpec. -func (in *StatefulSetSpec) DeepCopy() *StatefulSetSpec { - if in == nil { - return nil - } - out := new(StatefulSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetStatus) DeepCopyInto(out *StatefulSetStatus) { - *out = *in - if in.ObservedGeneration != nil { - in, out := &in.ObservedGeneration, &out.ObservedGeneration - *out = new(int64) - **out = **in - } - if in.CollisionCount != nil { - in, out := &in.CollisionCount, &out.CollisionCount - *out = new(int32) - **out = **in - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]StatefulSetCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetStatus. -func (in *StatefulSetStatus) DeepCopy() *StatefulSetStatus { - if in == nil { - return nil - } - out := new(StatefulSetStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StatefulSetUpdateStrategy) DeepCopyInto(out *StatefulSetUpdateStrategy) { - *out = *in - if in.RollingUpdate != nil { - in, out := &in.RollingUpdate, &out.RollingUpdate - *out = new(RollingUpdateStatefulSetStrategy) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatefulSetUpdateStrategy. -func (in *StatefulSetUpdateStrategy) DeepCopy() *StatefulSetUpdateStrategy { - if in == nil { - return nil - } - out := new(StatefulSetUpdateStrategy) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS deleted file mode 100644 index 9978d2ceb..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS +++ /dev/null @@ -1,12 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - thockin - - smarterclayton - - wojtek-t - - deads2k - - caesarxuchao - - sttts - - dims -emeritus_reviewers: - - ncdc diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/annotations.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/annotations.go deleted file mode 100644 index d793cd4aa..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/annotations.go +++ /dev/null @@ -1,46 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package autoscaling - -// MetricSpecsAnnotation is the annotation which holds non-CPU-utilization HPA metric -// specs when converting the `Metrics` field from autoscaling/v2beta1 -const MetricSpecsAnnotation = "autoscaling.alpha.kubernetes.io/metrics" - -// MetricStatusesAnnotation is the annotation which holds non-CPU-utilization HPA metric -// statuses when converting the `CurrentMetrics` field from autoscaling/v2beta1 -const MetricStatusesAnnotation = "autoscaling.alpha.kubernetes.io/current-metrics" - -// HorizontalPodAutoscalerConditionsAnnotation is the annotation which holds the conditions -// of an HPA when converting the `Conditions` field from autoscaling/v2beta1 -const HorizontalPodAutoscalerConditionsAnnotation = "autoscaling.alpha.kubernetes.io/conditions" - -// DefaultCPUUtilization is the default value for CPU utilization, provided no other -// metrics are present. This is here because it's used by both the v2beta1 defaulting -// logic, and the pseudo-defaulting done in v1 conversion. -const DefaultCPUUtilization = 80 - -// BehaviorSpecsAnnotation is the annotation which holds the HPA constraints specs -// when converting the `Behavior` field from autoscaling/v2beta2 -const BehaviorSpecsAnnotation = "autoscaling.alpha.kubernetes.io/behavior" - -// ToleranceScaleDownAnnotation is the annotation which holds the HPA tolerance specs -// when converting the `ScaleDown.Tolerance` field from autoscaling/v2 -const ToleranceScaleDownAnnotation = "autoscaling.alpha.kubernetes.io/scale-down-tolerance" - -// ToleranceScaleUpAnnotation is the annotation which holds the HPA tolerance specs -// when converting the `ScaleUp.Tolerance` field from autoscaling/v2 -const ToleranceScaleUpAnnotation = "autoscaling.alpha.kubernetes.io/scale-up-tolerance" diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/doc.go deleted file mode 100644 index 047eedde4..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package - -package autoscaling diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/helpers.go deleted file mode 100644 index 67853dc29..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/helpers.go +++ /dev/null @@ -1,64 +0,0 @@ -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package autoscaling - -// DropRoundTripHorizontalPodAutoscalerAnnotations removes any annotations used to -// serialize round-tripped fields from HorizontalPodAutoscaler later API versions, -// and returns false if no changes were made and the original input object was returned. -// -// It should always be called when converting internal -> external versions, prior -// to setting any of the custom annotations: -// -// annotations, copiedAnnotations := DropRoundTripHorizontalPodAutoscalerAnnotations(externalObj.Annotations) -// externalObj.Annotations = annotations -// -// if internal.SomeField != nil { -// if !copiedAnnotations { -// externalObj.Annotations = DeepCopyStringMap(externalObj.Annotations) -// copiedAnnotations = true -// } -// externalObj.Annotations[...] = json.Marshal(...) -// } -func DropRoundTripHorizontalPodAutoscalerAnnotations(in map[string]string) (out map[string]string, copied bool) { - _, hasMetricsSpecs := in[MetricSpecsAnnotation] - _, hasBehaviorSpecs := in[BehaviorSpecsAnnotation] - _, hasToleranceScaleDown := in[ToleranceScaleDownAnnotation] - _, hasToleranceScaleUp := in[ToleranceScaleUpAnnotation] - _, hasMetricsStatuses := in[MetricStatusesAnnotation] - _, hasConditions := in[HorizontalPodAutoscalerConditionsAnnotation] - if hasMetricsSpecs || hasBehaviorSpecs || hasToleranceScaleDown || hasToleranceScaleUp || hasMetricsStatuses || hasConditions { - out = DeepCopyStringMap(in) - delete(out, MetricSpecsAnnotation) - delete(out, BehaviorSpecsAnnotation) - delete(out, ToleranceScaleDownAnnotation) - delete(out, ToleranceScaleUpAnnotation) - delete(out, MetricStatusesAnnotation) - delete(out, HorizontalPodAutoscalerConditionsAnnotation) - return out, true - } - return in, false -} - -// DeepCopyStringMap returns a copy of the input map. -// If input is nil, an empty map is returned. -func DeepCopyStringMap(in map[string]string) map[string]string { - out := make(map[string]string, len(in)) - for k, v := range in { - out[k] = v - } - return out -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/register.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/register.go deleted file mode 100644 index 871e5513a..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/register.go +++ /dev/null @@ -1,55 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package autoscaling - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name use in this package -const GroupName = "autoscaling" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder points to a list of functions added to Scheme. - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme applies all the stored functions to the scheme. - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Scale{}, - &HorizontalPodAutoscaler{}, - &HorizontalPodAutoscalerList{}, - ) - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go deleted file mode 100644 index b8802a992..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go +++ /dev/null @@ -1,582 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package autoscaling - -import ( - "k8s.io/apimachinery/pkg/api/resource" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - api "k8s.io/kubernetes/pkg/apis/core" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Scale represents a scaling request for a resource. -type Scale struct { - metav1.TypeMeta - // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata. - // +optional - metav1.ObjectMeta - - // spec defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. - // +optional - Spec ScaleSpec - - // status represents the current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only. - // +optional - Status ScaleStatus -} - -// ScaleSpec describes the attributes of a scale subresource. -type ScaleSpec struct { - // replicas is the desired number of instances for the scaled object. - // +optional - Replicas int32 -} - -// ScaleStatus represents the current status of a scale subresource. -type ScaleStatus struct { - // replicas is the actual number of observed instances of the scaled object. - Replicas int32 - - // label query over pods that should match the replicas count. This is same - // as the label selector but in the string format to avoid introspection - // by clients. The string will be in the same format as the query-param syntax. - // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors - // +optional - Selector string -} - -// CrossVersionObjectReference contains enough information to let you identify the referred resource. -type CrossVersionObjectReference struct { - // kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - Kind string - - // name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - Name string - - // apiVersion is the API version of the referent - // +optional - APIVersion string -} - -// HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler. -type HorizontalPodAutoscalerSpec struct { - // scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics - // should be collected, as well as to actually change the replica count. - ScaleTargetRef CrossVersionObjectReference - - // minReplicas is the lower limit for the number of replicas to which the autoscaler - // can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the - // alpha feature gate HPAScaleToZero is enabled and at least one Object or External - // metric is configured. Scaling is active as long as at least one metric value is - // available. - // +optional - MinReplicas *int32 - - // maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. - // It cannot be less that minReplicas. - MaxReplicas int32 - - // metrics contains the specifications for which to use to calculate the - // desired replica count (the maximum replica count across all metrics will - // be used). The desired replica count is calculated multiplying the - // ratio between the target value and the current value by the current - // number of pods. Ergo, metrics used must decrease as the pod count is - // increased, and vice-versa. See the individual metric source types for - // more information about how each type of metric must respond. - // +optional - Metrics []MetricSpec - - // behavior configures the scaling behavior of the target - // in both Up and Down directions (scaleUp and scaleDown fields respectively). - // If not set, the default HPAScalingRules for scale up and scale down are used. - // +optional - Behavior *HorizontalPodAutoscalerBehavior -} - -// HorizontalPodAutoscalerBehavior configures a scaling behavior for Up and Down direction -// (scaleUp and scaleDown fields respectively). -type HorizontalPodAutoscalerBehavior struct { - // scaleUp is scaling policy for scaling Up. - // If not set, the default value is the higher of: - // * increase no more than 4 pods per 60 seconds - // * double the number of pods per 60 seconds - // No stabilization is used. - // +optional - ScaleUp *HPAScalingRules - // scaleDown is scaling policy for scaling Down. - // If not set, the default value is to allow to scale down to minReplicas pods, with a - // 300 second stabilization window (i.e., the highest recommendation for - // the last 300sec is used). - // +optional - ScaleDown *HPAScalingRules -} - -// ScalingPolicySelect is used to specify which policy should be used while scaling in a certain direction -type ScalingPolicySelect string - -const ( - // MaxPolicySelect selects the policy with the highest possible change. - MaxPolicySelect ScalingPolicySelect = "Max" - // MinPolicySelect selects the policy with the lowest possible change. - MinPolicySelect ScalingPolicySelect = "Min" - // DisabledPolicySelect disables the scaling in this direction. - DisabledPolicySelect ScalingPolicySelect = "Disabled" -) - -// HPAScalingRules configures the scaling behavior for one direction via -// scaling Policy Rules and a configurable metric tolerance. -// -// Scaling Policy Rules are applied after calculating DesiredReplicas from metrics for the HPA. -// They can limit the scaling velocity by specifying scaling policies. -// They can prevent flapping by specifying the stabilization window, so that the -// number of replicas is not set instantly, instead, the safest value from the stabilization -// window is chosen. -// -// The tolerance is applied to the metric values and prevents scaling too -// eagerly for small metric variations. (Note that setting a tolerance requires -// the beta HPAConfigurableTolerance feature gate to be enabled.) -type HPAScalingRules struct { - // StabilizationWindowSeconds is the number of seconds for which past recommendations should be - // considered while scaling up or scaling down. - // StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). - // If not set, use the default values: - // - For scale up: 0 (i.e. no stabilization is done). - // - For scale down: 300 (i.e. the stabilization window is 300 seconds long). - // +optional - StabilizationWindowSeconds *int32 - // selectPolicy is used to specify which policy should be used. - // If not set, the default value MaxPolicySelect is used. - // +optional - SelectPolicy *ScalingPolicySelect - // policies is a list of potential scaling polices which can be used during scaling. - // If not set, use the default values: - // - For scale up: allow doubling the number of pods, or an absolute change of 4 pods in a 15s window. - // - For scale down: allow all pods to be removed in a 15s window. - // +optional - Policies []HPAScalingPolicy - // tolerance is the tolerance on the ratio between the current and desired - // metric value under which no updates are made to the desired number of - // replicas (e.g. 0.01 for 1%). Must be greater than or equal to zero. If not - // set, the default cluster-wide tolerance is applied (by default 10%). - // - // For example, if autoscaling is configured with a memory consumption target of 100Mi, - // and scale-down and scale-up tolerances of 5% and 1% respectively, scaling will be - // triggered when the actual consumption falls below 95Mi or exceeds 101Mi. - // - // This is an beta field and requires the HPAConfigurableTolerance feature - // gate to be enabled. - // - // +featureGate=HPAConfigurableTolerance - // +optional - Tolerance *resource.Quantity -} - -// HPAScalingPolicyType is the type of the policy which could be used while making scaling decisions. -type HPAScalingPolicyType string - -const ( - // PodsScalingPolicy is a policy used to specify a change in absolute number of pods. - PodsScalingPolicy HPAScalingPolicyType = "Pods" - // PercentScalingPolicy is a policy used to specify a relative amount of change with respect to - // the current number of pods. - PercentScalingPolicy HPAScalingPolicyType = "Percent" -) - -// HPAScalingPolicy is a single policy which must hold true for a specified past interval. -type HPAScalingPolicy struct { - // Type is used to specify the scaling policy. - Type HPAScalingPolicyType - // Value contains the amount of change which is permitted by the policy. - // It must be greater than zero - Value int32 - // PeriodSeconds specifies the window of time for which the policy should hold true. - // PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). - PeriodSeconds int32 -} - -// MetricSourceType indicates the type of metric. -type MetricSourceType string - -const ( - // ObjectMetricSourceType is a metric describing a kubernetes object - // (for example, hits-per-second on an Ingress object). - ObjectMetricSourceType MetricSourceType = "Object" - // PodsMetricSourceType is a metric describing each pod in the current scale - // target (for example, transactions-processed-per-second). The values - // will be averaged together before being compared to the target value. - PodsMetricSourceType MetricSourceType = "Pods" - // ResourceMetricSourceType is a resource metric known to Kubernetes, as - // specified in requests and limits, describing each pod in the current - // scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics (the "pods" source). - ResourceMetricSourceType MetricSourceType = "Resource" - // ExternalMetricSourceType is a global metric that is not associated - // with any Kubernetes object. It allows autoscaling based on information - // coming from components running outside of cluster - // (for example length of queue in cloud messaging service, or - // QPS from loadbalancer running outside of cluster). - ExternalMetricSourceType MetricSourceType = "External" - // ContainerResourceMetricSourceType is a resource metric known to Kubernetes, as - // specified in requests and limits, describing a single container in each pod in the current - // scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics (the "pods" source). - ContainerResourceMetricSourceType MetricSourceType = "ContainerResource" -) - -// MetricSpec specifies how to scale based on a single metric -// (only `type` and one other matching field should be set at once). -type MetricSpec struct { - // Type is the type of metric source. It should be one of "Object", - // "Pods" or "Resource", each mapping to a matching field in the object. - Type MetricSourceType - - // Object refers to a metric describing a single kubernetes object - // (for example, hits-per-second on an Ingress object). - // +optional - Object *ObjectMetricSource - // Pods refers to a metric describing each pod in the current scale target - // (for example, transactions-processed-per-second). The values will be - // averaged together before being compared to the target value. - // +optional - Pods *PodsMetricSource - // Resource refers to a resource metric (such as those specified in - // requests and limits) known to Kubernetes describing each pod in the - // current scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics using the "pods" source. - // +optional - Resource *ResourceMetricSource - // ContainerResource refers to a resource metric (such as those specified in - // requests and limits) known to Kubernetes describing a single container in each pod of the - // current scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics using the "pods" source. - // +optional - ContainerResource *ContainerResourceMetricSource - // External refers to a global metric that is not associated - // with any Kubernetes object. It allows autoscaling based on information - // coming from components running outside of cluster - // (for example length of queue in cloud messaging service, or - // QPS from loadbalancer running outside of cluster). - // +optional - External *ExternalMetricSource -} - -// ObjectMetricSource indicates how to scale on a metric describing a -// kubernetes object (for example, hits-per-second on an Ingress object). -type ObjectMetricSource struct { - DescribedObject CrossVersionObjectReference - Target MetricTarget - Metric MetricIdentifier -} - -// PodsMetricSource indicates how to scale on a metric describing each pod in -// the current scale target (for example, transactions-processed-per-second). -// The values will be averaged together before being compared to the target -// value. -type PodsMetricSource struct { - // metric identifies the target metric by name and selector - Metric MetricIdentifier - // target specifies the target value for the given metric - Target MetricTarget -} - -// ResourceMetricSource indicates how to scale on a resource metric known to -// Kubernetes, as specified in requests and limits, describing each pod in the -// current scale target (e.g. CPU or memory). The values will be averaged -// together before being compared to the target. Such metrics are built in to -// Kubernetes, and have special scaling options on top of those available to -// normal per-pod metrics using the "pods" source. Only one "target" type -// should be set. -type ResourceMetricSource struct { - // Name is the name of the resource in question. - Name api.ResourceName - // Target specifies the target value for the given metric - Target MetricTarget -} - -// ContainerResourceMetricSource indicates how to scale on a resource metric known to -// Kubernetes, as specified in the requests and limits, describing a single container in -// each of the pods of the current scale target(e.g. CPU or memory). The values will be -// averaged together before being compared to the target. Such metrics are built into -// Kubernetes, and have special scaling options on top of those available to -// normal per-pod metrics using the "pods" source. Only one "target" type -// should be set. -type ContainerResourceMetricSource struct { - // name is the name of the of the resource - Name api.ResourceName - // container is the name of the container in the pods of the scaling target. - Container string - // target specifies the target value for the given metric - Target MetricTarget -} - -// ExternalMetricSource indicates how to scale on a metric not associated with -// any Kubernetes object (for example length of queue in cloud -// messaging service, or QPS from loadbalancer running outside of cluster). -type ExternalMetricSource struct { - // Metric identifies the target metric by name and selector - Metric MetricIdentifier - // Target specifies the target value for the given metric - Target MetricTarget -} - -// MetricIdentifier defines the name and optionally selector for a metric -type MetricIdentifier struct { - // Name is the name of the given metric - Name string - // Selector is the selector for the given metric - // it is the string-encoded form of a standard kubernetes label selector - // +optional - Selector *metav1.LabelSelector -} - -// MetricTarget defines the target value, average value, or average utilization of a specific metric -type MetricTarget struct { - // Type represents whether the metric type is Utilization, Value, or AverageValue - Type MetricTargetType - // Value is the target value of the metric (as a quantity). - Value *resource.Quantity - // TargetAverageValue is the target value of the average of the - // metric across all relevant pods (as a quantity) - AverageValue *resource.Quantity - - // AverageUtilization is the target value of the average of the - // resource metric across all relevant pods, represented as a percentage of - // the requested value of the resource for the pods. - // Currently only valid for Resource metric source type - AverageUtilization *int32 -} - -// MetricTargetType specifies the type of metric being targeted, and should be either -// "Value", "AverageValue", or "Utilization" -type MetricTargetType string - -const ( - // UtilizationMetricType is a possible value for MetricTarget.Type. - UtilizationMetricType MetricTargetType = "Utilization" - // ValueMetricType is a possible value for MetricTarget.Type. - ValueMetricType MetricTargetType = "Value" - // AverageValueMetricType is a possible value for MetricTarget.Type. - AverageValueMetricType MetricTargetType = "AverageValue" -) - -// HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler. -type HorizontalPodAutoscalerStatus struct { - // ObservedGeneration is the most recent generation observed by this autoscaler. - // +optional - ObservedGeneration *int64 - - // LastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, - // used by the autoscaler to control how often the number of pods is changed. - // +optional - LastScaleTime *metav1.Time - - // CurrentReplicas is current number of replicas of pods managed by this autoscaler, - // as last seen by the autoscaler. - CurrentReplicas int32 - - // DesiredReplicas is the desired number of replicas of pods managed by this autoscaler, - // as last calculated by the autoscaler. - DesiredReplicas int32 - - // CurrentMetrics is the last read state of the metrics used by this autoscaler. - // +optional - CurrentMetrics []MetricStatus - - // Conditions is the set of conditions required for this autoscaler to scale its target, - // and indicates whether or not those conditions are met. - Conditions []HorizontalPodAutoscalerCondition -} - -// ConditionStatus indicates the status of a condition (true, false, or unknown). -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition; -// "ConditionFalse" means a resource is not in the condition; "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// HorizontalPodAutoscalerConditionType are the valid conditions of -// a HorizontalPodAutoscaler. -type HorizontalPodAutoscalerConditionType string - -const ( - // ScalingActive indicates that the HPA controller is able to scale if necessary: - // it's correctly configured, can fetch the desired metrics, and isn't disabled. - ScalingActive HorizontalPodAutoscalerConditionType = "ScalingActive" - // AbleToScale indicates a lack of transient issues which prevent scaling from occurring, - // such as being in a backoff window, or being unable to access/update the target scale. - AbleToScale HorizontalPodAutoscalerConditionType = "AbleToScale" - // ScalingLimited indicates that the calculated scale based on metrics would be above or - // below the range for the HPA, and has thus been capped. - ScalingLimited HorizontalPodAutoscalerConditionType = "ScalingLimited" -) - -// HorizontalPodAutoscalerCondition describes the state of -// a HorizontalPodAutoscaler at a certain point. -type HorizontalPodAutoscalerCondition struct { - // Type describes the current condition - Type HorizontalPodAutoscalerConditionType - // Status is the status of the condition (True, False, Unknown) - Status ConditionStatus - // LastTransitionTime is the last time the condition transitioned from - // one status to another - // +optional - LastTransitionTime metav1.Time - // Reason is the reason for the condition's last transition. - // +optional - Reason string - // Message is a human-readable explanation containing details about - // the transition - // +optional - Message string -} - -// MetricStatus describes the last-read state of a single metric. -type MetricStatus struct { - // Type is the type of metric source. It will be one of "Object", - // "Pods" or "Resource", each corresponds to a matching field in the object. - Type MetricSourceType - - // Object refers to a metric describing a single kubernetes object - // (for example, hits-per-second on an Ingress object). - // +optional - Object *ObjectMetricStatus - // Pods refers to a metric describing each pod in the current scale target - // (for example, transactions-processed-per-second). The values will be - // averaged together before being compared to the target value. - // +optional - Pods *PodsMetricStatus - // Resource refers to a resource metric (such as those specified in - // requests and limits) known to Kubernetes describing each pod in the - // current scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics using the "pods" source. - // +optional - Resource *ResourceMetricStatus - // ContainerResource refers to a resource metric (such as those specified in - // requests and limits) known to Kubernetes describing a single container in each pod in the - // current scale target (e.g. CPU or memory). Such metrics are built in to - // Kubernetes, and have special scaling options on top of those available - // to normal per-pod metrics using the "pods" source. - // +optional - ContainerResource *ContainerResourceMetricStatus - // External refers to a global metric that is not associated - // with any Kubernetes object. It allows autoscaling based on information - // coming from components running outside of cluster - // (for example length of queue in cloud messaging service, or - // QPS from loadbalancer running outside of cluster). - // +optional - External *ExternalMetricStatus -} - -// ObjectMetricStatus indicates the current value of a metric describing a -// kubernetes object (for example, hits-per-second on an Ingress object). -type ObjectMetricStatus struct { - Metric MetricIdentifier - Current MetricValueStatus - - DescribedObject CrossVersionObjectReference -} - -// PodsMetricStatus indicates the current value of a metric describing each pod in -// the current scale target (for example, transactions-processed-per-second). -type PodsMetricStatus struct { - Metric MetricIdentifier - Current MetricValueStatus -} - -// ResourceMetricStatus indicates the current value of a resource metric known to -// Kubernetes, as specified in requests and limits, describing each pod in the -// current scale target (e.g. CPU or memory). Such metrics are built in to -// Kubernetes, and have special scaling options on top of those available to -// normal per-pod metrics using the "pods" source. -type ResourceMetricStatus struct { - // name is the name of the resource in question. - Name api.ResourceName - Current MetricValueStatus -} - -// ContainerResourceMetricStatus indicates the current value of a resource metric known to -// Kubernetes, as specified in requests and limits, describing each pod in the -// current scale target (e.g. CPU or memory). Such metrics are built in to -// Kubernetes, and have special scaling options on top of those available to -// normal per-pod metrics using the "pods" source. -type ContainerResourceMetricStatus struct { - // name is the name of the resource in question. - Name api.ResourceName - Container string - Current MetricValueStatus -} - -// ExternalMetricStatus indicates the current value of a global metric -// not associated with any Kubernetes object. -type ExternalMetricStatus struct { - Metric MetricIdentifier - Current MetricValueStatus -} - -// MetricValueStatus indicates the current value of a metric. -type MetricValueStatus struct { - Value *resource.Quantity - AverageValue *resource.Quantity - AverageUtilization *int32 -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// HorizontalPodAutoscaler is the configuration for a horizontal pod -// autoscaler, which automatically manages the replica count of any resource -// implementing the scale subresource based on the metrics specified. -type HorizontalPodAutoscaler struct { - metav1.TypeMeta - // Metadata is the standard object metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta - - // spec is the specification for the behaviour of the autoscaler. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. - // +optional - Spec HorizontalPodAutoscalerSpec - - // status is the current information about the autoscaler. - // +optional - Status HorizontalPodAutoscalerStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// HorizontalPodAutoscalerList is a list of horizontal pod autoscaler objects. -type HorizontalPodAutoscalerList struct { - metav1.TypeMeta - // Metadata is the standard list metadata. - // +optional - metav1.ListMeta - - // items is the list of horizontal pod autoscaler objects. - Items []HorizontalPodAutoscaler -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go deleted file mode 100644 index 9e2ac0f00..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go +++ /dev/null @@ -1,675 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package autoscaling - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerResourceMetricSource) DeepCopyInto(out *ContainerResourceMetricSource) { - *out = *in - in.Target.DeepCopyInto(&out.Target) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResourceMetricSource. -func (in *ContainerResourceMetricSource) DeepCopy() *ContainerResourceMetricSource { - if in == nil { - return nil - } - out := new(ContainerResourceMetricSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerResourceMetricStatus) DeepCopyInto(out *ContainerResourceMetricStatus) { - *out = *in - in.Current.DeepCopyInto(&out.Current) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResourceMetricStatus. -func (in *ContainerResourceMetricStatus) DeepCopy() *ContainerResourceMetricStatus { - if in == nil { - return nil - } - out := new(ContainerResourceMetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CrossVersionObjectReference) DeepCopyInto(out *CrossVersionObjectReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CrossVersionObjectReference. -func (in *CrossVersionObjectReference) DeepCopy() *CrossVersionObjectReference { - if in == nil { - return nil - } - out := new(CrossVersionObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalMetricSource) DeepCopyInto(out *ExternalMetricSource) { - *out = *in - in.Metric.DeepCopyInto(&out.Metric) - in.Target.DeepCopyInto(&out.Target) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricSource. -func (in *ExternalMetricSource) DeepCopy() *ExternalMetricSource { - if in == nil { - return nil - } - out := new(ExternalMetricSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalMetricStatus) DeepCopyInto(out *ExternalMetricStatus) { - *out = *in - in.Metric.DeepCopyInto(&out.Metric) - in.Current.DeepCopyInto(&out.Current) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricStatus. -func (in *ExternalMetricStatus) DeepCopy() *ExternalMetricStatus { - if in == nil { - return nil - } - out := new(ExternalMetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HPAScalingPolicy) DeepCopyInto(out *HPAScalingPolicy) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HPAScalingPolicy. -func (in *HPAScalingPolicy) DeepCopy() *HPAScalingPolicy { - if in == nil { - return nil - } - out := new(HPAScalingPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HPAScalingRules) DeepCopyInto(out *HPAScalingRules) { - *out = *in - if in.StabilizationWindowSeconds != nil { - in, out := &in.StabilizationWindowSeconds, &out.StabilizationWindowSeconds - *out = new(int32) - **out = **in - } - if in.SelectPolicy != nil { - in, out := &in.SelectPolicy, &out.SelectPolicy - *out = new(ScalingPolicySelect) - **out = **in - } - if in.Policies != nil { - in, out := &in.Policies, &out.Policies - *out = make([]HPAScalingPolicy, len(*in)) - copy(*out, *in) - } - if in.Tolerance != nil { - in, out := &in.Tolerance, &out.Tolerance - x := (*in).DeepCopy() - *out = &x - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HPAScalingRules. -func (in *HPAScalingRules) DeepCopy() *HPAScalingRules { - if in == nil { - return nil - } - out := new(HPAScalingRules) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscaler) DeepCopyInto(out *HorizontalPodAutoscaler) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscaler. -func (in *HorizontalPodAutoscaler) DeepCopy() *HorizontalPodAutoscaler { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscaler) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *HorizontalPodAutoscaler) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscalerBehavior) DeepCopyInto(out *HorizontalPodAutoscalerBehavior) { - *out = *in - if in.ScaleUp != nil { - in, out := &in.ScaleUp, &out.ScaleUp - *out = new(HPAScalingRules) - (*in).DeepCopyInto(*out) - } - if in.ScaleDown != nil { - in, out := &in.ScaleDown, &out.ScaleDown - *out = new(HPAScalingRules) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscalerBehavior. -func (in *HorizontalPodAutoscalerBehavior) DeepCopy() *HorizontalPodAutoscalerBehavior { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscalerBehavior) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscalerCondition) DeepCopyInto(out *HorizontalPodAutoscalerCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscalerCondition. -func (in *HorizontalPodAutoscalerCondition) DeepCopy() *HorizontalPodAutoscalerCondition { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscalerCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscalerList) DeepCopyInto(out *HorizontalPodAutoscalerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]HorizontalPodAutoscaler, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscalerList. -func (in *HorizontalPodAutoscalerList) DeepCopy() *HorizontalPodAutoscalerList { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscalerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *HorizontalPodAutoscalerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscalerSpec) DeepCopyInto(out *HorizontalPodAutoscalerSpec) { - *out = *in - out.ScaleTargetRef = in.ScaleTargetRef - if in.MinReplicas != nil { - in, out := &in.MinReplicas, &out.MinReplicas - *out = new(int32) - **out = **in - } - if in.Metrics != nil { - in, out := &in.Metrics, &out.Metrics - *out = make([]MetricSpec, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Behavior != nil { - in, out := &in.Behavior, &out.Behavior - *out = new(HorizontalPodAutoscalerBehavior) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscalerSpec. -func (in *HorizontalPodAutoscalerSpec) DeepCopy() *HorizontalPodAutoscalerSpec { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscalerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HorizontalPodAutoscalerStatus) DeepCopyInto(out *HorizontalPodAutoscalerStatus) { - *out = *in - if in.ObservedGeneration != nil { - in, out := &in.ObservedGeneration, &out.ObservedGeneration - *out = new(int64) - **out = **in - } - if in.LastScaleTime != nil { - in, out := &in.LastScaleTime, &out.LastScaleTime - *out = (*in).DeepCopy() - } - if in.CurrentMetrics != nil { - in, out := &in.CurrentMetrics, &out.CurrentMetrics - *out = make([]MetricStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]HorizontalPodAutoscalerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HorizontalPodAutoscalerStatus. -func (in *HorizontalPodAutoscalerStatus) DeepCopy() *HorizontalPodAutoscalerStatus { - if in == nil { - return nil - } - out := new(HorizontalPodAutoscalerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricIdentifier) DeepCopyInto(out *MetricIdentifier) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricIdentifier. -func (in *MetricIdentifier) DeepCopy() *MetricIdentifier { - if in == nil { - return nil - } - out := new(MetricIdentifier) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricSpec) DeepCopyInto(out *MetricSpec) { - *out = *in - if in.Object != nil { - in, out := &in.Object, &out.Object - *out = new(ObjectMetricSource) - (*in).DeepCopyInto(*out) - } - if in.Pods != nil { - in, out := &in.Pods, &out.Pods - *out = new(PodsMetricSource) - (*in).DeepCopyInto(*out) - } - if in.Resource != nil { - in, out := &in.Resource, &out.Resource - *out = new(ResourceMetricSource) - (*in).DeepCopyInto(*out) - } - if in.ContainerResource != nil { - in, out := &in.ContainerResource, &out.ContainerResource - *out = new(ContainerResourceMetricSource) - (*in).DeepCopyInto(*out) - } - if in.External != nil { - in, out := &in.External, &out.External - *out = new(ExternalMetricSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricSpec. -func (in *MetricSpec) DeepCopy() *MetricSpec { - if in == nil { - return nil - } - out := new(MetricSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricStatus) DeepCopyInto(out *MetricStatus) { - *out = *in - if in.Object != nil { - in, out := &in.Object, &out.Object - *out = new(ObjectMetricStatus) - (*in).DeepCopyInto(*out) - } - if in.Pods != nil { - in, out := &in.Pods, &out.Pods - *out = new(PodsMetricStatus) - (*in).DeepCopyInto(*out) - } - if in.Resource != nil { - in, out := &in.Resource, &out.Resource - *out = new(ResourceMetricStatus) - (*in).DeepCopyInto(*out) - } - if in.ContainerResource != nil { - in, out := &in.ContainerResource, &out.ContainerResource - *out = new(ContainerResourceMetricStatus) - (*in).DeepCopyInto(*out) - } - if in.External != nil { - in, out := &in.External, &out.External - *out = new(ExternalMetricStatus) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricStatus. -func (in *MetricStatus) DeepCopy() *MetricStatus { - if in == nil { - return nil - } - out := new(MetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricTarget) DeepCopyInto(out *MetricTarget) { - *out = *in - if in.Value != nil { - in, out := &in.Value, &out.Value - x := (*in).DeepCopy() - *out = &x - } - if in.AverageValue != nil { - in, out := &in.AverageValue, &out.AverageValue - x := (*in).DeepCopy() - *out = &x - } - if in.AverageUtilization != nil { - in, out := &in.AverageUtilization, &out.AverageUtilization - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricTarget. -func (in *MetricTarget) DeepCopy() *MetricTarget { - if in == nil { - return nil - } - out := new(MetricTarget) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricValueStatus) DeepCopyInto(out *MetricValueStatus) { - *out = *in - if in.Value != nil { - in, out := &in.Value, &out.Value - x := (*in).DeepCopy() - *out = &x - } - if in.AverageValue != nil { - in, out := &in.AverageValue, &out.AverageValue - x := (*in).DeepCopy() - *out = &x - } - if in.AverageUtilization != nil { - in, out := &in.AverageUtilization, &out.AverageUtilization - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricValueStatus. -func (in *MetricValueStatus) DeepCopy() *MetricValueStatus { - if in == nil { - return nil - } - out := new(MetricValueStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ObjectMetricSource) DeepCopyInto(out *ObjectMetricSource) { - *out = *in - out.DescribedObject = in.DescribedObject - in.Target.DeepCopyInto(&out.Target) - in.Metric.DeepCopyInto(&out.Metric) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectMetricSource. -func (in *ObjectMetricSource) DeepCopy() *ObjectMetricSource { - if in == nil { - return nil - } - out := new(ObjectMetricSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ObjectMetricStatus) DeepCopyInto(out *ObjectMetricStatus) { - *out = *in - in.Metric.DeepCopyInto(&out.Metric) - in.Current.DeepCopyInto(&out.Current) - out.DescribedObject = in.DescribedObject - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectMetricStatus. -func (in *ObjectMetricStatus) DeepCopy() *ObjectMetricStatus { - if in == nil { - return nil - } - out := new(ObjectMetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodsMetricSource) DeepCopyInto(out *PodsMetricSource) { - *out = *in - in.Metric.DeepCopyInto(&out.Metric) - in.Target.DeepCopyInto(&out.Target) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodsMetricSource. -func (in *PodsMetricSource) DeepCopy() *PodsMetricSource { - if in == nil { - return nil - } - out := new(PodsMetricSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodsMetricStatus) DeepCopyInto(out *PodsMetricStatus) { - *out = *in - in.Metric.DeepCopyInto(&out.Metric) - in.Current.DeepCopyInto(&out.Current) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodsMetricStatus. -func (in *PodsMetricStatus) DeepCopy() *PodsMetricStatus { - if in == nil { - return nil - } - out := new(PodsMetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceMetricSource) DeepCopyInto(out *ResourceMetricSource) { - *out = *in - in.Target.DeepCopyInto(&out.Target) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceMetricSource. -func (in *ResourceMetricSource) DeepCopy() *ResourceMetricSource { - if in == nil { - return nil - } - out := new(ResourceMetricSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceMetricStatus) DeepCopyInto(out *ResourceMetricStatus) { - *out = *in - in.Current.DeepCopyInto(&out.Current) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceMetricStatus. -func (in *ResourceMetricStatus) DeepCopy() *ResourceMetricStatus { - if in == nil { - return nil - } - out := new(ResourceMetricStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Scale) DeepCopyInto(out *Scale) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scale. -func (in *Scale) DeepCopy() *Scale { - if in == nil { - return nil - } - out := new(Scale) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Scale) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScaleSpec) DeepCopyInto(out *ScaleSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleSpec. -func (in *ScaleSpec) DeepCopy() *ScaleSpec { - if in == nil { - return nil - } - out := new(ScaleSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScaleStatus) DeepCopyInto(out *ScaleStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleStatus. -func (in *ScaleStatus) DeepCopy() *ScaleStatus { - if in == nil { - return nil - } - out := new(ScaleStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS deleted file mode 100644 index 5fd431a1b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -# approval on api packages bubbles to api-approvers -reviewers: - - sig-auth-certificates-approvers - - sig-auth-certificates-reviewers -labels: - - sig/auth diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/doc.go deleted file mode 100644 index 5d4ee9960..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package -// +groupName=certificates.k8s.io - -package certificates diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/helpers.go deleted file mode 100644 index 9a92e67a4..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/helpers.go +++ /dev/null @@ -1,138 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package certificates - -import ( - "crypto/x509" - "encoding/pem" - "errors" - "fmt" - "reflect" - "strings" - - "k8s.io/apimachinery/pkg/util/sets" -) - -// ParseCSR extracts the CSR from the bytes and decodes it. -func ParseCSR(pemBytes []byte) (*x509.CertificateRequest, error) { - block, _ := pem.Decode(pemBytes) - if block == nil || block.Type != "CERTIFICATE REQUEST" { - return nil, errors.New("PEM block type must be CERTIFICATE REQUEST") - } - csr, err := x509.ParseCertificateRequest(block.Bytes) - if err != nil { - return nil, err - } - return csr, nil -} - -var ( - organizationNotSystemNodesErr = fmt.Errorf("subject organization is not system:nodes") - commonNameNotSystemNode = fmt.Errorf("subject common name does not begin with system:node:") - dnsOrIPSANRequiredErr = fmt.Errorf("DNS or IP subjectAltName is required") - dnsSANNotAllowedErr = fmt.Errorf("DNS subjectAltNames are not allowed") - emailSANNotAllowedErr = fmt.Errorf("Email subjectAltNames are not allowed") - ipSANNotAllowedErr = fmt.Errorf("IP subjectAltNames are not allowed") - uriSANNotAllowedErr = fmt.Errorf("URI subjectAltNames are not allowed") -) - -var ( - kubeletServingRequiredUsages = sets.NewString( - string(UsageDigitalSignature), - string(UsageKeyEncipherment), - string(UsageServerAuth), - ) - kubeletServingRequiredUsagesNoRSA = sets.NewString( - string(UsageDigitalSignature), - string(UsageServerAuth), - ) -) - -func IsKubeletServingCSR(req *x509.CertificateRequest, usages sets.String) bool { - return ValidateKubeletServingCSR(req, usages) == nil -} -func ValidateKubeletServingCSR(req *x509.CertificateRequest, usages sets.String) error { - if !reflect.DeepEqual([]string{"system:nodes"}, req.Subject.Organization) { - return organizationNotSystemNodesErr - } - - // at least one of dnsNames or ipAddresses must be specified - if len(req.DNSNames) == 0 && len(req.IPAddresses) == 0 { - return dnsOrIPSANRequiredErr - } - - if len(req.EmailAddresses) > 0 { - return emailSANNotAllowedErr - } - if len(req.URIs) > 0 { - return uriSANNotAllowedErr - } - - if !kubeletServingRequiredUsages.Equal(usages) && !kubeletServingRequiredUsagesNoRSA.Equal(usages) { - return fmt.Errorf("usages did not match %v", kubeletServingRequiredUsages.List()) - } - - if !strings.HasPrefix(req.Subject.CommonName, "system:node:") { - return commonNameNotSystemNode - } - - return nil -} - -var ( - kubeletClientRequiredUsagesNoRSA = sets.NewString( - string(UsageDigitalSignature), - string(UsageClientAuth), - ) - kubeletClientRequiredUsages = sets.NewString( - string(UsageDigitalSignature), - string(UsageKeyEncipherment), - string(UsageClientAuth), - ) -) - -func IsKubeletClientCSR(req *x509.CertificateRequest, usages sets.String) bool { - return ValidateKubeletClientCSR(req, usages) == nil -} -func ValidateKubeletClientCSR(req *x509.CertificateRequest, usages sets.String) error { - if !reflect.DeepEqual([]string{"system:nodes"}, req.Subject.Organization) { - return organizationNotSystemNodesErr - } - - if len(req.DNSNames) > 0 { - return dnsSANNotAllowedErr - } - if len(req.EmailAddresses) > 0 { - return emailSANNotAllowedErr - } - if len(req.IPAddresses) > 0 { - return ipSANNotAllowedErr - } - if len(req.URIs) > 0 { - return uriSANNotAllowedErr - } - - if !strings.HasPrefix(req.Subject.CommonName, "system:node:") { - return commonNameNotSystemNode - } - - if !kubeletClientRequiredUsages.Equal(usages) && !kubeletClientRequiredUsagesNoRSA.Equal(usages) { - return fmt.Errorf("usages did not match %v", kubeletClientRequiredUsages.List()) - } - - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/register.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/register.go deleted file mode 100644 index cdcf150f9..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/register.go +++ /dev/null @@ -1,56 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package certificates - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// GroupName is the group name use in this package -const GroupName = "certificates.k8s.io" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &CertificateSigningRequest{}, - &CertificateSigningRequestList{}, - &ClusterTrustBundle{}, - &ClusterTrustBundleList{}, - &PodCertificateRequest{}, - &PodCertificateRequestList{}, - ) - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go deleted file mode 100644 index 1f7e34540..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go +++ /dev/null @@ -1,514 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package certificates - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/types" - api "k8s.io/kubernetes/pkg/apis/core" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Describes a certificate signing request -type CertificateSigningRequest struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // The certificate request itself and any additional information. - // +optional - Spec CertificateSigningRequestSpec - - // Derived information about the request. - // +optional - Status CertificateSigningRequestStatus -} - -// This information is immutable after the request is created. Only the Request -// and Usages fields can be set on creation, other fields are derived by -// Kubernetes and cannot be modified by users. -type CertificateSigningRequestSpec struct { - // Base64-encoded PKCS#10 CSR data - Request []byte - - // signerName indicates the requested signer, and is a qualified name. - // - // List/watch requests for CertificateSigningRequests can filter on this field using a "spec.signerName=NAME" fieldSelector. - // - // Well-known Kubernetes signers are: - // 1. "kubernetes.io/kube-apiserver-client": issues client certificates that can be used to authenticate to kube-apiserver. - // Requests for this signer are never auto-approved by kube-controller-manager, can be issued by the "csrsigning" controller in kube-controller-manager. - // 2. "kubernetes.io/kube-apiserver-client-kubelet": issues client certificates that kubelets use to authenticate to kube-apiserver. - // Requests for this signer can be auto-approved by the "csrapproving" controller in kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager. - // 3. "kubernetes.io/kubelet-serving" issues serving certificates that kubelets use to serve TLS endpoints, which kube-apiserver can connect to securely. - // Requests for this signer are never auto-approved by kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager. - // - // More details are available at https://k8s.io/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers - // - // Custom signerNames can also be specified. The signer defines: - // 1. Trust distribution: how trust (CA bundles) are distributed. - // 2. Permitted subjects: and behavior when a disallowed subject is requested. - // 3. Required, permitted, or forbidden x509 extensions in the request (including whether subjectAltNames are allowed, which types, restrictions on allowed values) and behavior when a disallowed extension is requested. - // 4. Required, permitted, or forbidden key usages / extended key usages. - // 5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin. - // 6. Whether or not requests for CA certificates are allowed. - SignerName string - - // expirationSeconds is the requested duration of validity of the issued - // certificate. The certificate signer may issue a certificate with a different - // validity duration so a client must check the delta between the notBefore and - // and notAfter fields in the issued certificate to determine the actual duration. - // - // The v1.22+ in-tree implementations of the well-known Kubernetes signers will - // honor this field as long as the requested duration is not greater than the - // maximum duration they will honor per the --cluster-signing-duration CLI - // flag to the Kubernetes controller manager. - // - // Certificate signers may not honor this field for various reasons: - // - // 1. Old signer that is unaware of the field (such as the in-tree - // implementations prior to v1.22) - // 2. Signer whose configured maximum is shorter than the requested duration - // 3. Signer whose configured minimum is longer than the requested duration - // - // The minimum valid value for expirationSeconds is 600, i.e. 10 minutes. - // - // +optional - ExpirationSeconds *int32 - - // usages specifies a set of usage contexts the key will be - // valid for. - // See: - // https://tools.ietf.org/html/rfc5280#section-4.2.1.3 - // https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - Usages []KeyUsage - - // Information about the requesting user. - // See user.Info interface for details. - // +optional - Username string - // UID information about the requesting user. - // See user.Info interface for details. - // +optional - UID string - // Group information about the requesting user. - // See user.Info interface for details. - // +optional - Groups []string - // Extra information about the requesting user. - // See user.Info interface for details. - // +optional - Extra map[string]ExtraValue -} - -// Built in signerName values that are honoured by kube-controller-manager. -// None of these usages are related to ServiceAccount token secrets -// `.data[ca.crt]` in any way. -const ( - // Signs certificates that will be honored as client-certs by the - // kube-apiserver. Never auto-approved by kube-controller-manager. - KubeAPIServerClientSignerName = "kubernetes.io/kube-apiserver-client" - - // Signs client certificates that will be honored as client-certs by the - // kube-apiserver for a kubelet. - // May be auto-approved by kube-controller-manager. - KubeAPIServerClientKubeletSignerName = "kubernetes.io/kube-apiserver-client-kubelet" - - // Signs serving certificates that are honored as a valid kubelet serving - // certificate by the kube-apiserver, but has no other guarantees. - KubeletServingSignerName = "kubernetes.io/kubelet-serving" - - // Has no guarantees for trust at all. Some distributions may honor these - // as client certs, but that behavior is not standard kubernetes behavior. - LegacyUnknownSignerName = "kubernetes.io/legacy-unknown" -) - -// ExtraValue masks the value so protobuf can generate -type ExtraValue []string - -type CertificateSigningRequestStatus struct { - // Conditions applied to the request, such as approval or denial. - // +optional - Conditions []CertificateSigningRequestCondition - - // If request was approved, the controller will place the issued certificate here. - // +optional - Certificate []byte -} - -type RequestConditionType string - -// These are the possible conditions for a certificate request. -const ( - CertificateApproved RequestConditionType = "Approved" - CertificateDenied RequestConditionType = "Denied" - CertificateFailed RequestConditionType = "Failed" -) - -type CertificateSigningRequestCondition struct { - // type of the condition. Known conditions include "Approved", "Denied", and "Failed". - Type RequestConditionType - // Status of the condition, one of True, False, Unknown. - // Approved, Denied, and Failed conditions may not be "False" or "Unknown". - // If unset, should be treated as "True". - // +optional - Status api.ConditionStatus - // brief reason for the request state - // +optional - Reason string - // human readable message with details about the request state - // +optional - Message string - // timestamp for the last update to this condition - // +optional - LastUpdateTime metav1.Time - // lastTransitionTime is the time the condition last transitioned from one status to another. - // +optional - LastTransitionTime metav1.Time -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type CertificateSigningRequestList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // +optional - Items []CertificateSigningRequest -} - -// KeyUsages specifies valid usage contexts for keys. -// See: -// -// https://tools.ietf.org/html/rfc5280#section-4.2.1.3 -// https://tools.ietf.org/html/rfc5280#section-4.2.1.12 -type KeyUsage string - -const ( - UsageSigning KeyUsage = "signing" - UsageDigitalSignature KeyUsage = "digital signature" - UsageContentCommitment KeyUsage = "content commitment" - UsageKeyEncipherment KeyUsage = "key encipherment" - UsageKeyAgreement KeyUsage = "key agreement" - UsageDataEncipherment KeyUsage = "data encipherment" - UsageCertSign KeyUsage = "cert sign" - UsageCRLSign KeyUsage = "crl sign" - UsageEncipherOnly KeyUsage = "encipher only" - UsageDecipherOnly KeyUsage = "decipher only" - UsageAny KeyUsage = "any" - UsageServerAuth KeyUsage = "server auth" - UsageClientAuth KeyUsage = "client auth" - UsageCodeSigning KeyUsage = "code signing" - UsageEmailProtection KeyUsage = "email protection" - UsageSMIME KeyUsage = "s/mime" - UsageIPsecEndSystem KeyUsage = "ipsec end system" - UsageIPsecTunnel KeyUsage = "ipsec tunnel" - UsageIPsecUser KeyUsage = "ipsec user" - UsageTimestamping KeyUsage = "timestamping" - UsageOCSPSigning KeyUsage = "ocsp signing" - UsageMicrosoftSGC KeyUsage = "microsoft sgc" - UsageNetscapeSGC KeyUsage = "netscape sgc" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors -// (root certificates). -// -// ClusterTrustBundle objects are considered to be readable by any authenticated -// user in the cluster. -// -// It can be optionally associated with a particular assigner, in which case it -// contains one valid set of trust anchors for that signer. Signers may have -// multiple associated ClusterTrustBundles; each is an independent set of trust -// anchors for that signer. -type ClusterTrustBundle struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec contains the signer (if any) and trust anchors. - // +optional - Spec ClusterTrustBundleSpec -} - -// ClusterTrustBundleSpec contains the signer and trust anchors. -type ClusterTrustBundleSpec struct { - // SignerName indicates the associated signer, if any. - SignerName string - - // TrustBundle contains the individual X.509 trust anchors for this - // bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates. - // - // The data must consist only of PEM certificate blocks that parse as valid - // X.509 certificates. Each certificate must include a basic constraints - // extension with the CA bit set. The API server will reject objects that - // contain duplicate certificates, or that use PEM block headers. - // - // Users of ClusterTrustBundles, including Kubelet, are free to reorder and - // deduplicate certificate blocks in this file according to their own logic, - // as well as to drop PEM block headers and inter-block data. - TrustBundle string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterTrustBundleList is a collection of ClusterTrustBundle objects -type ClusterTrustBundleList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is a collection of ClusterTrustBundle objects - Items []ClusterTrustBundle -} - -// MaxTrustBundleSize is the maximimum size of a single trust bundle field. -const MaxTrustBundleSize = 1 * 1024 * 1024 - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodCertificateRequest encodes a pod requesting a certificate from a given -// signer. -// -// Kubelets use this API to implement podCertificate projected volumes -type PodCertificateRequest struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec contains the details about the certificate being requested. - Spec PodCertificateRequestSpec - - // Status contains the issued certificate, and a standard set of conditions. - // +optional - Status PodCertificateRequestStatus -} - -// PodCertificateRequestSpec describes the certificate request. All fields are -// immutable after creation. -type PodCertificateRequestSpec struct { - // SignerName indicates the requested signer. - // - // All signer names beginning with `kubernetes.io` are reserved for use by - // the Kubernetes project. There is currently one well-known signer - // documented by the Kubernetes project, - // `kubernetes.io/kube-apiserver-client-pod`, which will issue client - // certificates understood by kube-apiserver. It is currently - // unimplemented. - SignerName string - - // PodName is the name of the pod into which the certificate will be mounted. - PodName string - // PodUID is the UID of the pod into which the certificate will be mounted. - PodUID types.UID - - // ServiceAccountname is the name of the service account the pod is running as. - ServiceAccountName string - // ServiceAccountUID is the UID of the service account the pod is running as. - ServiceAccountUID types.UID - - // NodeName is the name of the node the pod is assigned to. - NodeName types.NodeName - // NodeUID is the UID of the node the pod is assigned to. - NodeUID types.UID - - // maxExpirationSeconds is the maximum lifetime permitted for the - // certificate. - // - // If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver - // will reject values shorter than 3600 (1 hour). - // - // The signer implementation is then free to issue a certificate with any - // lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 - // seconds (1 hour). This constraint is enforced by kube-apiserver. - MaxExpirationSeconds *int32 - - // pkixPublicKey is the PKIX-serialized public key the signer will issue the - // certificate to. - // - // The key must be one of RSA3072, RSA4096, ECDSAP256, ECDSAP384, ECDSAP521, - // or ED25519. Note that this list may be expanded in the future. - // - // Signer implementations do not need to support all key types supported by - // kube-apiserver and kubelet. If a signer does not support the key type - // used for a given PodCertificateRequest, it must deny the request by - // setting a status.conditions entry with a type of "Denied" and a reason of - // "UnsupportedKeyType". It may also suggest a key type that it does support - // in the message field. - PKIXPublicKey []byte - - // proofOfPossession proves that the requesting kubelet holds the private - // key corresponding to pkixPublicKey. - // - // It is contructed by signing the ASCII bytes of the pod's UID using - // `PKIXPublicKey`. - // - // kube-apiserver validates the proof of possession during creation of the - // PodCertificateRequest. - // - // If the key is an RSA key, then the signature is over the ASCII bytes of - // the pod UID, using RSASSA-PSS from RFC 8017 (as implemented by the golang - // function crypto/rsa.SignPSS with nil options). - // - // If the key is an ECDSA key, then the signature is as described by [SEC 1, - // Version 2.0](https://www.secg.org/sec1-v2.pdf) (as implemented by the - // golang library function crypto/ecdsa.SignASN1) - // - // If the key is an ED25519 key, the the signature is as described by the - // [ED25519 Specification](https://ed25519.cr.yp.to/) (as implemented by the - // golang library crypto/ed25519.Sign). - ProofOfPossession []byte - - // unverifiedUserAnnotations allow pod authors to pass additional information to - // the signer implementation. Kubernetes does not restrict or validate this - // metadata in any way. - // - // Entries are subject to the same validation as object metadata annotations, - // with the addition that all keys must be domain-prefixed. No restrictions - // are placed on values, except an overall size limitation on the entire field. - // - // Signers should document the keys and values they support. Signers should - // deny requests that contain keys they do not recognize. - UnverifiedUserAnnotations map[string]string -} - -type PodCertificateRequestStatus struct { - // conditions applied to the request. Known conditions are "Denied", - // "Failed", and "Issued". - // - // The types "Issued", "Denied", and "Failed" have special handling. At - // most one of these conditions may be present, and they must have status - // "True". - // - // If the request is denied with `Reason=UnsupportedKeyType`, the signer may - // suggest a key type that will work in the message field. - // - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition - - // certificateChain is populated with an issued certificate by the signer. - // This field is set via the /status subresource. Once populated, this field - // is immutable. - // - // If the certificate signing request is denied, a condition of type - // "Denied" is added and this field remains empty. If the signer cannot - // issue the certificate, a condition of type "Failed" is added and this - // field remains empty. - // - // Validation requirements: - // 1. certificateChain must consist of one or more PEM-formatted certificates. - // 2. Each entry must be a valid PEM-wrapped, DER-encoded ASN.1 Certificate as - // described in section 4 of RFC5280. - // - // If more than one block is present, and the definition of the requested - // spec.signerName does not indicate otherwise, the first block is the - // issued certificate, and subsequent blocks should be treated as - // intermediate certificates and presented in TLS handshakes. When - // projecting the chain into a pod volume, kubelet will drop any data - // in-between the PEM blocks, as well as any PEM block headers. - // - // +optional - CertificateChain string - - // notBefore is the time at which the certificate becomes valid. This field - // is set via the /status subresource. Once populated, it is immutable. - // The signer must set this field at the same time it sets certificateChain. - // - // +optional - NotBefore *metav1.Time - - // beginRefreshAt is the time at which the kubelet should begin trying to - // refresh the certificate. This field is set via the /status subresource, - // and must be set at the same time as certificateChain. Once populated, - // this field is immutable. - // - // This field is only a hint. Kubelet may start refreshing before or after - // this time if necessary. - // - // +optional - BeginRefreshAt *metav1.Time - - // notAfter is the time at which the certificate expires. This field is set - // via the /status subresource. Once populated, it is immutable. The - // signer must set this field at the same time it sets certificateChain. - // - // +optional - NotAfter *metav1.Time -} - -// Well-known condition types for PodCertificateRequests -const ( - // Denied indicates the request was denied by the signer. - PodCertificateRequestConditionTypeDenied string = "Denied" - // Failed indicates the signer failed to issue the certificate. - PodCertificateRequestConditionTypeFailed string = "Failed" - // Issued indicates the certificate has been issued. - PodCertificateRequestConditionTypeIssued string = "Issued" -) - -// Well-known condition reasons for PodCertificateRequests -const ( - // UnsupportedKeyType should be set on "Denied" conditions when the signer - // doesn't support the key type of publicKey. - PodCertificateRequestConditionUnsupportedKeyType string = "UnsupportedKeyType" - - // InvalidUnverifiedUserAnnotations should be set on "Denied" conditions when the signer - // does not recognize one of the keys passed in userConfig, or if the signer - // otherwise considers the userConfig of the request to be invalid. - PodCertificateRequestConditionInvalidUserConfig string = "InvalidUnverifiedUserAnnotations" -) - -const ( - // MaxPKIXPublicKeySize is the maximimum size permitted for the - // PKIXPublicKey field. Size is chosen based on the size of an RSA 4096 key - // plus some margin. - MaxPKIXPublicKeySize = 10 * 1024 - // MaxProofOfPossessionSize is the maximum size permitted for the - // ProofOfPossession field. - MaxProofOfPossessionSize = 10 * 1024 - // MaxCertificateChainSize is the maximum size permitted for the - // CertificateChain field. - // - // Size should be more than sufficient to store 10 RSA 4096 certificates, - // each with a bunch of embedded extensions. - MaxCertificateChainSize = 100 * 1024 - // MinMaxExpirationSeconds is the minimum value permitted for the MaxExpirationSeconds field. - MinMaxExpirationSeconds = 60 * 60 - // MaxMaxExpirationSeconds is the maximum value permitted for the - // MaxExpirationSeconds field for non-Kubernetes signers. - MaxMaxExpirationSeconds = 91 * 24 * 60 * 60 - // KubernetesMaxMaxExpirationSeconds is the maximum value permitted for the - // MaxExpirationSeconds field for Kubernetes signers. - KubernetesMaxMaxExpirationSeconds = 24 * 60 * 60 -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodCertificateRequestList is a collection of PodCertificateRequest objects. -type PodCertificateRequestList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is a collection of PodCertificateRequest objects - Items []PodCertificateRequest -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go deleted file mode 100644 index 9a526c246..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go +++ /dev/null @@ -1,415 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package certificates - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSigningRequest) DeepCopyInto(out *CertificateSigningRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSigningRequest. -func (in *CertificateSigningRequest) DeepCopy() *CertificateSigningRequest { - if in == nil { - return nil - } - out := new(CertificateSigningRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateSigningRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSigningRequestCondition) DeepCopyInto(out *CertificateSigningRequestCondition) { - *out = *in - in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSigningRequestCondition. -func (in *CertificateSigningRequestCondition) DeepCopy() *CertificateSigningRequestCondition { - if in == nil { - return nil - } - out := new(CertificateSigningRequestCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSigningRequestList) DeepCopyInto(out *CertificateSigningRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CertificateSigningRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSigningRequestList. -func (in *CertificateSigningRequestList) DeepCopy() *CertificateSigningRequestList { - if in == nil { - return nil - } - out := new(CertificateSigningRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateSigningRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSigningRequestSpec) DeepCopyInto(out *CertificateSigningRequestSpec) { - *out = *in - if in.Request != nil { - in, out := &in.Request, &out.Request - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.ExpirationSeconds != nil { - in, out := &in.ExpirationSeconds, &out.ExpirationSeconds - *out = new(int32) - **out = **in - } - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string]ExtraValue, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSigningRequestSpec. -func (in *CertificateSigningRequestSpec) DeepCopy() *CertificateSigningRequestSpec { - if in == nil { - return nil - } - out := new(CertificateSigningRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSigningRequestStatus) DeepCopyInto(out *CertificateSigningRequestStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateSigningRequestCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSigningRequestStatus. -func (in *CertificateSigningRequestStatus) DeepCopy() *CertificateSigningRequestStatus { - if in == nil { - return nil - } - out := new(CertificateSigningRequestStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterTrustBundle) DeepCopyInto(out *ClusterTrustBundle) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundle. -func (in *ClusterTrustBundle) DeepCopy() *ClusterTrustBundle { - if in == nil { - return nil - } - out := new(ClusterTrustBundle) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterTrustBundle) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterTrustBundleList) DeepCopyInto(out *ClusterTrustBundleList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterTrustBundle, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundleList. -func (in *ClusterTrustBundleList) DeepCopy() *ClusterTrustBundleList { - if in == nil { - return nil - } - out := new(ClusterTrustBundleList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterTrustBundleList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterTrustBundleSpec) DeepCopyInto(out *ClusterTrustBundleSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundleSpec. -func (in *ClusterTrustBundleSpec) DeepCopy() *ClusterTrustBundleSpec { - if in == nil { - return nil - } - out := new(ClusterTrustBundleSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ExtraValue) DeepCopyInto(out *ExtraValue) { - { - in := &in - *out = make(ExtraValue, len(*in)) - copy(*out, *in) - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. -func (in ExtraValue) DeepCopy() ExtraValue { - if in == nil { - return nil - } - out := new(ExtraValue) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCertificateRequest) DeepCopyInto(out *PodCertificateRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCertificateRequest. -func (in *PodCertificateRequest) DeepCopy() *PodCertificateRequest { - if in == nil { - return nil - } - out := new(PodCertificateRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodCertificateRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCertificateRequestList) DeepCopyInto(out *PodCertificateRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PodCertificateRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCertificateRequestList. -func (in *PodCertificateRequestList) DeepCopy() *PodCertificateRequestList { - if in == nil { - return nil - } - out := new(PodCertificateRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodCertificateRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCertificateRequestSpec) DeepCopyInto(out *PodCertificateRequestSpec) { - *out = *in - if in.MaxExpirationSeconds != nil { - in, out := &in.MaxExpirationSeconds, &out.MaxExpirationSeconds - *out = new(int32) - **out = **in - } - if in.PKIXPublicKey != nil { - in, out := &in.PKIXPublicKey, &out.PKIXPublicKey - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.ProofOfPossession != nil { - in, out := &in.ProofOfPossession, &out.ProofOfPossession - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.UnverifiedUserAnnotations != nil { - in, out := &in.UnverifiedUserAnnotations, &out.UnverifiedUserAnnotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCertificateRequestSpec. -func (in *PodCertificateRequestSpec) DeepCopy() *PodCertificateRequestSpec { - if in == nil { - return nil - } - out := new(PodCertificateRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCertificateRequestStatus) DeepCopyInto(out *PodCertificateRequestStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.NotBefore != nil { - in, out := &in.NotBefore, &out.NotBefore - *out = (*in).DeepCopy() - } - if in.BeginRefreshAt != nil { - in, out := &in.BeginRefreshAt, &out.BeginRefreshAt - *out = (*in).DeepCopy() - } - if in.NotAfter != nil { - in, out := &in.NotAfter, &out.NotAfter - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCertificateRequestStatus. -func (in *PodCertificateRequestStatus) DeepCopy() *PodCertificateRequestStatus { - if in == nil { - return nil - } - out := new(PodCertificateRequestStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS deleted file mode 100644 index 688ea8bd0..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -labels: - - sig/apps diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go b/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go deleted file mode 100644 index c97002e86..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go +++ /dev/null @@ -1,158 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// This file should be consistent with pkg/api/v1/annotation_key_constants.go. - -package core - -const ( - // ImagePolicyFailedOpenKey is added to pods created by failing open when the image policy - // webhook backend fails. - ImagePolicyFailedOpenKey string = "alpha.image-policy.k8s.io/failed-open" - - // MirrorPodAnnotationKey represents the annotation key set by kubelets when creating mirror pods - MirrorPodAnnotationKey string = "kubernetes.io/config.mirror" - - // TolerationsAnnotationKey represents the key of tolerations data (json serialized) - // in the Annotations of a Pod. - TolerationsAnnotationKey string = "scheduler.alpha.kubernetes.io/tolerations" - - // TaintsAnnotationKey represents the key of taints data (json serialized) - // in the Annotations of a Node. - TaintsAnnotationKey string = "scheduler.alpha.kubernetes.io/taints" - - // SeccompPodAnnotationKey represents the key of a seccomp profile applied - // to all containers of a pod. - // Deprecated: set a pod security context `seccompProfile` field. - SeccompPodAnnotationKey string = "seccomp.security.alpha.kubernetes.io/pod" - - // SeccompContainerAnnotationKeyPrefix represents the key of a seccomp profile applied - // to one container of a pod. - // Deprecated: set a container security context `seccompProfile` field. - SeccompContainerAnnotationKeyPrefix string = "container.seccomp.security.alpha.kubernetes.io/" - - // SeccompProfileRuntimeDefault represents the default seccomp profile used by container runtime. - // Deprecated: set a pod or container security context `seccompProfile` of type "RuntimeDefault" instead. - SeccompProfileRuntimeDefault string = "runtime/default" - - // DeprecatedSeccompProfileDockerDefault represents the default seccomp profile used by docker. - // Deprecated: set a pod or container security context `seccompProfile` of type "RuntimeDefault" instead. - DeprecatedSeccompProfileDockerDefault string = "docker/default" - - // DeprecatedAppArmorAnnotationKeyPrefix is the prefix to an annotation key specifying a container's apparmor profile. - // Deprecated: use a pod or container security context `appArmorProfile` field instead. - DeprecatedAppArmorAnnotationKeyPrefix = "container.apparmor.security.beta.kubernetes.io/" - - // DeprecatedAppArmorAnnotationValueRuntimeDefault is the profile specifying the runtime default. - DeprecatedAppArmorAnnotationValueRuntimeDefault = "runtime/default" - - // DeprecatedAppArmorAnnotationValueLocalhostPrefix is the prefix for specifying profiles loaded on the node. - DeprecatedAppArmorAnnotationValueLocalhostPrefix = "localhost/" - - // DeprecatedAppArmorAnnotationValueUnconfined is the Unconfined AppArmor profile - DeprecatedAppArmorAnnotationValueUnconfined = "unconfined" - - // PreferAvoidPodsAnnotationKey represents the key of preferAvoidPods data (json serialized) - // in the Annotations of a Node. - PreferAvoidPodsAnnotationKey string = "scheduler.alpha.kubernetes.io/preferAvoidPods" - - // ObjectTTLAnnotationKey represents a suggestion for kubelet for how long it can cache - // an object (e.g. secret, config map) before fetching it again from apiserver. - // This annotation can be attached to node. - ObjectTTLAnnotationKey string = "node.alpha.kubernetes.io/ttl" - - // NonConvertibleAnnotationPrefix annotation key prefix used to identify non-convertible json paths. - NonConvertibleAnnotationPrefix = "non-convertible.kubernetes.io" - - kubectlPrefix = "kubectl.kubernetes.io/" - - // LastAppliedConfigAnnotation is the annotation used to store the previous - // configuration of a resource for use in a three way diff by UpdateApplyAnnotation. - LastAppliedConfigAnnotation = kubectlPrefix + "last-applied-configuration" - - // AnnotationLoadBalancerSourceRangesKey is the key of the annotation on a service to set allowed ingress ranges on their LoadBalancers - // - // It should be a comma-separated list of CIDRs, e.g. `0.0.0.0/0` to - // allow full access (the default) or `18.0.0.0/8,56.0.0.0/8` to allow - // access only from the CIDRs currently allocated to MIT & the USPS. - // - // Not all cloud providers support this annotation, though AWS & GCE do. - AnnotationLoadBalancerSourceRangesKey = "service.beta.kubernetes.io/load-balancer-source-ranges" - - // EndpointsLastChangeTriggerTime is the annotation key, set for endpoints objects, that - // represents the timestamp (stored as RFC 3339 date-time string, e.g. '2018-10-22T19:32:52.1Z') - // of the last change, of some Pod or Service object, that triggered the endpoints object change. - // In other words, if a Pod / Service changed at time T0, that change was observed by endpoints - // controller at T1, and the Endpoints object was changed at T2, the - // EndpointsLastChangeTriggerTime would be set to T0. - // - // The "endpoints change trigger" here means any Pod or Service change that resulted in the - // Endpoints object change. - // - // Given the definition of the "endpoints change trigger", please note that this annotation will - // be set ONLY for endpoints object changes triggered by either Pod or Service change. If the - // Endpoints object changes due to other reasons, this annotation won't be set (or updated if it's - // already set). - // - // This annotation will be used to compute the in-cluster network programming latency SLI, see - // https://github.com/kubernetes/community/blob/master/sig-scalability/slos/network_programming_latency.md - EndpointsLastChangeTriggerTime = "endpoints.kubernetes.io/last-change-trigger-time" - - // EndpointsOverCapacity will be set on an Endpoints resource when it - // exceeds the maximum capacity of 1000 addresses. Initially the Endpoints - // controller will set this annotation with a value of "warning". In a - // future release, the controller may set this annotation with a value of - // "truncated" to indicate that any addresses exceeding the limit of 1000 - // have been truncated from the Endpoints resource. - EndpointsOverCapacity = "endpoints.kubernetes.io/over-capacity" - - // MigratedPluginsAnnotationKey is the annotation key, set for CSINode objects, that is a comma-separated - // list of in-tree plugins that will be serviced by the CSI backend on the Node represented by CSINode. - // This annotation is used by the Attach Detach Controller to determine whether to use the in-tree or - // CSI Backend for a volume plugin on a specific node. - MigratedPluginsAnnotationKey = "storage.alpha.kubernetes.io/migrated-plugins" - - // PodDeletionCost can be used to set to an int32 that represent the cost of deleting - // a pod compared to other pods belonging to the same ReplicaSet. Pods with lower - // deletion cost are preferred to be deleted before pods with higher deletion cost. - // Note that this is honored on a best-effort basis, and so it does not offer guarantees on - // pod deletion order. - // The implicit deletion cost for pods that don't set the annotation is 0, negative values are permitted. - // - // This annotation is beta-level and is only honored when PodDeletionCost feature is enabled. - PodDeletionCost = "controller.kubernetes.io/pod-deletion-cost" - - // DeprecatedAnnotationTopologyAwareHints can be used to enable or disable - // Topology Aware Hints for a Service. This may be set to "Auto" or - // "Disabled". Any other value is treated as "Disabled". This annotation has - // been deprecated in favor of the `service.kubernetes.io/topology-mode` - // annotation which also allows "Auto" and "Disabled", but is not limited to - // those (it's open ended to provide room for experimentation while we - // pursue configuration for topology via specification). When both - // `service.kubernetes.io/topology-aware-hints` and - // `service.kubernetes.io/topology-mode` annotations are set, the value of - // `service.kubernetes.io/topology-aware-hints` has precedence. - DeprecatedAnnotationTopologyAwareHints = "service.kubernetes.io/topology-aware-hints" - - // AnnotationTopologyMode can be used to enable or disable Topology Aware - // Routing for a Service. Well known values are "Auto" and "Disabled". - // Implementations may choose to develop new topology approaches, exposing - // them with domain-prefixed values. For example, "example.com/lowest-rtt" - // could be a valid implementation-specific value for this annotation. These - // heuristics will often populate topology hints on EndpointSlices, but that - // is not a requirement. - AnnotationTopologyMode = "service.kubernetes.io/topology-mode" -) diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/core/doc.go deleted file mode 100644 index 555c96110..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/doc.go +++ /dev/null @@ -1,25 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package -// +groupName= - -// Package core contains the latest (or "internal") version of the -// Kubernetes API objects. This is the API objects as represented in memory. -// The contract presented to clients is located in the versioned packages, -// which are sub-directories. The first one is "v1". Those packages -// describe how a particular version is serialized to storage/network. -package core diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go deleted file mode 100644 index 43d482f52..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go +++ /dev/null @@ -1,528 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package helper - -import ( - "encoding/json" - "fmt" - "strconv" - "strings" - - "k8s.io/apimachinery/pkg/api/resource" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/conversion" - "k8s.io/apimachinery/pkg/fields" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/kubernetes/pkg/apis/core" -) - -// IsHugePageResourceName returns true if the resource name has the huge page -// resource prefix. -func IsHugePageResourceName(name core.ResourceName) bool { - return strings.HasPrefix(string(name), core.ResourceHugePagesPrefix) -} - -// IsHugePageResourceValueDivisible returns true if the resource value of storage is -// integer multiple of page size. -func IsHugePageResourceValueDivisible(name core.ResourceName, quantity resource.Quantity) bool { - pageSize, err := HugePageSizeFromResourceName(name) - if err != nil { - return false - } - - if pageSize.Sign() <= 0 || pageSize.MilliValue()%int64(1000) != int64(0) { - return false - } - - return quantity.Value()%pageSize.Value() == 0 -} - -// IsQuotaHugePageResourceName returns true if the resource name has the quota -// related huge page resource prefix. -func IsQuotaHugePageResourceName(name core.ResourceName) bool { - return strings.HasPrefix(string(name), core.ResourceHugePagesPrefix) || strings.HasPrefix(string(name), core.ResourceRequestsHugePagesPrefix) -} - -// HugePageResourceName returns a ResourceName with the canonical hugepage -// prefix prepended for the specified page size. The page size is converted -// to its canonical representation. -func HugePageResourceName(pageSize resource.Quantity) core.ResourceName { - return core.ResourceName(fmt.Sprintf("%s%s", core.ResourceHugePagesPrefix, pageSize.String())) -} - -// HugePageSizeFromResourceName returns the page size for the specified huge page -// resource name. If the specified input is not a valid huge page resource name -// an error is returned. -func HugePageSizeFromResourceName(name core.ResourceName) (resource.Quantity, error) { - if !IsHugePageResourceName(name) { - return resource.Quantity{}, fmt.Errorf("resource name: %s is an invalid hugepage name", name) - } - pageSize := strings.TrimPrefix(string(name), core.ResourceHugePagesPrefix) - return resource.ParseQuantity(pageSize) -} - -// NonConvertibleFields iterates over the provided map and filters out all but -// any keys with the "non-convertible.kubernetes.io" prefix. -func NonConvertibleFields(annotations map[string]string) map[string]string { - nonConvertibleKeys := map[string]string{} - for key, value := range annotations { - if strings.HasPrefix(key, core.NonConvertibleAnnotationPrefix) { - nonConvertibleKeys[key] = value - } - } - return nonConvertibleKeys -} - -// Semantic can do semantic deep equality checks for core objects. -// Example: apiequality.Semantic.DeepEqual(aPod, aPodWithNonNilButEmptyMaps) == true -var Semantic = conversion.EqualitiesOrDie( - func(a, b resource.Quantity) bool { - // Ignore formatting, only care that numeric value stayed the same. - // TODO: if we decide it's important, it should be safe to start comparing the format. - // - // Uninitialized quantities are equivalent to 0 quantities. - return a.Cmp(b) == 0 - }, - func(a, b metav1.MicroTime) bool { - return a.UTC() == b.UTC() - }, - func(a, b metav1.Time) bool { - return a.UTC() == b.UTC() - }, - func(a, b labels.Selector) bool { - return a.String() == b.String() - }, - func(a, b fields.Selector) bool { - return a.String() == b.String() - }, -) - -var standardResourceQuotaScopes = sets.New( - core.ResourceQuotaScopeTerminating, - core.ResourceQuotaScopeNotTerminating, - core.ResourceQuotaScopeBestEffort, - core.ResourceQuotaScopeNotBestEffort, - core.ResourceQuotaScopePriorityClass, - core.ResourceQuotaScopeVolumeAttributesClass, -) - -// IsStandardResourceQuotaScope returns true if the scope is a standard value -func IsStandardResourceQuotaScope(scope core.ResourceQuotaScope) bool { - return standardResourceQuotaScopes.Has(scope) || scope == core.ResourceQuotaScopeCrossNamespacePodAffinity -} - -var podObjectCountQuotaResources = sets.New( - core.ResourcePods, -) - -var podComputeQuotaResources = sets.New( - core.ResourceCPU, - core.ResourceMemory, - core.ResourceLimitsCPU, - core.ResourceLimitsMemory, - core.ResourceRequestsCPU, - core.ResourceRequestsMemory, -) - -var pvcObjectCountQuotaResources = sets.New( - core.ResourcePersistentVolumeClaims, -) - -var pvcStorageQuotaResources = sets.New( - core.ResourceRequestsStorage, -) - -// IsResourceQuotaScopeValidForResource returns true if the resource applies to the specified scope -func IsResourceQuotaScopeValidForResource(scope core.ResourceQuotaScope, resource core.ResourceName) bool { - switch scope { - case core.ResourceQuotaScopeTerminating, core.ResourceQuotaScopeNotTerminating, core.ResourceQuotaScopeNotBestEffort, - core.ResourceQuotaScopePriorityClass, core.ResourceQuotaScopeCrossNamespacePodAffinity: - return podObjectCountQuotaResources.Has(resource) || podComputeQuotaResources.Has(resource) - case core.ResourceQuotaScopeBestEffort: - return podObjectCountQuotaResources.Has(resource) - case core.ResourceQuotaScopeVolumeAttributesClass: - return pvcObjectCountQuotaResources.Has(resource) || pvcStorageQuotaResources.Has(resource) - default: - return true - } -} - -var standardContainerResources = sets.New( - core.ResourceCPU, - core.ResourceMemory, - core.ResourceEphemeralStorage, -) - -// IsStandardContainerResourceName returns true if the container can make a resource request -// for the specified resource -func IsStandardContainerResourceName(name core.ResourceName) bool { - return standardContainerResources.Has(name) || IsHugePageResourceName(name) -} - -// IsExtendedResourceName returns true if: -// 1. the resource name is not in the default namespace; -// 2. resource name does not have "requests." prefix, -// to avoid confusion with the convention in quota -// 3. it satisfies the rules in IsQualifiedName() after converted into quota resource name -func IsExtendedResourceName(name core.ResourceName) bool { - if IsNativeResource(name) || strings.HasPrefix(string(name), core.DefaultResourceRequestsPrefix) { - return false - } - // Ensure it satisfies the rules in IsQualifiedName() after converted into quota resource name - nameForQuota := fmt.Sprintf("%s%s", core.DefaultResourceRequestsPrefix, string(name)) - if errs := validation.IsQualifiedName(nameForQuota); len(errs) != 0 { - return false - } - return true -} - -// IsNativeResource returns true if the resource name is in the -// *kubernetes.io/ namespace. Partially-qualified (unprefixed) names are -// implicitly in the kubernetes.io/ namespace. -func IsNativeResource(name core.ResourceName) bool { - return !strings.Contains(string(name), "/") || - strings.Contains(string(name), core.ResourceDefaultNamespacePrefix) -} - -// IsOvercommitAllowed returns true if the resource is in the default -// namespace and is not hugepages. -func IsOvercommitAllowed(name core.ResourceName) bool { - return IsNativeResource(name) && - !IsHugePageResourceName(name) -} - -var standardLimitRangeTypes = sets.New( - core.LimitTypePod, - core.LimitTypeContainer, - core.LimitTypePersistentVolumeClaim, -) - -// IsStandardLimitRangeType returns true if the type is Pod or Container -func IsStandardLimitRangeType(value core.LimitType) bool { - return standardLimitRangeTypes.Has(value) -} - -var standardQuotaResources = sets.New( - core.ResourceCPU, - core.ResourceMemory, - core.ResourceEphemeralStorage, - core.ResourceRequestsCPU, - core.ResourceRequestsMemory, - core.ResourceRequestsStorage, - core.ResourceRequestsEphemeralStorage, - core.ResourceLimitsCPU, - core.ResourceLimitsMemory, - core.ResourceLimitsEphemeralStorage, - core.ResourcePods, - core.ResourceQuotas, - core.ResourceServices, - core.ResourceReplicationControllers, - core.ResourceSecrets, - core.ResourcePersistentVolumeClaims, - core.ResourceConfigMaps, - core.ResourceServicesNodePorts, - core.ResourceServicesLoadBalancers, -) - -// IsStandardQuotaResourceName returns true if the resource is known to -// the quota tracking system -func IsStandardQuotaResourceName(name core.ResourceName) bool { - return standardQuotaResources.Has(name) || IsQuotaHugePageResourceName(name) -} - -var standardResources = sets.New( - core.ResourceCPU, - core.ResourceMemory, - core.ResourceEphemeralStorage, - core.ResourceRequestsCPU, - core.ResourceRequestsMemory, - core.ResourceRequestsEphemeralStorage, - core.ResourceLimitsCPU, - core.ResourceLimitsMemory, - core.ResourceLimitsEphemeralStorage, - core.ResourcePods, - core.ResourceQuotas, - core.ResourceServices, - core.ResourceReplicationControllers, - core.ResourceSecrets, - core.ResourceConfigMaps, - core.ResourcePersistentVolumeClaims, - core.ResourceStorage, - core.ResourceRequestsStorage, - core.ResourceServicesNodePorts, - core.ResourceServicesLoadBalancers, -) - -// IsStandardResourceName returns true if the resource is known to the system -func IsStandardResourceName(name core.ResourceName) bool { - return standardResources.Has(name) || IsQuotaHugePageResourceName(name) -} - -var integerResources = sets.New( - core.ResourcePods, - core.ResourceQuotas, - core.ResourceServices, - core.ResourceReplicationControllers, - core.ResourceSecrets, - core.ResourceConfigMaps, - core.ResourcePersistentVolumeClaims, - core.ResourceServicesNodePorts, - core.ResourceServicesLoadBalancers, -) - -// IsIntegerResourceName returns true if the resource is measured in integer values -func IsIntegerResourceName(name core.ResourceName) bool { - return integerResources.Has(name) || IsExtendedResourceName(name) -} - -// IsServiceIPSet aims to check if the service's ClusterIP is set or not -// the objective is not to perform validation here -func IsServiceIPSet(service *core.Service) bool { - // This function assumes that the service is semantically validated - // it does not test if the IP is valid, just makes sure that it is set. - return len(service.Spec.ClusterIP) > 0 && - service.Spec.ClusterIP != core.ClusterIPNone -} - -var standardFinalizers = sets.New( - string(core.FinalizerKubernetes), - metav1.FinalizerOrphanDependents, - metav1.FinalizerDeleteDependents, -) - -// IsStandardFinalizerName checks if the input string is a standard finalizer name -func IsStandardFinalizerName(str string) bool { - return standardFinalizers.Has(str) -} - -// GetAccessModesAsString returns a string representation of an array of access modes. -// modes, when present, are always in the same order: RWO,ROX,RWX,RWOP. -func GetAccessModesAsString(modes []core.PersistentVolumeAccessMode) string { - modes = removeDuplicateAccessModes(modes) - modesStr := []string{} - if ContainsAccessMode(modes, core.ReadWriteOnce) { - modesStr = append(modesStr, "RWO") - } - if ContainsAccessMode(modes, core.ReadOnlyMany) { - modesStr = append(modesStr, "ROX") - } - if ContainsAccessMode(modes, core.ReadWriteMany) { - modesStr = append(modesStr, "RWX") - } - if ContainsAccessMode(modes, core.ReadWriteOncePod) { - modesStr = append(modesStr, "RWOP") - } - return strings.Join(modesStr, ",") -} - -// GetAccessModesFromString returns an array of AccessModes from a string created by GetAccessModesAsString -func GetAccessModesFromString(modes string) []core.PersistentVolumeAccessMode { - strmodes := strings.Split(modes, ",") - accessModes := []core.PersistentVolumeAccessMode{} - for _, s := range strmodes { - s = strings.Trim(s, " ") - switch { - case s == "RWO": - accessModes = append(accessModes, core.ReadWriteOnce) - case s == "ROX": - accessModes = append(accessModes, core.ReadOnlyMany) - case s == "RWX": - accessModes = append(accessModes, core.ReadWriteMany) - case s == "RWOP": - accessModes = append(accessModes, core.ReadWriteOncePod) - } - } - return accessModes -} - -// removeDuplicateAccessModes returns an array of access modes without any duplicates -func removeDuplicateAccessModes(modes []core.PersistentVolumeAccessMode) []core.PersistentVolumeAccessMode { - accessModes := []core.PersistentVolumeAccessMode{} - for _, m := range modes { - if !ContainsAccessMode(accessModes, m) { - accessModes = append(accessModes, m) - } - } - return accessModes -} - -func ContainsAccessMode(modes []core.PersistentVolumeAccessMode, mode core.PersistentVolumeAccessMode) bool { - for _, m := range modes { - if m == mode { - return true - } - } - return false -} - -func ClaimContainsAllocatedResources(pvc *core.PersistentVolumeClaim) bool { - if pvc == nil { - return false - } - - if pvc.Status.AllocatedResources != nil { - return true - } - return false -} - -func ClaimContainsAllocatedResourceStatus(pvc *core.PersistentVolumeClaim) bool { - if pvc == nil { - return false - } - - if pvc.Status.AllocatedResourceStatuses != nil { - return true - } - return false -} - -// GetTolerationsFromPodAnnotations gets the json serialized tolerations data from Pod.Annotations -// and converts it to the []Toleration type in core. -func GetTolerationsFromPodAnnotations(annotations map[string]string) ([]core.Toleration, error) { - var tolerations []core.Toleration - if len(annotations) > 0 && annotations[core.TolerationsAnnotationKey] != "" { - err := json.Unmarshal([]byte(annotations[core.TolerationsAnnotationKey]), &tolerations) - if err != nil { - return tolerations, err - } - } - return tolerations, nil -} - -// AddOrUpdateTolerationInPod tries to add a toleration to the pod's toleration list. -// Returns true if something was updated, false otherwise. -func AddOrUpdateTolerationInPod(pod *core.Pod, toleration *core.Toleration) bool { - podTolerations := pod.Spec.Tolerations - - var newTolerations []core.Toleration - updated := false - for i := range podTolerations { - if toleration.MatchToleration(&podTolerations[i]) { - if Semantic.DeepEqual(toleration, podTolerations[i]) { - return false - } - newTolerations = append(newTolerations, *toleration) - updated = true - continue - } - - newTolerations = append(newTolerations, podTolerations[i]) - } - - if !updated { - newTolerations = append(newTolerations, *toleration) - } - - pod.Spec.Tolerations = newTolerations - return true -} - -// GetTaintsFromNodeAnnotations gets the json serialized taints data from Pod.Annotations -// and converts it to the []Taint type in core. -func GetTaintsFromNodeAnnotations(annotations map[string]string) ([]core.Taint, error) { - var taints []core.Taint - if len(annotations) > 0 && annotations[core.TaintsAnnotationKey] != "" { - err := json.Unmarshal([]byte(annotations[core.TaintsAnnotationKey]), &taints) - if err != nil { - return []core.Taint{}, err - } - } - return taints, nil -} - -// GetPersistentVolumeClass returns StorageClassName. -func GetPersistentVolumeClass(volume *core.PersistentVolume) string { - // Use beta annotation first - if class, found := volume.Annotations[core.BetaStorageClassAnnotation]; found { - return class - } - - return volume.Spec.StorageClassName -} - -// GetPersistentVolumeClaimClass returns StorageClassName. If no storage class was -// requested, it returns "". -func GetPersistentVolumeClaimClass(claim *core.PersistentVolumeClaim) string { - // Use beta annotation first - if class, found := claim.Annotations[core.BetaStorageClassAnnotation]; found { - return class - } - - if claim.Spec.StorageClassName != nil { - return *claim.Spec.StorageClassName - } - - return "" -} - -// PersistentVolumeClaimHasClass returns true if given claim has set StorageClassName field. -func PersistentVolumeClaimHasClass(claim *core.PersistentVolumeClaim) bool { - // Use beta annotation first - if _, found := claim.Annotations[core.BetaStorageClassAnnotation]; found { - return true - } - - if claim.Spec.StorageClassName != nil { - return true - } - - return false -} - -// GetDeletionCostFromPodAnnotations returns the integer value of pod-deletion-cost. Returns 0 -// if not set or the value is invalid. -func GetDeletionCostFromPodAnnotations(annotations map[string]string) (int32, error) { - if value, exist := annotations[core.PodDeletionCost]; exist { - // values that start with plus sign (e.g, "+10") or leading zeros (e.g., "008") are not valid. - if !validFirstDigit(value) { - return 0, fmt.Errorf("invalid value %q", value) - } - - i, err := strconv.ParseInt(value, 10, 32) - if err != nil { - // make sure we default to 0 on error. - return 0, err - } - return int32(i), nil - } - return 0, nil -} - -func validFirstDigit(str string) bool { - if len(str) == 0 { - return false - } - return str[0] == '-' || (str[0] == '0' && str == "0") || (str[0] >= '1' && str[0] <= '9') -} - -// HasInvalidLabelValueInNodeSelectorTerms checks if there's an invalid label value -// in one NodeSelectorTerm's MatchExpression values -func HasInvalidLabelValueInNodeSelectorTerms(terms []core.NodeSelectorTerm) bool { - for _, term := range terms { - for _, expression := range term.MatchExpressions { - for _, value := range expression.Values { - if len(validation.IsValidLabelValue(value)) > 0 { - return true - } - } - } - } - return false -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go deleted file mode 100644 index 4f81d646b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go +++ /dev/null @@ -1,171 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// NOTE: DO NOT use those helper functions through client-go, the -// package path will be changed in the future. -package qos - -import ( - "k8s.io/apimachinery/pkg/api/resource" - "k8s.io/apimachinery/pkg/util/sets" - utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/features" -) - -var supportedQoSComputeResources = sets.NewString(string(core.ResourceCPU), string(core.ResourceMemory)) - -func isSupportedQoSComputeResource(name core.ResourceName) bool { - return supportedQoSComputeResources.Has(string(name)) -} - -// GetPodQOS returns the QoS class of a pod persisted in the PodStatus.QOSClass field. -// If PodStatus.QOSClass is empty, it returns value of ComputePodQOS() which evaluates pod's QoS class. -func GetPodQOS(pod *core.Pod) core.PodQOSClass { - if pod.Status.QOSClass != "" { - return pod.Status.QOSClass - } - return ComputePodQOS(pod) -} - -// zeroQuantity represents a resource.Quantity with value "0", used as a baseline -// for resource comparisons. -var zeroQuantity = resource.MustParse("0") - -// processResourceList adds non-zero quantities for supported QoS compute resources -// quantities from newList to list. -func processResourceList(list, newList core.ResourceList) { - for name, quantity := range newList { - if !isSupportedQoSComputeResource(name) { - continue - } - if quantity.Cmp(zeroQuantity) == 1 { - delta := quantity.DeepCopy() - if _, exists := list[name]; !exists { - list[name] = delta - } else { - delta.Add(list[name]) - list[name] = delta - } - } - } -} - -// getQOSResources returns a set of resource names from the provided resource list that: -// 1. Are supported QoS compute resources -// 2. Have quantities greater than zero -func getQOSResources(list core.ResourceList) sets.Set[string] { - qosResources := sets.New[string]() - for name, quantity := range list { - if !isSupportedQoSComputeResource(name) { - continue - } - if quantity.Cmp(zeroQuantity) == 1 { - qosResources.Insert(string(name)) - } - } - return qosResources -} - -// ComputePodQOS evaluates the list of containers to determine a pod's QoS class. This function is more -// expensive than GetPodQOS which should be used for pods having a non-empty .Status.QOSClass. -// A pod is besteffort if none of its containers have specified any requests or limits. -// A pod is guaranteed only when requests and limits are specified for all the containers and they are equal. -// A pod is burstable if limits and requests do not match across all containers. -// When this function is updated please also update staging/src/k8s.io/kubectl/pkg/util/qos/qos.go -func ComputePodQOS(pod *core.Pod) core.PodQOSClass { - requests := core.ResourceList{} - limits := core.ResourceList{} - isGuaranteed := true - // When pod-level resources are specified, we use them to determine QoS class. - if utilfeature.DefaultFeatureGate.Enabled(features.PodLevelResources) && - pod.Spec.Resources != nil { - if len(pod.Spec.Resources.Requests) > 0 { - // process requests - processResourceList(requests, pod.Spec.Resources.Requests) - } - - if len(pod.Spec.Resources.Limits) > 0 { - // process limits - processResourceList(limits, pod.Spec.Resources.Limits) - qosLimitResources := getQOSResources(pod.Spec.Resources.Limits) - if !qosLimitResources.HasAll(string(core.ResourceMemory), string(core.ResourceCPU)) { - isGuaranteed = false - } - } - } else { - // note, ephemeral containers are not considered for QoS as they cannot define resources - allContainers := []core.Container{} - allContainers = append(allContainers, pod.Spec.Containers...) - allContainers = append(allContainers, pod.Spec.InitContainers...) - for _, container := range allContainers { - // process requests - for name, quantity := range container.Resources.Requests { - if !isSupportedQoSComputeResource(name) { - continue - } - if quantity.Cmp(zeroQuantity) == 1 { - delta := quantity.DeepCopy() - if _, exists := requests[name]; !exists { - requests[name] = delta - } else { - delta.Add(requests[name]) - requests[name] = delta - } - } - } - // process limits - qosLimitsFound := sets.NewString() - for name, quantity := range container.Resources.Limits { - if !isSupportedQoSComputeResource(name) { - continue - } - if quantity.Cmp(zeroQuantity) == 1 { - qosLimitsFound.Insert(string(name)) - delta := quantity.DeepCopy() - if _, exists := limits[name]; !exists { - limits[name] = delta - } else { - delta.Add(limits[name]) - limits[name] = delta - } - } - } - - if !qosLimitsFound.HasAll(string(core.ResourceMemory), string(core.ResourceCPU)) { - isGuaranteed = false - } - } - } - - if len(requests) == 0 && len(limits) == 0 { - return core.PodQOSBestEffort - } - // Check if requests match limits for all resources. - if isGuaranteed { - for name, req := range requests { - if lim, exists := limits[name]; !exists || lim.Cmp(req) != 0 { - isGuaranteed = false - break - } - } - } - if isGuaranteed && - len(requests) == len(limits) { - return core.PodQOSGuaranteed - } - return core.PodQOSBurstable -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/install/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/install/OWNERS deleted file mode 100644 index 1a5f75767..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/install/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - smarterclayton - - deads2k - - caesarxuchao - - liggitt - - dims diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/install/install.go b/vendor/k8s.io/kubernetes/pkg/apis/core/install/install.go deleted file mode 100644 index d2d82e27d..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/install/install.go +++ /dev/null @@ -1,38 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package install installs the v1 monolithic api, making it available as an -// option to all of the API encoding/decoding machinery. -package install - -import ( - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/kubernetes/pkg/api/legacyscheme" - "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/core/v1" -) - -func init() { - Install(legacyscheme.Scheme) -} - -// Install registers the API group and adds types to a scheme -func Install(scheme *runtime.Scheme) { - utilruntime.Must(core.AddToScheme(scheme)) - utilruntime.Must(v1.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion)) -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/json.go b/vendor/k8s.io/kubernetes/pkg/apis/core/json.go deleted file mode 100644 index 46702cb46..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/json.go +++ /dev/null @@ -1,31 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package core - -import "encoding/json" - -// This file implements json marshaling/unmarshaling interfaces on objects that are currently marshaled into annotations -// to prevent anyone from marshaling these internal structs. - -var _ = json.Marshaler(&AvoidPods{}) -var _ = json.Unmarshaler(&AvoidPods{}) - -// MarshalJSON panics to prevent marshalling of internal structs -func (AvoidPods) MarshalJSON() ([]byte, error) { panic("do not marshal internal struct") } - -// UnmarshalJSON panics to prevent unmarshalling of internal structs -func (*AvoidPods) UnmarshalJSON([]byte) error { panic("do not unmarshal to internal struct") } diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/objectreference.go b/vendor/k8s.io/kubernetes/pkg/apis/core/objectreference.go deleted file mode 100644 index 60f7e8a88..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/objectreference.go +++ /dev/null @@ -1,37 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -//TODO: consider making these methods functions, because we don't want helper -//functions in the k8s.io/api repo. - -package core - -import ( - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// SetGroupVersionKind sets the API version and kind of the object reference -func (obj *ObjectReference) SetGroupVersionKind(gvk schema.GroupVersionKind) { - obj.APIVersion, obj.Kind = gvk.ToAPIVersionAndKind() -} - -// GroupVersionKind returns the API version and kind of the object reference -func (obj *ObjectReference) GroupVersionKind() schema.GroupVersionKind { - return schema.FromAPIVersionAndKind(obj.APIVersion, obj.Kind) -} - -// GetObjectKind returns the kind of object reference -func (obj *ObjectReference) GetObjectKind() schema.ObjectKind { return obj } diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/pods/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/core/pods/helpers.go deleted file mode 100644 index defc69c11..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/pods/helpers.go +++ /dev/null @@ -1,97 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package pods - -import ( - "fmt" - - "k8s.io/apimachinery/pkg/util/validation/field" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/fieldpath" -) - -// ContainerVisitorWithPath is called with each container and the field.Path to that container, -// and returns true if visiting should continue. -type ContainerVisitorWithPath func(container *api.Container, path *field.Path) bool - -// VisitContainersWithPath invokes the visitor function with a pointer to the spec -// of every container in the given pod spec and the field.Path to that container. -// If visitor returns false, visiting is short-circuited. VisitContainersWithPath returns true if visiting completes, -// false if visiting was short-circuited. -func VisitContainersWithPath(podSpec *api.PodSpec, specPath *field.Path, visitor ContainerVisitorWithPath) bool { - fldPath := specPath.Child("initContainers") - for i := range podSpec.InitContainers { - if !visitor(&podSpec.InitContainers[i], fldPath.Index(i)) { - return false - } - } - fldPath = specPath.Child("containers") - for i := range podSpec.Containers { - if !visitor(&podSpec.Containers[i], fldPath.Index(i)) { - return false - } - } - fldPath = specPath.Child("ephemeralContainers") - for i := range podSpec.EphemeralContainers { - if !visitor((*api.Container)(&podSpec.EphemeralContainers[i].EphemeralContainerCommon), fldPath.Index(i)) { - return false - } - } - return true -} - -// ConvertDownwardAPIFieldLabel converts the specified downward API field label -// and its value in the pod of the specified version to the internal version, -// and returns the converted label and value. This function returns an error if -// the conversion fails. -func ConvertDownwardAPIFieldLabel(version, label, value string) (string, string, error) { - if version != "v1" { - return "", "", fmt.Errorf("unsupported pod version: %s", version) - } - - if path, _, ok := fieldpath.SplitMaybeSubscriptedPath(label); ok { - switch path { - case "metadata.annotations", "metadata.labels": - return label, value, nil - default: - return "", "", fmt.Errorf("field label does not support subscript: %s", label) - } - } - - switch label { - case "metadata.annotations", - "metadata.labels", - "metadata.name", - "metadata.namespace", - "metadata.uid", - "spec.nodeName", - "spec.restartPolicy", - "spec.serviceAccountName", - "spec.schedulerName", - "status.phase", - "status.hostIP", - "status.hostIPs", - "status.podIP", - "status.podIPs": - return label, value, nil - // This is for backwards compatibility with old v1 clients which send spec.host - case "spec.host": - return "spec.nodeName", value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/register.go b/vendor/k8s.io/kubernetes/pkg/apis/core/register.go deleted file mode 100644 index 882f31795..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/register.go +++ /dev/null @@ -1,102 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package core - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name use in this package -const GroupName = "" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder object to register various known types - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - - // AddToScheme represents a func that can be used to apply all the registered - // funcs in a scheme - AddToScheme = SchemeBuilder.AddToScheme -) - -func addKnownTypes(scheme *runtime.Scheme) error { - if err := scheme.AddIgnoredConversionType(&metav1.TypeMeta{}, &metav1.TypeMeta{}); err != nil { - return err - } - scheme.AddKnownTypes(SchemeGroupVersion, - &Pod{}, - &PodList{}, - &PodStatusResult{}, - &PodTemplate{}, - &PodTemplateList{}, - &ReplicationControllerList{}, - &ReplicationController{}, - &ServiceList{}, - &Service{}, - &ServiceProxyOptions{}, - &NodeList{}, - &Node{}, - &NodeProxyOptions{}, - &Endpoints{}, - &EndpointsList{}, - &Binding{}, - &Event{}, - &EventList{}, - &List{}, - &LimitRange{}, - &LimitRangeList{}, - &ResourceQuota{}, - &ResourceQuotaList{}, - &Namespace{}, - &NamespaceList{}, - &ServiceAccount{}, - &ServiceAccountList{}, - &Secret{}, - &SecretList{}, - &PersistentVolume{}, - &PersistentVolumeList{}, - &PersistentVolumeClaim{}, - &PersistentVolumeClaimList{}, - &PodAttachOptions{}, - &PodLogOptions{}, - &PodExecOptions{}, - &PodPortForwardOptions{}, - &PodProxyOptions{}, - &ComponentStatus{}, - &ComponentStatusList{}, - &SerializedReference{}, - &RangeAllocation{}, - &ConfigMap{}, - &ConfigMapList{}, - ) - - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/resource.go b/vendor/k8s.io/kubernetes/pkg/apis/core/resource.go deleted file mode 100644 index bde1e24ca..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/resource.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package core - -import ( - "k8s.io/apimachinery/pkg/api/resource" -) - -func (rn ResourceName) String() string { - return string(rn) -} - -// CPU returns the CPU limit if specified. -func (rl *ResourceList) CPU() *resource.Quantity { - return rl.Name(ResourceCPU, resource.DecimalSI) -} - -// Memory returns the Memory limit if specified. -func (rl *ResourceList) Memory() *resource.Quantity { - return rl.Name(ResourceMemory, resource.BinarySI) -} - -// Storage returns the Storage limit if specified. -func (rl *ResourceList) Storage() *resource.Quantity { - return rl.Name(ResourceStorage, resource.BinarySI) -} - -// Pods returns the list of pods -func (rl *ResourceList) Pods() *resource.Quantity { - return rl.Name(ResourcePods, resource.DecimalSI) -} - -// StorageEphemeral returns the list of ephemeral storage volumes, if any -func (rl *ResourceList) StorageEphemeral() *resource.Quantity { - return rl.Name(ResourceEphemeralStorage, resource.BinarySI) -} - -// Name returns the resource with name if specified, otherwise it returns a nil quantity with default format. -func (rl *ResourceList) Name(name ResourceName, defaultFormat resource.Format) *resource.Quantity { - if val, ok := (*rl)[name]; ok { - return &val - } - return &resource.Quantity{Format: defaultFormat} -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/taint.go b/vendor/k8s.io/kubernetes/pkg/apis/core/taint.go deleted file mode 100644 index 2c800de9b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/taint.go +++ /dev/null @@ -1,42 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -//TODO: consider making these methods functions, because we don't want helper -//functions in the k8s.io/api repo. - -package core - -import "fmt" - -// MatchTaint checks if the taint matches taintToMatch. Taints are unique by key:effect, -// if the two taints have same key:effect, regard as they match. -func (t *Taint) MatchTaint(taintToMatch Taint) bool { - return t.Key == taintToMatch.Key && t.Effect == taintToMatch.Effect -} - -// ToString converts taint struct to string in format '=:', '=:', ':', or ''. -func (t *Taint) ToString() string { - if len(t.Effect) == 0 { - if len(t.Value) == 0 { - return fmt.Sprintf("%v", t.Key) - } - return fmt.Sprintf("%v=%v:", t.Key, t.Value) - } - if len(t.Value) == 0 { - return fmt.Sprintf("%v:%v", t.Key, t.Effect) - } - return fmt.Sprintf("%v=%v:%v", t.Key, t.Value, t.Effect) -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/toleration.go b/vendor/k8s.io/kubernetes/pkg/apis/core/toleration.go deleted file mode 100644 index 1dfbc9f1b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/toleration.go +++ /dev/null @@ -1,30 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -//TODO: consider making these methods functions, because we don't want helper -//functions in the k8s.io/api repo. - -package core - -// MatchToleration checks if the toleration matches tolerationToMatch. Tolerations are unique by , -// if the two tolerations have same combination, regard as they match. -// TODO: uniqueness check for tolerations in api validations. -func (t *Toleration) MatchToleration(tolerationToMatch *Toleration) bool { - return t.Key == tolerationToMatch.Key && - t.Effect == tolerationToMatch.Effect && - t.Operator == tolerationToMatch.Operator && - t.Value == tolerationToMatch.Value -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go b/vendor/k8s.io/kubernetes/pkg/apis/core/types.go deleted file mode 100644 index 1de0cf449..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go +++ /dev/null @@ -1,7171 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package core - -import ( - "k8s.io/apimachinery/pkg/api/resource" - metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/intstr" -) - -const ( - // NamespaceDefault means the object is in the default namespace which is applied when not specified by clients - NamespaceDefault = "default" - // NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces - NamespaceAll = "" - // NamespaceNone is the argument for a context when there is no namespace. - NamespaceNone = "" - // NamespaceSystem is the system namespace where we place system components. - NamespaceSystem = "kube-system" - // NamespacePublic is the namespace where we place public info (ConfigMaps) - NamespacePublic = "kube-public" - // NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats) - NamespaceNodeLease = "kube-node-lease" - // TerminationMessagePathDefault means the default path to capture the application termination message running in a container - TerminationMessagePathDefault = "/dev/termination-log" -) - -// Volume represents a named volume in a pod that may be accessed by any containers in the pod. -type Volume struct { - // Required: This must be a DNS_LABEL. Each volume in a pod must have - // a unique name. - Name string - // The VolumeSource represents the location and type of a volume to mount. - // This is optional for now. If not specified, the Volume is implied to be an EmptyDir. - // This implied behavior is deprecated and will be removed in a future version. - // +optional - VolumeSource -} - -// VolumeSource represents the source location of a volume to mount. -// Only one of its members may be specified. -type VolumeSource struct { - // hostPath represents file or directory on the host machine that is - // directly exposed to the container. This is generally used for system - // agents or other privileged things that are allowed to see the host - // machine. Most containers will NOT need this. - // --- - // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - // mount host directories as read/write. - // +optional - HostPath *HostPathVolumeSource - // emptyDir represents a temporary directory that shares a pod's lifetime. - // +optional - EmptyDir *EmptyDirVolumeSource - // gcePersistentDisk represents a GCE Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree - // gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. - // +optional - GCEPersistentDisk *GCEPersistentDiskVolumeSource - // awsElasticBlockStore represents an AWS EBS disk that is attached to a - // kubelet's host machine and then exposed to the pod. - // Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree - // awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. - // +optional - AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource - // gitRepo represents a git repository at a particular revision. - // Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an - // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - // into the Pod's container. - // +optional - GitRepo *GitRepoVolumeSource - // secret represents a secret that should populate this volume. - // +optional - Secret *SecretVolumeSource - // nfs represents an NFS mount on the host that shares a pod's lifetime - // +optional - NFS *NFSVolumeSource - // iscsi represents an ISCSI Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // +optional - ISCSI *ISCSIVolumeSource - // glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - // Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - // +optional - Glusterfs *GlusterfsVolumeSource - // persistentVolumeClaim represents a reference to a PersistentVolumeClaim in the same namespace - // +optional - PersistentVolumeClaim *PersistentVolumeClaimVolumeSource - // rdb represents a Rados Block Device mount on the host that shares a pod's lifetime. - // Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - // +optional - RBD *RBDVolumeSource - - // quobyte represents a Quobyte mount on the host that shares a pod's lifetime. - // Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. - // +optional - Quobyte *QuobyteVolumeSource - - // flexVolume represents a generic volume resource that is - // provisioned/attached using an exec based plugin. - // Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. - // +optional - FlexVolume *FlexVolumeSource - - // cinder represents a cinder volume attached and mounted on kubelet's host machine. - // Deprecated: Cinder is deprecated. All operations for the in-tree cinder type - // are redirected to the cinder.csi.openstack.org CSI driver. - // +optional - Cinder *CinderVolumeSource - - // cephFS represents a Cephfs mount on the host that shares a pod's lifetime. - // Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. - // +optional - CephFS *CephFSVolumeSource - - // flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. - // Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. - // +optional - Flocker *FlockerVolumeSource - - // downwardAPI represents metadata about the pod that should populate this volume - // +optional - DownwardAPI *DownwardAPIVolumeSource - // fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - // +optional - FC *FCVolumeSource - // azureFile represents an Azure File Service mount on the host and bind mount to the pod. - // Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type - // are redirected to the file.csi.azure.com CSI driver. - // +optional - AzureFile *AzureFileVolumeSource - // ConfigMap represents a configMap that should populate this volume - // +optional - ConfigMap *ConfigMapVolumeSource - // vsphereVolume represents a vSphere volume attached and mounted on kubelet's host machine. - // Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type - // are redirected to the csi.vsphere.vmware.com CSI driver. - // +optional - VsphereVolume *VsphereVirtualDiskVolumeSource - // azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - // Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type - // are redirected to the disk.csi.azure.com CSI driver. - // +optional - AzureDisk *AzureDiskVolumeSource - // photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. - // Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. - PhotonPersistentDisk *PhotonPersistentDiskVolumeSource - // Items for all in one resources secrets, configmaps, and downward API - Projected *ProjectedVolumeSource - // portworxVolume represents a portworx volume attached and mounted on kubelets host machine. - // Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type - // are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate - // is on. - // +optional - PortworxVolume *PortworxVolumeSource - // scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - // Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. - // +optional - ScaleIO *ScaleIOVolumeSource - // storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. - // Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. - // +optional - StorageOS *StorageOSVolumeSource - // csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. - // +optional - CSI *CSIVolumeSource - // ephemeral represents a volume that is handled by a cluster storage driver. - // The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - // and deleted when the pod is removed. - // - // Use this if: - // a) the volume is only needed while the pod runs, - // b) features of normal volumes like restoring from snapshot or capacity - // tracking are needed, - // c) the storage driver is specified through a storage class, and - // d) the storage driver supports dynamic volume provisioning through - // a PersistentVolumeClaim (see EphemeralVolumeSource for more - // information on the connection between this volume type - // and PersistentVolumeClaim). - // - // Use PersistentVolumeClaim or one of the vendor-specific - // APIs for volumes that persist for longer than the lifecycle - // of an individual pod. - // - // Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - // be used that way - see the documentation of the driver for - // more information. - // - // A pod can use both types of ephemeral volumes and - // persistent volumes at the same time. - // - // +optional - Ephemeral *EphemeralVolumeSource - // image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. - // The volume is resolved at pod startup depending on which PullPolicy value is provided: - // - // - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - // - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - // - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. - // - // The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. - // A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. - // The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. - // The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. - // The volume will be mounted read-only (ro) and non-executable files (noexec). - // Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. - // The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. - // +featureGate=ImageVolume - // +optional - Image *ImageVolumeSource -} - -// PersistentVolumeSource is similar to VolumeSource but meant for the administrator who creates PVs. -// Exactly one of its members must be set. -type PersistentVolumeSource struct { - // gcePersistentDisk represents a GCE Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. Provisioned by an admin. - // Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree - // gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. - // +optional - GCEPersistentDisk *GCEPersistentDiskVolumeSource - // awsElasticBlockStore represents an AWS Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree - // awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. - // +optional - AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource - // hostPath represents a directory on the host. - // Provisioned by a developer or tester. - // This is useful for single-node development and testing only! - // On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. - // +optional - HostPath *HostPathVolumeSource - // glusterfs represents a Glusterfs volume that is attached to a host and - // exposed to the pod. Provisioned by an admin. - // Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - // +optional - Glusterfs *GlusterfsPersistentVolumeSource - // nfs represents an NFS mount on the host that shares a pod's lifetime - // +optional - NFS *NFSVolumeSource - // rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - // Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - // +optional - RBD *RBDPersistentVolumeSource - // quobyte represents a Quobyte mount on the host that shares a pod's lifetime. - // Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. - // +optional - Quobyte *QuobyteVolumeSource - // iscsi represents an ISCSI resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // +optional - ISCSI *ISCSIPersistentVolumeSource - // flexVolume represents a generic volume resource that is - // provisioned/attached using an exec based plugin. - // Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. - // +optional - FlexVolume *FlexPersistentVolumeSource - // cinder represents a cinder volume attached and mounted on kubelets host machine. - // Deprecated: Cinder is deprecated. All operations for the in-tree cinder type - // are redirected to the cinder.csi.openstack.org CSI driver. - // +optional - Cinder *CinderPersistentVolumeSource - // cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. - // Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. - // +optional - CephFS *CephFSPersistentVolumeSource - // fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - // +optional - FC *FCVolumeSource - // flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running. - // Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. - // +optional - Flocker *FlockerVolumeSource - // azureFile represents an Azure File Service mount on the host and bind mount to the pod. - // Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type - // are redirected to the file.csi.azure.com CSI driver. - // +optional - AzureFile *AzureFilePersistentVolumeSource - // vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. - // Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type - // are redirected to the csi.vsphere.vmware.com CSI driver. - // +optional - VsphereVolume *VsphereVirtualDiskVolumeSource - // azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - // Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type - // are redirected to the disk.csi.azure.com CSI driver. - // +optional - AzureDisk *AzureDiskVolumeSource - // photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. - // Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. - PhotonPersistentDisk *PhotonPersistentDiskVolumeSource - // portworxVolume represents a portworx volume attached and mounted on kubelets host machine. - // Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type - // are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate - // is on. - // +optional - PortworxVolume *PortworxVolumeSource - // scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - // Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. - // +optional - ScaleIO *ScaleIOPersistentVolumeSource - // local represents directly-attached storage with node affinity - // +optional - Local *LocalVolumeSource - // storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod. - // Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. - // +optional - StorageOS *StorageOSPersistentVolumeSource - // csi represents storage that is handled by an external CSI driver. - // +optional - CSI *CSIPersistentVolumeSource -} - -// PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace -type PersistentVolumeClaimVolumeSource struct { - // ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume - ClaimName string - // Optional: Defaults to false (read/write). ReadOnly here - // will force the ReadOnly setting in VolumeMounts - // +optional - ReadOnly bool -} - -const ( - // BetaStorageClassAnnotation represents the beta/previous StorageClass annotation. - // It's deprecated and will be removed in a future release. (#51440) - BetaStorageClassAnnotation = "volume.beta.kubernetes.io/storage-class" - - // MountOptionAnnotation defines mount option annotation used in PVs - MountOptionAnnotation = "volume.beta.kubernetes.io/mount-options" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PersistentVolume struct captures the details of the implementation of PV storage -type PersistentVolume struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines a persistent volume owned by the cluster - // +optional - Spec PersistentVolumeSpec - - // Status represents the current information about persistent volume. - // +optional - Status PersistentVolumeStatus -} - -// PersistentVolumeSpec has most of the details required to define a persistent volume -type PersistentVolumeSpec struct { - // Resources represents the actual resources of the volume - Capacity ResourceList - // Source represents the location and type of a volume to mount. - PersistentVolumeSource - // AccessModes contains all ways the volume can be mounted - // +optional - AccessModes []PersistentVolumeAccessMode - // ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. - // ClaimRef is expected to be non-nil when bound. - // claim.VolumeName is the authoritative bind between PV and PVC. - // When set to non-nil value, PVC.Spec.Selector of the referenced PVC is - // ignored, i.e. labels of this PV do not need to match PVC selector. - // +optional - ClaimRef *ObjectReference - // Optional: what happens to a persistent volume when released from its claim. - // +optional - PersistentVolumeReclaimPolicy PersistentVolumeReclaimPolicy - // Name of StorageClass to which this persistent volume belongs. Empty value - // means that this volume does not belong to any StorageClass. - // +optional - StorageClassName string - // A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will - // simply fail if one is invalid. - // +optional - MountOptions []string - // volumeMode defines if a volume is intended to be used with a formatted filesystem - // or to remain in raw block state. Value of Filesystem is implied when not included in spec. - // +optional - VolumeMode *PersistentVolumeMode - // NodeAffinity defines constraints that limit what nodes this volume can be accessed from. - // This field influences the scheduling of pods that use this volume. - // This field is mutable if MutablePVNodeAffinity feature gate is enabled. - // +optional - NodeAffinity *VolumeNodeAffinity - // Name of VolumeAttributesClass to which this persistent volume belongs. Empty value - // is not allowed. When this field is not set, it indicates that this volume does not belong to any - // VolumeAttributesClass. This field is mutable and can be changed by the CSI driver - // after a volume has been updated successfully to a new class. - // For an unbound PersistentVolume, the volumeAttributesClassName will be matched with unbound - // PersistentVolumeClaims during the binding process. - // +featureGate=VolumeAttributesClass - // +optional - VolumeAttributesClassName *string -} - -// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from. -type VolumeNodeAffinity struct { - // Required specifies hard node constraints that must be met. - Required *NodeSelector -} - -// PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes -type PersistentVolumeReclaimPolicy string - -const ( - // PersistentVolumeReclaimRecycle means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim. - // The volume plugin must support Recycling. - // DEPRECATED: The PersistentVolumeReclaimRecycle called Recycle is being deprecated. See announcement here: https://groups.google.com/forum/#!topic/kubernetes-dev/uexugCza84I - PersistentVolumeReclaimRecycle PersistentVolumeReclaimPolicy = "Recycle" - // PersistentVolumeReclaimDelete means the volume will be deleted from Kubernetes on release from its claim. - // The volume plugin must support Deletion. - PersistentVolumeReclaimDelete PersistentVolumeReclaimPolicy = "Delete" - // PersistentVolumeReclaimRetain means the volume will be left in its current phase (Released) for manual reclamation by the administrator. - // The default policy is Retain. - PersistentVolumeReclaimRetain PersistentVolumeReclaimPolicy = "Retain" -) - -// PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem. -type PersistentVolumeMode string - -const ( - // PersistentVolumeBlock means the volume will not be formatted with a filesystem and will remain a raw block device. - PersistentVolumeBlock PersistentVolumeMode = "Block" - // PersistentVolumeFilesystem means the volume will be or is formatted with a filesystem. - PersistentVolumeFilesystem PersistentVolumeMode = "Filesystem" -) - -// PersistentVolumeStatus represents the status of PV storage -type PersistentVolumeStatus struct { - // Phase indicates if a volume is available, bound to a claim, or released by a claim - // +optional - Phase PersistentVolumePhase - // A human-readable message indicating details about why the volume is in this state. - // +optional - Message string - // Reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI - // +optional - Reason string - // LastPhaseTransitionTime is the time the phase transitioned from one to another - // and automatically resets to current time everytime a volume phase transitions. - // +optional - LastPhaseTransitionTime *metav1.Time -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PersistentVolumeList represents a list of PVs -type PersistentVolumeList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - Items []PersistentVolume -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PersistentVolumeClaim is a user's request for and claim to a persistent volume -type PersistentVolumeClaim struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the volume requested by a pod author - // +optional - Spec PersistentVolumeClaimSpec - - // Status represents the current information about a claim - // +optional - Status PersistentVolumeClaimStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PersistentVolumeClaimList represents the list of PV claims -type PersistentVolumeClaimList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - Items []PersistentVolumeClaim -} - -// PersistentVolumeClaimSpec describes the common attributes of storage devices -// and allows a Source for provider-specific attributes -type PersistentVolumeClaimSpec struct { - // Contains the types of access modes required - // +optional - AccessModes []PersistentVolumeAccessMode - // A label query over volumes to consider for binding. This selector is - // ignored when VolumeName is set - // +optional - Selector *metav1.LabelSelector - // Resources represents the minimum resources required - // If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - // that are lower than previous value but must still be higher than capacity recorded in the - // status field of the claim. - // +optional - Resources VolumeResourceRequirements - // VolumeName is the binding reference to the PersistentVolume backing this - // claim. When set to non-empty value Selector is not evaluated - // +optional - VolumeName string - // Name of the StorageClass required by the claim. - // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1 - // +optional - StorageClassName *string - // volumeMode defines what type of volume is required by the claim. - // Value of Filesystem is implied when not included in claim spec. - // +optional - VolumeMode *PersistentVolumeMode - // This field can be used to specify either: - // * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - // * An existing PVC (PersistentVolumeClaim) - // If the provisioner or an external controller can support the specified data source, - // it will create a new volume based on the contents of the specified data source. - // dataSource contents will be copied to dataSourceRef, and dataSourceRef contents - // will be copied to dataSource when dataSourceRef.namespace is not specified. - // If the namespace is specified, then dataSourceRef will not be copied to dataSource. - // +optional - DataSource *TypedLocalObjectReference - // Specifies the object from which to populate the volume with data, if a non-empty - // volume is desired. This may be any object from a non-empty API group (non - // core object) or a PersistentVolumeClaim object. - // When this field is specified, volume binding will only succeed if the type of - // the specified object matches some installed volume populator or dynamic - // provisioner. - // This field will replace the functionality of the dataSource field and as such - // if both fields are non-empty, they must have the same value. For backwards - // compatibility, when namespace isn't specified in dataSourceRef, - // both fields (dataSource and dataSourceRef) will be set to the same - // value automatically if one of them is empty and the other is non-empty. - // When namespace is specified in dataSourceRef, - // dataSource isn't set to the same value and must be empty. - // There are three important differences between dataSource and dataSourceRef: - // * While dataSource only allows two specific types of objects, dataSourceRef - // allows any non-core object, as well as PersistentVolumeClaim objects. - // * While dataSource ignores disallowed values (dropping them), dataSourceRef - // preserves all values, and generates an error if a disallowed value is - // specified. - // * While dataSource only allows local objects, dataSourceRef allows objects - // in any namespaces. - // +optional - DataSourceRef *TypedObjectReference - // volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - // If specified, the CSI driver will create or update the volume with the attributes defined - // in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - // it can be changed after the claim is created. An empty string or nil value indicates that no - // VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, - // this field can be reset to its previous value (including nil) to cancel the modification. - // If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - // set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - // exists. - // More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - // +featureGate=VolumeAttributesClass - // +optional - VolumeAttributesClassName *string -} - -type TypedObjectReference struct { - // APIGroup is the group for the resource being referenced. - // If APIGroup is not specified, the specified Kind must be in the core API group. - // For any other third-party types, APIGroup is required. - // +optional - APIGroup *string - // Kind is the type of resource being referenced - Kind string - // Name is the name of resource being referenced - Name string - // Namespace is the namespace of resource being referenced - // Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - // (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - // +featureGate=CrossNamespaceVolumeDataSource - // +optional - Namespace *string -} - -// PersistentVolumeClaimConditionType defines the condition of PV claim. -// Valid values are: -// - "Resizing", "FileSystemResizePending" -// -// If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected: -// - "ControllerResizeError", "NodeResizeError" -// -// If VolumeAttributesClass feature gate is enabled, then following additional values can be expected: -// - "ModifyVolumeError", "ModifyingVolume" -type PersistentVolumeClaimConditionType string - -// These are valid conditions of PVC -const ( - // An user trigger resize of pvc has been started - PersistentVolumeClaimResizing PersistentVolumeClaimConditionType = "Resizing" - // PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node - PersistentVolumeClaimFileSystemResizePending PersistentVolumeClaimConditionType = "FileSystemResizePending" - - // PersistentVolumeClaimControllerResizeError indicates an error while resizing volume for size in the controller - PersistentVolumeClaimControllerResizeError PersistentVolumeClaimConditionType = "ControllerResizeError" - // PersistentVolumeClaimNodeResizeError indicates an error while resizing volume for size in the node. - PersistentVolumeClaimNodeResizeError PersistentVolumeClaimConditionType = "NodeResizeError" - - // Applying the target VolumeAttributesClass encountered an error - PersistentVolumeClaimVolumeModifyVolumeError PersistentVolumeClaimConditionType = "ModifyVolumeError" - // Volume is being modified - PersistentVolumeClaimVolumeModifyingVolume PersistentVolumeClaimConditionType = "ModifyingVolume" -) - -// +enum -// When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource -// that it does not recognizes, then it should ignore that update and let other controllers -// handle it. -type ClaimResourceStatus string - -const ( - // State set when resize controller starts resizing the volume in control-plane - PersistentVolumeClaimControllerResizeInProgress ClaimResourceStatus = "ControllerResizeInProgress" - - // State set when resize has failed in resize controller with a terminal unrecoverable error. - // Transient errors such as timeout should not set this status and should leave allocatedResourceStatus - // unmodified, so as resize controller can resume the volume expansion. - PersistentVolumeClaimControllerResizeInfeasible ClaimResourceStatus = "ControllerResizeInfeasible" - - // State set when resize controller has finished resizing the volume but further resizing of volume - // is needed on the node. - PersistentVolumeClaimNodeResizePending ClaimResourceStatus = "NodeResizePending" - // State set when kubelet starts resizing the volume. - PersistentVolumeClaimNodeResizeInProgress ClaimResourceStatus = "NodeResizeInProgress" - // State set when resizing has failed in kubelet with a terminal unrecoverable error. Transient errors - // shouldn't set this status - PersistentVolumeClaimNodeResizeInfeasible ClaimResourceStatus = "NodeResizeInfeasible" -) - -// +enum -// New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately -type PersistentVolumeClaimModifyVolumeStatus string - -const ( - // Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as - // the specified VolumeAttributesClass not existing - PersistentVolumeClaimModifyVolumePending PersistentVolumeClaimModifyVolumeStatus = "Pending" - // InProgress indicates that the volume is being modified - PersistentVolumeClaimModifyVolumeInProgress PersistentVolumeClaimModifyVolumeStatus = "InProgress" - // Infeasible indicates that the request has been rejected as invalid by the CSI driver. To - // resolve the error, a valid VolumeAttributesClass needs to be specified - PersistentVolumeClaimModifyVolumeInfeasible PersistentVolumeClaimModifyVolumeStatus = "Infeasible" -) - -// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation -type ModifyVolumeStatus struct { - // targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled - TargetVolumeAttributesClassName string - // status is the status of the ControllerModifyVolume operation. It can be in any of following states: - // - Pending - // Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as - // the specified VolumeAttributesClass not existing. - // - InProgress - // InProgress indicates that the volume is being modified. - // - Infeasible - // Infeasible indicates that the request has been rejected as invalid by the CSI driver. To - // resolve the error, a valid VolumeAttributesClass needs to be specified. - // Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. - Status PersistentVolumeClaimModifyVolumeStatus -} - -// PersistentVolumeClaimCondition represents the current condition of PV claim -type PersistentVolumeClaimCondition struct { - Type PersistentVolumeClaimConditionType - Status ConditionStatus - // +optional - LastProbeTime metav1.Time - // +optional - LastTransitionTime metav1.Time - // +optional - Reason string - // +optional - Message string -} - -// PersistentVolumeClaimStatus represents the status of PV claim -type PersistentVolumeClaimStatus struct { - // Phase represents the current phase of PersistentVolumeClaim - // +optional - Phase PersistentVolumeClaimPhase - // AccessModes contains all ways the volume backing the PVC can be mounted - // +optional - AccessModes []PersistentVolumeAccessMode - // Represents the actual resources of the underlying volume - // +optional - Capacity ResourceList - // +optional - Conditions []PersistentVolumeClaimCondition - // AllocatedResources tracks the resources allocated to a PVC including its capacity. - // Key names follow standard Kubernetes label syntax. Valid values are either: - // * Un-prefixed keys: - // - storage - the capacity of the volume. - // * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" - // Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered - // reserved and hence may not be used. - // - // Capacity reported here may be larger than the actual capacity when a volume expansion operation - // is requested. - // For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. - // If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. - // If a volume expansion capacity request is lowered, allocatedResources is only - // lowered if there are no expansion operations in progress and if the actual volume capacity - // is equal or lower than the requested capacity. - // - // A controller that receives PVC update with previously unknown resourceName - // should ignore the update for the purpose it was designed. For example - a controller that - // only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid - // resources associated with PVC. - // +optional - AllocatedResources ResourceList - // AllocatedResourceStatuses stores status of resource being resized for the given PVC. - // Key names follow standard Kubernetes label syntax. Valid values are either: - // * Un-prefixed keys: - // - storage - the capacity of the volume. - // * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" - // Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered - // reserved and hence may not be used. - // - // ClaimResourceStatus can be in any of following states: - // - ControllerResizeInProgress: - // State set when resize controller starts resizing the volume in control-plane. - // - ControllerResizeFailed: - // State set when resize has failed in resize controller with a terminal error. - // - NodeResizePending: - // State set when resize controller has finished resizing the volume but further resizing of - // volume is needed on the node. - // - NodeResizeInProgress: - // State set when kubelet starts resizing the volume. - // - NodeResizeFailed: - // State set when resizing has failed in kubelet with a terminal error. Transient errors don't set - // NodeResizeFailed. - // For example: if expanding a PVC for more capacity - this field can be one of the following states: - // - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" - // - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" - // - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" - // - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" - // - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" - // When this field is not set, it means that no resize operation is in progress for the given PVC. - // - // A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus - // should ignore the update for the purpose it was designed. For example - a controller that - // only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid - // resources associated with PVC. - // +mapType=granular - // +optional - AllocatedResourceStatuses map[ResourceName]ClaimResourceStatus - // currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - // When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - // +featureGate=VolumeAttributesClass - // +optional - CurrentVolumeAttributesClassName *string - // ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - // When this is unset, there is no ModifyVolume operation being attempted. - // +featureGate=VolumeAttributesClass - // +optional - ModifyVolumeStatus *ModifyVolumeStatus -} - -// PersistentVolumeAccessMode defines various access modes for PV. -type PersistentVolumeAccessMode string - -// These are the valid values for PersistentVolumeAccessMode -const ( - // can be mounted read/write mode to exactly 1 host - ReadWriteOnce PersistentVolumeAccessMode = "ReadWriteOnce" - // can be mounted in read-only mode to many hosts - ReadOnlyMany PersistentVolumeAccessMode = "ReadOnlyMany" - // can be mounted in read/write mode to many hosts - ReadWriteMany PersistentVolumeAccessMode = "ReadWriteMany" - // can be mounted read/write mode to exactly 1 pod - // cannot be used in combination with other access modes - ReadWriteOncePod PersistentVolumeAccessMode = "ReadWriteOncePod" -) - -// PersistentVolumePhase defines the phase in which a PV is -type PersistentVolumePhase string - -// These are the valid values for PersistentVolumePhase -const ( - // used for PersistentVolumes that are not available - VolumePending PersistentVolumePhase = "Pending" - // used for PersistentVolumes that are not yet bound - // Available volumes are held by the binder and matched to PersistentVolumeClaims - VolumeAvailable PersistentVolumePhase = "Available" - // used for PersistentVolumes that are bound - VolumeBound PersistentVolumePhase = "Bound" - // used for PersistentVolumes where the bound PersistentVolumeClaim was deleted - // released volumes must be recycled before becoming available again - // this phase is used by the persistent volume claim binder to signal to another process to reclaim the resource - VolumeReleased PersistentVolumePhase = "Released" - // used for PersistentVolumes that failed to be correctly recycled or deleted after being released from a claim - VolumeFailed PersistentVolumePhase = "Failed" -) - -// PersistentVolumeClaimPhase defines the phase of PV claim -type PersistentVolumeClaimPhase string - -// These are the valid value for PersistentVolumeClaimPhase -const ( - // used for PersistentVolumeClaims that are not yet bound - ClaimPending PersistentVolumeClaimPhase = "Pending" - // used for PersistentVolumeClaims that are bound - ClaimBound PersistentVolumeClaimPhase = "Bound" - // used for PersistentVolumeClaims that lost their underlying - // PersistentVolume. The claim was bound to a PersistentVolume and this - // volume does not exist any longer and all data on it was lost. - ClaimLost PersistentVolumeClaimPhase = "Lost" -) - -// HostPathType defines the type of host path for PV -type HostPathType string - -// These are the valid values for HostPathType -const ( - // For backwards compatible, leave it empty if unset - HostPathUnset HostPathType = "" - // If nothing exists at the given path, an empty directory will be created there - // as needed with file mode 0755, having the same group and ownership with Kubelet. - HostPathDirectoryOrCreate HostPathType = "DirectoryOrCreate" - // A directory must exist at the given path - HostPathDirectory HostPathType = "Directory" - // If nothing exists at the given path, an empty file will be created there - // as needed with file mode 0644, having the same group and ownership with Kubelet. - HostPathFileOrCreate HostPathType = "FileOrCreate" - // A file must exist at the given path - HostPathFile HostPathType = "File" - // A UNIX socket must exist at the given path - HostPathSocket HostPathType = "Socket" - // A character device must exist at the given path - HostPathCharDev HostPathType = "CharDevice" - // A block device must exist at the given path - HostPathBlockDev HostPathType = "BlockDevice" -) - -// HostPathVolumeSource represents a host path mapped into a pod. -// Host path volumes do not support ownership management or SELinux relabeling. -type HostPathVolumeSource struct { - // If the path is a symlink, it will follow the link to the real path. - Path string - // Defaults to "" - Type *HostPathType -} - -// EmptyDirVolumeSource represents an empty directory for a pod. -// Empty directory volumes support ownership management and SELinux relabeling. -type EmptyDirVolumeSource struct { - // TODO: Longer term we want to represent the selection of underlying - // media more like a scheduling problem - user says what traits they - // need, we give them a backing store that satisfies that. For now - // this will cover the most common needs. - // Optional: what type of storage medium should back this directory. - // The default is "" which means to use the node's default medium. - // +optional - Medium StorageMedium - // Total amount of local storage required for this EmptyDir volume. - // The size limit is also applicable for memory medium. - // The maximum usage on memory medium EmptyDir would be the minimum value between - // the SizeLimit specified here and the sum of memory limits of all containers in a pod. - // The default is nil which means that the limit is undefined. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - // +optional - SizeLimit *resource.Quantity -} - -// StorageMedium defines ways that storage can be allocated to a volume. -type StorageMedium string - -// These are the valid value for StorageMedium -const ( - StorageMediumDefault StorageMedium = "" // use whatever the default is for the node - StorageMediumMemory StorageMedium = "Memory" // use memory (tmpfs) - StorageMediumHugePages StorageMedium = "HugePages" // use hugepages - StorageMediumHugePagesPrefix StorageMedium = "HugePages-" // prefix for full medium notation HugePages- -) - -// Protocol defines network protocols supported for things like container ports. -type Protocol string - -const ( - // ProtocolTCP is the TCP protocol. - ProtocolTCP Protocol = "TCP" - // ProtocolUDP is the UDP protocol. - ProtocolUDP Protocol = "UDP" - // ProtocolSCTP is the SCTP protocol. - ProtocolSCTP Protocol = "SCTP" -) - -// GCEPersistentDiskVolumeSource represents a Persistent Disk resource in Google Compute Engine. -// -// A GCE PD must exist before mounting to a container. The disk must -// also be in the same GCE project and zone as the kubelet. A GCE PD -// can only be mounted as read/write once or read-only many times. GCE -// PDs support ownership management and SELinux relabeling. -type GCEPersistentDiskVolumeSource struct { - // Unique name of the PD resource. Used to identify the disk in GCE - PDName string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: Partition on the disk to mount. - // If omitted, kubelet will attempt to mount the device name. - // Ex. For /dev/sda1, this field is "1", for /dev/sda, this field is 0 or empty. - // +optional - Partition int32 - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// ISCSIVolumeSource represents an ISCSI disk. -// ISCSI volumes can only be mounted as read/write once. -// ISCSI volumes support ownership management and SELinux relabeling. -type ISCSIVolumeSource struct { - // Required: iSCSI target portal - // the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) - // +optional - TargetPortal string - // Required: target iSCSI Qualified Name - // +optional - IQN string - // Required: iSCSI target lun number - // +optional - Lun int32 - // Optional: Defaults to 'default' (tcp). iSCSI interface name that uses an iSCSI transport. - // +optional - ISCSIInterface string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: list of iSCSI target portal ips for high availability. - // the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) - // +optional - Portals []string - // Optional: whether support iSCSI Discovery CHAP authentication - // +optional - DiscoveryCHAPAuth bool - // Optional: whether support iSCSI Session CHAP authentication - // +optional - SessionCHAPAuth bool - // Optional: CHAP secret for iSCSI target and initiator authentication. - // The secret is used if either DiscoveryCHAPAuth or SessionCHAPAuth is true - // +optional - SecretRef *LocalObjectReference - // Optional: Custom initiator name per volume. - // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - // : will be created for the connection. - // +optional - InitiatorName *string -} - -// ISCSIPersistentVolumeSource represents an ISCSI disk. -// ISCSI volumes can only be mounted as read/write once. -// ISCSI volumes support ownership management and SELinux relabeling. -type ISCSIPersistentVolumeSource struct { - // Required: iSCSI target portal - // the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) - // +optional - TargetPortal string - // Required: target iSCSI Qualified Name - // +optional - IQN string - // Required: iSCSI target lun number - // +optional - Lun int32 - // Optional: Defaults to 'default' (tcp). iSCSI interface name that uses an iSCSI transport. - // +optional - ISCSIInterface string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: list of iSCSI target portal ips for high availability. - // the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) - // +optional - Portals []string - // Optional: whether support iSCSI Discovery CHAP authentication - // +optional - DiscoveryCHAPAuth bool - // Optional: whether support iSCSI Session CHAP authentication - // +optional - SessionCHAPAuth bool - // Optional: CHAP secret for iSCSI target and initiator authentication. - // The secret is used if either DiscoveryCHAPAuth or SessionCHAPAuth is true - // +optional - SecretRef *SecretReference - // Optional: Custom initiator name per volume. - // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - // : will be created for the connection. - // +optional - InitiatorName *string -} - -// FCVolumeSource represents a Fibre Channel volume. -// Fibre Channel volumes can only be mounted as read/write once. -// Fibre Channel volumes support ownership management and SELinux relabeling. -type FCVolumeSource struct { - // Optional: FC target worldwide names (WWNs) - // +optional - TargetWWNs []string - // Optional: FC target lun number - // +optional - Lun *int32 - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: FC volume World Wide Identifiers (WWIDs) - // Either WWIDs or TargetWWNs and Lun must be set, but not both simultaneously. - // +optional - WWIDs []string -} - -// FlexPersistentVolumeSource represents a generic persistent volume resource that is -// provisioned/attached using an exec based plugin. -type FlexPersistentVolumeSource struct { - // Driver is the name of the driver to use for this volume. - Driver string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - // +optional - FSType string - // Optional: SecretRef is reference to the secret object containing - // sensitive information to pass to the plugin scripts. This may be - // empty if no secret object is specified. If the secret object - // contains more than one secret, all secrets are passed to the plugin - // scripts. - // +optional - SecretRef *SecretReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: Extra driver options if any. - // +optional - Options map[string]string -} - -// FlexVolumeSource represents a generic volume resource that is -// provisioned/attached using an exec based plugin. -type FlexVolumeSource struct { - // Driver is the name of the driver to use for this volume. - Driver string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - // +optional - FSType string - // Optional: SecretRef is reference to the secret object containing - // sensitive information to pass to the plugin scripts. This may be - // empty if no secret object is specified. If the secret object - // contains more than one secret, all secrets are passed to the plugin - // scripts. - // +optional - SecretRef *LocalObjectReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: Extra driver options if any. - // +optional - Options map[string]string -} - -// AWSElasticBlockStoreVolumeSource represents a Persistent Disk resource in AWS. -// -// An AWS EBS disk must exist before mounting to a container. The disk -// must also be in the same AWS zone as the kubelet. An AWS EBS disk -// can only be mounted as read/write once. AWS EBS volumes support -// ownership management and SELinux relabeling. -type AWSElasticBlockStoreVolumeSource struct { - // Unique id of the persistent disk resource. Used to identify the disk in AWS - VolumeID string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: Partition on the disk to mount. - // If omitted, kubelet will attempt to mount the device name. - // Ex. For /dev/sda1, this field is "1", for /dev/sda, this field is 0 or empty. - // +optional - Partition int32 - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// GitRepoVolumeSource represents a volume that is populated with the contents of a git repository. -// Git repo volumes do not support ownership management. -// Git repo volumes support SELinux relabeling. -// -// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -// into the Pod's container. -type GitRepoVolumeSource struct { - // Repository URL - Repository string - // Commit hash, this is optional - // +optional - Revision string - // Clone target, this is optional - // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - // git repository. Otherwise, if specified, the volume will contain the git repository in - // the subdirectory with the given name. - // +optional - Directory string - // TODO: Consider credentials here. -} - -// SecretVolumeSource adapts a Secret into a volume. -// -// The contents of the target Secret's Data field will be presented in a volume -// as files using the keys in the Data field as the file names. -// Secret volumes support ownership management and SELinux relabeling. -type SecretVolumeSource struct { - // Name of the secret in the pod's namespace to use. - // +optional - SecretName string - // If unspecified, each key-value pair in the Data field of the referenced - // Secret will be projected into the volume as a file whose name is the - // key and content is the value. If specified, the listed keys will be - // projected into the specified paths, and unlisted keys will not be - // present. If a key is specified which is not present in the Secret, - // the volume setup will error unless it is marked optional. Paths must be - // relative and may not contain the '..' path or start with '..'. - // +optional - Items []KeyToPath - // Mode bits to use on created files by default. Must be a value between - // 0 and 0777. - // Directories within the path are not affected by this setting. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - DefaultMode *int32 - // Specify whether the Secret or its key must be defined - // +optional - Optional *bool -} - -// SecretProjection adapts a secret into a projected volume. -// -// The contents of the target Secret's Data field will be presented in a -// projected volume as files using the keys in the Data field as the file names. -// Note that this is identical to a secret volume source without the default -// mode. -type SecretProjection struct { - LocalObjectReference - // If unspecified, each key-value pair in the Data field of the referenced - // Secret will be projected into the volume as a file whose name is the - // key and content is the value. If specified, the listed keys will be - // projected into the specified paths, and unlisted keys will not be - // present. If a key is specified which is not present in the Secret, - // the volume setup will error unless it is marked optional. Paths must be - // relative and may not contain the '..' path or start with '..'. - // +optional - Items []KeyToPath - // Specify whether the Secret or its key must be defined - // +optional - Optional *bool -} - -// NFSVolumeSource represents an NFS mount that lasts the lifetime of a pod. -// NFS volumes do not support ownership management or SELinux relabeling. -type NFSVolumeSource struct { - // Server is the hostname or IP address of the NFS server - Server string - - // Path is the exported NFS share - Path string - - // Optional: Defaults to false (read/write). ReadOnly here will force - // the NFS export to be mounted with read-only permissions - // +optional - ReadOnly bool -} - -// QuobyteVolumeSource represents a Quobyte mount that lasts the lifetime of a pod. -// Quobyte volumes do not support ownership management or SELinux relabeling. -type QuobyteVolumeSource struct { - // Registry represents a single or multiple Quobyte Registry services - // specified as a string as host:port pair (multiple entries are separated with commas) - // which acts as the central registry for volumes - Registry string - - // Volume is a string that references an already created Quobyte volume by name. - Volume string - - // Defaults to false (read/write). ReadOnly here will force - // the Quobyte to be mounted with read-only permissions - // +optional - ReadOnly bool - - // User to map volume access to - // Defaults to the root user - // +optional - User string - - // Group to map volume access to - // Default is no group - // +optional - Group string - - // Tenant owning the given Quobyte volume in the Backend - // Used with dynamically provisioned Quobyte volumes, value is set by the plugin - // +optional - Tenant string -} - -// GlusterfsVolumeSource represents a Glusterfs mount that lasts the lifetime of a pod. -// Glusterfs volumes do not support ownership management or SELinux relabeling. -type GlusterfsVolumeSource struct { - // Required: EndpointsName is the endpoint name that details Glusterfs topology - EndpointsName string - - // Required: Path is the Glusterfs volume path - Path string - - // Optional: Defaults to false (read/write). ReadOnly here will force - // the Glusterfs to be mounted with read-only permissions - // +optional - ReadOnly bool -} - -// GlusterfsPersistentVolumeSource represents a Glusterfs mount that lasts the lifetime of a pod. -// Glusterfs volumes do not support ownership management or SELinux relabeling. -type GlusterfsPersistentVolumeSource struct { - // EndpointsName is the endpoint name that details Glusterfs topology. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - EndpointsName string - - // Path is the Glusterfs volume path. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - Path string - - // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. - // Defaults to false. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - // +optional - ReadOnly bool - - // EndpointsNamespace is the namespace that contains Glusterfs endpoint. - // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - // +optional - EndpointsNamespace *string -} - -// RBDVolumeSource represents a Rados Block Device mount that lasts the lifetime of a pod. -// RBD volumes support ownership management and SELinux relabeling. -type RBDVolumeSource struct { - // Required: CephMonitors is a collection of Ceph monitors - CephMonitors []string - // Required: RBDImage is the rados image name - RBDImage string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: RadosPool is the rados pool name,default is rbd - // +optional - RBDPool string - // Optional: RBDUser is the rados user name, default is admin - // +optional - RadosUser string - // Optional: Keyring is the path to key ring for RBDUser, default is /etc/ceph/keyring - // +optional - Keyring string - // Optional: SecretRef is name of the authentication secret for RBDUser, default is nil. - // +optional - SecretRef *LocalObjectReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// RBDPersistentVolumeSource represents a Rados Block Device mount that lasts the lifetime of a pod. -// RBD volumes support ownership management and SELinux relabeling. -type RBDPersistentVolumeSource struct { - // Required: CephMonitors is a collection of Ceph monitors - CephMonitors []string - // Required: RBDImage is the rados image name - RBDImage string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string - // Optional: RadosPool is the rados pool name,default is rbd - // +optional - RBDPool string - // Optional: RBDUser is the rados user name, default is admin - // +optional - RadosUser string - // Optional: Keyring is the path to key ring for RBDUser, default is /etc/ceph/keyring - // +optional - Keyring string - // Optional: SecretRef is reference to the authentication secret for User, default is empty. - // +optional - SecretRef *SecretReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// CinderVolumeSource represents a cinder volume resource in Openstack. A Cinder volume -// must exist before mounting to a container. The volume must also be -// in the same region as the kubelet. Cinder volumes support ownership -// management and SELinux relabeling. -type CinderVolumeSource struct { - // Unique id of the volume used to identify the cinder volume. - VolumeID string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: points to a secret object containing parameters used to connect - // to OpenStack. - // +optional - SecretRef *LocalObjectReference -} - -// CinderPersistentVolumeSource represents a cinder volume resource in Openstack. A Cinder volume -// must exist before mounting to a container. The volume must also be -// in the same region as the kubelet. Cinder volumes support ownership -// management and SELinux relabeling. -type CinderPersistentVolumeSource struct { - // Unique id of the volume used to identify the cinder volume. - VolumeID string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // Optional: points to a secret object containing parameters used to connect - // to OpenStack. - // +optional - SecretRef *SecretReference -} - -// CephFSVolumeSource represents a Ceph Filesystem mount that lasts the lifetime of a pod -// Cephfs volumes do not support ownership management or SELinux relabeling. -type CephFSVolumeSource struct { - // Required: Monitors is a collection of Ceph monitors - Monitors []string - // Optional: Used as the mounted root, rather than the full Ceph tree, default is / - // +optional - Path string - // Optional: User is the rados user name, default is admin - // +optional - User string - // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - // +optional - SecretFile string - // Optional: SecretRef is reference to the authentication secret for User, default is empty. - // +optional - SecretRef *LocalObjectReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// SecretReference represents a Secret Reference. It has enough information to retrieve secret -// in any namespace -type SecretReference struct { - // Name is unique within a namespace to reference a secret resource. - // +optional - Name string - // Namespace defines the space within which the secret name must be unique. - // +optional - Namespace string -} - -// CephFSPersistentVolumeSource represents a Ceph Filesystem mount that lasts the lifetime of a pod -// Cephfs volumes do not support ownership management or SELinux relabeling. -type CephFSPersistentVolumeSource struct { - // Required: Monitors is a collection of Ceph monitors - Monitors []string - // Optional: Used as the mounted root, rather than the full Ceph tree, default is / - // +optional - Path string - // Optional: User is the rados user name, default is admin - // +optional - User string - // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - // +optional - SecretFile string - // Optional: SecretRef is reference to the authentication secret for User, default is empty. - // +optional - SecretRef *SecretReference - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// FlockerVolumeSource represents a Flocker volume mounted by the Flocker agent. -// One and only one of datasetName and datasetUUID should be set. -// Flocker volumes do not support ownership management or SELinux relabeling. -type FlockerVolumeSource struct { - // Name of the dataset stored as metadata -> name on the dataset for Flocker - // should be considered as deprecated - // +optional - DatasetName string - // UUID of the dataset. This is unique identifier of a Flocker dataset - // +optional - DatasetUUID string -} - -// DownwardAPIVolumeSource represents a volume containing downward API info. -// Downward API volumes support ownership management and SELinux relabeling. -type DownwardAPIVolumeSource struct { - // Items is a list of DownwardAPIVolume file - // +optional - Items []DownwardAPIVolumeFile - // Mode bits to use on created files by default. Must be a value between - // 0 and 0777. - // Directories within the path are not affected by this setting. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - DefaultMode *int32 -} - -// DownwardAPIVolumeFile represents a single file containing information from the downward API -type DownwardAPIVolumeFile struct { - // Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - Path string - // Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. - // +optional - FieldRef *ObjectFieldSelector - // Selects a resource of the container: only resources limits and requests - // (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - // +optional - ResourceFieldRef *ResourceFieldSelector - // Optional: mode bits to use on this file, must be a value between 0 - // and 0777. If not specified, the volume defaultMode will be used. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - Mode *int32 -} - -// DownwardAPIProjection represents downward API info for projecting into a projected volume. -// Note that this is identical to a downwardAPI volume source without the default -// mode. -type DownwardAPIProjection struct { - // Items is a list of DownwardAPIVolume file - // +optional - Items []DownwardAPIVolumeFile -} - -// AzureFileVolumeSource azureFile represents an Azure File Service mount on the host and bind mount to the pod. -type AzureFileVolumeSource struct { - // the name of secret that contains Azure Storage Account Name and Key - SecretName string - // Share Name - ShareName string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// AzureFilePersistentVolumeSource represents an Azure File Service mount on the host and bind mount to the pod. -type AzureFilePersistentVolumeSource struct { - // the name of secret that contains Azure Storage Account Name and Key - SecretName string - // Share Name - ShareName string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // the namespace of the secret that contains Azure Storage Account Name and Key - // default is the same as the Pod - // +optional - SecretNamespace *string -} - -// VsphereVirtualDiskVolumeSource represents a vSphere volume resource. -type VsphereVirtualDiskVolumeSource struct { - // Path that identifies vSphere volume vmdk - VolumePath string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Storage Policy Based Management (SPBM) profile name. - // +optional - StoragePolicyName string - // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - // +optional - StoragePolicyID string -} - -// PhotonPersistentDiskVolumeSource represents a Photon Controller persistent disk resource. -type PhotonPersistentDiskVolumeSource struct { - // ID that identifies Photon Controller persistent disk - PdID string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - FSType string -} - -// PortworxVolumeSource represents a Portworx volume resource. -type PortworxVolumeSource struct { - // VolumeID uniquely identifies a Portworx volume - VolumeID string - // FSType represents the filesystem type to mount - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// AzureDataDiskCachingMode defines the caching mode for Azure data disk -type AzureDataDiskCachingMode string - -// AzureDataDiskKind defines the kind of Azure data disk -type AzureDataDiskKind string - -// Defines cache mode and kinds for Azure data disk -const ( - AzureDataDiskCachingNone AzureDataDiskCachingMode = "None" - AzureDataDiskCachingReadOnly AzureDataDiskCachingMode = "ReadOnly" - AzureDataDiskCachingReadWrite AzureDataDiskCachingMode = "ReadWrite" - - AzureSharedBlobDisk AzureDataDiskKind = "Shared" - AzureDedicatedBlobDisk AzureDataDiskKind = "Dedicated" - AzureManagedDisk AzureDataDiskKind = "Managed" -) - -// AzureDiskVolumeSource represents an Azure Data Disk mount on the host and bind mount to the pod. -type AzureDiskVolumeSource struct { - // The Name of the data disk in the blob storage - DiskName string - // The URI of the data disk in the blob storage - DataDiskURI string - // Host Caching mode: None, Read Only, Read Write. - // +optional - CachingMode *AzureDataDiskCachingMode - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType *string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly *bool - // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - Kind *AzureDataDiskKind -} - -// ScaleIOVolumeSource represents a persistent ScaleIO volume -type ScaleIOVolumeSource struct { - // The host address of the ScaleIO API Gateway. - Gateway string - // The name of the storage system as configured in ScaleIO. - System string - // SecretRef references to the secret for ScaleIO user and other - // sensitive information. If this is not provided, Login operation will fail. - SecretRef *LocalObjectReference - // Flag to enable/disable SSL communication with Gateway, default false - // +optional - SSLEnabled bool - // The name of the ScaleIO Protection Domain for the configured storage. - // +optional - ProtectionDomain string - // The ScaleIO Storage Pool associated with the protection domain. - // +optional - StoragePool string - // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - // Default is ThinProvisioned. - // +optional - StorageMode string - // The name of a volume already created in the ScaleIO system - // that is associated with this volume source. - VolumeName string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // Default is "xfs". - // +optional - FSType string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume that can be defined -// by a an admin via a storage class, for instance. -type ScaleIOPersistentVolumeSource struct { - // The host address of the ScaleIO API Gateway. - Gateway string - // The name of the storage system as configured in ScaleIO. - System string - // SecretRef references to the secret for ScaleIO user and other - // sensitive information. If this is not provided, Login operation will fail. - SecretRef *SecretReference - // Flag to enable/disable SSL communication with Gateway, default false - // +optional - SSLEnabled bool - // The name of the ScaleIO Protection Domain for the configured storage. - // +optional - ProtectionDomain string - // The ScaleIO Storage Pool associated with the protection domain. - // +optional - StoragePool string - // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - // Default is ThinProvisioned. - // +optional - StorageMode string - // The name of a volume created in the ScaleIO system - // that is associated with this volume source. - VolumeName string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // Default is "xfs". - // +optional - FSType string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool -} - -// StorageOSVolumeSource represents a StorageOS persistent volume resource. -type StorageOSVolumeSource struct { - // VolumeName is the human-readable name of the StorageOS volume. Volume - // names are only unique within a namespace. - VolumeName string - // VolumeNamespace specifies the scope of the volume within StorageOS. If no - // namespace is specified then the Pod's namespace will be used. This allows the - // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - // Set VolumeName to any name to override the default behaviour. - // Set to "default" if you are not using namespaces within StorageOS. - // Namespaces that do not pre-exist within StorageOS will be created. - // +optional - VolumeNamespace string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // SecretRef specifies the secret to use for obtaining the StorageOS API - // credentials. If not specified, default values will be attempted. - // +optional - SecretRef *LocalObjectReference -} - -// StorageOSPersistentVolumeSource represents a StorageOS persistent volume resource. -type StorageOSPersistentVolumeSource struct { - // VolumeName is the human-readable name of the StorageOS volume. Volume - // names are only unique within a namespace. - VolumeName string - // VolumeNamespace specifies the scope of the volume within StorageOS. If no - // namespace is specified then the Pod's namespace will be used. This allows the - // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - // Set VolumeName to any name to override the default behaviour. - // Set to "default" if you are not using namespaces within StorageOS. - // Namespaces that do not pre-exist within StorageOS will be created. - // +optional - VolumeNamespace string - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool - // SecretRef specifies the secret to use for obtaining the StorageOS API - // credentials. If not specified, default values will be attempted. - // +optional - SecretRef *ObjectReference -} - -// ConfigMapVolumeSource adapts a ConfigMap into a volume. -// -// The contents of the target ConfigMap's Data field will be presented in a -// volume as files using the keys in the Data field as the file names, unless -// the items element is populated with specific mappings of keys to paths. -// ConfigMap volumes support ownership management and SELinux relabeling. -type ConfigMapVolumeSource struct { - LocalObjectReference - // If unspecified, each key-value pair in the Data field of the referenced - // ConfigMap will be projected into the volume as a file whose name is the - // key and content is the value. If specified, the listed keys will be - // projected into the specified paths, and unlisted keys will not be - // present. If a key is specified which is not present in the ConfigMap, - // the volume setup will error unless it is marked optional. Paths must be - // relative and may not contain the '..' path or start with '..'. - // +optional - Items []KeyToPath - // Mode bits to use on created files by default. Must be a value between - // 0 and 0777. - // Directories within the path are not affected by this setting. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - DefaultMode *int32 - // Specify whether the ConfigMap or its keys must be defined - // +optional - Optional *bool -} - -// ConfigMapProjection adapts a ConfigMap into a projected volume. -// -// The contents of the target ConfigMap's Data field will be presented in a -// projected volume as files using the keys in the Data field as the file names, -// unless the items element is populated with specific mappings of keys to paths. -// Note that this is identical to a configmap volume source without the default -// mode. -type ConfigMapProjection struct { - LocalObjectReference - // If unspecified, each key-value pair in the Data field of the referenced - // ConfigMap will be projected into the volume as a file whose name is the - // key and content is the value. If specified, the listed keys will be - // projected into the specified paths, and unlisted keys will not be - // present. If a key is specified which is not present in the ConfigMap, - // the volume setup will error unless it is marked optional. Paths must be - // relative and may not contain the '..' path or start with '..'. - // +optional - Items []KeyToPath - // Specify whether the ConfigMap or its keys must be defined - // +optional - Optional *bool -} - -// ServiceAccountTokenProjection represents a projected service account token -// volume. This projection can be used to insert a service account token into -// the pods runtime filesystem for use against APIs (Kubernetes API Server or -// otherwise). -type ServiceAccountTokenProjection struct { - // Audience is the intended audience of the token. A recipient of a token - // must identify itself with an identifier specified in the audience of the - // token, and otherwise should reject the token. The audience defaults to the - // identifier of the apiserver. - Audience string - // ExpirationSeconds is the requested duration of validity of the service - // account token. As the token approaches expiration, the kubelet volume - // plugin will proactively rotate the service account token. The kubelet will - // start trying to rotate the token if the token is older than 80 percent of - // its time to live or if the token is older than 24 hours.Defaults to 1 hour - // and must be at least 10 minutes. - ExpirationSeconds int64 - // Path is the path relative to the mount point of the file to project the - // token into. - Path string -} - -// ClusterTrustBundleProjection allows a pod to access the -// `.spec.trustBundle` field of a ClusterTrustBundle object in an auto-updating -// file. -type ClusterTrustBundleProjection struct { - // Select a single ClusterTrustBundle by object name. Mutually-exclusive - // with SignerName and LabelSelector. - Name *string - - // Select all ClusterTrustBundles for this signer that match LabelSelector. - // Mutually-exclusive with Name. - SignerName *string - - // Select all ClusterTrustBundles that match this LabelSelecotr. - // Mutually-exclusive with Name. - LabelSelector *metav1.LabelSelector - - // Block pod startup if the selected ClusterTrustBundle(s) aren't available? - Optional *bool - - // Relative path from the volume root to write the bundle. - Path string -} - -// PodCertificateProjection provides a private key and X.509 certificate in -// a combined file. -type PodCertificateProjection struct { - // Kubelet's generated CSRs will be addressed to this signer. - SignerName string - - // The type of keypair Kubelet will generate for the pod. - // - // Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", - // "ECDSAP521", and "ED25519". - KeyType string - - // maxExpirationSeconds is the maximum lifetime permitted for the - // certificate. - // - // Kubelet copies this value verbatim into the PodCertificateRequests it - // generates for this projection. - // - // If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver - // will reject values shorter than 3600 (1 hour). The maximum allowable - // value is 7862400 (91 days). - // - // The signer implementation is then free to issue a certificate with any - // lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 - // seconds (1 hour). This constraint is enforced by kube-apiserver. - // `kubernetes.io` signers will never issue certificates with a lifetime - // longer than 24 hours. - MaxExpirationSeconds *int32 - - // Write the credential bundle at this path in the projected volume. - // - // The credential bundle is a single file that contains multiple PEM blocks. - // The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private - // key. - // - // The remaining blocks are CERTIFICATE blocks, containing the issued - // certificate chain from the signer (leaf and any intermediates). - // - // Using credentialBundlePath lets your Pod's application code make a single - // atomic read that retrieves a consistent key and certificate chain. If you - // project them to separate files, your application code will need to - // additionally check that the leaf certificate was issued to the key. - CredentialBundlePath string - - // Write the key at this path in the projected volume. - // - // When using keyPath and certificateChainPath, your application needs to check - // that the key and leaf certificate are consistent, because it is possible to - // read the files mid-rotation. - KeyPath string - - // Write the certificate chain at this path in the projected volume. - CertificateChainPath string - - // userAnnotations allow pod authors to pass additional information to - // the signer implementation. Kubernetes does not restrict or validate this - // metadata in any way. - // - // These values are copied verbatim into the `spec.unverifiedUserAnnotations` field of - // the PodCertificateRequest objects that Kubelet creates. - // - // Entries are subject to the same validation as object metadata annotations, - // with the addition that all keys must be domain-prefixed. No restrictions - // are placed on values, except an overall size limitation on the entire field. - // - // Signers should document the keys and values they support. Signers should - // deny requests that contain keys they do not recognize. - UserAnnotations map[string]string -} - -// ProjectedVolumeSource represents a projected volume source -type ProjectedVolumeSource struct { - // list of volume projections - Sources []VolumeProjection - // Mode bits to use on created files by default. Must be a value between - // 0 and 0777. - // Directories within the path are not affected by this setting. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - DefaultMode *int32 -} - -// VolumeProjection that may be projected along with other supported volume types -type VolumeProjection struct { - // all types below are the supported types for projection into the same volume - - // information about the secret data to project - Secret *SecretProjection - // information about the downwardAPI data to project - DownwardAPI *DownwardAPIProjection - // information about the configMap data to project - ConfigMap *ConfigMapProjection - // information about the serviceAccountToken data to project - ServiceAccountToken *ServiceAccountTokenProjection - // information about the ClusterTrustBundle data to project - ClusterTrustBundle *ClusterTrustBundleProjection - // information about the pod certificate to project. - PodCertificate *PodCertificateProjection -} - -// KeyToPath maps a string key to a path within a volume. -type KeyToPath struct { - // The key to project. - Key string - - // The relative path of the file to map the key to. - // May not be an absolute path. - // May not contain the path element '..'. - // May not start with the string '..'. - Path string - // Optional: mode bits to use on this file, should be a value between 0 - // and 0777. If not specified, the volume defaultMode will be used. - // This might be in conflict with other options that affect the file - // mode, like fsGroup, and the result can be other mode bits set. - // +optional - Mode *int32 -} - -// LocalVolumeSource represents directly-attached storage with node affinity -type LocalVolumeSource struct { - // The full path to the volume on the node. - // It can be either a directory or block device (disk, partition, ...). - Path string - - // Filesystem type to mount. - // It applies only when the Path is a block device. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a filesystem if unspecified. - // +optional - FSType *string -} - -// CSIPersistentVolumeSource represents storage that is managed by an external CSI volume driver. -type CSIPersistentVolumeSource struct { - // Driver is the name of the driver to use for this volume. - // Required. - Driver string - - // VolumeHandle is the unique volume name returned by the CSI volume - // plugin’s CreateVolume to refer to the volume on all subsequent calls. - // Required. - VolumeHandle string - - // Optional: The value to pass to ControllerPublishVolumeRequest. - // Defaults to false (read/write). - // +optional - ReadOnly bool - - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // +optional - FSType string - - // Attributes of the volume to publish. - // +optional - VolumeAttributes map[string]string - - // ControllerPublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // ControllerPublishVolume and ControllerUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - ControllerPublishSecretRef *SecretReference - - // NodeStageSecretRef is a reference to the secret object containing sensitive - // information to pass to the CSI driver to complete the CSI NodeStageVolume - // and NodeStageVolume and NodeUnstageVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - NodeStageSecretRef *SecretReference - - // NodePublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // NodePublishVolume and NodeUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - NodePublishSecretRef *SecretReference - - // ControllerExpandSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // ControllerExpandVolume call. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - ControllerExpandSecretRef *SecretReference - - // NodeExpandSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // NodeExpandVolume call. - // This field is optional, may be omitted if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - NodeExpandSecretRef *SecretReference -} - -// CSIVolumeSource represents a source location of a volume to mount, managed by an external CSI driver -type CSIVolumeSource struct { - // Driver is the name of the CSI driver that handles this volume. - // Consult with your admin for the correct name as registered in the cluster. - // Required. - Driver string - - // Specifies a read-only configuration for the volume. - // Defaults to false (read/write). - // +optional - ReadOnly *bool - - // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". - // If not provided, the empty value is passed to the associated CSI driver - // which will determine the default filesystem to apply. - // +optional - FSType *string - - // VolumeAttributes stores driver-specific properties that are passed to the CSI - // driver. Consult your driver's documentation for supported values. - // +optional - VolumeAttributes map[string]string - - // NodePublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // NodePublishVolume and NodeUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secret references are passed. - // +optional - NodePublishSecretRef *LocalObjectReference -} - -// EphemeralVolumeSource represents an ephemeral volume that is handled by a normal storage driver. -type EphemeralVolumeSource struct { - // VolumeClaimTemplate will be used to create a stand-alone PVC to provision the volume. - // The pod in which this EphemeralVolumeSource is embedded will be the - // owner of the PVC, i.e. the PVC will be deleted together with the - // pod. The name of the PVC will be `-` where - // `` is the name from the `PodSpec.Volumes` array - // entry. Pod validation will reject the pod if the concatenated name - // is not valid for a PVC (for example, too long). - // - // An existing PVC with that name that is not owned by the pod - // will *not* be used for the pod to avoid using an unrelated - // volume by mistake. Starting the pod is then blocked until - // the unrelated PVC is removed. If such a pre-created PVC is - // meant to be used by the pod, the PVC has to updated with an - // owner reference to the pod once the pod exists. Normally - // this should not be necessary, but it may be useful when - // manually reconstructing a broken cluster. - // - // This field is read-only and no changes will be made by Kubernetes - // to the PVC after it has been created. - // - // Required, must not be nil. - VolumeClaimTemplate *PersistentVolumeClaimTemplate -} - -// PersistentVolumeClaimTemplate is used to produce -// PersistentVolumeClaim objects as part of an EphemeralVolumeSource. -type PersistentVolumeClaimTemplate struct { - // ObjectMeta may contain labels and annotations that will be copied into the PVC - // when creating it. No other fields are allowed and will be rejected during - // validation. - // +optional - metav1.ObjectMeta - - // Spec for the PersistentVolumeClaim. The entire content is - // copied unchanged into the PVC that gets created from this - // template. The same fields as in a PersistentVolumeClaim - // are also valid here. - Spec PersistentVolumeClaimSpec -} - -// ContainerPort represents a network port in a single container -type ContainerPort struct { - // Optional: If specified, this must be an IANA_SVC_NAME Each named port - // in a pod must have a unique name. - // +optional - Name string - // Optional: If specified, this must be a valid port number, 0 < x < 65536. - // If HostNetwork is specified, this must match ContainerPort. - // +optional - HostPort int32 - // Required: This must be a valid port number, 0 < x < 65536. - ContainerPort int32 - // Required: Supports "TCP", "UDP" and "SCTP" - // +optional - Protocol Protocol - // Optional: What host IP to bind the external port to. - // +optional - HostIP string -} - -// VolumeMount describes a mounting of a Volume within a container. -type VolumeMount struct { - // Required: This must match the Name of a Volume [above]. - Name string - // Optional: Defaults to false (read-write). - // +optional - ReadOnly bool - // RecursiveReadOnly specifies whether read-only mounts should be handled - // recursively. - // - // If ReadOnly is false, this field has no meaning and must be unspecified. - // - // If ReadOnly is true, and this field is set to Disabled, the mount is not made - // recursively read-only. If this field is set to IfPossible, the mount is made - // recursively read-only, if it is supported by the container runtime. If this - // field is set to Enabled, the mount is made recursively read-only if it is - // supported by the container runtime, otherwise the pod will not be started and - // an error will be generated to indicate the reason. - // - // If this field is set to IfPossible or Enabled, MountPropagation must be set to - // None (or be unspecified, which defaults to None). - // - // If this field is not specified, it is treated as an equivalent of Disabled. - // +optional - RecursiveReadOnly *RecursiveReadOnlyMode - // Required. If the path is not an absolute path (e.g. some/path) it - // will be prepended with the appropriate root prefix for the operating - // system. On Linux this is '/', on Windows this is 'C:\'. - MountPath string - // Path within the volume from which the container's volume should be mounted. - // Defaults to "" (volume's root). - // +optional - SubPath string - // mountPropagation determines how mounts are propagated from the host - // to container and the other way around. - // When not set, MountPropagationNone is used. - // This field is beta in 1.10. - // When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified - // (which defaults to None). - // +optional - MountPropagation *MountPropagationMode - // Expanded path within the volume from which the container's volume should be mounted. - // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - // Defaults to "" (volume's root). - // SubPathExpr and SubPath are mutually exclusive. - // +optional - SubPathExpr string -} - -// MountPropagationMode describes mount propagation. -type MountPropagationMode string - -const ( - // MountPropagationNone means that the volume in a container will - // not receive new mounts from the host or other containers, and filesystems - // mounted inside the container won't be propagated to the host or other - // containers. - // Note that this mode corresponds to "private" in Linux terminology. - MountPropagationNone MountPropagationMode = "None" - // MountPropagationHostToContainer means that the volume in a container will - // receive new mounts from the host or other containers, but filesystems - // mounted inside the container won't be propagated to the host or other - // containers. - // Note that this mode is recursively applied to all mounts in the volume - // ("rslave" in Linux terminology). - MountPropagationHostToContainer MountPropagationMode = "HostToContainer" - // MountPropagationBidirectional means that the volume in a container will - // receive new mounts from the host or other containers, and its own mounts - // will be propagated from the container to the host or other containers. - // Note that this mode is recursively applied to all mounts in the volume - // ("rshared" in Linux terminology). - MountPropagationBidirectional MountPropagationMode = "Bidirectional" -) - -// RecursiveReadOnlyMode describes recursive-readonly mode. -type RecursiveReadOnlyMode string - -const ( - // RecursiveReadOnlyDisabled disables recursive-readonly mode. - RecursiveReadOnlyDisabled RecursiveReadOnlyMode = "Disabled" - // RecursiveReadOnlyIfPossible enables recursive-readonly mode if possible. - RecursiveReadOnlyIfPossible RecursiveReadOnlyMode = "IfPossible" - // RecursiveReadOnlyEnabled enables recursive-readonly mode, or raise an error. - RecursiveReadOnlyEnabled RecursiveReadOnlyMode = "Enabled" -) - -// VolumeDevice describes a mapping of a raw block device within a container. -type VolumeDevice struct { - // name must match the name of a persistentVolumeClaim in the pod - Name string - // devicePath is the path inside of the container that the device will be mapped to. - DevicePath string -} - -// EnvVar represents an environment variable present in a Container. -type EnvVar struct { - // Required: Name of the environment variable. - // May consist of any printable ASCII characters except '='. - Name string - // Optional: no more than one of the following may be specified. - // Optional: Defaults to ""; variable references $(VAR_NAME) are expanded - // using the previously defined environment variables in the container and - // any service environment variables. If a variable cannot be resolved, - // the reference in the input string will be unchanged. Double $$ are - // reduced to a single $, which allows for escaping the $(VAR_NAME) - // syntax: i.e. "$$(VAR_NAME)" will produce the string literal - // "$(VAR_NAME)". Escaped references will never be expanded, - // regardless of whether the variable exists or not. - // +optional - Value string - // Optional: Specifies a source the value of this var should come from. - // +optional - ValueFrom *EnvVarSource -} - -// EnvVarSource represents a source for the value of an EnvVar. -// Only one of its fields may be set. -type EnvVarSource struct { - // Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - // metadata.uid, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - // +optional - FieldRef *ObjectFieldSelector - // Selects a resource of the container: only resources limits and requests - // (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - // +optional - ResourceFieldRef *ResourceFieldSelector - // Selects a key of a ConfigMap. - // +optional - ConfigMapKeyRef *ConfigMapKeySelector - // Selects a key of a secret in the pod's namespace. - // +optional - SecretKeyRef *SecretKeySelector - // FileKeyRef selects a key of the env file. - // Requires the EnvFiles feature gate to be enabled. - // - // +featureGate=EnvFiles - // +optional - FileKeyRef *FileKeySelector -} - -// FileKeySelector selects a key of the env file. -type FileKeySelector struct { - // The name of the volume mount containing the env file. - // +required - VolumeName string - // The path within the volume from which to select the file. - // Must be relative and may not contain the '..' path or start with '..'. - // +required - Path string - // The key within the env file. An invalid key will prevent the pod from starting. - // The keys defined within a source may consist of any printable ASCII characters except '='. - // During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. - // +required - Key string - // Specify whether the file or its key must be defined. If the file or key - // does not exist, then the env var is not published. - // If optional is set to true and the specified key does not exist, - // the environment variable will not be set in the Pod's containers. - // - // If optional is set to false and the specified key does not exist, - // an error will be returned during Pod creation. - // +optional - // +default=false - Optional *bool -} - -// ObjectFieldSelector selects an APIVersioned field of an object. -type ObjectFieldSelector struct { - // Required: Version of the schema the FieldPath is written in terms of. - // If no value is specified, it will be defaulted to the APIVersion of the - // enclosing object. - APIVersion string - // Required: Path of the field to select in the specified API version - FieldPath string -} - -// ResourceFieldSelector represents container resources (cpu, memory) and their output format -type ResourceFieldSelector struct { - // Container name: required for volumes, optional for env vars - // +optional - ContainerName string - // Required: resource to select - Resource string - // Specifies the output format of the exposed resources, defaults to "1" - // +optional - Divisor resource.Quantity -} - -// ConfigMapKeySelector selects a key from a ConfigMap. -type ConfigMapKeySelector struct { - // The ConfigMap to select from. - LocalObjectReference - // The key to select. - Key string - // Specify whether the ConfigMap or its key must be defined - // +optional - Optional *bool -} - -// SecretKeySelector selects a key of a Secret. -type SecretKeySelector struct { - // The name of the secret in the pod's namespace to select from. - LocalObjectReference - // The key of the secret to select from. Must be a valid secret key. - Key string - // Specify whether the Secret or its key must be defined - // +optional - Optional *bool -} - -// EnvFromSource represents the source of a set of ConfigMaps or Secrets -type EnvFromSource struct { - // Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. - // +optional - Prefix string - // The ConfigMap to select from. - // +optional - ConfigMapRef *ConfigMapEnvSource - // The Secret to select from. - // +optional - SecretRef *SecretEnvSource -} - -// ConfigMapEnvSource selects a ConfigMap to populate the environment -// variables with. -// -// The contents of the target ConfigMap's Data field will represent the -// key-value pairs as environment variables. -type ConfigMapEnvSource struct { - // The ConfigMap to select from. - LocalObjectReference - // Specify whether the ConfigMap must be defined - // +optional - Optional *bool -} - -// SecretEnvSource selects a Secret to populate the environment -// variables with. -// -// The contents of the target Secret's Data field will represent the -// key-value pairs as environment variables. -type SecretEnvSource struct { - // The Secret to select from. - LocalObjectReference - // Specify whether the Secret must be defined - // +optional - Optional *bool -} - -// HTTPHeader describes a custom header to be used in HTTP probes -type HTTPHeader struct { - // The header field name. - // This will be canonicalized upon output, so case-variant names will be understood as the same header. - Name string - // The header field value - Value string -} - -// HTTPGetAction describes an action based on HTTP Get requests. -type HTTPGetAction struct { - // Optional: Path to access on the HTTP server. - // +optional - Path string - // Required: Name or number of the port to access on the container. - // +optional - Port intstr.IntOrString - // Optional: Host name to connect to, defaults to the pod IP. You - // probably want to set "Host" in httpHeaders instead. - // +optional - Host string - // Optional: Scheme to use for connecting to the host, defaults to HTTP. - // +optional - Scheme URIScheme - // Optional: Custom headers to set in the request. HTTP allows repeated headers. - // +optional - HTTPHeaders []HTTPHeader -} - -// URIScheme identifies the scheme used for connection to a host for Get actions -type URIScheme string - -const ( - // URISchemeHTTP means that the scheme used will be http:// - URISchemeHTTP URIScheme = "HTTP" - // URISchemeHTTPS means that the scheme used will be https:// - URISchemeHTTPS URIScheme = "HTTPS" -) - -// TCPSocketAction describes an action based on opening a socket -type TCPSocketAction struct { - // Required: Port to connect to. - // +optional - Port intstr.IntOrString - // Optional: Host name to connect to, defaults to the pod IP. - // +optional - Host string -} - -// ExecAction describes a "run in container" action. -type ExecAction struct { - // Command is the command line to execute inside the container, the working directory for the - // command is root ('/') in the container's filesystem. The command is simply exec'd, it is - // not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - // a shell, you need to explicitly call out to that shell. - // +optional - Command []string -} - -// SleepAction describes a "sleep" action. -type SleepAction struct { - // Seconds is the number of seconds to sleep. - Seconds int64 -} - -// Probe describes a health check to be performed against a container to determine whether it is -// alive or ready to receive traffic. -type Probe struct { - // The action taken to determine the health of a container - ProbeHandler - // Length of time before health checking is activated. In seconds. - // +optional - InitialDelaySeconds int32 - // Length of time before health checking times out. In seconds. - // +optional - TimeoutSeconds int32 - // How often (in seconds) to perform the probe. - // +optional - PeriodSeconds int32 - // Minimum consecutive successes for the probe to be considered successful after having failed. - // Must be 1 for liveness and startup. - // +optional - SuccessThreshold int32 - // Minimum consecutive failures for the probe to be considered failed after having succeeded. - // +optional - FailureThreshold int32 - // Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - // The grace period is the duration in seconds after the processes running in the pod are sent - // a termination signal and the time when the processes are forcibly halted with a kill signal. - // Set this value longer than the expected cleanup time for your process. - // If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - // value overrides the value provided by the pod spec. - // Value must be non-negative integer. The value zero indicates stop immediately via - // the kill signal (no opportunity to shut down). - // This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - // +optional - TerminationGracePeriodSeconds *int64 -} - -// PullPolicy describes a policy for if/when to pull a container image -type PullPolicy string - -const ( - // PullAlways means that kubelet always attempts to pull the latest image. Container will fail If the pull fails. - PullAlways PullPolicy = "Always" - // PullNever means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present - PullNever PullPolicy = "Never" - // PullIfNotPresent means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails. - PullIfNotPresent PullPolicy = "IfNotPresent" -) - -// ResourceResizeRestartPolicy specifies how to handle container resource resize. -type ResourceResizeRestartPolicy string - -// These are the valid resource resize restart policy values: -const ( - // 'NotRequired' means Kubernetes will try to resize the container - // without restarting it, if possible. Kubernetes may however choose to - // restart the container if it is unable to actuate resize without a - // restart. For e.g. the runtime doesn't support restart-free resizing. - NotRequired ResourceResizeRestartPolicy = "NotRequired" - // 'RestartContainer' means Kubernetes will resize the container in-place - // by stopping and starting the container when new resources are applied. - // This is needed for legacy applications. For e.g. java apps using the - // -xmxN flag which are unable to use resized memory without restarting. - RestartContainer ResourceResizeRestartPolicy = "RestartContainer" -) - -// ContainerResizePolicy represents resource resize policy for the container. -type ContainerResizePolicy struct { - // Name of the resource to which this resource resize policy applies. - // Supported values: cpu, memory. - ResourceName ResourceName - // Restart policy to apply when specified resource is resized. - // If not specified, it defaults to NotRequired. - RestartPolicy ResourceResizeRestartPolicy -} - -// PreemptionPolicy describes a policy for if/when to preempt a pod. -type PreemptionPolicy string - -const ( - // PreemptLowerPriority means that pod can preempt other pods with lower priority. - PreemptLowerPriority PreemptionPolicy = "PreemptLowerPriority" - // PreemptNever means that pod never preempts other pods with lower priority. - PreemptNever PreemptionPolicy = "Never" -) - -// TerminationMessagePolicy describes how termination messages are retrieved from a container. -type TerminationMessagePolicy string - -const ( - // TerminationMessageReadFile is the default behavior and will set the container status message to - // the contents of the container's terminationMessagePath when the container exits. - TerminationMessageReadFile TerminationMessagePolicy = "File" - // TerminationMessageFallbackToLogsOnError will read the most recent contents of the container logs - // for the container status message when the container exits with an error and the - // terminationMessagePath has no contents. - TerminationMessageFallbackToLogsOnError TerminationMessagePolicy = "FallbackToLogsOnError" -) - -// Capability represent POSIX capabilities type -type Capability string - -// Capabilities represent POSIX capabilities that can be added or removed to a running container. -type Capabilities struct { - // Added capabilities - // +optional - Add []Capability - // Removed capabilities - // +optional - Drop []Capability -} - -// ResourceRequirements describes the compute resource requirements. -type ResourceRequirements struct { - // Limits describes the maximum amount of compute resources allowed. - // +optional - Limits ResourceList - // Requests describes the minimum amount of compute resources required. - // If Request is omitted for a container, it defaults to Limits if that is explicitly specified, - // otherwise to an implementation-defined value - // +optional - Requests ResourceList - // Claims lists the names of resources, defined in spec.resourceClaims, - // that are used by this container. - // - // This field depends on the - // DynamicResourceAllocation feature gate. - // - // This field is immutable. It can only be set for containers. - // - // +featureGate=DynamicResourceAllocation - // +optional - Claims []ResourceClaim -} - -// VolumeResourceRequirements describes the storage resource requirements for a volume. -type VolumeResourceRequirements struct { - // Limits describes the maximum amount of compute resources allowed. - // +optional - Limits ResourceList - // Requests describes the minimum amount of compute resources required. - // If Request is omitted for a container, it defaults to Limits if that is explicitly specified, - // otherwise to an implementation-defined value - // +optional - Requests ResourceList -} - -// ResourceClaim references one entry in PodSpec.ResourceClaims. -type ResourceClaim struct { - // Name must match the name of one entry in pod.spec.resourceClaims of - // the Pod where this field is used. It makes that resource available - // inside a container. - Name string - - // Request is the name chosen for a request in the referenced claim. - // If empty, everything from the claim is made available, otherwise - // only the result of this request. - // - // +optional - Request string -} - -// Container represents a single container that is expected to be run on the host. -type Container struct { - // Required: This must be a DNS_LABEL. Each container in a pod must - // have a unique name. - Name string - // Required. - Image string - // Optional: The container image's entrypoint is used if this is not provided; cannot be updated. - // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - // of whether the variable exists or not. - // +optional - Command []string - // Optional: The container image's cmd is used if this is not provided; cannot be updated. - // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - // of whether the variable exists or not. - // +optional - Args []string - // Optional: Defaults to the container runtime's default working directory. - // +optional - WorkingDir string - // +optional - Ports []ContainerPort - // List of sources to populate environment variables in the container. - // The keys defined within a source must be a C_IDENTIFIER. All invalid keys - // will be reported as an event when the container is starting. When a key exists in multiple - // sources, the value associated with the last source will take precedence. - // Values defined by an Env with a duplicate key will take precedence. - // Cannot be updated. - // +optional - EnvFrom []EnvFromSource - // +optional - Env []EnvVar - // Compute resource requirements. - // +optional - Resources ResourceRequirements - // Resources resize policy for the container. - // This field cannot be set on ephemeral containers. - // +featureGate=InPlacePodVerticalScaling - // +optional - ResizePolicy []ContainerResizePolicy - // RestartPolicy defines the restart behavior of individual containers in a pod. - // This overrides the pod-level restart policy. When this field is not specified, - // the restart behavior is defined by the Pod's restart policy and the container type. - // If restartPolicyRules are specified, the container-level restartPolicy is also - // required as the "default" policy if no rules matched. The restartPolicyRules takes - // precedence over the container-level restart policies. This is an alpha-level feature - // and is controlled by the feature gate "ContainerRestartRules". If the feature is - // not enabled, the only allowed value is "Always". - // Additionally, setting the RestartPolicy as "Always" for the init container will - // have the following effect: - // this init container will be continually restarted on - // exit until all regular containers have terminated. Once all regular - // containers have completed, all init containers with restartPolicy "Always" - // will be shut down. This lifecycle differs from normal init containers and - // is often referred to as a "sidecar" container. Although this init - // container still starts in the init container sequence, it does not wait - // for the container to complete before proceeding to the next init - // container. Instead, the next init container starts immediately after this - // init container is started, or after any startupProbe has successfully - // completed. - // +optional - RestartPolicy *ContainerRestartPolicy - // Represents a list of rules to be checked to determine if the - // container should be restarted on exit. The rules are evaluated in - // order. Once a rule matches a container exit condition, the remaining - // rules are ignored. If no rule matches the container exit condition, - // the Container-level restart policy determines the whether the container - // is restarted or not. This is an alpha-level feature, and controlled by - // the feature gate "ContainerRestartRules". If the feature is not enabled, - // this field is not allowed. Constraints on the rules: - // - At most 20 rules are allowed. - // - Rules can have the same action. - // - Identical rules are not forbidden in validations. - // When rules are specified, container MUST set RestartPolicy explicitly - // even it if matches the Pod's RestartPolicy. - // +featureGate=ContainerRestartRules - // +optional - // +listType=atomic - RestartPolicyRules []ContainerRestartRule - // +optional - VolumeMounts []VolumeMount - // volumeDevices is the list of block devices to be used by the container. - // +optional - VolumeDevices []VolumeDevice - // +optional - LivenessProbe *Probe - // +optional - ReadinessProbe *Probe - // +optional - StartupProbe *Probe - // +optional - Lifecycle *Lifecycle - // Required. - // +optional - TerminationMessagePath string - // +optional - TerminationMessagePolicy TerminationMessagePolicy - // Required: Policy for pulling images for this container - ImagePullPolicy PullPolicy - // Optional: SecurityContext defines the security options the container should be run with. - // If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - // +optional - SecurityContext *SecurityContext - - // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) - // and shouldn't be used for general purpose containers. - // +optional - Stdin bool - // +optional - StdinOnce bool - // +optional - TTY bool -} - -// ProbeHandler defines a specific action that should be taken in a probe. -// One and only one of the fields must be specified. -type ProbeHandler struct { - // Exec specifies the action to take. - // +optional - Exec *ExecAction - // HTTPGet specifies the http request to perform. - // +optional - HTTPGet *HTTPGetAction - // TCPSocket specifies an action involving a TCP port. - // +optional - TCPSocket *TCPSocketAction - - // GRPC specifies an action involving a GRPC port. - // +optional - GRPC *GRPCAction -} - -// LifecycleHandler defines a specific action that should be taken in a lifecycle -// hook. One and only one of the fields, except TCPSocket must be specified. -type LifecycleHandler struct { - // Exec specifies the action to take. - // +optional - Exec *ExecAction - // HTTPGet specifies the http request to perform. - // +optional - HTTPGet *HTTPGetAction - // Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - // for the backward compatibility. There are no validation of this field and - // lifecycle hooks will fail in runtime when tcp handler is specified. - // +optional - TCPSocket *TCPSocketAction - // Sleep represents the duration that the container should sleep before being terminated. - // +optional - Sleep *SleepAction -} - -type GRPCAction struct { - // Port number of the gRPC service. - // Note: Number must be in the range 1 to 65535. - Port int32 - - // Service is the name of the service to place in the gRPC HealthCheckRequest - // (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - // - // If this is not specified, the default behavior is to probe the server's overall health status. - // +optional - Service *string -} - -// Signal defines the stop signal of containers -// +enum -type Signal string - -const ( - SIGABRT Signal = "SIGABRT" - SIGALRM Signal = "SIGALRM" - SIGBUS Signal = "SIGBUS" - SIGCHLD Signal = "SIGCHLD" - SIGCLD Signal = "SIGCLD" - SIGCONT Signal = "SIGCONT" - SIGFPE Signal = "SIGFPE" - SIGHUP Signal = "SIGHUP" - SIGILL Signal = "SIGILL" - SIGINT Signal = "SIGINT" - SIGIO Signal = "SIGIO" - SIGIOT Signal = "SIGIOT" - SIGKILL Signal = "SIGKILL" - SIGPIPE Signal = "SIGPIPE" - SIGPOLL Signal = "SIGPOLL" - SIGPROF Signal = "SIGPROF" - SIGPWR Signal = "SIGPWR" - SIGQUIT Signal = "SIGQUIT" - SIGSEGV Signal = "SIGSEGV" - SIGSTKFLT Signal = "SIGSTKFLT" - SIGSTOP Signal = "SIGSTOP" - SIGSYS Signal = "SIGSYS" - SIGTERM Signal = "SIGTERM" - SIGTRAP Signal = "SIGTRAP" - SIGTSTP Signal = "SIGTSTP" - SIGTTIN Signal = "SIGTTIN" - SIGTTOU Signal = "SIGTTOU" - SIGURG Signal = "SIGURG" - SIGUSR1 Signal = "SIGUSR1" - SIGUSR2 Signal = "SIGUSR2" - SIGVTALRM Signal = "SIGVTALRM" - SIGWINCH Signal = "SIGWINCH" - SIGXCPU Signal = "SIGXCPU" - SIGXFSZ Signal = "SIGXFSZ" - SIGRTMIN Signal = "SIGRTMIN" - SIGRTMINPLUS1 Signal = "SIGRTMIN+1" - SIGRTMINPLUS2 Signal = "SIGRTMIN+2" - SIGRTMINPLUS3 Signal = "SIGRTMIN+3" - SIGRTMINPLUS4 Signal = "SIGRTMIN+4" - SIGRTMINPLUS5 Signal = "SIGRTMIN+5" - SIGRTMINPLUS6 Signal = "SIGRTMIN+6" - SIGRTMINPLUS7 Signal = "SIGRTMIN+7" - SIGRTMINPLUS8 Signal = "SIGRTMIN+8" - SIGRTMINPLUS9 Signal = "SIGRTMIN+9" - SIGRTMINPLUS10 Signal = "SIGRTMIN+10" - SIGRTMINPLUS11 Signal = "SIGRTMIN+11" - SIGRTMINPLUS12 Signal = "SIGRTMIN+12" - SIGRTMINPLUS13 Signal = "SIGRTMIN+13" - SIGRTMINPLUS14 Signal = "SIGRTMIN+14" - SIGRTMINPLUS15 Signal = "SIGRTMIN+15" - SIGRTMAXMINUS14 Signal = "SIGRTMAX-14" - SIGRTMAXMINUS13 Signal = "SIGRTMAX-13" - SIGRTMAXMINUS12 Signal = "SIGRTMAX-12" - SIGRTMAXMINUS11 Signal = "SIGRTMAX-11" - SIGRTMAXMINUS10 Signal = "SIGRTMAX-10" - SIGRTMAXMINUS9 Signal = "SIGRTMAX-9" - SIGRTMAXMINUS8 Signal = "SIGRTMAX-8" - SIGRTMAXMINUS7 Signal = "SIGRTMAX-7" - SIGRTMAXMINUS6 Signal = "SIGRTMAX-6" - SIGRTMAXMINUS5 Signal = "SIGRTMAX-5" - SIGRTMAXMINUS4 Signal = "SIGRTMAX-4" - SIGRTMAXMINUS3 Signal = "SIGRTMAX-3" - SIGRTMAXMINUS2 Signal = "SIGRTMAX-2" - SIGRTMAXMINUS1 Signal = "SIGRTMAX-1" - SIGRTMAX Signal = "SIGRTMAX" -) - -// Lifecycle describes actions that the management system should take in response to container lifecycle -// events. For the PostStart and PreStop lifecycle handlers, management of the container blocks -// until the action is complete, unless the container process fails, in which case the handler is aborted. -type Lifecycle struct { - // PostStart is called immediately after a container is created. If the handler fails, the container - // is terminated and restarted. - // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - // +optional - PostStart *LifecycleHandler - // PreStop is called immediately before a container is terminated due to an - // API request or management event such as liveness/startup probe failure, - // preemption, resource contention, etc. The handler is not called if the - // container crashes or exits. The Pod's termination grace period countdown begins before the - // PreStop hook is executed. Regardless of the outcome of the handler, the - // container will eventually terminate within the Pod's termination grace - // period (unless delayed by finalizers). Other management of the container blocks until the hook completes - // or until the termination grace period is reached. - // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - // +optional - PreStop *LifecycleHandler - // StopSignal defines which signal will be sent to a container when it is being stopped. - // If not specified, the default is defined by the container runtime in use. - // StopSignal can only be set for Pods with a non-empty .spec.os.name - // +optional - StopSignal *Signal -} - -// The below types are used by kube_client and api_server. - -// ConditionStatus defines conditions of resources -type ConditionStatus string - -// These are valid condition statuses. "ConditionTrue" means a resource is in the condition; -// "ConditionFalse" means a resource is not in the condition; "ConditionUnknown" means kubernetes -// can't decide if a resource is in the condition or not. In the future, we could add other -// intermediate conditions, e.g. ConditionDegraded. -const ( - ConditionTrue ConditionStatus = "True" - ConditionFalse ConditionStatus = "False" - ConditionUnknown ConditionStatus = "Unknown" -) - -// ContainerStateWaiting represents the waiting state of a container -type ContainerStateWaiting struct { - // A brief CamelCase string indicating details about why the container is in waiting state. - // +optional - Reason string - // A human-readable message indicating details about why the container is in waiting state. - // +optional - Message string -} - -// ContainerStateRunning represents the running state of a container -type ContainerStateRunning struct { - // +optional - StartedAt metav1.Time -} - -// ContainerStateTerminated represents the terminated state of a container -type ContainerStateTerminated struct { - ExitCode int32 - // +optional - Signal int32 - // +optional - Reason string - // +optional - Message string - // +optional - StartedAt metav1.Time - // +optional - FinishedAt metav1.Time - // +optional - ContainerID string -} - -// ContainerState holds a possible state of container. -// Only one of its members may be specified. -// If none of them is specified, the default one is ContainerStateWaiting. -type ContainerState struct { - // +optional - Waiting *ContainerStateWaiting - // +optional - Running *ContainerStateRunning - // +optional - Terminated *ContainerStateTerminated -} - -// ContainerStatus contains details for the current status of this container. -type ContainerStatus struct { - // Name is a DNS_LABEL representing the unique name of the container. - // Each container in a pod must have a unique name across all container types. - // Cannot be updated. - Name string - // State holds details about the container's current condition. - // +optional - State ContainerState - // LastTerminationState holds the last termination state of the container to - // help debug container crashes and restarts. This field is not - // populated if the container is still running and RestartCount is 0. - // +optional - LastTerminationState ContainerState - // Ready specifies whether the container is currently passing its readiness check. - // The value will change as readiness probes keep executing. If no readiness - // probes are specified, this field defaults to true once the container is - // fully started (see Started field). - // - // The value is typically used to determine whether a container is ready to - // accept traffic. - Ready bool - // RestartCount holds the number of times the container has been restarted. - // Kubelet makes an effort to always increment the value, but there - // are cases when the state may be lost due to node restarts and then the value - // may be reset to 0. The value is never negative. - RestartCount int32 - // Image is the name of container image that the container is running. - // The container image may not match the image used in the PodSpec, - // as it may have been resolved by the runtime. - // More info: https://kubernetes.io/docs/concepts/containers/images. - Image string - // ImageID is the image ID of the container's image. The image ID may not - // match the image ID of the image used in the PodSpec, as it may have been - // resolved by the runtime. - ImageID string - // ContainerID is the ID of the container in the format '://'. - // Where type is a container runtime identifier, returned from Version call of CRI API - // (for example "containerd"). - // +optional - ContainerID string - // Started indicates whether the container has finished its postStart lifecycle hook - // and passed its startup probe. - // Initialized as false, becomes true after startupProbe is considered - // successful. Resets to false when the container is restarted, or if kubelet - // loses state temporarily. In both cases, startup probes will run again. - // Is always true when no startupProbe is defined and container is running and - // has passed the postStart lifecycle hook. The null value must be treated the - // same as false. - // +optional - Started *bool - // AllocatedResources represents the compute resources allocated for this container by the - // node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission - // and after successfully admitting desired pod resize. - // +featureGate=InPlacePodVerticalScalingAllocatedStatus - // +optional - AllocatedResources ResourceList - // Resources represents the compute resource requests and limits that have been successfully - // enacted on the running container after it has been started or has been successfully resized. - // +featureGate=InPlacePodVerticalScaling - // +optional - Resources *ResourceRequirements - // Status of volume mounts. - // +listType=atomic - // +optional - VolumeMounts []VolumeMountStatus - // User represents user identity information initially attached to the first process of the container - // +featureGate=SupplementalGroupsPolicy - // +optional - User *ContainerUser - // AllocatedResourcesStatus represents the status of various resources - // allocated for this Pod. - // +featureGate=ResourceHealthStatus - // +optional - AllocatedResourcesStatus []ResourceStatus - // StopSignal is the signal which will be sent to this container when it is stopped. This might be - // the stop signal specified by the user, the signal specified in the container image, or the default - // stop signal of the container runtime on this node. - // +featureGate=ContainerStopSignals - // +optional - StopSignal *Signal -} - -type ResourceStatus struct { - // Name of the resource. Must be unique within the pod and in case of non-DRA resource, match one of the resources from the pod spec. - // For DRA resources, the value must be "claim:/". - // When this status is reported about a container, the "claim_name" and "request" must match one of the claims of this container. - // +required - Name ResourceName - // List of unique resources health. Each element in the list contains an unique resource ID and its health. - // At a minimum, for the lifetime of a Pod, resource ID must uniquely identify the resource allocated to the Pod on the Node. - // If other Pod on the same Node reports the status with the same resource ID, it must be the same resource they share. - // See ResourceID type definition for a specific format it has in various use cases. - // +listType=map - // +listMapKey=resourceID - Resources []ResourceHealth - - // allow to extend this struct in future with the overall health fields or things like Device Plugin version -} - -// ResourceID is calculated based on the source of this resource health information. -// For DevicePlugin: -// -// DeviceID, where DeviceID is how device plugin identifies the device. The same DeviceID can be found in PodResources API. -// -// DevicePlugin ID is usually a constant for the lifetime of a Node and typically can be used to uniquely identify the device on the node. -// -// For DRA: -// -// //: such a device can be looked up in the information published by that DRA driver to learn more about it. It is designed to be globally unique in a cluster. -type ResourceID string - -type ResourceHealthStatus string - -const ( - ResourceHealthStatusHealthy ResourceHealthStatus = "Healthy" - ResourceHealthStatusUnhealthy ResourceHealthStatus = "Unhealthy" - ResourceHealthStatusUnknown ResourceHealthStatus = "Unknown" -) - -// ResourceHealth represents the health of a resource. It has the latest device health information. -// This is a part of KEP https://kep.k8s.io/4680. -type ResourceHealth struct { - // ResourceID is the unique identifier of the resource. See the ResourceID type for more information. - ResourceID ResourceID - // Health of the resource. - // can be one of: - // - Healthy: operates as normal - // - Unhealthy: reported unhealthy. We consider this a temporary health issue - // since we do not have a mechanism today to distinguish - // temporary and permanent issues. - // - Unknown: The status cannot be determined. - // For example, Device Plugin got unregistered and hasn't been re-registered since. - // - // In future we may want to introduce the PermanentlyUnhealthy Status. - Health ResourceHealthStatus -} - -// ContainerUser represents user identity information -type ContainerUser struct { - // Linux holds user identity information initially attached to the first process of the containers in Linux. - // Note that the actual running identity can be changed if the process has enough privilege to do so. - // +optional - Linux *LinuxContainerUser - - // Windows holds user identity information of the first process of the containers in Windows - // This is just reserved for future use. - // Windows *WindowsContainerUser -} - -// LinuxContainerUser represents user identity information in Linux containers -type LinuxContainerUser struct { - // UID is the primary uid initially attached to the first process in the container - UID int64 - // GID is the primary gid initially attached to the first process in the container - GID int64 - // SupplementalGroups are the supplemental groups initially attached to the first process in the container - SupplementalGroups []int64 -} - -// PodPhase is a label for the condition of a pod at the current time. -type PodPhase string - -// These are the valid statuses of pods. -const ( - // PodPending means the pod has been accepted by the system, but one or more of the containers - // has not been started. This includes time before being bound to a node, as well as time spent - // pulling images onto the host. - PodPending PodPhase = "Pending" - // PodRunning means the pod has been bound to a node and all of the containers have been started. - // At least one container is still running or is in the process of being restarted. - PodRunning PodPhase = "Running" - // PodSucceeded means that all containers in the pod have voluntarily terminated - // with a container exit code of 0, and the system is not going to restart any of these containers. - PodSucceeded PodPhase = "Succeeded" - // PodFailed means that all containers in the pod have terminated, and at least one container has - // terminated in a failure (exited with a non-zero exit code or was stopped by the system). - PodFailed PodPhase = "Failed" - // PodUnknown means that for some reason the state of the pod could not be obtained, typically due - // to an error in communicating with the host of the pod. - // Deprecated in v1.21: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095) - PodUnknown PodPhase = "Unknown" -) - -// PodConditionType defines the condition of pod -type PodConditionType string - -// These are valid conditions of pod. -const ( - // PodScheduled represents status of the scheduling process for this pod. - PodScheduled PodConditionType = "PodScheduled" - // PodReady means the pod is able to service requests and should be added to the - // load balancing pools of all matching services. - PodReady PodConditionType = "Ready" - // PodInitialized means that all init containers in the pod have started successfully. - PodInitialized PodConditionType = "Initialized" - // ContainersReady indicates whether all containers in the pod are ready. - ContainersReady PodConditionType = "ContainersReady" - // DisruptionTarget indicates the pod is about to be terminated due to a - // disruption (such as preemption, eviction API or garbage-collection). - DisruptionTarget PodConditionType = "DisruptionTarget" - // PodResizePending indicates that the pod has been resized, but kubelet has not - // yet allocated the resources. If both PodResizePending and PodResizeInProgress - // are set, it means that a new resize was requested in the middle of a previous - // pod resize that is still in progress. - PodResizePending PodConditionType = "PodResizePending" - // PodResizeInProgress indicates that a resize is in progress, and is present whenever - // the Kubelet has allocated resources for the resize, but has not yet actuated all of - // the required changes. - // If both PodResizePending and PodResizeInProgress are set, it means that a new resize was - // requested in the middle of a previous pod resize that is still in progress. - PodResizeInProgress PodConditionType = "PodResizeInProgress" - // AllContainersRestarting indicates that all containers of the pod is being restarted. - AllContainersRestarting PodConditionType = "AllContainersRestarting" -) - -// PodCondition represents pod's condition -type PodCondition struct { - Type PodConditionType - // +featureGate=PodObservedGenerationTracking - // +optional - ObservedGeneration int64 - Status ConditionStatus - // +optional - LastProbeTime metav1.Time - // +optional - LastTransitionTime metav1.Time - // +optional - Reason string - // +optional - Message string -} - -// Deprecated: PodResizeStatus shows status of desired resize of a pod's containers. -type PodResizeStatus string - -const ( - // Pod resources resize has been accepted by node and is being actuated. - PodResizeStatusInProgress PodResizeStatus = "InProgress" - // Node cannot resize the pod at this time and will keep retrying. - PodResizeStatusDeferred PodResizeStatus = "Deferred" - // Requested pod resize is not feasible and will not be re-evaluated. - PodResizeStatusInfeasible PodResizeStatus = "Infeasible" -) - -// VolumeMountStatus shows status of volume mounts. -type VolumeMountStatus struct { - // Name corresponds to the name of the original VolumeMount. - Name string - // MountPath corresponds to the original VolumeMount. - MountPath string - // ReadOnly corresponds to the original VolumeMount. - // +optional - ReadOnly bool - // RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). - // An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, - // depending on the mount result. - // +optional - RecursiveReadOnly *RecursiveReadOnlyMode -} - -// RestartPolicy describes how the container should be restarted. -// Only one of the following restart policies may be specified. -// If none of the following policies is specified, the default one -// is RestartPolicyAlways. -type RestartPolicy string - -// These are valid restart policies -const ( - RestartPolicyAlways RestartPolicy = "Always" - RestartPolicyOnFailure RestartPolicy = "OnFailure" - RestartPolicyNever RestartPolicy = "Never" -) - -// ContainerRestartPolicy is the restart policy for a single container. -// The only allowed values are "Always", "Never", and "OnFailure". -type ContainerRestartPolicy string - -const ( - ContainerRestartPolicyAlways ContainerRestartPolicy = "Always" - ContainerRestartPolicyNever ContainerRestartPolicy = "Never" - ContainerRestartPolicyOnFailure ContainerRestartPolicy = "OnFailure" -) - -// ContainerRestartRule describes how a container exit is handled. -type ContainerRestartRule struct { - // Specifies the action taken on a container exit if the requirements - // are satisfied. The only possible value is "Restart" to restart the - // container. - // +required - Action ContainerRestartRuleAction - - // Represents the exit codes to check on container exits. - // +optional - ExitCodes *ContainerRestartRuleOnExitCodes -} - -// ContainerRestartRuleAction describes the action to take when the -// container exits. -type ContainerRestartRuleAction string - -// These are valid restart rule actions. -const ( - // The container will be restarted if the rule matches. Only valid on normal init container and - // regular containers. Not valid on sidecar containers and ephemeral containers. - ContainerRestartRuleActionRestart ContainerRestartRuleAction = "Restart" - // All containers (except ephemeral containers) inside the pod will be terminated and restarted. - // Valid on normal init container, sidecar containers, and regular containers. Not valid on - // ephemeral containers. - ContainerRestartRuleActionRestartAllContainers ContainerRestartRuleAction = "RestartAllContainers" -) - -// ContainerRestartRuleOnExitCodes describes the condition -// for handling an exited container based on its exit codes. -type ContainerRestartRuleOnExitCodes struct { - // Represents the relationship between the container exit code(s) and the - // specified values. Possible values are: - // - In: the requirement is satisfied if the container exit code is in the - // set of specified values. - // - NotIn: the requirement is satisfied if the container exit code is - // not in the set of specified values. - // +required - Operator ContainerRestartRuleOnExitCodesOperator - - // Specifies the set of values to check for container exit codes. - // At most 255 elements are allowed. - // +optional - // +listType=set - Values []int32 -} - -// ContainerRestartRuleOnExitCodesOperator describes the operator -// to take for the exit codes. -type ContainerRestartRuleOnExitCodesOperator string - -const ( - ContainerRestartRuleOnExitCodesOpIn ContainerRestartRuleOnExitCodesOperator = "In" - ContainerRestartRuleOnExitCodesOpNotIn ContainerRestartRuleOnExitCodesOperator = "NotIn" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodList is a list of Pods. -type PodList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Pod -} - -// DNSPolicy defines how a pod's DNS will be configured. -type DNSPolicy string - -const ( - // DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS - // first, if it is available, then fall back on the default - // (as determined by kubelet) DNS settings. - DNSClusterFirstWithHostNet DNSPolicy = "ClusterFirstWithHostNet" - - // DNSClusterFirst indicates that the pod should use cluster DNS - // first unless hostNetwork is true, if it is available, then - // fall back on the default (as determined by kubelet) DNS settings. - DNSClusterFirst DNSPolicy = "ClusterFirst" - - // DNSDefault indicates that the pod should use the default (as - // determined by kubelet) DNS settings. - DNSDefault DNSPolicy = "Default" - - // DNSNone indicates that the pod should use empty DNS settings. DNS - // parameters such as nameservers and search paths should be defined via - // DNSConfig. - DNSNone DNSPolicy = "None" -) - -// NodeSelector represents the union of the results of one or more label queries -// over a set of nodes; that is, it represents the OR of the selectors represented -// by the node selector terms. -type NodeSelector struct { - // Required. A list of node selector terms. The terms are ORed. - NodeSelectorTerms []NodeSelectorTerm -} - -// NodeSelectorTerm represents expressions and fields required to select nodes. -// A null or empty node selector term matches no objects. The requirements of -// them are ANDed. -// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -type NodeSelectorTerm struct { - // A list of node selector requirements by node's labels. - MatchExpressions []NodeSelectorRequirement - // A list of node selector requirements by node's fields. - MatchFields []NodeSelectorRequirement -} - -// NodeSelectorRequirement is a selector that contains values, a key, and an operator -// that relates the key and values. -type NodeSelectorRequirement struct { - // The label key that the selector applies to. - Key string - // Represents a key's relationship to a set of values. - // Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - Operator NodeSelectorOperator - // An array of string values. If the operator is In or NotIn, - // the values array must be non-empty. If the operator is Exists or DoesNotExist, - // the values array must be empty. If the operator is Gt or Lt, the values - // array must have a single element, which will be interpreted as an integer. - // This array is replaced during a strategic merge patch. - // +optional - Values []string -} - -// NodeSelectorOperator is the set of operators that can be used in -// a node selector requirement. -type NodeSelectorOperator string - -// These are valid values of NodeSelectorOperator -const ( - NodeSelectorOpIn NodeSelectorOperator = "In" - NodeSelectorOpNotIn NodeSelectorOperator = "NotIn" - NodeSelectorOpExists NodeSelectorOperator = "Exists" - NodeSelectorOpDoesNotExist NodeSelectorOperator = "DoesNotExist" - NodeSelectorOpGt NodeSelectorOperator = "Gt" - NodeSelectorOpLt NodeSelectorOperator = "Lt" -) - -// TopologySelectorTerm represents the result of label queries. -// A null or empty topology selector term matches no objects. -// The requirements of them are ANDed. -// It provides a subset of functionality as NodeSelectorTerm. -// This is an alpha feature and may change in the future. -type TopologySelectorTerm struct { - // A list of topology selector requirements by labels. - // +optional - MatchLabelExpressions []TopologySelectorLabelRequirement -} - -// TopologySelectorLabelRequirement is a selector that matches given label. -// This is an alpha feature and may change in the future. -type TopologySelectorLabelRequirement struct { - // The label key that the selector applies to. - Key string - // An array of string values. One value must match the label to be selected. - // Each entry in Values is ORed. - Values []string -} - -// Affinity is a group of affinity scheduling rules. -type Affinity struct { - // Describes node affinity scheduling rules for the pod. - // +optional - NodeAffinity *NodeAffinity - // Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - // +optional - PodAffinity *PodAffinity - // Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - // +optional - PodAntiAffinity *PodAntiAffinity -} - -// PodAffinity is a group of inter pod affinity scheduling rules. -type PodAffinity struct { - // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. - // If the affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to a pod label update), the - // system will try to eventually evict the pod from its node. - // When there are multiple elements, the lists of nodes corresponding to each - // podAffinityTerm are intersected, i.e. all terms must be satisfied. - // +optional - // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm - - // If the affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to a pod label update), the - // system may or may not try to eventually evict the pod from its node. - // When there are multiple elements, the lists of nodes corresponding to each - // podAffinityTerm are intersected, i.e. all terms must be satisfied. - // +optional - RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm - // The scheduler will prefer to schedule pods to nodes that satisfy - // the affinity expressions specified by this field, but it may choose - // a node that violates one or more of the expressions. The node that is - // most preferred is the one with the greatest sum of weights, i.e. - // for each node that meets all of the scheduling requirements (resource - // request, requiredDuringScheduling affinity expressions, etc.), - // compute a sum by iterating through the elements of this field and adding - // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - // node(s) with the highest sum are the most preferred. - // +optional - PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm -} - -// PodAntiAffinity is a group of inter pod anti affinity scheduling rules. -type PodAntiAffinity struct { - // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. - // If the anti-affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the anti-affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to a pod label update), the - // system will try to eventually evict the pod from its node. - // When there are multiple elements, the lists of nodes corresponding to each - // podAffinityTerm are intersected, i.e. all terms must be satisfied. - // +optional - // RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm - - // If the anti-affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the anti-affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to a pod label update), the - // system may or may not try to eventually evict the pod from its node. - // When there are multiple elements, the lists of nodes corresponding to each - // podAffinityTerm are intersected, i.e. all terms must be satisfied. - // +optional - RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm - // The scheduler will prefer to schedule pods to nodes that satisfy - // the anti-affinity expressions specified by this field, but it may choose - // a node that violates one or more of the expressions. The node that is - // most preferred is the one with the greatest sum of weights, i.e. - // for each node that meets all of the scheduling requirements (resource - // request, requiredDuringScheduling anti-affinity expressions, etc.), - // compute a sum by iterating through the elements of this field and subtracting - // "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the - // node(s) with the highest sum are the most preferred. - // +optional - PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm -} - -// WeightedPodAffinityTerm represents the weights of all of the matched WeightedPodAffinityTerm -// fields are added per-node to find the most preferred node(s) -type WeightedPodAffinityTerm struct { - // weight associated with matching the corresponding podAffinityTerm, - // in the range 1-100. - Weight int32 - // Required. A pod affinity term, associated with the corresponding weight. - PodAffinityTerm PodAffinityTerm -} - -// PodAffinityTerm defines a set of pods (namely those matching the labelSelector -// relative to the given namespace(s)) that this pod should be -// co-located (affinity) or not co-located (anti-affinity) with, -// where co-located is defined as running on a node whose value of -// the label with key matches that of any node on which -// a pod of the set of pods is running. -type PodAffinityTerm struct { - // A label query over a set of resources, in this case pods. - // If it's null, this PodAffinityTerm matches with no Pods. - // +optional - LabelSelector *metav1.LabelSelector - // namespaces specifies a static list of namespace names that the term applies to. - // The term is applied to the union of the namespaces listed in this field - // and the ones selected by namespaceSelector. - // null or empty namespaces list and null namespaceSelector means "this pod's namespace". - // +optional - Namespaces []string - // This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - // the labelSelector in the specified namespaces, where co-located is defined as running on a node - // whose value of the label with key topologyKey matches that of any node on which any of the - // selected pods is running. - // Empty topologyKey is not allowed. - TopologyKey string - // A label query over the set of namespaces that the term applies to. - // The term is applied to the union of the namespaces selected by this field - // and the ones listed in the namespaces field. - // null selector and null or empty namespaces list means "this pod's namespace". - // An empty selector ({}) matches all namespaces. - // +optional - NamespaceSelector *metav1.LabelSelector - // MatchLabelKeys is a set of pod label keys to select which pods will - // be taken into consideration. The keys are used to lookup values from the - // incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - // to select the group of existing pods which pods will be taken into consideration - // for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - // pod labels will be ignored. The default value is empty. - // The same key is forbidden to exist in both matchLabelKeys and labelSelector. - // Also, matchLabelKeys cannot be set when labelSelector isn't set. - // - // +listType=atomic - // +optional - MatchLabelKeys []string - // MismatchLabelKeys is a set of pod label keys to select which pods will - // be taken into consideration. The keys are used to lookup values from the - // incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - // to select the group of existing pods which pods will be taken into consideration - // for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - // pod labels will be ignored. The default value is empty. - // The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - // Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - // - // +listType=atomic - // +optional - MismatchLabelKeys []string -} - -// NodeAffinity is a group of node affinity scheduling rules. -type NodeAffinity struct { - // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. - // If the affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to an update), the system - // will try to eventually evict the pod from its node. - // +optional - // RequiredDuringSchedulingRequiredDuringExecution *NodeSelector - - // If the affinity requirements specified by this field are not met at - // scheduling time, the pod will not be scheduled onto the node. - // If the affinity requirements specified by this field cease to be met - // at some point during pod execution (e.g. due to an update), the system - // may or may not try to eventually evict the pod from its node. - // +optional - RequiredDuringSchedulingIgnoredDuringExecution *NodeSelector - // The scheduler will prefer to schedule pods to nodes that satisfy - // the affinity expressions specified by this field, but it may choose - // a node that violates one or more of the expressions. The node that is - // most preferred is the one with the greatest sum of weights, i.e. - // for each node that meets all of the scheduling requirements (resource - // request, requiredDuringScheduling affinity expressions, etc.), - // compute a sum by iterating through the elements of this field and adding - // "weight" to the sum if the node matches the corresponding matchExpressions; the - // node(s) with the highest sum are the most preferred. - // +optional - PreferredDuringSchedulingIgnoredDuringExecution []PreferredSchedulingTerm -} - -// PreferredSchedulingTerm represents an empty preferred scheduling term matches all objects with implicit weight 0 -// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -type PreferredSchedulingTerm struct { - // Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - Weight int32 - // A node selector term, associated with the corresponding weight. - Preference NodeSelectorTerm -} - -// Taint represents taint that can be applied to the node. -// The node this Taint is attached to has the "effect" on -// any pod that does not tolerate the Taint. -type Taint struct { - // Required. The taint key to be applied to a node. - Key string - // Required. The taint value corresponding to the taint key. - // +optional - Value string - // Required. The effect of the taint on pods - // that do not tolerate the taint. - // Valid effects are NoSchedule, PreferNoSchedule and NoExecute. - Effect TaintEffect - // TimeAdded represents the time at which the taint was added. - // +optional - TimeAdded *metav1.Time -} - -// TaintEffect defines the effects of Taint -type TaintEffect string - -// These are valid values for TaintEffect -const ( - // Do not allow new pods to schedule onto the node unless they tolerate the taint, - // but allow all pods submitted to Kubelet without going through the scheduler - // to start, and allow all already-running pods to continue running. - // Enforced by the scheduler. - TaintEffectNoSchedule TaintEffect = "NoSchedule" - // Like TaintEffectNoSchedule, but the scheduler tries not to schedule - // new pods onto the node, rather than prohibiting new pods from scheduling - // onto the node entirely. Enforced by the scheduler. - TaintEffectPreferNoSchedule TaintEffect = "PreferNoSchedule" - // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. - // Like TaintEffectNoSchedule, but additionally do not allow pods submitted to - // Kubelet without going through the scheduler to start. - // Enforced by Kubelet and the scheduler. - // TaintEffectNoScheduleNoAdmit TaintEffect = "NoScheduleNoAdmit" - - // Evict any already-running pods that do not tolerate the taint. - // Currently enforced by NodeController. - TaintEffectNoExecute TaintEffect = "NoExecute" -) - -// Toleration represents the toleration object that can be attached to a pod. -// The pod this Toleration is attached to tolerates any taint that matches -// the triple using the matching operator . -type Toleration struct { - // Key is the taint key that the toleration applies to. Empty means match all taint keys. - // If the key is empty, operator must be Exists; this combination means to match all values and all keys. - // +optional - Key string - // Operator represents a key's relationship to the value. - // Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. - // Exists is equivalent to wildcard for value, so that a pod can - // tolerate all taints of a particular category. - // Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). - // +optional - Operator TolerationOperator - // Value is the taint value the toleration matches to. - // If the operator is Exists, the value should be empty, otherwise just a regular string. - // +optional - Value string - // Effect indicates the taint effect to match. Empty means match all taint effects. - // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - // +optional - Effect TaintEffect - // TolerationSeconds represents the period of time the toleration (which must be - // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - // it is not set, which means tolerate the taint forever (do not evict). Zero and - // negative values will be treated as 0 (evict immediately) by the system. - // +optional - TolerationSeconds *int64 -} - -// TolerationOperator is the set of operators that can be used in a toleration. -type TolerationOperator string - -// These are valid values for TolerationOperator -const ( - TolerationOpExists TolerationOperator = "Exists" - TolerationOpEqual TolerationOperator = "Equal" - TolerationOpLt TolerationOperator = "Lt" - TolerationOpGt TolerationOperator = "Gt" -) - -// PodReadinessGate contains the reference to a pod condition -type PodReadinessGate struct { - // ConditionType refers to a condition in the pod's condition list with matching type. - ConditionType PodConditionType -} - -// PodSpec is a description of a pod -type PodSpec struct { - Volumes []Volume - // List of initialization containers belonging to the pod. - InitContainers []Container - // List of containers belonging to the pod. - Containers []Container - // List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing - // pod to perform user-initiated actions such as debugging. This list cannot be specified when - // creating a pod, and it cannot be modified by updating the pod spec. In order to add an - // ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. - // +optional - EphemeralContainers []EphemeralContainer - // +optional - RestartPolicy RestartPolicy - // Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. - // Value must be non-negative integer. The value zero indicates stop immediately via the kill - // signal (no opportunity to shut down). - // If this value is nil, the default grace period will be used instead. - // The grace period is the duration in seconds after the processes running in the pod are sent - // a termination signal and the time when the processes are forcibly halted with a kill signal. - // Set this value longer than the expected cleanup time for your process. - // +optional - TerminationGracePeriodSeconds *int64 - // Optional duration in seconds relative to the StartTime that the pod may be active on a node - // before the system actively tries to terminate the pod; value must be positive integer - // +optional - ActiveDeadlineSeconds *int64 - // Set DNS policy for the pod. - // Defaults to "ClusterFirst". - // Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. - // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. - // To have DNS options set along with hostNetwork, you have to specify DNS policy - // explicitly to 'ClusterFirstWithHostNet'. - // +optional - DNSPolicy DNSPolicy - // NodeSelector is a selector which must be true for the pod to fit on a node - // +optional - NodeSelector map[string]string - - // ServiceAccountName is the name of the ServiceAccount to use to run this pod - // The pod will be allowed to use secrets referenced by the ServiceAccount - ServiceAccountName string - // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - // +optional - AutomountServiceAccountToken *bool - - // NodeName indicates in which node this pod is scheduled. - // If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. - // Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. - // This field should not be used to express a desire for the pod to be scheduled on a specific node. - // https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename - // +optional - NodeName string - // SecurityContext holds pod-level security attributes and common container settings. - // Optional: Defaults to empty. See type description for default values of each field. - // +optional - SecurityContext *PodSecurityContext - // ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. - // If specified, these secrets will be passed to individual puller implementations for them to use. - // +optional - ImagePullSecrets []LocalObjectReference - // Specifies the hostname of the Pod. - // If not specified, the pod's hostname will be set to a system-defined value. - // +optional - Hostname string - // If specified, the fully qualified Pod hostname will be "...svc.". - // If not specified, the pod will not have a domainname at all. - // +optional - Subdomain string - // If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). - // In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). - // In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. - // If a pod does not have FQDN, this has no effect. - // +optional - SetHostnameAsFQDN *bool - // If specified, the pod's scheduling constraints - // +optional - Affinity *Affinity - // If specified, the pod will be dispatched by specified scheduler. - // If not specified, the pod will be dispatched by default scheduler. - // +optional - SchedulerName string - // If specified, the pod's tolerations. - // +optional - Tolerations []Toleration - // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - // file if specified. - // +optional - HostAliases []HostAlias - // If specified, indicates the pod's priority. "system-node-critical" and - // "system-cluster-critical" are two special keywords which indicate the - // highest priorities with the former being the highest priority. Any other - // name must be defined by creating a PriorityClass object with that name. - // If not specified, the pod priority will be default or zero if there is no - // default. - // +optional - PriorityClassName string - // The priority value. Various system components use this field to find the - // priority of the pod. When Priority Admission Controller is enabled, it - // prevents users from setting this field. The admission controller populates - // this field from PriorityClassName. - // The higher the value, the higher the priority. - // +optional - Priority *int32 - // PreemptionPolicy is the Policy for preempting pods with lower priority. - // One of Never, PreemptLowerPriority. - // Defaults to PreemptLowerPriority if unset. - // +optional - PreemptionPolicy *PreemptionPolicy - // Specifies the DNS parameters of a pod. - // Parameters specified here will be merged to the generated DNS - // configuration based on DNSPolicy. - // +optional - DNSConfig *PodDNSConfig - // If specified, all readiness gates will be evaluated for pod readiness. - // A pod is ready when all its containers are ready AND - // all conditions specified in the readiness gates have status equal to "True" - // More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates - // +optional - ReadinessGates []PodReadinessGate - // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used - // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. - // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an - // empty definition that uses the default runtime handler. - // More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class - // +optional - RuntimeClassName *string - // Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. - // This field will be autopopulated at admission time by the RuntimeClass admission controller. If - // the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. - // The RuntimeClass admission controller will reject Pod create requests which have the overhead already - // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value - // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. - // More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead - // +optional - Overhead ResourceList - // EnableServiceLinks indicates whether information about services should be injected into pod's - // environment variables, matching the syntax of Docker links. - // If not specified, the default is true. - // +optional - EnableServiceLinks *bool - // TopologySpreadConstraints describes how a group of pods ought to spread across topology - // domains. Scheduler will schedule pods in a way which abides by the constraints. - // All topologySpreadConstraints are ANDed. - // +optional - TopologySpreadConstraints []TopologySpreadConstraint - // Specifies the OS of the containers in the pod. - // Some pod and container fields are restricted if this is set. - // - // If the OS field is set to linux, the following fields must be unset: - // - securityContext.windowsOptions - // - // If the OS field is set to windows, following fields must be unset: - // - spec.hostPID - // - spec.hostIPC - // - spec.hostUsers - // - spec.resources - // - spec.securityContext.appArmorProfile - // - spec.securityContext.seLinuxOptions - // - spec.securityContext.seccompProfile - // - spec.securityContext.fsGroup - // - spec.securityContext.fsGroupChangePolicy - // - spec.securityContext.sysctls - // - spec.shareProcessNamespace - // - spec.securityContext.runAsUser - // - spec.securityContext.runAsGroup - // - spec.securityContext.supplementalGroups - // - spec.securityContext.supplementalGroupsPolicy - // - spec.containers[*].securityContext.appArmorProfile - // - spec.containers[*].securityContext.seLinuxOptions - // - spec.containers[*].securityContext.seccompProfile - // - spec.containers[*].securityContext.capabilities - // - spec.containers[*].securityContext.readOnlyRootFilesystem - // - spec.containers[*].securityContext.privileged - // - spec.containers[*].securityContext.allowPrivilegeEscalation - // - spec.containers[*].securityContext.procMount - // - spec.containers[*].securityContext.runAsUser - // - spec.containers[*].securityContext.runAsGroup - // +optional - OS *PodOS - - // SchedulingGates is an opaque list of values that if specified will block scheduling the pod. - // If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the - // scheduler will not attempt to schedule the pod. - // - // SchedulingGates can only be set at pod creation time, and be removed only afterwards. - // - // +optional - SchedulingGates []PodSchedulingGate - // ResourceClaims defines which ResourceClaims must be allocated - // and reserved before the Pod is allowed to start. The resources - // will be made available to those containers which consume them - // by name. - // - // This is a stable field but requires that the - // DynamicResourceAllocation feature gate is enabled. - // - // This field is immutable. - // - // +featureGate=DynamicResourceAllocation - // +optional - ResourceClaims []PodResourceClaim - // Resources is the total amount of CPU and Memory resources required by all - // containers in the pod. It supports specifying Requests and Limits for - // "cpu", "memory" and "hugepages-" resource names only. ResourceClaims are not supported. - // - // This field enables fine-grained control over resource allocation for the - // entire pod, allowing resource sharing among containers in a pod. - // TODO: For beta graduation, expand this comment with a detailed explanation. - // - // This is an alpha field and requires enabling the PodLevelResources feature - // gate. - // - // +featureGate=PodLevelResources - // +optional - Resources *ResourceRequirements - // HostnameOverride specifies an explicit override for the pod's hostname as perceived by the pod. - // This field only specifies the pod's hostname and does not affect its DNS records. - // When this field is set to a non-empty string: - // - It takes precedence over the values set in `hostname` and `subdomain`. - // - The Pod's hostname will be set to this value. - // - `setHostnameAsFQDN` must be nil or set to false. - // - `hostNetwork` must be set to false. - // - // This field must be a valid DNS subdomain as defined in RFC 1123 and contain at most 64 characters. - // Requires the HostnameOverride feature gate to be enabled. - // - // +featureGate=HostnameOverride - // +optional - HostnameOverride *string - // WorkloadRef provides a reference to the Workload object that this Pod belongs to. - // This field is used by the scheduler to identify the PodGroup and apply the - // correct group scheduling policies. The Workload object referenced - // by this field may not exist at the time the Pod is created. - // This field is immutable, but a Workload object with the same name - // may be recreated with different policies. Doing this during pod scheduling - // may result in the placement not conforming to the expected policies. - // - // +featureGate=GenericWorkload - // +optional - WorkloadRef *WorkloadReference -} - -// PodResourceClaim references exactly one ResourceClaim through a ClaimSource. -// It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. -// Containers that need access to the ResourceClaim reference it with this name. -type PodResourceClaim struct { - // Name uniquely identifies this resource claim inside the pod. - // This must be a DNS_LABEL. - Name string - - // ResourceClaimName is the name of a ResourceClaim object in the same - // namespace as this pod. - // - // Exactly one of ResourceClaimName and ResourceClaimTemplateName must - // be set. - ResourceClaimName *string - - // ResourceClaimTemplateName is the name of a ResourceClaimTemplate - // object in the same namespace as this pod. - // - // The template will be used to create a new ResourceClaim, which will - // be bound to this pod. When this pod is deleted, the ResourceClaim - // will also be deleted. The pod name and resource name, along with a - // generated component, will be used to form a unique name for the - // ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. - // - // This field is immutable and no changes will be made to the - // corresponding ResourceClaim by the control plane after creating the - // ResourceClaim. - // - // Exactly one of ResourceClaimName and ResourceClaimTemplateName must - // be set. - ResourceClaimTemplateName *string -} - -// PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim -// which references a ResourceClaimTemplate. It stores the generated name for -// the corresponding ResourceClaim. -type PodResourceClaimStatus struct { - // Name uniquely identifies this resource claim inside the pod. - // This must match the name of an entry in pod.spec.resourceClaims, - // which implies that the string must be a DNS_LABEL. - Name string - - // ResourceClaimName is the name of the ResourceClaim that was - // generated for the Pod in the namespace of the Pod. If this is - // unset, then generating a ResourceClaim was not necessary. The - // pod.spec.resourceClaims entry can be ignored in this case. - ResourceClaimName *string -} - -// PodExtendedResourceClaimStatus is stored in the PodStatus for the extended -// resource requests backed by DRA. It stores the generated name for -// the corresponding special ResourceClaim created by the scheduler. -type PodExtendedResourceClaimStatus struct { - // RequestMapping identifies the mapping of to device request - // in the generated ResourceClaim. - RequestMappings []ContainerExtendedResourceRequest - - // ResourceClaimName is the name of the ResourceClaim that was - // generated for the Pod in the namespace of the Pod. - ResourceClaimName string -} - -type ContainerExtendedResourceRequest struct { - // The name of the container requesting resources. - ContainerName string - // The name of the extended resource in that container which gets backed by DRA. - ResourceName string - // The name of the request in the special ResourceClaim which corresponds to the extended resource. - RequestName string -} - -// OSName is the set of OS'es that can be used in OS. -type OSName string - -// These are valid values for OSName -const ( - Linux OSName = "linux" - Windows OSName = "windows" -) - -// PodOS defines the OS parameters of a pod. -type PodOS struct { - // Name is the name of the operating system. The currently supported values are linux and windows. - // Additional value may be defined in future and can be one of: - // https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration - // Clients should expect to handle additional values and treat unrecognized values in this field as os: null - Name OSName -} - -// PodSchedulingGate is associated to a Pod to guard its scheduling. -type PodSchedulingGate struct { - // Name of the scheduling gate. - // Each scheduling gate must have a unique name field. - Name string -} - -// WorkloadReference identifies the Workload object and PodGroup membership -// that a Pod belongs to. The scheduler uses this information to apply -// workload-aware scheduling semantics. -type WorkloadReference struct { - // Name defines the name of the Workload object this Pod belongs to. - // Workload must be in the same namespace as the Pod. - // If it doesn't match any existing Workload, the Pod will remain unschedulable - // until a Workload object is created and observed by the kube-scheduler. - // It must be a DNS subdomain. - // - // +required - Name string - - // PodGroup is the name of the PodGroup within the Workload that this Pod - // belongs to. If it doesn't match any existing PodGroup within the Workload, - // the Pod will remain unschedulable until the Workload object is recreated - // and observed by the kube-scheduler. It must be a DNS label. - // - // +required - PodGroup string - - // PodGroupReplicaKey specifies the replica key of the PodGroup to which this - // Pod belongs. It is used to distinguish pods belonging to different replicas - // of the same pod group. The pod group policy is applied separately to each replica. - // When set, it must be a DNS label. - // - // +optional - PodGroupReplicaKey string -} - -// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the -// pod's hosts file. -type HostAlias struct { - IP string - Hostnames []string -} - -// Sysctl defines a kernel parameter to be set -type Sysctl struct { - // Name of a property to set - Name string - // Value of a property to set - Value string -} - -// PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume -// when volume is mounted. -type PodFSGroupChangePolicy string - -const ( - // FSGroupChangeOnRootMismatch indicates that volume's ownership and permissions will be changed - // only when permission and ownership of root directory does not match with expected - // permissions on the volume. This can help shorten the time it takes to change - // ownership and permissions of a volume. - FSGroupChangeOnRootMismatch PodFSGroupChangePolicy = "OnRootMismatch" - // FSGroupChangeAlways indicates that volume's ownership and permissions - // should always be changed whenever volume is mounted inside a Pod. This the default - // behavior. - FSGroupChangeAlways PodFSGroupChangePolicy = "Always" -) - -// SupplementalGroupsPolicy defines how supplemental groups -// of the first container processes are calculated. -type SupplementalGroupsPolicy string - -const ( - // SupplementalGroupsPolicyMerge means that the container's provided - // SupplementalGroups and FsGroup (specified in SecurityContext) will be - // merged with the primary user's groups as defined in the container image - // (in /etc/group). - SupplementalGroupsPolicyMerge SupplementalGroupsPolicy = "Merge" - // SupplementalGroupsPolicyStrict means that the container's provided - // SupplementalGroups and FsGroup (specified in SecurityContext) will be - // used instead of any groups defined in the container image. - SupplementalGroupsPolicyStrict SupplementalGroupsPolicy = "Strict" -) - -// PodSELinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. -type PodSELinuxChangePolicy string - -const ( - // Recursive relabeling of all Pod volumes by the container runtime. - // This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. - SELinuxChangePolicyRecursive PodSELinuxChangePolicy = "Recursive" - // MountOption mounts all eligible Pod volumes with `-o context` mount option. - // This requires all Pods that share the same volume to use the same SELinux label. - // It is not possible to share the same volume among privileged and unprivileged Pods. - // Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes - // whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their - // CSIDriver instance. Other volumes are always re-labelled recursively. - SELinuxChangePolicyMountOption PodSELinuxChangePolicy = "MountOption" -) - -// PodSecurityContext holds pod-level security attributes and common container settings. -// Some fields are also present in container.securityContext. Field values of -// container.securityContext take precedence over field values of PodSecurityContext. -type PodSecurityContext struct { - // Use the host's network namespace. If this option is set, the ports that will be - // used must be specified. - // Optional: Default to false - // +k8s:conversion-gen=false - // +optional - HostNetwork bool - // Use the host's pid namespace. - // Optional: Default to false. - // Note that this field cannot be set when spec.os.name is windows. - // +k8s:conversion-gen=false - // +optional - HostPID bool - // Use the host's ipc namespace. - // Optional: Default to false. - // Note that this field cannot be set when spec.os.name is windows. - // +k8s:conversion-gen=false - // +optional - HostIPC bool - // Share a single process namespace between all of the containers in a pod. - // When this is set containers will be able to view and signal processes from other containers - // in the same pod, and the first process in each container will not be assigned PID 1. - // HostPID and ShareProcessNamespace cannot both be set. - // Note that this field cannot be set when spec.os.name is windows. - // Optional: Default to false. - // +k8s:conversion-gen=false - // +optional - ShareProcessNamespace *bool - // Use the host's user namespace. - // Optional: Default to true. - // If set to true or not present, the pod will be run in the host user namespace, useful - // for when the pod needs a feature only available to the host user namespace, such as - // loading a kernel module with CAP_SYS_MODULE. - // When set to false, a new user namespace is created for the pod. Setting false is useful - // for mitigating container breakout vulnerabilities even allowing users to run their - // containers as root without actually having root privileges on the host. - // Note that this field cannot be set when spec.os.name is windows. - // +k8s:conversion-gen=false - // +optional - HostUsers *bool - // The SELinux context to be applied to all containers. - // If unspecified, the container runtime will allocate a random SELinux context for each - // container. May also be set in SecurityContext. If set in - // both SecurityContext and PodSecurityContext, the value specified in SecurityContext - // takes precedence for that container. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - SELinuxOptions *SELinuxOptions - // The Windows specific settings applied to all containers. - // If unspecified, the options within a container's SecurityContext will be used. - // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - // Note that this field cannot be set when spec.os.name is linux. - // +optional - WindowsOptions *WindowsSecurityContextOptions - // The UID to run the entrypoint of the container process. - // Defaults to user specified in image metadata if unspecified. - // May also be set in SecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence - // for that container. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - RunAsUser *int64 - // The GID to run the entrypoint of the container process. - // Uses runtime default if unset. - // May also be set in SecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence - // for that container. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - RunAsGroup *int64 - // Indicates that the container must run as a non-root user. - // If true, the Kubelet will validate the image at runtime to ensure that it - // does not run as UID 0 (root) and fail to start the container if it does. - // If unset or false, no such validation will be performed. - // May also be set in SecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence - // for that container. - // +optional - RunAsNonRoot *bool - // A list of groups applied to the first process run in each container, in - // addition to the container's primary GID and fsGroup (if specified). If - // the SupplementalGroupsPolicy feature is enabled, the - // supplementalGroupsPolicy field determines whether these are in addition - // to or instead of any group memberships defined in the container image. - // If unspecified, no additional groups are added, though group memberships - // defined in the container image may still be used, depending on the - // supplementalGroupsPolicy field. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - SupplementalGroups []int64 - // Defines how supplemental groups of the first container processes are calculated. - // Valid values are "Merge" and "Strict". If not specified, "Merge" is used. - // (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled - // and the container runtime must implement support for this feature. - // Note that this field cannot be set when spec.os.name is windows. - // TODO: update the default value to "Merge" when spec.os.name is not windows in v1.34 - // +featureGate=SupplementalGroupsPolicy - // +optional - SupplementalGroupsPolicy *SupplementalGroupsPolicy - // A special supplemental group that applies to all containers in a pod. - // Some volume types allow the Kubelet to change the ownership of that volume - // to be owned by the pod: - // - // 1. The owning GID will be the FSGroup - // 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) - // 3. The permission bits are OR'd with rw-rw---- - // - // If unset, the Kubelet will not modify the ownership and permissions of any volume. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - FSGroup *int64 - // fsGroupChangePolicy defines behavior of changing ownership and permission of the volume - // before being exposed inside Pod. This field will only apply to - // volume types which support fsGroup based ownership(and permissions). - // It will have no effect on ephemeral volume types such as: secret, configmaps - // and emptydir. - // Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - FSGroupChangePolicy *PodFSGroupChangePolicy - // Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported - // sysctls (by the container runtime) might fail to launch. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - Sysctls []Sysctl - // The seccomp options to use by the containers in this pod. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - SeccompProfile *SeccompProfile - // appArmorProfile is the AppArmor options to use by the containers in this pod. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - AppArmorProfile *AppArmorProfile - // seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. - // It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. - // Valid values are "MountOption" and "Recursive". - // - // "Recursive" means relabeling of all files on all Pod volumes by the container runtime. - // This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. - // - // "MountOption" mounts all eligible Pod volumes with `-o context` mount option. - // This requires all Pods that share the same volume to use the same SELinux label. - // It is not possible to share the same volume among privileged and unprivileged Pods. - // Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes - // whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their - // CSIDriver instance. Other volumes are always re-labelled recursively. - // "MountOption" value is allowed only when SELinuxMount feature gate is enabled. - // - // If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. - // If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes - // and "Recursive" for all other volumes. - // - // This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. - // - // All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. - // Note that this field cannot be set when spec.os.name is windows. - // +featureGate=SELinuxChangePolicy - // +optional - SELinuxChangePolicy *PodSELinuxChangePolicy -} - -// SeccompProfile defines a pod/container's seccomp profile settings. -// Only one profile source may be set. -// +union -type SeccompProfile struct { - // +unionDiscriminator - Type SeccompProfileType - // Load a profile defined in static file on the node. - // The profile must be preconfigured on the node to work. - // LocalhostProfile cannot be an absolute nor a descending path. - // +optional - LocalhostProfile *string -} - -// SeccompProfileType defines the supported seccomp profile types. -type SeccompProfileType string - -const ( - // SeccompProfileTypeUnconfined is when no seccomp profile is applied (A.K.A. unconfined). - SeccompProfileTypeUnconfined SeccompProfileType = "Unconfined" - // SeccompProfileTypeRuntimeDefault represents the default container runtime seccomp profile. - SeccompProfileTypeRuntimeDefault SeccompProfileType = "RuntimeDefault" - // SeccompProfileTypeLocalhost represents custom made profiles stored on the node's disk. - SeccompProfileTypeLocalhost SeccompProfileType = "Localhost" -) - -// AppArmorProfile defines a pod or container's AppArmor settings. -// +union -type AppArmorProfile struct { - // type indicates which kind of AppArmor profile will be applied. - // Valid options are: - // Localhost - a profile pre-loaded on the node. - // RuntimeDefault - the container runtime's default profile. - // Unconfined - no AppArmor enforcement. - // +unionDiscriminator - Type AppArmorProfileType - - // localhostProfile indicates a profile loaded on the node that should be used. - // The profile must be preconfigured on the node to work. - // Must match the loaded name of the profile. - // Must be set if and only if type is "Localhost". - // +optional - LocalhostProfile *string -} - -// +enum -type AppArmorProfileType string - -const ( - // AppArmorProfileTypeUnconfined indicates that no AppArmor profile should be enforced. - AppArmorProfileTypeUnconfined AppArmorProfileType = "Unconfined" - // AppArmorProfileTypeRuntimeDefault indicates that the container runtime's default AppArmor - // profile should be used. - AppArmorProfileTypeRuntimeDefault AppArmorProfileType = "RuntimeDefault" - // AppArmorProfileTypeLocalhost indicates that a profile pre-loaded on the node should be used. - AppArmorProfileTypeLocalhost AppArmorProfileType = "Localhost" -) - -// PodQOSClass defines the supported qos classes of Pods. -type PodQOSClass string - -// These are valid values for PodQOSClass -const ( - // PodQOSGuaranteed is the Guaranteed qos class. - PodQOSGuaranteed PodQOSClass = "Guaranteed" - // PodQOSBurstable is the Burstable qos class. - PodQOSBurstable PodQOSClass = "Burstable" - // PodQOSBestEffort is the BestEffort qos class. - PodQOSBestEffort PodQOSClass = "BestEffort" -) - -// PodDNSConfig defines the DNS parameters of a pod in addition to -// those generated from DNSPolicy. -type PodDNSConfig struct { - // A list of DNS name server IP addresses. - // This will be appended to the base nameservers generated from DNSPolicy. - // Duplicated nameservers will be removed. - // +optional - Nameservers []string - // A list of DNS search domains for host-name lookup. - // This will be appended to the base search paths generated from DNSPolicy. - // Duplicated search paths will be removed. - // +optional - Searches []string - // A list of DNS resolver options. - // This will be merged with the base options generated from DNSPolicy. - // Duplicated entries will be removed. Resolution options given in Options - // will override those that appear in the base DNSPolicy. - // +optional - Options []PodDNSConfigOption -} - -// PodDNSConfigOption defines DNS resolver options of a pod. -type PodDNSConfigOption struct { - // Required. - Name string - // +optional - Value *string -} - -// PodIP represents a single IP address allocated to the pod. -type PodIP struct { - // IP is the IP address assigned to the pod - IP string -} - -// HostIP represents a single IP address allocated to the host. -type HostIP struct { - // IP is the IP address assigned to the host - IP string -} - -// EphemeralContainerCommon is a copy of all fields in Container to be inlined in -// EphemeralContainer. This separate type allows easy conversion from EphemeralContainer -// to Container and allows separate documentation for the fields of EphemeralContainer. -// When a new field is added to Container it must be added here as well. -type EphemeralContainerCommon struct { - // Required: This must be a DNS_LABEL. Each container in a pod must - // have a unique name. - Name string - // Required. - Image string - // Optional: The container image's entrypoint is used if this is not provided; cannot be updated. - // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - // of whether the variable exists or not. - // +optional - Command []string - // Optional: The container image's cmd is used if this is not provided; cannot be updated. - // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - // of whether the variable exists or not. - // +optional - Args []string - // Optional: Defaults to the container runtime's default working directory. - // +optional - WorkingDir string - // Ports are not allowed for ephemeral containers. - // +optional - Ports []ContainerPort - // List of sources to populate environment variables in the container. - // The keys defined within a source must be a C_IDENTIFIER. All invalid keys - // will be reported as an event when the container is starting. When a key exists in multiple - // sources, the value associated with the last source will take precedence. - // Values defined by an Env with a duplicate key will take precedence. - // Cannot be updated. - // +optional - EnvFrom []EnvFromSource - // +optional - Env []EnvVar - // Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources - // already allocated to the pod. - // +optional - Resources ResourceRequirements - // Resources resize policy for the container. - // +featureGate=InPlacePodVerticalScaling - // +optional - ResizePolicy []ContainerResizePolicy - // Restart policy for the container to manage the restart behavior of each - // container within a pod. Must be specified if restartPolicyRules are used. - // You cannot set this field on ephemeral containers. - // +optional - RestartPolicy *ContainerRestartPolicy - // Represents a list of rules to be checked to determine if the - // container should be restarted on exit. The rules are evaluated in - // order. Once a rule matches a container exit condition, the remaining - // rules are ignored. If no rule matches the container exit condition, - // the Pod-level restart policy determines the whether the container - // is restarted or not. Constraints on the rules: - // - At most 20 rules are allowed. - // - Rules can have the same action. - // - Identical rules are not forbidden in validations. - // +featureGate=ContainerRestartRules - // +optional - // +listType=atomic - RestartPolicyRules []ContainerRestartRule - // Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. - // +optional - VolumeMounts []VolumeMount - // volumeDevices is the list of block devices to be used by the container. - // +optional - VolumeDevices []VolumeDevice - // Probes are not allowed for ephemeral containers. - // +optional - LivenessProbe *Probe - // Probes are not allowed for ephemeral containers. - // +optional - ReadinessProbe *Probe - // Probes are not allowed for ephemeral containers. - // +optional - StartupProbe *Probe - // Lifecycle is not allowed for ephemeral containers. - // +optional - Lifecycle *Lifecycle - // Required. - // +optional - TerminationMessagePath string - // +optional - TerminationMessagePolicy TerminationMessagePolicy - // Required: Policy for pulling images for this container - ImagePullPolicy PullPolicy - // Optional: SecurityContext defines the security options the ephemeral container should be run with. - // If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - // +optional - SecurityContext *SecurityContext - - // Variables for interactive containers, these have very specialized use-cases (e.g. debugging) - // and shouldn't be used for general purpose containers. - // +optional - Stdin bool - // +optional - StdinOnce bool - // +optional - TTY bool -} - -// EphemeralContainerCommon converts to Container. All fields must be kept in sync between -// these two types. -var _ = Container(EphemeralContainerCommon{}) - -// An EphemeralContainer is a temporary container that you may add to an existing Pod for -// user-initiated activities such as debugging. Ephemeral containers have no resource or -// scheduling guarantees, and they will not be restarted when they exit or when a Pod is -// removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the -// Pod to exceed its resource allocation. -// -// To add an ephemeral container, use the ephemeralcontainers subresource of an existing -// Pod. Ephemeral containers may not be removed or restarted. -type EphemeralContainer struct { - // Ephemeral containers have all of the fields of Container, plus additional fields - // specific to ephemeral containers. Fields in common with Container are in the - // following inlined struct so than an EphemeralContainer may easily be converted - // to a Container. - EphemeralContainerCommon - - // If set, the name of the container from PodSpec that this ephemeral container targets. - // The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. - // If not set then the ephemeral container uses the namespaces configured in the Pod spec. - // - // The container runtime must implement support for this feature. If the runtime does not - // support namespace targeting then the result of setting this field is undefined. - // +optional - TargetContainerName string -} - -// PodStatus represents information about the status of a pod. Status may trail the actual -// state of a system. -type PodStatus struct { - // If set, this represents the .metadata.generation that the pod status was set based upon. - // The PodObservedGenerationTracking feature gate must be enabled to use this field. - // +featureGate=PodObservedGenerationTracking - // +optional - ObservedGeneration int64 - // +optional - Phase PodPhase - // +optional - Conditions []PodCondition - // A human readable message indicating details about why the pod is in this state. - // +optional - Message string - // A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted' - // +optional - Reason string - // nominatedNodeName is set when this pod preempts other pods on the node, but it cannot be - // scheduled right away as preemption victims receive their graceful termination periods. - // This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide - // to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to - // give the resources on this node to a higher priority pod that is created after preemption. - // +optional - NominatedNodeName string - - // HostIP holds the IP address of the host to which the pod is assigned. Empty if the pod has not started yet. - // A pod can be assigned to a node that has a problem in kubelet which in turns mean that HostIP will - // not be updated even if there is a node is assigned to pod - // +optional - HostIP string - - // HostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must - // match the hostIP field. This list is empty if the pod has not started yet. - // A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will - // not be updated even if there is a node is assigned to this pod. - // match the hostIP field. This list is empty if no IPs have been allocated yet. - // +optional - HostIPs []HostIP - - // PodIPs holds all of the known IP addresses allocated to the pod. Pods may be assigned AT MOST - // one value for each of IPv4 and IPv6. - // +optional - PodIPs []PodIP - - // Date and time at which the object was acknowledged by the Kubelet. - // This is before the Kubelet pulled the container image(s) for the pod. - // +optional - StartTime *metav1.Time - // +optional - QOSClass PodQOSClass - - // Statuses of init containers in this pod. The most recent successful non-restartable - // init container will have ready = true, the most recently started container will have - // startTime set. - // Each init container in the pod should have at most one status in this list, - // and all statuses should be for containers in the pod. - // However this is not enforced. - // If a status for a non-existent container is present in the list, or the list has duplicate names, - // the behavior of various Kubernetes components is not defined and those statuses might be - // ignored. - // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status - InitContainerStatuses []ContainerStatus - - // Statuses of containers in this pod. - // Each container in the pod should have at most one status in this list, - // and all statuses should be for containers in the pod. - // However this is not enforced. - // If a status for a non-existent container is present in the list, or the list has duplicate names, - // the behavior of various Kubernetes components is not defined and those statuses might be - // ignored. - // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status - // +optional - ContainerStatuses []ContainerStatus - - // Statuses for any ephemeral containers that have run in this pod. - // Each ephemeral container in the pod should have at most one status in this list, - // and all statuses should be for containers in the pod. - // However this is not enforced. - // If a status for a non-existent container is present in the list, or the list has duplicate names, - // the behavior of various Kubernetes components is not defined and those statuses might be - // ignored. - // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status - // +optional - EphemeralContainerStatuses []ContainerStatus - - // Status of resources resize desired for pod's containers. - // It is empty if no resources resize is pending. - // Any changes to container resources will automatically set this to "Proposed" - // Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. - // PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. - // PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources. - // +featureGate=InPlacePodVerticalScaling - // +optional - Resize PodResizeStatus - - // Status of resource claims. - // +featureGate=DynamicResourceAllocation - // +optional - ResourceClaimStatuses []PodResourceClaimStatus - - // Status of claim of extended resource backed by DRA. - // +featureGate=DRAExtendedResource - // +optional - ExtendedResourceClaimStatus *PodExtendedResourceClaimStatus - - // AllocatedResources is the total requests allocated for this pod by the node. - // If pod-level requests are not set, this will be the total requests aggregated - // across containers in the pod. - // +featureGate=InPlacePodLevelResourcesVerticalScaling - // +optional - AllocatedResources ResourceList - - // Resources represents the compute resource requests and limits that have been - // applied at the pod level - // +featureGate=InPlacePodLevelResourcesVerticalScaling - // +optional - Resources *ResourceRequirements -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodStatusResult is a wrapper for PodStatus returned by kubelet that can be encode/decoded -type PodStatusResult struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - // Status represents the current information about a pod. This data may not be up - // to date. - // +optional - Status PodStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Pod is a collection of containers, used as either input (create, update) or as output (list, get). -type Pod struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the behavior of a pod. - // +optional - Spec PodSpec - - // Status represents the current information about a pod. This data may not be up - // to date. - // +optional - Status PodStatus -} - -// PodTemplateSpec describes the data a pod should have when created from a template -type PodTemplateSpec struct { - // Metadata of the pods created from this template. - // +optional - metav1.ObjectMeta - - // Spec defines the behavior of a pod. - // +optional - Spec PodSpec -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodTemplate describes a template for creating copies of a predefined pod. -type PodTemplate struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Template defines the pods that will be created from this pod template - // +optional - Template PodTemplateSpec -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodTemplateList is a list of PodTemplates. -type PodTemplateList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []PodTemplate -} - -// ReplicationControllerSpec is the specification of a replication controller. -// As the internal representation of a replication controller, it may have either -// a TemplateRef or a Template set. -type ReplicationControllerSpec struct { - // Replicas is the number of desired replicas. - Replicas *int32 - - // Minimum number of seconds for which a newly created pod should be ready - // without any of its container crashing, for it to be considered available. - // Defaults to 0 (pod will be considered available as soon as it is ready) - // +optional - MinReadySeconds int32 - - // Selector is a label query over pods that should match the Replicas count. - Selector map[string]string - - // TemplateRef is a reference to an object that describes the pod that will be created if - // insufficient replicas are detected. This reference is ignored if a Template is set. - // Must be set before converting to a versioned API object - // +optional - // TemplateRef *ObjectReference - - // Template is the object that describes the pod that will be created if - // insufficient replicas are detected. Internally, this takes precedence over a - // TemplateRef. - // The only allowed template.spec.restartPolicy value is "Always". - // +optional - Template *PodTemplateSpec -} - -// ReplicationControllerStatus represents the current status of a replication -// controller. -type ReplicationControllerStatus struct { - // Replicas is the number of actual replicas. - Replicas int32 - - // The number of pods that have labels matching the labels of the pod template of the replication controller. - // +optional - FullyLabeledReplicas int32 - - // The number of ready replicas for this replication controller. - // +optional - ReadyReplicas int32 - - // The number of available replicas (ready for at least minReadySeconds) for this replication controller. - // +optional - AvailableReplicas int32 - - // ObservedGeneration is the most recent generation observed by the controller. - // +optional - ObservedGeneration int64 - - // Represents the latest available observations of a replication controller's current state. - // +optional - Conditions []ReplicationControllerCondition -} - -// ReplicationControllerConditionType defines the conditions of a replication controller. -type ReplicationControllerConditionType string - -// These are valid conditions of a replication controller. -const ( - // ReplicationControllerReplicaFailure is added in a replication controller when one of its pods - // fails to be created due to insufficient quota, limit ranges, pod security policy, node selectors, - // etc. or deleted due to kubelet being down or finalizers are failing. - ReplicationControllerReplicaFailure ReplicationControllerConditionType = "ReplicaFailure" -) - -// ReplicationControllerCondition describes the state of a replication controller at a certain point. -type ReplicationControllerCondition struct { - // Type of replication controller condition. - Type ReplicationControllerConditionType - // Status of the condition, one of True, False, Unknown. - Status ConditionStatus - // The last time the condition transitioned from one status to another. - // +optional - LastTransitionTime metav1.Time - // The reason for the condition's last transition. - // +optional - Reason string - // A human readable message indicating details about the transition. - // +optional - Message string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ReplicationController represents the configuration of a replication controller. -type ReplicationController struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the desired behavior of this replication controller. - // +optional - Spec ReplicationControllerSpec - - // Status is the current status of this replication controller. This data may be - // out of date by some window of time. - // +optional - Status ReplicationControllerStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ReplicationControllerList is a collection of replication controllers. -type ReplicationControllerList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []ReplicationController -} - -const ( - // ClusterIPNone - do not assign a cluster IP - // no proxying required and no environment variables should be created for pods - ClusterIPNone = "None" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ServiceList holds a list of services. -type ServiceList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Service -} - -// ServiceAffinity Type string -type ServiceAffinity string - -const ( - // ServiceAffinityClientIP is the Client IP based. - ServiceAffinityClientIP ServiceAffinity = "ClientIP" - - // ServiceAffinityNone - no session affinity. - ServiceAffinityNone ServiceAffinity = "None" -) - -const ( - // DefaultClientIPServiceAffinitySeconds is the default timeout seconds - // of Client IP based session affinity - 3 hours. - DefaultClientIPServiceAffinitySeconds int32 = 10800 - // MaxClientIPServiceAffinitySeconds is the max timeout seconds - // of Client IP based session affinity - 1 day. - MaxClientIPServiceAffinitySeconds int32 = 86400 -) - -// SessionAffinityConfig represents the configurations of session affinity. -type SessionAffinityConfig struct { - // clientIP contains the configurations of Client IP based session affinity. - // +optional - ClientIP *ClientIPConfig -} - -// ClientIPConfig represents the configurations of Client IP based session affinity. -type ClientIPConfig struct { - // timeoutSeconds specifies the seconds of ClientIP type session sticky time. - // The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". - // Default value is 10800(for 3 hours). - // +optional - TimeoutSeconds *int32 -} - -// ServiceType string describes ingress methods for a service -type ServiceType string - -const ( - // ServiceTypeClusterIP means a service will only be accessible inside the - // cluster, via the ClusterIP. - ServiceTypeClusterIP ServiceType = "ClusterIP" - - // ServiceTypeNodePort means a service will be exposed on one port of - // every node, in addition to 'ClusterIP' type. - ServiceTypeNodePort ServiceType = "NodePort" - - // ServiceTypeLoadBalancer means a service will be exposed via an - // external load balancer (if the cloud provider supports it), in addition - // to 'NodePort' type. - ServiceTypeLoadBalancer ServiceType = "LoadBalancer" - - // ServiceTypeExternalName means a service consists of only a reference to - // an external name that kubedns or equivalent will return as a CNAME - // record, with no exposing or proxying of any pods involved. - ServiceTypeExternalName ServiceType = "ExternalName" -) - -// ServiceInternalTrafficPolicy describes the endpoint-selection policy for -// traffic sent to the ClusterIP. -type ServiceInternalTrafficPolicy string - -const ( - // ServiceInternalTrafficPolicyCluster routes traffic to all endpoints. - ServiceInternalTrafficPolicyCluster ServiceInternalTrafficPolicy = "Cluster" - - // ServiceInternalTrafficPolicyLocal routes traffic only to endpoints on the same - // node as the traffic was received on (dropping the traffic if there are no - // local endpoints). - ServiceInternalTrafficPolicyLocal ServiceInternalTrafficPolicy = "Local" -) - -// ServiceExternalTrafficPolicy describes the endpoint-selection policy for -// traffic to external service entrypoints (NodePorts, ExternalIPs, and -// LoadBalancer IPs). -type ServiceExternalTrafficPolicy string - -const ( - // ServiceExternalTrafficPolicyCluster routes traffic to all endpoints. - ServiceExternalTrafficPolicyCluster ServiceExternalTrafficPolicy = "Cluster" - - // ServiceExternalTrafficPolicyLocal preserves the source IP of the traffic by - // routing only to endpoints on the same node as the traffic was received on - // (dropping the traffic if there are no local endpoints). - ServiceExternalTrafficPolicyLocal ServiceExternalTrafficPolicy = "Local" -) - -// These are valid values for the TrafficDistribution field of a Service. -const ( - // ServiceTrafficDistributionPreferSameZone indicates a preference for routing - // traffic to endpoints that are in the same zone as the client. Users should only - // set this value if they have ensured that clients and endpoints are distributed - // in such a way that the "same zone" preference will not result in endpoints - // getting overloaded. - ServiceTrafficDistributionPreferSameZone = "PreferSameZone" - - // ServiceTrafficDistributionPreferSameNode indicates a preference for routing - // traffic to endpoints that are on the same node as the client. Users should only - // set this value if they have ensured that clients and endpoints are distributed - // in such a way that the "same node" preference will not result in endpoints - // getting overloaded. - ServiceTrafficDistributionPreferSameNode = "PreferSameNode" - - // ServiceTrafficDistributionPreferClose is the original name of "PreferSameZone". - // Despite the generic-sounding name, it has exactly the same meaning as - // "PreferSameZone". - // Deprecated: use "PreferSameZone" instead. - ServiceTrafficDistributionPreferClose = "PreferClose" -) - -// These are the valid conditions of a service. -const ( - // LoadBalancerPortsError represents the condition of the requested ports - // on the cloud load balancer instance. - LoadBalancerPortsError = "LoadBalancerPortsError" -) - -// ServiceStatus represents the current status of a service -type ServiceStatus struct { - // LoadBalancer contains the current status of the load-balancer, - // if one is present. - // +optional - LoadBalancer LoadBalancerStatus - - // Current service condition - // +optional - Conditions []metav1.Condition -} - -// LoadBalancerStatus represents the status of a load-balancer -type LoadBalancerStatus struct { - // Ingress is a list containing ingress points for the load-balancer; - // traffic intended for the service should be sent to these ingress points. - // +optional - Ingress []LoadBalancerIngress -} - -// LoadBalancerIngress represents the status of a load-balancer ingress point: -// traffic intended for the service should be sent to an ingress point. -type LoadBalancerIngress struct { - // IP is set for load-balancer ingress points that are IP based - // (typically GCE or OpenStack load-balancers) - // +optional - IP string - - // Hostname is set for load-balancer ingress points that are DNS based - // (typically AWS load-balancers) - // +optional - Hostname string - - // IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. - // Setting this to "VIP" indicates that traffic is delivered to the node with - // the destination set to the load-balancer's IP and port. - // Setting this to "Proxy" indicates that traffic is delivered to the node or pod with - // the destination set to the node's IP and node port or the pod's IP and port. - // Service implementations may use this information to adjust traffic routing. - // +optional - IPMode *LoadBalancerIPMode - - // Ports is a list of records of service ports - // If used, every port defined in the service should have an entry in it - // +optional - Ports []PortStatus -} - -// IPFamily represents the IP Family (IPv4 or IPv6). This type is used -// to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies). -type IPFamily string - -const ( - // IPv4Protocol indicates that this IP is IPv4 protocol - IPv4Protocol IPFamily = "IPv4" - // IPv6Protocol indicates that this IP is IPv6 protocol - IPv6Protocol IPFamily = "IPv6" -) - -// IPFamilyPolicy represents the dual-stack-ness requested or required by a Service -type IPFamilyPolicy string - -const ( - // IPFamilyPolicySingleStack indicates that this service is required to have a single IPFamily. - // The IPFamily assigned is based on the default IPFamily used by the cluster - // or as identified by service.spec.ipFamilies field - IPFamilyPolicySingleStack IPFamilyPolicy = "SingleStack" - // IPFamilyPolicyPreferDualStack indicates that this service prefers dual-stack when - // the cluster is configured for dual-stack. If the cluster is not configured - // for dual-stack the service will be assigned a single IPFamily. If the IPFamily is not - // set in service.spec.ipFamilies then the service will be assigned the default IPFamily - // configured on the cluster - IPFamilyPolicyPreferDualStack IPFamilyPolicy = "PreferDualStack" - // IPFamilyPolicyRequireDualStack indicates that this service requires dual-stack. Using - // IPFamilyPolicyRequireDualStack on a single stack cluster will result in validation errors. The - // IPFamilies (and their order) assigned to this service is based on service.spec.ipFamilies. If - // service.spec.ipFamilies was not provided then it will be assigned according to how they are - // configured on the cluster. If service.spec.ipFamilies has only one entry then the alternative - // IPFamily will be added by apiserver - IPFamilyPolicyRequireDualStack IPFamilyPolicy = "RequireDualStack" -) - -// ServiceSpec describes the attributes that a user creates on a service -type ServiceSpec struct { - // Type determines how the Service is exposed. Defaults to ClusterIP. Valid - // options are ExternalName, ClusterIP, NodePort, and LoadBalancer. - // "ExternalName" maps to the specified externalName. - // "ClusterIP" allocates a cluster-internal IP address for load-balancing to - // endpoints. Endpoints are determined by the selector or if that is not - // specified, by manual construction of an Endpoints object. If clusterIP is - // "None", no virtual IP is allocated and the endpoints are published as a - // set of endpoints rather than a stable IP. - // "NodePort" builds on ClusterIP and allocates a port on every node which - // routes to the clusterIP. - // "LoadBalancer" builds on NodePort and creates an - // external load-balancer (if supported in the current cloud) which routes - // to the clusterIP. - // More info: https://kubernetes.io/docs/concepts/services-networking/service/ - // +optional - Type ServiceType - - // Required: The list of ports that are exposed by this service. - Ports []ServicePort - - // Route service traffic to pods with label keys and values matching this - // selector. If empty or not present, the service is assumed to have an - // external process managing its endpoints, which Kubernetes will not - // modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. - // Ignored if type is ExternalName. - // More info: https://kubernetes.io/docs/concepts/services-networking/service/ - Selector map[string]string - - // ClusterIP is the IP address of the service and is usually assigned - // randomly by the master. If an address is specified manually and is not in - // use by others, it will be allocated to the service; otherwise, creation - // of the service will fail. This field can not be changed through updates. - // Valid values are "None", empty string (""), or a valid IP address. "None" - // can be specified for headless services when proxying is not required. - // Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if - // type is ExternalName. - // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - // +optional - ClusterIP string - - // ClusterIPs identifies all the ClusterIPs assigned to this - // service. ClusterIPs are assigned or reserved based on the values of - // service.spec.ipFamilies. A maximum of two entries (dual-stack IPs) are - // allowed in ClusterIPs. The IPFamily of each ClusterIP must match - // values provided in service.spec.ipFamilies. Clients using ClusterIPs must - // keep it in sync with ClusterIP (if provided) by having ClusterIP matching - // first element of ClusterIPs. - // +optional - ClusterIPs []string - - // IPFamilies identifies all the IPFamilies assigned for this Service. If a value - // was not provided for IPFamilies it will be defaulted based on the cluster - // configuration and the value of service.spec.ipFamilyPolicy. A maximum of two - // values (dual-stack IPFamilies) are allowed in IPFamilies. IPFamilies field is - // conditionally mutable: it allows for adding or removing a secondary IPFamily, - // but it does not allow changing the primary IPFamily of the service. - // +optional - IPFamilies []IPFamily - - // IPFamilyPolicy represents the dual-stack-ness requested or required by this - // Service. If there is no value provided, then this Service will be considered - // SingleStack (single IPFamily). Services can be SingleStack (single IPFamily), - // PreferDualStack (two dual-stack IPFamilies on dual-stack clusters or single - // IPFamily on single-stack clusters), or RequireDualStack (two dual-stack IPFamilies - // on dual-stack configured clusters, otherwise fail). The IPFamilies and ClusterIPs assigned - // to this service can be controlled by service.spec.ipFamilies and service.spec.clusterIPs - // respectively. - // +optional - IPFamilyPolicy *IPFamilyPolicy - - // ExternalName is the external reference that kubedns or equivalent will - // return as a CNAME record for this service. No proxying will be involved. - // Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) - // and requires Type to be ExternalName. - ExternalName string - - // ExternalIPs are used by external load balancers, or can be set by - // users to handle external traffic that arrives at a node. - // +optional - ExternalIPs []string - - // Only applies to Service Type: LoadBalancer - // LoadBalancer will get created with the IP specified in this field. - // This feature depends on whether the underlying cloud-provider supports specifying - // the loadBalancerIP when a load balancer is created. - // This field will be ignored if the cloud-provider does not support the feature. - // Deprecated: This field was under-specified and its meaning varies across implementations. - // Using it is non-portable and it may not support dual-stack. - // Users are encouraged to use implementation-specific annotations when available. - // +optional - LoadBalancerIP string - - // Optional: Supports "ClientIP" and "None". Used to maintain session affinity. - // +optional - SessionAffinity ServiceAffinity - - // sessionAffinityConfig contains the configurations of session affinity. - // +optional - SessionAffinityConfig *SessionAffinityConfig - - // Optional: If specified and supported by the platform, this will restrict traffic through the cloud-provider - // load-balancer will be restricted to the specified client IPs. This field will be ignored if the - // cloud-provider does not support the feature." - // +optional - LoadBalancerSourceRanges []string - - // externalTrafficPolicy describes how nodes distribute service traffic they - // receive on one of the Service's "externally-facing" addresses (NodePorts, - // ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure - // the service in a way that assumes that external load balancers will take care - // of balancing the service traffic between nodes, and so each node will deliver - // traffic only to the node-local endpoints of the service, without masquerading - // the client source IP. (Traffic mistakenly sent to a node with no endpoints will - // be dropped.) The default value, "Cluster", uses the standard behavior of - // routing to all endpoints evenly (possibly modified by topology and other - // features). Note that traffic sent to an External IP or LoadBalancer IP from - // within the cluster will always get "Cluster" semantics, but clients sending to - // a NodePort from within the cluster may need to take traffic policy into account - // when picking a node. - // +optional - ExternalTrafficPolicy ServiceExternalTrafficPolicy - - // healthCheckNodePort specifies the healthcheck nodePort for the service. - // If not specified, HealthCheckNodePort is created by the service api - // backend with the allocated nodePort. Will use user-specified nodePort value - // if specified by the client. Only effects when Type is set to LoadBalancer - // and ExternalTrafficPolicy is set to Local. - // +optional - HealthCheckNodePort int32 - - // publishNotReadyAddresses indicates that any agent which deals with endpoints for this - // Service should disregard any indications of ready/not-ready. - // The primary use case for setting this field is for a StatefulSet's Headless Service to - // propagate SRV DNS records for its Pods for the purpose of peer discovery. - // The Kubernetes controllers that generate Endpoints and EndpointSlice resources for - // Services interpret this to mean that all endpoints are considered "ready" even if the - // Pods themselves are not. Agents which consume only Kubernetes generated endpoints - // through the Endpoints or EndpointSlice resources can safely assume this behavior. - // +optional - PublishNotReadyAddresses bool - - // allocateLoadBalancerNodePorts defines if NodePorts will be automatically - // allocated for services with type LoadBalancer. Default is "true". It - // may be set to "false" if the cluster load-balancer does not rely on - // NodePorts. If the caller requests specific NodePorts (by specifying a - // value), those requests will be respected, regardless of this field. - // This field may only be set for services with type LoadBalancer and will - // be cleared if the type is changed to any other type. - // +optional - AllocateLoadBalancerNodePorts *bool - - // loadBalancerClass is the class of the load balancer implementation this Service belongs to. - // If specified, the value of this field must be a label-style identifier, with an optional prefix, - // e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. - // This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load - // balancer implementation is used, today this is typically done through the cloud provider integration, - // but should apply for any default implementation. If set, it is assumed that a load balancer - // implementation is watching for Services with a matching class. Any default load balancer - // implementation (e.g. cloud providers) should ignore Services that set this field. - // This field can only be set when creating or updating a Service to type 'LoadBalancer'. - // Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. - // +optional - LoadBalancerClass *string - - // InternalTrafficPolicy describes how nodes distribute service traffic they - // receive on the ClusterIP. If set to "Local", the proxy will assume that pods - // only want to talk to endpoints of the service on the same node as the pod, - // dropping the traffic if there are no local endpoints. The default value, - // "Cluster", uses the standard behavior of routing to all endpoints evenly - // (possibly modified by topology and other features). - // +optional - InternalTrafficPolicy *ServiceInternalTrafficPolicy - - // TrafficDistribution offers a way to express preferences for how traffic - // is distributed to Service endpoints. Implementations can use this field - // as a hint, but are not required to guarantee strict adherence. If the - // field is not set, the implementation will apply its default routing - // strategy. If set to "PreferClose", implementations should prioritize - // endpoints that are in the same zone. - // +optional - TrafficDistribution *string -} - -// ServicePort represents the port on which the service is exposed -type ServicePort struct { - // Optional if only one ServicePort is defined on this service: The - // name of this port within the service. This must be a DNS_LABEL. - // All ports within a ServiceSpec must have unique names. This maps to - // the 'Name' field in EndpointPort objects. - Name string - - // The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". - Protocol Protocol - - // The application protocol for this port. - // This is used as a hint for implementations to offer richer behavior for protocols that they understand. - // This field follows standard Kubernetes label syntax. - // Valid values are either: - // - // * Un-prefixed protocol names - reserved for IANA standard service names (as per - // RFC-6335 and https://www.iana.org/assignments/service-names). - // - // * Kubernetes-defined prefixed names: - // * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- - // * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 - // * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 - // - // * Other protocols should use implementation-defined prefixed names such as - // mycompany.com/my-custom-protocol. - // +optional - AppProtocol *string - - // The port that will be exposed on the service. - Port int32 - - // Optional: The target port on pods selected by this service. If this - // is a string, it will be looked up as a named port in the target - // Pod's container ports. If this is not specified, the value - // of the 'port' field is used (an identity map). - // This field is ignored for services with clusterIP=None, and should be - // omitted or set equal to the 'port' field. - TargetPort intstr.IntOrString - - // The port on each node on which this service is exposed. - // Default is to auto-allocate a port if the ServiceType of this Service requires one. - NodePort int32 -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Service is a named abstraction of software service (for example, mysql) consisting of local port -// (for example 3306) that the proxy listens on, and the selector that determines which pods -// will answer requests sent through the proxy. -type Service struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the behavior of a service. - // +optional - Spec ServiceSpec - - // Status represents the current status of a service. - // +optional - Status ServiceStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ServiceAccount binds together: -// * a name, understood by users, and perhaps by peripheral systems, for an identity -// * a principal that can be authenticated and authorized -// * a set of secrets -type ServiceAccount struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. - // Pods are only limited to this list if this service account has a "kubernetes.io/enforce-mountable-secrets" annotation set to "true". - // The "kubernetes.io/enforce-mountable-secrets" annotation is deprecated since v1.32. - // Prefer separate namespaces to isolate access to mounted secrets. - // This field should not be used to find auto-generated service account token secrets for use outside of pods. - // Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. - Secrets []ObjectReference - - // ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images - // in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets - // can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. - // +optional - ImagePullSecrets []LocalObjectReference - - // AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. - // Can be overridden at the pod level. - // +optional - AutomountServiceAccountToken *bool -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ServiceAccountList is a list of ServiceAccount objects -type ServiceAccountList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []ServiceAccount -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Endpoints is a collection of endpoints that implement the actual service. Example: -// -// Name: "mysvc", -// Subsets: [ -// { -// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], -// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] -// }, -// { -// Addresses: [{"ip": "10.10.3.3"}], -// Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}] -// }, -// ] -type Endpoints struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // The set of all endpoints is the union of all subsets. - Subsets []EndpointSubset -} - -// EndpointSubset is a group of addresses with a common set of ports. The -// expanded set of endpoints is the Cartesian product of Addresses x Ports. -// For example, given: -// -// { -// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], -// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] -// } -// -// The resulting set of endpoints can be viewed as: -// -// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], -// b: [ 10.10.1.1:309, 10.10.2.2:309 ] -type EndpointSubset struct { - Addresses []EndpointAddress - NotReadyAddresses []EndpointAddress - Ports []EndpointPort -} - -// EndpointAddress is a tuple that describes single IP address. -type EndpointAddress struct { - // The IP of this endpoint. - // May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), - // or link-local multicast (224.0.0.0/24 or ff02::/16). - IP string - // Optional: Hostname of this endpoint - // Meant to be used by DNS servers etc. - // +optional - Hostname string - // Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node. - // +optional - NodeName *string - // Optional: The kubernetes object related to the entry point. - TargetRef *ObjectReference -} - -// EndpointPort is a tuple that describes a single port. -type EndpointPort struct { - // The name of this port (corresponds to ServicePort.Name). Optional - // if only one port is defined. Must be a DNS_LABEL. - Name string - - // The port number. - Port int32 - - // The IP protocol for this port. - Protocol Protocol - - // The application protocol for this port. - // This is used as a hint for implementations to offer richer behavior for protocols that they understand. - // This field follows standard Kubernetes label syntax. - // Valid values are either: - // - // * Un-prefixed protocol names - reserved for IANA standard service names (as per - // RFC-6335 and https://www.iana.org/assignments/service-names). - // - // * Kubernetes-defined prefixed names: - // * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- - // * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 - // * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 - // - // * Other protocols should use implementation-defined prefixed names such as - // mycompany.com/my-custom-protocol. - // +optional - AppProtocol *string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// EndpointsList is a list of endpoints. -type EndpointsList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Endpoints -} - -// NodeSpec describes the attributes that a node is created with. -type NodeSpec struct { - // PodCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. It may - // contain AT MOST one value for each of IPv4 and IPv6. - // Note: assigning IP ranges to nodes might need to be revisited when we support migratable IPs. - // +optional - PodCIDRs []string - - // ID of the node assigned by the cloud provider - // Note: format is "://" - // +optional - ProviderID string - - // Unschedulable controls node schedulability of new pods. By default node is schedulable. - // +optional - Unschedulable bool - - // If specified, the node's taints. - // +optional - Taints []Taint - - // Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed. - // +optional - ConfigSource *NodeConfigSource - - // Deprecated. Not all kubelets will set this field. Remove field after 1.13. - // see: https://issues.k8s.io/61966 - // +optional - DoNotUseExternalID string -} - -// Deprecated: NodeConfigSource specifies a source of node configuration. Exactly one subfield must be non-nil. -type NodeConfigSource struct { - ConfigMap *ConfigMapNodeConfigSource -} - -// Deprecated: ConfigMapNodeConfigSource represents the config map of a node -type ConfigMapNodeConfigSource struct { - // Namespace is the metadata.namespace of the referenced ConfigMap. - // This field is required in all cases. - Namespace string - - // Name is the metadata.name of the referenced ConfigMap. - // This field is required in all cases. - Name string - - // UID is the metadata.UID of the referenced ConfigMap. - // This field is forbidden in Node.Spec, and required in Node.Status. - // +optional - UID types.UID - - // ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. - // This field is forbidden in Node.Spec, and required in Node.Status. - // +optional - ResourceVersion string - - // KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure - // This field is required in all cases. - KubeletConfigKey string -} - -// DaemonEndpoint contains information about a single Daemon endpoint. -type DaemonEndpoint struct { - /* - The port tag was not properly in quotes in earlier releases, so it must be - uppercase for backwards compatibility (since it was falling back to var name of - 'Port'). - */ - - // Port number of the given endpoint. - Port int32 -} - -// NodeDaemonEndpoints lists ports opened by daemons running on the Node. -type NodeDaemonEndpoints struct { - // Endpoint on which Kubelet is listening. - // +optional - KubeletEndpoint DaemonEndpoint -} - -// NodeRuntimeHandlerFeatures is a set of features implemented by the runtime handler. -type NodeRuntimeHandlerFeatures struct { - // RecursiveReadOnlyMounts is set to true if the runtime handler supports RecursiveReadOnlyMounts. - // +optional - RecursiveReadOnlyMounts *bool - // UserNamespaces is set to true if the runtime handler supports UserNamespaces, including for volumes. - // +featureGate=UserNamespacesSupport - // +optional - UserNamespaces *bool -} - -// NodeRuntimeHandler is a set of runtime handler information. -type NodeRuntimeHandler struct { - // Runtime handler name. - // Empty for the default runtime handler. - // +optional - Name string - // Supported features. - // +optional - Features *NodeRuntimeHandlerFeatures -} - -// NodeFeatures describes the set of features implemented by the CRI implementation. -// The features contained in the NodeFeatures should depend only on the cri implementation -// independent of runtime handlers. -type NodeFeatures struct { - // SupplementalGroupsPolicy is set to true if the runtime supports SupplementalGroupsPolicy and ContainerUser. - // +optional - SupplementalGroupsPolicy *bool -} - -// NodeSystemInfo is a set of ids/uuids to uniquely identify the node. -type NodeSystemInfo struct { - // MachineID reported by the node. For unique machine identification - // in the cluster this field is preferred. Learn more from man(5) - // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html - MachineID string - // SystemUUID reported by the node. For unique machine identification - // MachineID is preferred. This field is specific to Red Hat hosts - // https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - SystemUUID string - // Boot ID reported by the node. - BootID string - // Kernel Version reported by the node. - KernelVersion string - // OS Image reported by the node. - OSImage string - // ContainerRuntime Version reported by the node. - ContainerRuntimeVersion string - // Kubelet Version reported by the node. - KubeletVersion string - // Deprecated: KubeProxy Version reported by the node. - KubeProxyVersion string - // The Operating System reported by the node - OperatingSystem string - // The Architecture reported by the node - Architecture string - // Swap Info reported by the node. - Swap *NodeSwapStatus -} - -// NodeSwapStatus represents swap memory information. -type NodeSwapStatus struct { - // Total amount of swap memory in bytes. - // +optional - Capacity *int64 -} - -// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource. -type NodeConfigStatus struct { - // Assigned reports the checkpointed config the node will try to use. - // When Node.Spec.ConfigSource is updated, the node checkpoints the associated - // config payload to local disk, along with a record indicating intended - // config. The node refers to this record to choose its config checkpoint, and - // reports this record in Assigned. Assigned only updates in the status after - // the record has been checkpointed to disk. When the Kubelet is restarted, - // it tries to make the Assigned config the Active config by loading and - // validating the checkpointed payload identified by Assigned. - // +optional - Assigned *NodeConfigSource - // Active reports the checkpointed config the node is actively using. - // Active will represent either the current version of the Assigned config, - // or the current LastKnownGood config, depending on whether attempting to use the - // Assigned config results in an error. - // +optional - Active *NodeConfigSource - // LastKnownGood reports the checkpointed config the node will fall back to - // when it encounters an error attempting to use the Assigned config. - // The Assigned config becomes the LastKnownGood config when the node determines - // that the Assigned config is stable and correct. - // This is currently implemented as a 10-minute soak period starting when the local - // record of Assigned config is updated. If the Assigned config is Active at the end - // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is - // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, - // because the local default config is always assumed good. - // You should not make assumptions about the node's method of determining config stability - // and correctness, as this may change or become configurable in the future. - // +optional - LastKnownGood *NodeConfigSource - // Error describes any problems reconciling the Spec.ConfigSource to the Active config. - // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned - // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting - // to load or validate the Assigned config, etc. - // Errors may occur at different points while syncing config. Earlier errors (e.g. download or - // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across - // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in - // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error - // by fixing the config assigned in Spec.ConfigSource. - // You can find additional information for debugging by searching the error message in the Kubelet log. - // Error is a human-readable description of the error state; machines can check whether or not Error - // is empty, but should not rely on the stability of the Error text across Kubelet versions. - // +optional - Error string -} - -// NodeStatus is information about the current status of a node. -type NodeStatus struct { - // Capacity represents the total resources of a node. - // +optional - Capacity ResourceList - // Allocatable represents the resources of a node that are available for scheduling. - // +optional - Allocatable ResourceList - // NodePhase is the current lifecycle phase of the node. - // +optional - Phase NodePhase - // Conditions is an array of current node conditions. - // +optional - Conditions []NodeCondition - // Queried from cloud provider, if available. - // +optional - Addresses []NodeAddress - // Endpoints of daemons running on the Node. - // +optional - DaemonEndpoints NodeDaemonEndpoints - // Set of ids/uuids to uniquely identify the node. - // +optional - NodeInfo NodeSystemInfo - // List of container images on this node - // +optional - Images []ContainerImage - // List of attachable volumes in use (mounted) by the node. - // +optional - VolumesInUse []UniqueVolumeName - // List of volumes that are attached to the node. - // +optional - VolumesAttached []AttachedVolume - // Status of the config assigned to the node via the dynamic Kubelet config feature. - // +optional - Config *NodeConfigStatus - // The available runtime handlers. - // +featureGate=UserNamespacesSupport - // +optional - RuntimeHandlers []NodeRuntimeHandler - // Features describes the set of features implemented by the CRI implementation. - // +featureGate=SupplementalGroupsPolicy - // +optional - Features *NodeFeatures - // DeclaredFeatures represents the declared features of a node. - // +featureGate=NodeDeclaredFeatures - // +optional - DeclaredFeatures []string -} - -// UniqueVolumeName defines the name of attached volume -type UniqueVolumeName string - -// AttachedVolume describes a volume attached to a node -type AttachedVolume struct { - // Name of the attached volume - Name UniqueVolumeName - - // DevicePath represents the device path where the volume should be available - DevicePath string -} - -// AvoidPods describes pods that should avoid this node. This is the value for a -// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and -// will eventually become a field of NodeStatus. -type AvoidPods struct { - // Bounded-sized list of signatures of pods that should avoid this node, sorted - // in timestamp order from oldest to newest. Size of the slice is unspecified. - // +optional - PreferAvoidPods []PreferAvoidPodsEntry -} - -// PreferAvoidPodsEntry describes a class of pods that should avoid this node. -type PreferAvoidPodsEntry struct { - // The class of pods. - PodSignature PodSignature - // Time at which this entry was added to the list. - // +optional - EvictionTime metav1.Time - // (brief) reason why this entry was added to the list. - // +optional - Reason string - // Human readable message indicating why this entry was added to the list. - // +optional - Message string -} - -// PodSignature describes the class of pods that should avoid this node. -// Exactly one field should be set. -type PodSignature struct { - // Reference to controller whose pods should avoid this node. - // +optional - PodController *metav1.OwnerReference -} - -// ContainerImage describe a container image -type ContainerImage struct { - // Names by which this image is known. - // +optional - Names []string - // The size of the image in bytes. - // +optional - SizeBytes int64 -} - -// NodePhase defines the phase in which a node is in -type NodePhase string - -// These are the valid phases of node. -const ( - // NodePending means the node has been created/added by the system, but not configured. - NodePending NodePhase = "Pending" - // NodeRunning means the node has been configured and has Kubernetes components running. - NodeRunning NodePhase = "Running" - // NodeTerminated means the node has been removed from the cluster. - NodeTerminated NodePhase = "Terminated" -) - -// NodeConditionType defines node's condition -type NodeConditionType string - -// These are valid but not exhaustive conditions of node. A cloud provider may set a condition not listed here. -// Relevant events contain "NodeReady", "NodeNotReady", "NodeSchedulable", and "NodeNotSchedulable". -const ( - // NodeReady means kubelet is healthy and ready to accept pods. - NodeReady NodeConditionType = "Ready" - // NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory. - NodeMemoryPressure NodeConditionType = "MemoryPressure" - // NodeDiskPressure means the kubelet is under pressure due to insufficient available disk. - NodeDiskPressure NodeConditionType = "DiskPressure" - // NodeNetworkUnavailable means that network for the node is not correctly configured. - NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable" -) - -// NodeCondition represents the node's condition -type NodeCondition struct { - Type NodeConditionType - Status ConditionStatus - // +optional - LastHeartbeatTime metav1.Time - // +optional - LastTransitionTime metav1.Time - // +optional - Reason string - // +optional - Message string -} - -// NodeAddressType defines the node's address type -type NodeAddressType string - -// These are valid values of node address type -const ( - // NodeHostName identifies a name of the node. Although every node can be assumed - // to have a NodeAddress of this type, its exact syntax and semantics are not - // defined, and are not consistent between different clusters. - NodeHostName NodeAddressType = "Hostname" - - // NodeInternalIP identifies an IP address which is assigned to one of the node's - // network interfaces. Every node should have at least one address of this type. - // - // An internal IP is normally expected to be reachable from every other node, but - // may not be visible to hosts outside the cluster. By default it is assumed that - // kube-apiserver can reach node internal IPs, though it is possible to configure - // clusters where this is not the case. - // - // NodeInternalIP is the default type of node IP, and does not necessarily imply - // that the IP is ONLY reachable internally. If a node has multiple internal IPs, - // no specific semantics are assigned to the additional IPs. - NodeInternalIP NodeAddressType = "InternalIP" - - // NodeExternalIP identifies an IP address which is, in some way, intended to be - // more usable from outside the cluster then an internal IP, though no specific - // semantics are defined. It may be a globally routable IP, though it is not - // required to be. - // - // External IPs may be assigned directly to an interface on the node, like a - // NodeInternalIP, or alternatively, packets sent to the external IP may be NAT'ed - // to an internal node IP rather than being delivered directly (making the IP less - // efficient for node-to-node traffic than a NodeInternalIP). - NodeExternalIP NodeAddressType = "ExternalIP" - - // NodeInternalDNS identifies a DNS name which resolves to an IP address which has - // the characteristics of a NodeInternalIP. The IP it resolves to may or may not - // be a listed NodeInternalIP address. - NodeInternalDNS NodeAddressType = "InternalDNS" - - // NodeExternalDNS identifies a DNS name which resolves to an IP address which has - // the characteristics of a NodeExternalIP. The IP it resolves to may or may not - // be a listed NodeExternalIP address. - NodeExternalDNS NodeAddressType = "ExternalDNS" -) - -// NodeAddress represents node's address -type NodeAddress struct { - Type NodeAddressType - Address string -} - -// ResourceName is the name identifying various resources in a ResourceList. -type ResourceName string - -// Resource names must be not more than 63 characters, consisting of upper- or lower-case alphanumeric characters, -// with the -, _, and . characters allowed anywhere, except the first or last character. -// The default convention, matching that for annotations, is to use lower-case names, with dashes, rather than -// camel case, separating compound words. -// Fully-qualified resource typenames are constructed from a DNS-style subdomain, followed by a slash `/` and a name. -const ( - // CPU, in cores. (500m = .5 cores) - ResourceCPU ResourceName = "cpu" - // Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceMemory ResourceName = "memory" - // Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024) - ResourceStorage ResourceName = "storage" - // Local ephemeral storage, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceEphemeralStorage ResourceName = "ephemeral-storage" -) - -const ( - // ResourceDefaultNamespacePrefix is the default namespace prefix. - ResourceDefaultNamespacePrefix = "kubernetes.io/" - // ResourceHugePagesPrefix is the name prefix for huge page resources (alpha). - ResourceHugePagesPrefix = "hugepages-" - // ResourceAttachableVolumesPrefix is the name prefix for storage resource limits - ResourceAttachableVolumesPrefix = "attachable-volumes-" -) - -// ResourceList is a set of (resource name, quantity) pairs. -type ResourceList map[ResourceName]resource.Quantity - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Node is a worker node in Kubernetes -// The name of the node according to etcd is in ObjectMeta.Name. -type Node struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the behavior of a node. - // +optional - Spec NodeSpec - - // Status describes the current status of a Node - // +optional - Status NodeStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NodeList is a list of nodes. -type NodeList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Node -} - -// NamespaceSpec describes the attributes on a Namespace -type NamespaceSpec struct { - // Finalizers is an opaque list of values that must be empty to permanently remove object from storage - Finalizers []FinalizerName -} - -// FinalizerName is the name identifying a finalizer during namespace lifecycle. -type FinalizerName string - -// These are internal finalizer values to Kubernetes, must be qualified name unless defined here or -// in metav1. -const ( - FinalizerKubernetes FinalizerName = "kubernetes" -) - -// NamespaceStatus is information about the current status of a Namespace. -type NamespaceStatus struct { - // Phase is the current lifecycle phase of the namespace. - // +optional - Phase NamespacePhase - // +optional - Conditions []NamespaceCondition -} - -// NamespacePhase defines the phase in which the namespace is -type NamespacePhase string - -// These are the valid phases of a namespace. -const ( - // NamespaceActive means the namespace is available for use in the system - NamespaceActive NamespacePhase = "Active" - // NamespaceTerminating means the namespace is undergoing graceful termination - NamespaceTerminating NamespacePhase = "Terminating" -) - -// NamespaceConditionType defines constants reporting on status during namespace lifetime and deletion progress -type NamespaceConditionType string - -// These are valid conditions of a namespace. -const ( - NamespaceDeletionDiscoveryFailure NamespaceConditionType = "NamespaceDeletionDiscoveryFailure" - NamespaceDeletionContentFailure NamespaceConditionType = "NamespaceDeletionContentFailure" - NamespaceDeletionGVParsingFailure NamespaceConditionType = "NamespaceDeletionGroupVersionParsingFailure" -) - -// NamespaceCondition contains details about state of namespace. -type NamespaceCondition struct { - // Type of namespace controller condition. - Type NamespaceConditionType - // Status of the condition, one of True, False, Unknown. - Status ConditionStatus - // +optional - LastTransitionTime metav1.Time - // +optional - Reason string - // +optional - Message string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Namespace provides a scope for Names. -// Use of multiple namespaces is optional -type Namespace struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the behavior of the Namespace. - // +optional - Spec NamespaceSpec - - // Status describes the current status of a Namespace - // +optional - Status NamespaceStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NamespaceList is a list of Namespaces. -type NamespaceList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Namespace -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Binding ties one object to another; for example, a pod is bound to a node by a scheduler. -type Binding struct { - metav1.TypeMeta - // ObjectMeta describes the object that is being bound. - // +optional - metav1.ObjectMeta - - // Target is the object to bind to. - Target ObjectReference -} - -// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out. -type Preconditions struct { - // Specifies the target UID. - // +optional - UID *types.UID -} - -const ( - // LogStreamStdout is the stream type for stdout. - LogStreamStdout = "Stdout" - // LogStreamStderr is the stream type for stderr. - LogStreamStderr = "Stderr" - // LogStreamAll represents the combined stdout and stderr. - LogStreamAll = "All" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodLogOptions is the query options for a Pod's logs REST call -type PodLogOptions struct { - metav1.TypeMeta - - // Container for which to return logs - Container string - // If true, follow the logs for the pod - Follow bool - // If true, return previous terminated container logs - Previous bool - // A relative time in seconds before the current time from which to show logs. If this value - // precedes the time a pod was started, only logs since the pod start will be returned. - // If this value is in the future, no logs will be returned. - // Only one of sinceSeconds or sinceTime may be specified. - SinceSeconds *int64 - // An RFC3339 timestamp from which to show logs. If this value - // precedes the time a pod was started, only logs since the pod start will be returned. - // If this value is in the future, no logs will be returned. - // Only one of sinceSeconds or sinceTime may be specified. - SinceTime *metav1.Time - // If true, add an RFC 3339 timestamp with 9 digits of fractional seconds at the beginning of every line - // of log output. - Timestamps bool - // If set, the number of lines from the end of the logs to show. If not specified, - // logs are shown from the creation of the container or sinceSeconds or sinceTime. - // Note that when "TailLines" is specified, "Stream" can only be set to nil or "All". - TailLines *int64 - // If set, the number of bytes to read from the server before terminating the - // log output. This may not display a complete final line of logging, and may return - // slightly more or slightly less than the specified limit. - LimitBytes *int64 - - // insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the - // serving certificate of the backend it is connecting to. This will make the HTTPS connection between the apiserver - // and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real - // kubelet. If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the - // connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept - // the actual log data coming from the real kubelet). - // +optional - InsecureSkipTLSVerifyBackend bool - - // Specify which container log stream to return to the client. - // Acceptable values are "All", "Stdout" and "Stderr". If not specified, "All" is used, and both stdout and stderr - // are returned interleaved. - // Note that when "TailLines" is specified, "Stream" can only be set to nil or "All". - // +featureGate=PodLogsQuerySplitStreams - // +optional - Stream *string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodAttachOptions is the query options to a Pod's remote attach call -// TODO: merge w/ PodExecOptions below for stdin, stdout, etc -type PodAttachOptions struct { - metav1.TypeMeta - - // Stdin if true indicates that stdin is to be redirected for the attach call - // +optional - Stdin bool - - // Stdout if true indicates that stdout is to be redirected for the attach call - // +optional - Stdout bool - - // Stderr if true indicates that stderr is to be redirected for the attach call - // +optional - Stderr bool - - // TTY if true indicates that a tty will be allocated for the attach call - // +optional - TTY bool - - // Container to attach to. - // +optional - Container string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodExecOptions is the query options to a Pod's remote exec call -type PodExecOptions struct { - metav1.TypeMeta - - // Stdin if true indicates that stdin is to be redirected for the exec call - Stdin bool - - // Stdout if true indicates that stdout is to be redirected for the exec call - Stdout bool - - // Stderr if true indicates that stderr is to be redirected for the exec call - Stderr bool - - // TTY if true indicates that a tty will be allocated for the exec call - TTY bool - - // Container in which to execute the command. - Container string - - // Command is the remote command to execute; argv array; not executed within a shell. - Command []string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodPortForwardOptions is the query options to a Pod's port forward call -type PodPortForwardOptions struct { - metav1.TypeMeta - - // The list of ports to forward - // +optional - Ports []int32 -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PodProxyOptions is the query options to a Pod's proxy call -type PodProxyOptions struct { - metav1.TypeMeta - - // Path is the URL path to use for the current proxy request - Path string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NodeProxyOptions is the query options to a Node's proxy call -type NodeProxyOptions struct { - metav1.TypeMeta - - // Path is the URL path to use for the current proxy request - Path string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ServiceProxyOptions is the query options to a Service's proxy call. -type ServiceProxyOptions struct { - metav1.TypeMeta - - // Path is the part of URLs that include service endpoints, suffixes, - // and parameters to use for the current proxy request to service. - // For example, the whole request URL is - // http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. - // Path is _search?q=user:kimchy. - Path string -} - -// ObjectReference contains enough information to let you inspect or modify the referred object. -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type ObjectReference struct { - // +optional - Kind string - // +optional - Namespace string - // +optional - Name string - // +optional - UID types.UID - // +optional - APIVersion string - // +optional - ResourceVersion string - - // Optional. If referring to a piece of an object instead of an entire object, this string - // should contain information to identify the sub-object. For example, if the object - // reference is to a container within a pod, this would take on a value like: - // "spec.containers{name}" (where "name" refers to the name of the container that triggered - // the event) or if no container name is specified "spec.containers[2]" (container with - // index 2 in this pod). This syntax is chosen only to have some well-defined way of - // referencing a part of an object. - // TODO: this design is not final and this field is subject to change in the future. - // +optional - FieldPath string -} - -// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. -type LocalObjectReference struct { - // TODO: Add other useful fields. apiVersion, kind, uid? - Name string -} - -// TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace. -type TypedLocalObjectReference struct { - // APIGroup is the group for the resource being referenced. - // If APIGroup is not specified, the specified Kind must be in the core API group. - // For any other third-party types, APIGroup is required. - // +optional - APIGroup *string - // Kind is the type of resource being referenced - Kind string - // Name is the name of resource being referenced - Name string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// SerializedReference represents a serialized object reference -type SerializedReference struct { - metav1.TypeMeta - // +optional - Reference ObjectReference -} - -// EventSource represents the source from which an event is generated -type EventSource struct { - // Component from which the event is generated. - // +optional - Component string - // Node name on which the event is generated. - // +optional - Host string -} - -// Valid values for event types (new types could be added in future) -const ( - // Information only and will not cause any problems - EventTypeNormal string = "Normal" - // These events are to warn that something might go wrong - EventTypeWarning string = "Warning" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Event is a report of an event somewhere in the cluster. Events -// have a limited retention time and triggers and messages may evolve -// with time. Event consumers should not rely on the timing of an event -// with a given Reason reflecting a consistent underlying trigger, or the -// continued existence of events with that Reason. Events should be -// treated as informative, best-effort, supplemental data. -// TODO: Decide whether to store these separately or with the object they apply to. -type Event struct { - metav1.TypeMeta - - metav1.ObjectMeta - - // The object that this event is about. Mapped to events.Event.regarding - InvolvedObject ObjectReference - - // Optional; this should be a short, machine understandable string that gives the reason - // for this event being generated. For example, if the event is reporting that a container - // can't start, the Reason might be "ImageNotFound". - // TODO: provide exact specification for format. - // +optional - Reason string - - // Optional. A human-readable description of the status of this operation. - // TODO: decide on maximum length. Mapped to events.Event.note - // +optional - Message string - - // Optional. The component reporting this event. Should be a short machine understandable string. - // +optional - Source EventSource - - // The time at which the event was first recorded. (Time of server receipt is in TypeMeta.) - // +optional - FirstTimestamp metav1.Time - - // The time at which the most recent occurrence of this event was recorded. - // +optional - LastTimestamp metav1.Time - - // The number of times this event has occurred. - // +optional - Count int32 - - // Type of this event (Normal, Warning), new types could be added in the future. - // +optional - Type string - - // Time when this Event was first observed. - // +optional - EventTime metav1.MicroTime - - // Data about the Event series this event represents or nil if it's a singleton Event. - // +optional - Series *EventSeries - - // What action was taken/failed regarding to the Regarding object. - // +optional - Action string - - // Optional secondary object for more complex actions. - // +optional - Related *ObjectReference - - // Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. - // +optional - ReportingController string - - // ID of the controller instance, e.g. `kubelet-xyzf`. - // +optional - ReportingInstance string -} - -// EventSeries represents a series ov events -type EventSeries struct { - // Number of occurrences in this series up to the last heartbeat time - Count int32 - // Time of the last occurrence observed - LastObservedTime metav1.MicroTime -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// EventList is a list of events. -type EventList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Event -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// List holds a list of objects, which may not be known by the server. -type List metainternalversion.List - -// LimitType defines a type of object that is limited -type LimitType string - -const ( - // LimitTypePod defines limit that applies to all pods in a namespace - LimitTypePod LimitType = "Pod" - // LimitTypeContainer defines limit that applies to all containers in a namespace - LimitTypeContainer LimitType = "Container" - // LimitTypePersistentVolumeClaim defines limit that applies to all persistent volume claims in a namespace - LimitTypePersistentVolumeClaim LimitType = "PersistentVolumeClaim" -) - -// LimitRangeItem defines a min/max usage limit for any resource that matches on kind -type LimitRangeItem struct { - // Type of resource that this limit applies to - // +optional - Type LimitType - // Max usage constraints on this kind by resource name - // +optional - Max ResourceList - // Min usage constraints on this kind by resource name - // +optional - Min ResourceList - // Default resource requirement limit value by resource name. - // +optional - Default ResourceList - // DefaultRequest resource requirement request value by resource name. - // +optional - DefaultRequest ResourceList - // MaxLimitRequestRatio represents the max burst value for the named resource - // +optional - MaxLimitRequestRatio ResourceList -} - -// LimitRangeSpec defines a min/max usage limit for resources that match on kind -type LimitRangeSpec struct { - // Limits is the list of LimitRangeItem objects that are enforced - Limits []LimitRangeItem -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// LimitRange sets resource usage limits for each kind of resource in a Namespace -type LimitRange struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the limits enforced - // +optional - Spec LimitRangeSpec -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// LimitRangeList is a list of LimitRange items. -type LimitRangeList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is a list of LimitRange objects - Items []LimitRange -} - -// The following identify resource constants for Kubernetes object types -const ( - // Pods, number - ResourcePods ResourceName = "pods" - // Services, number - ResourceServices ResourceName = "services" - // ReplicationControllers, number - ResourceReplicationControllers ResourceName = "replicationcontrollers" - // ResourceQuotas, number - ResourceQuotas ResourceName = "resourcequotas" - // ResourceSecrets, number - ResourceSecrets ResourceName = "secrets" - // ResourceConfigMaps, number - ResourceConfigMaps ResourceName = "configmaps" - // ResourcePersistentVolumeClaims, number - ResourcePersistentVolumeClaims ResourceName = "persistentvolumeclaims" - // ResourceServicesNodePorts, number - ResourceServicesNodePorts ResourceName = "services.nodeports" - // ResourceServicesLoadBalancers, number - ResourceServicesLoadBalancers ResourceName = "services.loadbalancers" - // CPU request, in cores. (500m = .5 cores) - ResourceRequestsCPU ResourceName = "requests.cpu" - // Memory request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceRequestsMemory ResourceName = "requests.memory" - // Storage request, in bytes - ResourceRequestsStorage ResourceName = "requests.storage" - // Local ephemeral storage request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceRequestsEphemeralStorage ResourceName = "requests.ephemeral-storage" - // CPU limit, in cores. (500m = .5 cores) - ResourceLimitsCPU ResourceName = "limits.cpu" - // Memory limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceLimitsMemory ResourceName = "limits.memory" - // Local ephemeral storage limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - ResourceLimitsEphemeralStorage ResourceName = "limits.ephemeral-storage" - // resource.k8s.io devices requested with a certain DeviceClass, number - ResourceClaimsPerClass string = ".deviceclass.resource.k8s.io/devices" -) - -// The following identify resource prefix for Kubernetes object types -const ( - // HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) - // As burst is not supported for HugePages, we would only quota its request, and ignore the limit. - ResourceRequestsHugePagesPrefix = "requests.hugepages-" - // Default resource requests prefix - DefaultResourceRequestsPrefix = "requests." -) - -// ResourceQuotaScope defines a filter that must match each object tracked by a quota -type ResourceQuotaScope string - -// These are valid values for resource quota spec -const ( - // Match all pod objects where spec.activeDeadlineSeconds >=0 - ResourceQuotaScopeTerminating ResourceQuotaScope = "Terminating" - // Match all pod objects where spec.activeDeadlineSeconds is nil - ResourceQuotaScopeNotTerminating ResourceQuotaScope = "NotTerminating" - // Match all pod objects that have best effort quality of service - ResourceQuotaScopeBestEffort ResourceQuotaScope = "BestEffort" - // Match all pod objects that do not have best effort quality of service - ResourceQuotaScopeNotBestEffort ResourceQuotaScope = "NotBestEffort" - // Match all pod objects that have priority class mentioned - ResourceQuotaScopePriorityClass ResourceQuotaScope = "PriorityClass" - // Match all pod objects that have cross-namespace pod (anti)affinity mentioned - ResourceQuotaScopeCrossNamespacePodAffinity ResourceQuotaScope = "CrossNamespacePodAffinity" - - // Match all pvc objects that have volume attributes class mentioned. - ResourceQuotaScopeVolumeAttributesClass ResourceQuotaScope = "VolumeAttributesClass" -) - -// ResourceQuotaSpec defines the desired hard limits to enforce for Quota -type ResourceQuotaSpec struct { - // Hard is the set of desired hard limits for each named resource - // +optional - Hard ResourceList - // A collection of filters that must match each object tracked by a quota. - // If not specified, the quota matches all objects. - // +optional - Scopes []ResourceQuotaScope - // ScopeSelector is also a collection of filters like Scopes that must match each object tracked by a quota - // but expressed using ScopeSelectorOperator in combination with possible values. - // +optional - ScopeSelector *ScopeSelector -} - -// ScopeSelector represents the AND of the selectors represented -// by the scoped-resource selector terms. -type ScopeSelector struct { - // A list of scope selector requirements by scope of the resources. - // +optional - MatchExpressions []ScopedResourceSelectorRequirement -} - -// ScopedResourceSelectorRequirement is a selector that contains values, a scope name, and an operator -// that relates the scope name and values. -type ScopedResourceSelectorRequirement struct { - // The name of the scope that the selector applies to. - ScopeName ResourceQuotaScope - // Represents a scope's relationship to a set of values. - // Valid operators are In, NotIn, Exists, DoesNotExist. - Operator ScopeSelectorOperator - // An array of string values. If the operator is In or NotIn, - // the values array must be non-empty. If the operator is Exists or DoesNotExist, - // the values array must be empty. - // This array is replaced during a strategic merge patch. - // +optional - Values []string -} - -// ScopeSelectorOperator is the set of operators that can be used in -// a scope selector requirement. -type ScopeSelectorOperator string - -// These are the valid values for ScopeSelectorOperator -const ( - ScopeSelectorOpIn ScopeSelectorOperator = "In" - ScopeSelectorOpNotIn ScopeSelectorOperator = "NotIn" - ScopeSelectorOpExists ScopeSelectorOperator = "Exists" - ScopeSelectorOpDoesNotExist ScopeSelectorOperator = "DoesNotExist" -) - -// ResourceQuotaStatus defines the enforced hard limits and observed use -type ResourceQuotaStatus struct { - // Hard is the set of enforced hard limits for each named resource - // +optional - Hard ResourceList - // Used is the current observed total usage of the resource in the namespace - // +optional - Used ResourceList -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ResourceQuota sets aggregate quota restrictions enforced per namespace -type ResourceQuota struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Spec defines the desired quota - // +optional - Spec ResourceQuotaSpec - - // Status defines the actual enforced quota and its current usage - // +optional - Status ResourceQuotaStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ResourceQuotaList is a list of ResourceQuota items -type ResourceQuotaList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is a list of ResourceQuota objects - Items []ResourceQuota -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Secret holds secret data of a certain type. The total bytes of the values in -// the Data field must be less than MaxSecretSize bytes. -type Secret struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Immutable field, if set, ensures that data stored in the Secret cannot - // be updated (only object metadata can be modified). - // +optional - Immutable *bool - - // Data contains the secret data. Each key must consist of alphanumeric - // characters, '-', '_' or '.'. The serialized form of the secret data is a - // base64 encoded string, representing the arbitrary (possibly non-string) - // data value here. - // +optional - Data map[string][]byte `datapolicy:"password,security-key,token"` - - // Used to facilitate programmatic handling of secret data. - // More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types - // +optional - Type SecretType -} - -// MaxSecretSize represents the max secret size. -const MaxSecretSize = 1 * 1024 * 1024 - -// SecretType defines the types of secrets -type SecretType string - -// These are the valid values for SecretType -const ( - // SecretTypeOpaque is the default; arbitrary user-defined data - SecretTypeOpaque SecretType = "Opaque" - - // SecretTypeServiceAccountToken contains a token that identifies a service account to the API - // - // Required fields: - // - Secret.Annotations["kubernetes.io/service-account.name"] - the name of the ServiceAccount the token identifies - // - Secret.Annotations["kubernetes.io/service-account.uid"] - the UID of the ServiceAccount the token identifies - // - Secret.Data["token"] - a token that identifies the service account to the API - SecretTypeServiceAccountToken SecretType = "kubernetes.io/service-account-token" - - // ServiceAccountNameKey is the key of the required annotation for SecretTypeServiceAccountToken secrets - ServiceAccountNameKey = "kubernetes.io/service-account.name" - // ServiceAccountUIDKey is the key of the required annotation for SecretTypeServiceAccountToken secrets - ServiceAccountUIDKey = "kubernetes.io/service-account.uid" - // ServiceAccountTokenKey is the key of the required data for SecretTypeServiceAccountToken secrets - ServiceAccountTokenKey = "token" - // ServiceAccountKubeconfigKey is the key of the optional kubeconfig data for SecretTypeServiceAccountToken secrets - ServiceAccountKubeconfigKey = "kubernetes.kubeconfig" - // ServiceAccountRootCAKey is the key of the optional root certificate authority for SecretTypeServiceAccountToken secrets - ServiceAccountRootCAKey = "ca.crt" - // ServiceAccountNamespaceKey is the key of the optional namespace to use as the default for namespaced API calls - ServiceAccountNamespaceKey = "namespace" - - // SecretTypeDockercfg contains a dockercfg file that follows the same format rules as ~/.dockercfg - // - // Required fields: - // - Secret.Data[".dockercfg"] - a serialized ~/.dockercfg file - SecretTypeDockercfg SecretType = "kubernetes.io/dockercfg" - - // DockerConfigKey is the key of the required data for SecretTypeDockercfg secrets - DockerConfigKey = ".dockercfg" - - // SecretTypeDockerConfigJSON contains a dockercfg file that follows the same format rules as ~/.docker/config.json - // - // Required fields: - // - Secret.Data[".dockerconfigjson"] - a serialized ~/.docker/config.json file - SecretTypeDockerConfigJSON SecretType = "kubernetes.io/dockerconfigjson" - - // DockerConfigJSONKey is the key of the required data for SecretTypeDockerConfigJson secrets - DockerConfigJSONKey = ".dockerconfigjson" - - // SecretTypeBasicAuth contains data needed for basic authentication. - // - // Required at least one of fields: - // - Secret.Data["username"] - username used for authentication - // - Secret.Data["password"] - password or token needed for authentication - SecretTypeBasicAuth SecretType = "kubernetes.io/basic-auth" - - // BasicAuthUsernameKey is the key of the username for SecretTypeBasicAuth secrets - BasicAuthUsernameKey = "username" - // BasicAuthPasswordKey is the key of the password or token for SecretTypeBasicAuth secrets - BasicAuthPasswordKey = "password" - - // SecretTypeSSHAuth contains data needed for SSH authentication. - // - // Required field: - // - Secret.Data["ssh-privatekey"] - private SSH key needed for authentication - SecretTypeSSHAuth SecretType = "kubernetes.io/ssh-auth" - - // SSHAuthPrivateKey is the key of the required SSH private key for SecretTypeSSHAuth secrets - SSHAuthPrivateKey = "ssh-privatekey" - - // SecretTypeTLS contains information about a TLS client or server secret. It - // is primarily used with TLS termination of the Ingress resource, but may be - // used in other types. - // - // Required fields: - // - Secret.Data["tls.key"] - TLS private key. - // Secret.Data["tls.crt"] - TLS certificate. - // TODO: Consider supporting different formats, specifying CA/destinationCA. - SecretTypeTLS SecretType = "kubernetes.io/tls" - - // TLSCertKey is the key for tls certificates in a TLS secret. - TLSCertKey = "tls.crt" - // TLSPrivateKeyKey is the key for the private key field in a TLS secret. - TLSPrivateKeyKey = "tls.key" - // SecretTypeBootstrapToken is used during the automated bootstrap process (first - // implemented by kubeadm). It stores tokens that are used to sign well known - // ConfigMaps. They are used for authn. - SecretTypeBootstrapToken SecretType = "bootstrap.kubernetes.io/token" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// SecretList represents the list of secrets -type SecretList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []Secret -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ConfigMap holds configuration data for components or applications to consume. -type ConfigMap struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // Immutable field, if set, ensures that data stored in the ConfigMap cannot - // be updated (only object metadata can be modified). - // +optional - Immutable *bool - - // Data contains the configuration data. - // Each key must consist of alphanumeric characters, '-', '_' or '.'. - // Values with non-UTF-8 byte sequences must use the BinaryData field. - // The keys stored in Data must not overlap with the keys in - // the BinaryData field, this is enforced during validation process. - // +optional - Data map[string]string - - // BinaryData contains the binary data. - // Each key must consist of alphanumeric characters, '-', '_' or '.'. - // BinaryData can contain byte sequences that are not in the UTF-8 range. - // The keys stored in BinaryData must not overlap with the ones in - // the Data field, this is enforced during validation process. - // Using this field will require 1.10+ apiserver and - // kubelet. - // +optional - BinaryData map[string][]byte -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ConfigMapList is a resource containing a list of ConfigMap objects. -type ConfigMapList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - // Items is the list of ConfigMaps. - Items []ConfigMap -} - -// These constants are for remote command execution and port forwarding and are -// used by both the client side and server side components. -// -// This is probably not the ideal place for them, but it didn't seem worth it -// to create pkg/exec and pkg/portforward just to contain a single file with -// constants in it. Suggestions for more appropriate alternatives are -// definitely welcome! -const ( - // Enable stdin for remote command execution - ExecStdinParam = "input" - // Enable stdout for remote command execution - ExecStdoutParam = "output" - // Enable stderr for remote command execution - ExecStderrParam = "error" - // Enable TTY for remote command execution - ExecTTYParam = "tty" - // Command to run for remote command execution - ExecCommandParam = "command" - - // Name of header that specifies stream type - StreamType = "streamType" - // Value for streamType header for stdin stream - StreamTypeStdin = "stdin" - // Value for streamType header for stdout stream - StreamTypeStdout = "stdout" - // Value for streamType header for stderr stream - StreamTypeStderr = "stderr" - // Value for streamType header for data stream - StreamTypeData = "data" - // Value for streamType header for error stream - StreamTypeError = "error" - // Value for streamType header for terminal resize stream - StreamTypeResize = "resize" - - // Name of header that specifies the port being forwarded - PortHeader = "port" - // Name of header that specifies a request ID used to associate the error - // and data streams for a single forwarded connection - PortForwardRequestIDHeader = "requestID" -) - -// ComponentConditionType defines type and constants for component health validation. -type ComponentConditionType string - -// These are the valid conditions for the component. -const ( - ComponentHealthy ComponentConditionType = "Healthy" -) - -// ComponentCondition represents the condition of a component -type ComponentCondition struct { - Type ComponentConditionType - Status ConditionStatus - // +optional - Message string - // +optional - Error string -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ComponentStatus (and ComponentStatusList) holds the cluster validation info. -// Deprecated: This API is deprecated in v1.19+ -type ComponentStatus struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - - // +optional - Conditions []ComponentCondition -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ComponentStatusList represents the list of component statuses -// Deprecated: This API is deprecated in v1.19+ -type ComponentStatusList struct { - metav1.TypeMeta - // +optional - metav1.ListMeta - - Items []ComponentStatus -} - -// SecurityContext holds security configuration that will be applied to a container. -// Some fields are present in both SecurityContext and PodSecurityContext. When both -// are set, the values in SecurityContext take precedence. -type SecurityContext struct { - // The capabilities to add/drop when running containers. - // Defaults to the default set of capabilities granted by the container runtime. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - Capabilities *Capabilities - // Run container in privileged mode. - // Processes in privileged containers are essentially equivalent to root on the host. - // Defaults to false. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - Privileged *bool - // The SELinux context to be applied to the container. - // If unspecified, the container runtime will allocate a random SELinux context for each - // container. May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - SELinuxOptions *SELinuxOptions - // The Windows specific settings applied to all containers. - // If unspecified, the options from the PodSecurityContext will be used. - // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - // Note that this field cannot be set when spec.os.name is linux. - // +optional - WindowsOptions *WindowsSecurityContextOptions - // The UID to run the entrypoint of the container process. - // Defaults to user specified in image metadata if unspecified. - // May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - RunAsUser *int64 - // The GID to run the entrypoint of the container process. - // Uses runtime default if unset. - // May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - RunAsGroup *int64 - // Indicates that the container must run as a non-root user. - // If true, the Kubelet will validate the image at runtime to ensure that it - // does not run as UID 0 (root) and fail to start the container if it does. - // If unset or false, no such validation will be performed. - // May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // +optional - RunAsNonRoot *bool - // The read-only root filesystem allows you to restrict the locations that an application can write - // files to, ensuring the persistent data can only be written to mounts. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - ReadOnlyRootFilesystem *bool - // AllowPrivilegeEscalation controls whether a process can gain more - // privileges than its parent process. This bool directly controls if - // the no_new_privs flag will be set on the container process. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - AllowPrivilegeEscalation *bool - // ProcMount denotes the type of proc mount to use for the containers. - // The default value is Default which uses the container runtime defaults for - // readonly paths and masked paths. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - ProcMount *ProcMountType - // The seccomp options to use by this container. If seccomp options are - // provided at both the pod & container level, the container options - // override the pod options. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - SeccompProfile *SeccompProfile - // appArmorProfile is the AppArmor options to use by this container. If set, this profile - // overrides the pod's appArmorProfile. - // Note that this field cannot be set when spec.os.name is windows. - // +optional - AppArmorProfile *AppArmorProfile -} - -// ProcMountType defines the type of proc mount -type ProcMountType string - -const ( - // DefaultProcMount uses the container runtime defaults for readonly and masked - // paths for /proc. Most container runtimes mask certain paths in /proc to avoid - // accidental security exposure of special devices or information. - DefaultProcMount ProcMountType = "Default" - - // UnmaskedProcMount bypasses the default masking behavior of the container - // runtime and ensures the newly created /proc the container stays intact with - // no modifications. - UnmaskedProcMount ProcMountType = "Unmasked" -) - -// SELinuxOptions are the labels to be applied to the container. -type SELinuxOptions struct { - // SELinux user label - // +optional - User string - // SELinux role label - // +optional - Role string - // SELinux type label - // +optional - Type string - // SELinux level label. - // +optional - Level string -} - -// WindowsSecurityContextOptions contain Windows-specific options and credentials. -type WindowsSecurityContextOptions struct { - // GMSACredentialSpecName is the name of the GMSA credential spec to use. - // +optional - GMSACredentialSpecName *string - - // GMSACredentialSpec is where the GMSA admission webhook - // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - // GMSA credential spec named by the GMSACredentialSpecName field. - // +optional - GMSACredentialSpec *string - - // The UserName in Windows to run the entrypoint of the container process. - // Defaults to the user specified in image metadata if unspecified. - // May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // +optional - RunAsUserName *string - - // HostProcess determines if a container should be run as a 'Host Process' container. - // All of a Pod's containers must have the same effective HostProcess value - // (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - // In addition, if HostProcess is true then HostNetwork must also be set to true. - // +optional - HostProcess *bool -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// RangeAllocation is an opaque API object (not exposed to end users) that can be persisted to record -// the global allocation state of the cluster. The schema of Range and Data generic, in that Range -// should be a string representation of the inputs to a range (for instance, for IP allocation it -// might be a CIDR) and Data is an opaque blob understood by an allocator which is typically a -// binary range. Consumers should use annotations to record additional information (schema version, -// data encoding hints). A range allocation should *ALWAYS* be recreatable at any time by observation -// of the cluster, thus the object is less strongly typed than most. -type RangeAllocation struct { - metav1.TypeMeta - // +optional - metav1.ObjectMeta - // A string representing a unique label for a range of resources, such as a CIDR "10.0.0.0/8" or - // port range "10000-30000". Range is not strongly schema'd here. The Range is expected to define - // a start and end unless there is an implicit end. - Range string - // A byte array representing the serialized state of a range allocation. Additional clarifiers on - // the type or format of data should be represented with annotations. For IP allocations, this is - // represented as a bit array starting at the base IP of the CIDR in Range, with each bit representing - // a single allocated address (the fifth bit on CIDR 10.0.0.0/8 is 10.0.0.4). - Data []byte -} - -const ( - // DefaultHardPodAffinitySymmetricWeight is the weight of implicit PreferredDuringScheduling affinity rule. - // - // RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule - // corresponding to every RequiredDuringScheduling affinity rule. - // When the --hard-pod-affinity-weight scheduler flag is not specified, - // DefaultHardPodAffinityWeight defines the weight of the implicit PreferredDuringScheduling affinity rule. - DefaultHardPodAffinitySymmetricWeight int32 = 1 -) - -// UnsatisfiableConstraintAction defines the actions that can be taken for an -// unsatisfiable constraint. -type UnsatisfiableConstraintAction string - -const ( - // DoNotSchedule instructs the scheduler not to schedule the pod - // when constraints are not satisfied. - DoNotSchedule UnsatisfiableConstraintAction = "DoNotSchedule" - // ScheduleAnyway instructs the scheduler to schedule the pod - // even if constraints are not satisfied. - ScheduleAnyway UnsatisfiableConstraintAction = "ScheduleAnyway" -) - -// NodeInclusionPolicy defines the type of node inclusion policy -// +enum -type NodeInclusionPolicy string - -const ( - // NodeInclusionPolicyIgnore means ignore this scheduling directive when calculating pod topology spread skew. - NodeInclusionPolicyIgnore NodeInclusionPolicy = "Ignore" - // NodeInclusionPolicyHonor means use this scheduling directive when calculating pod topology spread skew. - NodeInclusionPolicyHonor NodeInclusionPolicy = "Honor" -) - -// TopologySpreadConstraint specifies how to spread matching pods among the given topology. -type TopologySpreadConstraint struct { - // MaxSkew describes the degree to which pods may be unevenly distributed. - // When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - // between the number of matching pods in the target topology and the global minimum. - // The global minimum is the minimum number of matching pods in an eligible domain - // or zero if the number of eligible domains is less than MinDomains. - // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - // labelSelector spread as 2/2/1: - // In this case, the global minimum is 1. - // +-------+-------+-------+ - // | zone1 | zone2 | zone3 | - // +-------+-------+-------+ - // | P P | P P | P | - // +-------+-------+-------+ - // - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - // scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - // violate MaxSkew(1). - // - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - // When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - // to topologies that satisfy it. - // It's a required field. Default value is 1 and 0 is not allowed. - MaxSkew int32 - // TopologyKey is the key of node labels. Nodes that have a label with this key - // and identical values are considered to be in the same topology. - // We consider each as a "bucket", and try to put balanced number - // of pods into each bucket. - // We define a domain as a particular instance of a topology. - // Also, we define an eligible domain as a domain whose nodes meet the requirements of - // nodeAffinityPolicy and nodeTaintsPolicy. - // e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - // And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - // It's a required field. - TopologyKey string - // WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - // the spread constraint. - // - DoNotSchedule (default) tells the scheduler not to schedule it. - // - ScheduleAnyway tells the scheduler to schedule the pod in any location, - // but giving higher precedence to topologies that would help reduce the - // skew. - // A constraint is considered "Unsatisfiable" for an incoming pod - // if and only if every possible node assignment for that pod would violate - // "MaxSkew" on some topology. - // For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - // labelSelector spread as 3/1/1: - // +-------+-------+-------+ - // | zone1 | zone2 | zone3 | - // +-------+-------+-------+ - // | P P P | P | P | - // +-------+-------+-------+ - // If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - // to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - // MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - // won't make it *more* imbalanced. - // It's a required field. - WhenUnsatisfiable UnsatisfiableConstraintAction - // LabelSelector is used to find matching pods. - // Pods that match this label selector are counted to determine the number of pods - // in their corresponding topology domain. - // +optional - LabelSelector *metav1.LabelSelector - // MinDomains indicates a minimum number of eligible domains. - // When the number of eligible domains with matching topology keys is less than minDomains, - // Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - // And when the number of eligible domains with matching topology keys equals or greater than minDomains, - // this value has no effect on scheduling. - // As a result, when the number of eligible domains is less than minDomains, - // scheduler won't schedule more than maxSkew Pods to those domains. - // If value is nil, the constraint behaves as if MinDomains is equal to 1. - // Valid values are integers greater than 0. - // When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - // - // For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - // labelSelector spread as 2/2/2: - // +-------+-------+-------+ - // | zone1 | zone2 | zone3 | - // +-------+-------+-------+ - // | P P | P P | P P | - // +-------+-------+-------+ - // The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - // In this situation, new pod with the same labelSelector cannot be scheduled, - // because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - // it will violate MaxSkew. - // +optional - MinDomains *int32 - // NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - // when calculating pod topology spread skew. Options are: - // - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - // - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - // - // If this value is nil, the behavior is equivalent to the Honor policy. - // +optional - NodeAffinityPolicy *NodeInclusionPolicy - // NodeTaintsPolicy indicates how we will treat node taints when calculating - // pod topology spread skew. Options are: - // - Honor: nodes without taints, along with tainted nodes for which the incoming pod - // has a toleration, are included. - // - Ignore: node taints are ignored. All nodes are included. - // - // If this value is nil, the behavior is equivalent to the Ignore policy. - // +optional - NodeTaintsPolicy *NodeInclusionPolicy - // MatchLabelKeys is a set of pod label keys to select the pods over which - // spreading will be calculated. The keys are used to lookup values from the - // incoming pod labels, those key-value labels are ANDed with labelSelector - // to select the group of existing pods over which spreading will be calculated - // for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - // MatchLabelKeys cannot be set when LabelSelector isn't set. - // Keys that don't exist in the incoming pod labels will - // be ignored. A null or empty list means only match against labelSelector. - // - // This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - // +listType=atomic - // +optional - MatchLabelKeys []string -} - -// These are the built-in errors for PortStatus. -const ( - // MixedProtocolNotSupported error in PortStatus means that the cloud provider - // can't ensure the port on the load balancer because mixed values of protocols - // on the same LoadBalancer type of Service are not supported by the cloud provider. - MixedProtocolNotSupported = "MixedProtocolNotSupported" -) - -// PortStatus represents the error condition of a service port -type PortStatus struct { - // Port is the port number of the service port of which status is recorded here - Port int32 - // Protocol is the protocol of the service port of which status is recorded here - Protocol Protocol - // Error is to record the problem with the service port - // The format of the error shall comply with the following rules: - // - built-in error values shall be specified in this file and those shall use - // CamelCase names - // - cloud provider specific error values must have names that comply with the - // format foo.example.com/CamelCase. - // --- - // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - // +optional - // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` - // +kubebuilder:validation:MaxLength=316 - Error *string -} - -// LoadBalancerIPMode represents the mode of the LoadBalancer ingress IP -type LoadBalancerIPMode string - -const ( - // LoadBalancerIPModeVIP indicates that traffic is delivered to the node with - // the destination set to the load-balancer's IP and port. - LoadBalancerIPModeVIP LoadBalancerIPMode = "VIP" - // LoadBalancerIPModeProxy indicates that traffic is delivered to the node or pod with - // the destination set to the node's IP and port or the pod's IP and port. - LoadBalancerIPModeProxy LoadBalancerIPMode = "Proxy" -) - -// ImageVolumeSource represents a image volume resource. -type ImageVolumeSource struct { - // Required: Image or artifact reference to be used. - // Behaves in the same way as pod.spec.containers[*].image. - // Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. - // More info: https://kubernetes.io/docs/concepts/containers/images - // This field is optional to allow higher level config management to default or override - // container images in workload controllers like Deployments and StatefulSets. - // +optional - Reference string - - // Policy for pulling OCI objects. Possible values are: - // Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - // Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - // IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. - // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. - // +optional - PullPolicy PullPolicy -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS deleted file mode 100644 index 274fc5464..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS +++ /dev/null @@ -1,24 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - thockin - - smarterclayton - - wojtek-t - - deads2k - - yujuhong - - derekwaynecarr - - caesarxuchao - - mikedanese - - liggitt - - sttts - - dchen1107 - - saad-ali - - luxas - - janetkuo - - justinsb - - tallclair - - jsafrane - - dims - - jayunit100 -emeritus_reviewers: - - ncdc diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go deleted file mode 100644 index 06a916fe6..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go +++ /dev/null @@ -1,568 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import ( - "fmt" - "reflect" - - "k8s.io/utils/ptr" - - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/conversion" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/validation/field" - "k8s.io/kubernetes/pkg/apis/apps" - "k8s.io/kubernetes/pkg/apis/core" -) - -func addConversionFuncs(scheme *runtime.Scheme) error { - // Add field conversion funcs. - err := scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Pod"), - func(label, value string) (string, string, error) { - switch label { - case "metadata.name", - "metadata.namespace", - "spec.nodeName", - "spec.restartPolicy", - "spec.schedulerName", - "spec.serviceAccountName", - "spec.hostNetwork", - "status.phase", - "status.podIP", - "status.podIPs", - "status.nominatedNodeName": - return label, value, nil - // This is for backwards compatibility with old v1 clients which send spec.host - case "spec.host": - return "spec.nodeName", value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }, - ) - if err != nil { - return err - } - err = scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Node"), - func(label, value string) (string, string, error) { - switch label { - case "metadata.name": - return label, value, nil - case "spec.unschedulable": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }, - ) - if err != nil { - return err - } - err = scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("ReplicationController"), - func(label, value string) (string, string, error) { - switch label { - case "metadata.name", - "metadata.namespace", - "status.replicas": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }) - if err != nil { - return err - } - if err := AddFieldLabelConversionsForEvent(scheme); err != nil { - return err - } - if err := AddFieldLabelConversionsForNamespace(scheme); err != nil { - return err - } - if err := AddFieldLabelConversionsForSecret(scheme); err != nil { - return err - } - if err := AddFieldLabelConversionsForService(scheme); err != nil { - return err - } - return nil -} - -func Convert_v1_ReplicationController_To_apps_ReplicaSet(in *v1.ReplicationController, out *apps.ReplicaSet, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ReplicationControllerSpec_To_apps_ReplicaSetSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_ReplicationControllerStatus_To_apps_ReplicaSetStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -func Convert_v1_ReplicationControllerSpec_To_apps_ReplicaSetSpec(in *v1.ReplicationControllerSpec, out *apps.ReplicaSetSpec, s conversion.Scope) error { - out.Replicas = *in.Replicas - out.MinReadySeconds = in.MinReadySeconds - if in.Selector != nil { - out.Selector = new(metav1.LabelSelector) - metav1.Convert_Map_string_To_string_To_v1_LabelSelector(&in.Selector, out.Selector, s) - } - if in.Template != nil { - if err := Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in.Template, &out.Template, s); err != nil { - return err - } - } - return nil -} - -func Convert_v1_ReplicationControllerStatus_To_apps_ReplicaSetStatus(in *v1.ReplicationControllerStatus, out *apps.ReplicaSetStatus, s conversion.Scope) error { - out.Replicas = in.Replicas - out.FullyLabeledReplicas = in.FullyLabeledReplicas - out.ReadyReplicas = in.ReadyReplicas - out.AvailableReplicas = in.AvailableReplicas - out.ObservedGeneration = in.ObservedGeneration - for _, cond := range in.Conditions { - out.Conditions = append(out.Conditions, apps.ReplicaSetCondition{ - Type: apps.ReplicaSetConditionType(cond.Type), - Status: core.ConditionStatus(cond.Status), - LastTransitionTime: cond.LastTransitionTime, - Reason: cond.Reason, - Message: cond.Message, - }) - } - return nil -} - -func Convert_apps_ReplicaSet_To_v1_ReplicationController(in *apps.ReplicaSet, out *v1.ReplicationController, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_apps_ReplicaSetSpec_To_v1_ReplicationControllerSpec(&in.Spec, &out.Spec, s); err != nil { - fieldErr, ok := err.(*field.Error) - if !ok { - return err - } - if out.Annotations == nil { - out.Annotations = make(map[string]string) - } - out.Annotations[v1.NonConvertibleAnnotationPrefix+"/"+fieldErr.Field] = reflect.ValueOf(fieldErr.BadValue).String() - } - if err := Convert_apps_ReplicaSetStatus_To_v1_ReplicationControllerStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -func Convert_apps_ReplicaSetSpec_To_v1_ReplicationControllerSpec(in *apps.ReplicaSetSpec, out *v1.ReplicationControllerSpec, s conversion.Scope) error { - out.Replicas = new(int32) - *out.Replicas = in.Replicas - out.MinReadySeconds = in.MinReadySeconds - var invalidErr error - if in.Selector != nil { - invalidErr = metav1.Convert_v1_LabelSelector_To_Map_string_To_string(in.Selector, &out.Selector, s) - } - out.Template = new(v1.PodTemplateSpec) - if err := Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(&in.Template, out.Template, s); err != nil { - return err - } - return invalidErr -} - -func Convert_apps_ReplicaSetStatus_To_v1_ReplicationControllerStatus(in *apps.ReplicaSetStatus, out *v1.ReplicationControllerStatus, s conversion.Scope) error { - out.Replicas = in.Replicas - out.FullyLabeledReplicas = in.FullyLabeledReplicas - out.ReadyReplicas = in.ReadyReplicas - out.AvailableReplicas = in.AvailableReplicas - out.ObservedGeneration = in.ObservedGeneration - for _, cond := range in.Conditions { - out.Conditions = append(out.Conditions, v1.ReplicationControllerCondition{ - Type: v1.ReplicationControllerConditionType(cond.Type), - Status: v1.ConditionStatus(cond.Status), - LastTransitionTime: cond.LastTransitionTime, - Reason: cond.Reason, - Message: cond.Message, - }) - } - return nil -} - -func Convert_core_ReplicationControllerSpec_To_v1_ReplicationControllerSpec(in *core.ReplicationControllerSpec, out *v1.ReplicationControllerSpec, s conversion.Scope) error { - if err := autoConvert_core_ReplicationControllerSpec_To_v1_ReplicationControllerSpec(in, out, s); err != nil { - return err - } - out.MinReadySeconds = in.MinReadySeconds - out.Selector = in.Selector - if in.Template != nil { - out.Template = new(v1.PodTemplateSpec) - if err := Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(in.Template, out.Template, s); err != nil { - return err - } - } else { - out.Template = nil - } - return nil -} - -func Convert_v1_ReplicationControllerSpec_To_core_ReplicationControllerSpec(in *v1.ReplicationControllerSpec, out *core.ReplicationControllerSpec, s conversion.Scope) error { - if err := autoConvert_v1_ReplicationControllerSpec_To_core_ReplicationControllerSpec(in, out, s); err != nil { - return err - } - out.MinReadySeconds = in.MinReadySeconds - out.Selector = in.Selector - if in.Template != nil { - out.Template = new(core.PodTemplateSpec) - if err := Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in.Template, out.Template, s); err != nil { - return err - } - } else { - out.Template = nil - } - return nil -} - -func Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(in *core.PodTemplateSpec, out *v1.PodTemplateSpec, s conversion.Scope) error { - if err := autoConvert_core_PodTemplateSpec_To_v1_PodTemplateSpec(in, out, s); err != nil { - return err - } - - // drop init container annotations so they don't take effect on legacy kubelets. - // remove this once the oldest supported kubelet no longer honors the annotations over the field. - out.Annotations = dropInitContainerAnnotations(out.Annotations) - - return nil -} - -func Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in *v1.PodTemplateSpec, out *core.PodTemplateSpec, s conversion.Scope) error { - if err := autoConvert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in, out, s); err != nil { - return err - } - - // drop init container annotations so they don't show up as differences when receiving requests from old clients - out.Annotations = dropInitContainerAnnotations(out.Annotations) - - return nil -} - -func Convert_v1_PodStatus_To_core_PodStatus(in *v1.PodStatus, out *core.PodStatus, s conversion.Scope) error { - if err := autoConvert_v1_PodStatus_To_core_PodStatus(in, out, s); err != nil { - return err - } - - // If both fields (v1.PodIPs and v1.PodIP) are provided and differ, then PodIP is authoritative for compatibility with older kubelets - if (len(in.PodIP) > 0 && len(in.PodIPs) > 0) && (in.PodIP != in.PodIPs[0].IP) { - out.PodIPs = []core.PodIP{ - { - IP: in.PodIP, - }, - } - } - // at the this point, autoConvert copied v1.PodIPs -> core.PodIPs - // if v1.PodIPs was empty but v1.PodIP is not, then set core.PodIPs[0] with v1.PodIP - if len(in.PodIP) > 0 && len(in.PodIPs) == 0 { - out.PodIPs = []core.PodIP{ - { - IP: in.PodIP, - }, - } - } - return nil -} - -func Convert_core_PodStatus_To_v1_PodStatus(in *core.PodStatus, out *v1.PodStatus, s conversion.Scope) error { - if err := autoConvert_core_PodStatus_To_v1_PodStatus(in, out, s); err != nil { - return err - } - // at the this point autoConvert copied core.PodIPs -> v1.PodIPs - // v1.PodIP (singular value field, which does not exist in core) needs to - // be set with core.PodIPs[0] - if len(in.PodIPs) > 0 { - out.PodIP = in.PodIPs[0].IP - } - return nil -} - -// The following two v1.PodSpec conversions are done here to support v1.ServiceAccount -// as an alias for ServiceAccountName. -func Convert_core_PodSpec_To_v1_PodSpec(in *core.PodSpec, out *v1.PodSpec, s conversion.Scope) error { - if err := autoConvert_core_PodSpec_To_v1_PodSpec(in, out, s); err != nil { - return err - } - - // DeprecatedServiceAccount is an alias for ServiceAccountName. - out.DeprecatedServiceAccount = in.ServiceAccountName - - if in.SecurityContext != nil { - // the host namespace fields have to be handled here for backward compatibility - // with v1.0.0 - out.HostPID = in.SecurityContext.HostPID - out.HostNetwork = in.SecurityContext.HostNetwork - out.HostIPC = in.SecurityContext.HostIPC - out.ShareProcessNamespace = in.SecurityContext.ShareProcessNamespace - out.HostUsers = in.SecurityContext.HostUsers - } - - return nil -} - -func Convert_core_NodeSpec_To_v1_NodeSpec(in *core.NodeSpec, out *v1.NodeSpec, s conversion.Scope) error { - if err := autoConvert_core_NodeSpec_To_v1_NodeSpec(in, out, s); err != nil { - return err - } - // at the this point autoConvert copied core.PodCIDRs -> v1.PodCIDRs - // v1.PodCIDR (singular value field, which does not exist in core) needs to - // be set with core.PodCIDRs[0] - if len(in.PodCIDRs) > 0 { - out.PodCIDR = in.PodCIDRs[0] - } - return nil -} - -func Convert_v1_NodeSpec_To_core_NodeSpec(in *v1.NodeSpec, out *core.NodeSpec, s conversion.Scope) error { - if err := autoConvert_v1_NodeSpec_To_core_NodeSpec(in, out, s); err != nil { - return err - } - // If both fields (v1.PodCIDRs and v1.PodCIDR) are provided and differ, then PodCIDR is authoritative for compatibility with older clients - if (len(in.PodCIDR) > 0 && len(in.PodCIDRs) > 0) && (in.PodCIDR != in.PodCIDRs[0]) { - out.PodCIDRs = []string{in.PodCIDR} - } - - // at the this point, autoConvert copied v1.PodCIDRs -> core.PodCIDRs - // if v1.PodCIDRs was empty but v1.PodCIDR is not, then set core.PodCIDRs[0] with v1.PodCIDR - if len(in.PodCIDR) > 0 && len(in.PodCIDRs) == 0 { - out.PodCIDRs = []string{in.PodCIDR} - } - return nil -} - -func Convert_v1_PodSpec_To_core_PodSpec(in *v1.PodSpec, out *core.PodSpec, s conversion.Scope) error { - if err := autoConvert_v1_PodSpec_To_core_PodSpec(in, out, s); err != nil { - return err - } - - // We support DeprecatedServiceAccount as an alias for ServiceAccountName. - // If both are specified, ServiceAccountName (the new field) wins. - if in.ServiceAccountName == "" { - out.ServiceAccountName = in.DeprecatedServiceAccount - } - - // the host namespace fields have to be handled specially for backward compatibility - // with v1.0.0 - if out.SecurityContext == nil { - out.SecurityContext = new(core.PodSecurityContext) - } - out.SecurityContext.HostNetwork = in.HostNetwork - out.SecurityContext.HostPID = in.HostPID - out.SecurityContext.HostIPC = in.HostIPC - out.SecurityContext.ShareProcessNamespace = in.ShareProcessNamespace - out.SecurityContext.HostUsers = in.HostUsers - - return nil -} - -func Convert_v1_Pod_To_core_Pod(in *v1.Pod, out *core.Pod, s conversion.Scope) error { - if err := autoConvert_v1_Pod_To_core_Pod(in, out, s); err != nil { - return err - } - - // drop init container annotations so they don't show up as differences when receiving requests from old clients - out.Annotations = dropInitContainerAnnotations(out.Annotations) - - // Forcing the value of TerminationGracePeriodSeconds to 1 if it is negative. - // Just for Pod, not for PodSpec, because we don't want to change the behavior of the PodTemplate. - if in.Spec.TerminationGracePeriodSeconds != nil && *in.Spec.TerminationGracePeriodSeconds < 0 { - out.Spec.TerminationGracePeriodSeconds = ptr.To[int64](1) - } - return nil -} - -func Convert_core_Pod_To_v1_Pod(in *core.Pod, out *v1.Pod, s conversion.Scope) error { - if err := autoConvert_core_Pod_To_v1_Pod(in, out, s); err != nil { - return err - } - - // drop init container annotations so they don't take effect on legacy kubelets. - // remove this once the oldest supported kubelet no longer honors the annotations over the field. - out.Annotations = dropInitContainerAnnotations(out.Annotations) - - // Forcing the value of TerminationGracePeriodSeconds to 1 if it is negative. - // Just for Pod, not for PodSpec, because we don't want to change the behavior of the PodTemplate. - if in.Spec.TerminationGracePeriodSeconds != nil && *in.Spec.TerminationGracePeriodSeconds < 0 { - out.Spec.TerminationGracePeriodSeconds = ptr.To[int64](1) - } - return nil -} - -func Convert_v1_Secret_To_core_Secret(in *v1.Secret, out *core.Secret, s conversion.Scope) error { - if err := autoConvert_v1_Secret_To_core_Secret(in, out, s); err != nil { - return err - } - - // StringData overwrites Data - if len(in.StringData) > 0 { - if out.Data == nil { - out.Data = map[string][]byte{} - } - for k, v := range in.StringData { - out.Data[k] = []byte(v) - } - } - - return nil -} - -// +k8s:conversion-fn=copy-only -func Convert_v1_ResourceList_To_core_ResourceList(in *v1.ResourceList, out *core.ResourceList, s conversion.Scope) error { - if *in == nil { - return nil - } - if *out == nil { - *out = make(core.ResourceList, len(*in)) - } - for key, val := range *in { - // Moved to defaults - // TODO(#18538): We round up resource values to milli scale to maintain API compatibility. - // In the future, we should instead reject values that need rounding. - // const milliScale = -3 - // val.RoundUp(milliScale) - - (*out)[core.ResourceName(key)] = val - } - return nil -} - -func AddFieldLabelConversionsForEvent(scheme *runtime.Scheme) error { - return scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Event"), - func(label, value string) (string, string, error) { - switch label { - case "involvedObject.kind", - "involvedObject.namespace", - "involvedObject.name", - "involvedObject.uid", - "involvedObject.apiVersion", - "involvedObject.resourceVersion", - "involvedObject.fieldPath", - "reason", - "reportingComponent", - "source", - "type", - "metadata.namespace", - "metadata.name": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }) -} - -func AddFieldLabelConversionsForNamespace(scheme *runtime.Scheme) error { - return scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Namespace"), - func(label, value string) (string, string, error) { - switch label { - case "status.phase", - "metadata.name": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }) -} - -func AddFieldLabelConversionsForSecret(scheme *runtime.Scheme) error { - return scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Secret"), - func(label, value string) (string, string, error) { - switch label { - case "type", - "metadata.namespace", - "metadata.name": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }) -} - -func AddFieldLabelConversionsForService(scheme *runtime.Scheme) error { - return scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind("Service"), - func(label, value string) (string, string, error) { - switch label { - case "metadata.namespace", - "metadata.name", - "spec.clusterIP", - "spec.type": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }) -} - -var initContainerAnnotations = map[string]bool{ - "pod.beta.kubernetes.io/init-containers": true, - "pod.alpha.kubernetes.io/init-containers": true, - "pod.beta.kubernetes.io/init-container-statuses": true, - "pod.alpha.kubernetes.io/init-container-statuses": true, -} - -// dropInitContainerAnnotations returns a copy of the annotations with init container annotations removed, -// or the original annotations if no init container annotations were present. -// -// this can be removed once no clients prior to 1.8 are supported, and no kubelets prior to 1.8 can be run -// (we don't support kubelets older than 2 versions skewed from the apiserver, but we don't prevent them, either) -func dropInitContainerAnnotations(oldAnnotations map[string]string) map[string]string { - if len(oldAnnotations) == 0 { - return oldAnnotations - } - - found := false - for k := range initContainerAnnotations { - if _, ok := oldAnnotations[k]; ok { - found = true - break - } - } - if !found { - return oldAnnotations - } - - newAnnotations := make(map[string]string, len(oldAnnotations)) - for k, v := range oldAnnotations { - if !initContainerAnnotations[k] { - newAnnotations[k] = v - } - } - return newAnnotations -} - -// Convert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec is defined outside the autogenerated file for use by other API packages -// This is needed because it is referenced from other APIs, but is invisible at code-generation time because of the build tags. -func Convert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(in *core.PersistentVolumeSpec, out *v1.PersistentVolumeSpec, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(in, out, s) -} - -// Convert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec is defined outside the autogenerated file for use by other API packages -// This is needed because it is referenced from other APIs, but is invisible at code-generation time because of the build tags. -func Convert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(in *v1.PersistentVolumeSpec, out *core.PersistentVolumeSpec, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(in, out, s) -} - -// Convert_Slice_string_To_Pointer_string is needed because decoding URL parameters requires manual assistance. -func Convert_Slice_string_To_Pointer_string(in *[]string, out **string, s conversion.Scope) error { - if len(*in) == 0 { - return nil - } - temp := (*in)[0] - *out = &temp - return nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/defaults.go deleted file mode 100644 index a6b5e551b..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/defaults.go +++ /dev/null @@ -1,527 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import ( - "time" - - "k8s.io/utils/ptr" - - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/intstr" - utilfeature "k8s.io/apiserver/pkg/util/feature" - resourcehelper "k8s.io/component-helpers/resource" - "k8s.io/kubernetes/pkg/api/v1/service" - corev1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" - "k8s.io/kubernetes/pkg/features" - "k8s.io/kubernetes/pkg/util/parsers" -) - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} - -func SetDefaults_ResourceList(obj *v1.ResourceList) { - for key, val := range *obj { - // TODO(#18538): We round up resource values to milli scale to maintain API compatibility. - // In the future, we should instead reject values that need rounding. - const milliScale = -3 - val.RoundUp(milliScale) - - (*obj)[v1.ResourceName(key)] = val - } -} - -func SetDefaults_ReplicationController(obj *v1.ReplicationController) { - var labels map[string]string - if obj.Spec.Template != nil { - labels = obj.Spec.Template.Labels - } - // TODO: support templates defined elsewhere when we support them in the API - if labels != nil { - if len(obj.Spec.Selector) == 0 { - obj.Spec.Selector = labels - } - if len(obj.Labels) == 0 { - obj.Labels = labels - } - } - // obj.Spec.Replicas is defaulted declaratively -} -func SetDefaults_Volume(obj *v1.Volume) { - if ptr.AllPtrFieldsNil(&obj.VolumeSource) { - obj.VolumeSource = v1.VolumeSource{ - EmptyDir: &v1.EmptyDirVolumeSource{}, - } - } - if utilfeature.DefaultFeatureGate.Enabled(features.ImageVolume) && obj.Image != nil && obj.Image.PullPolicy == "" { - // PullPolicy defaults to Always if :latest tag is specified, or IfNotPresent otherwise. - _, tag, _, _ := parsers.ParseImageName(obj.Image.Reference) - if tag == "latest" { - obj.Image.PullPolicy = v1.PullAlways - } else { - obj.Image.PullPolicy = v1.PullIfNotPresent - } - } -} -func SetDefaults_Container(obj *v1.Container) { - if obj.ImagePullPolicy == "" { - // Ignore error and assume it has been validated elsewhere - _, tag, _, _ := parsers.ParseImageName(obj.Image) - - // Check image tag - if tag == "latest" { - obj.ImagePullPolicy = v1.PullAlways - } else { - obj.ImagePullPolicy = v1.PullIfNotPresent - } - } - if obj.TerminationMessagePath == "" { - obj.TerminationMessagePath = v1.TerminationMessagePathDefault - } - if obj.TerminationMessagePolicy == "" { - obj.TerminationMessagePolicy = v1.TerminationMessageReadFile - } -} - -func SetDefaults_EphemeralContainer(obj *v1.EphemeralContainer) { - SetDefaults_Container((*v1.Container)(&obj.EphemeralContainerCommon)) -} - -func SetDefaults_Service(obj *v1.Service) { - if obj.Spec.SessionAffinity == "" { - obj.Spec.SessionAffinity = v1.ServiceAffinityNone - } - if obj.Spec.SessionAffinity == v1.ServiceAffinityNone { - obj.Spec.SessionAffinityConfig = nil - } - if obj.Spec.SessionAffinity == v1.ServiceAffinityClientIP { - if obj.Spec.SessionAffinityConfig == nil || obj.Spec.SessionAffinityConfig.ClientIP == nil || obj.Spec.SessionAffinityConfig.ClientIP.TimeoutSeconds == nil { - timeoutSeconds := v1.DefaultClientIPServiceAffinitySeconds - obj.Spec.SessionAffinityConfig = &v1.SessionAffinityConfig{ - ClientIP: &v1.ClientIPConfig{ - TimeoutSeconds: &timeoutSeconds, - }, - } - } - } - if obj.Spec.Type == "" { - obj.Spec.Type = v1.ServiceTypeClusterIP - } - for i := range obj.Spec.Ports { - sp := &obj.Spec.Ports[i] - if sp.Protocol == "" { - sp.Protocol = v1.ProtocolTCP - } - if sp.TargetPort == intstr.FromInt32(0) || sp.TargetPort == intstr.FromString("") { - sp.TargetPort = intstr.FromInt32(sp.Port) - } - } - // Defaults ExternalTrafficPolicy field for externally-accessible service - // to Global for consistency. - if service.ExternallyAccessible(obj) && obj.Spec.ExternalTrafficPolicy == "" { - obj.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyCluster - } - - if obj.Spec.InternalTrafficPolicy == nil { - if obj.Spec.Type == v1.ServiceTypeNodePort || obj.Spec.Type == v1.ServiceTypeLoadBalancer || obj.Spec.Type == v1.ServiceTypeClusterIP { - serviceInternalTrafficPolicyCluster := v1.ServiceInternalTrafficPolicyCluster - obj.Spec.InternalTrafficPolicy = &serviceInternalTrafficPolicyCluster - } - } - - if obj.Spec.Type == v1.ServiceTypeLoadBalancer { - if obj.Spec.AllocateLoadBalancerNodePorts == nil { - obj.Spec.AllocateLoadBalancerNodePorts = ptr.To(true) - } - } - - if obj.Spec.Type == v1.ServiceTypeLoadBalancer { - ipMode := v1.LoadBalancerIPModeVIP - for i, ing := range obj.Status.LoadBalancer.Ingress { - if ing.IP != "" && ing.IPMode == nil { - obj.Status.LoadBalancer.Ingress[i].IPMode = &ipMode - } - } - } - -} -func SetDefaults_Pod(obj *v1.Pod) { - // If limits are specified, but requests are not, default requests to limits - // This is done here rather than a more specific defaulting pass on v1.ResourceRequirements - // because we only want this defaulting semantic to take place on a v1.Pod and not a v1.PodTemplate - for i := range obj.Spec.Containers { - // set requests to limits if requests are not specified, but limits are - if obj.Spec.Containers[i].Resources.Limits != nil { - if obj.Spec.Containers[i].Resources.Requests == nil { - obj.Spec.Containers[i].Resources.Requests = make(v1.ResourceList) - } - for key, value := range obj.Spec.Containers[i].Resources.Limits { - if _, exists := obj.Spec.Containers[i].Resources.Requests[key]; !exists { - obj.Spec.Containers[i].Resources.Requests[key] = value.DeepCopy() - } - } - } - } - for i := range obj.Spec.InitContainers { - if obj.Spec.InitContainers[i].Resources.Limits != nil { - if obj.Spec.InitContainers[i].Resources.Requests == nil { - obj.Spec.InitContainers[i].Resources.Requests = make(v1.ResourceList) - } - for key, value := range obj.Spec.InitContainers[i].Resources.Limits { - if _, exists := obj.Spec.InitContainers[i].Resources.Requests[key]; !exists { - obj.Spec.InitContainers[i].Resources.Requests[key] = value.DeepCopy() - } - } - } - } - - // Pod Requests default values must be applied after container-level default values - // have been populated. - if utilfeature.DefaultFeatureGate.Enabled(features.PodLevelResources) { - defaultHugePagePodLimits(obj) - defaultPodRequests(obj) - } - - if obj.Spec.EnableServiceLinks == nil { - enableServiceLinks := v1.DefaultEnableServiceLinks - obj.Spec.EnableServiceLinks = &enableServiceLinks - } - - if obj.Spec.HostNetwork { - defaultHostNetworkPorts(&obj.Spec.Containers) - defaultHostNetworkPorts(&obj.Spec.InitContainers) - } -} -func SetDefaults_PodSpec(obj *v1.PodSpec) { - // New fields added here will break upgrade tests: - // https://github.com/kubernetes/kubernetes/issues/69445 - // In most cases the new defaulted field can added to SetDefaults_Pod instead of here, so - // that it only materializes in the Pod object and not all objects with a PodSpec field. - if obj.DNSPolicy == "" { - obj.DNSPolicy = v1.DNSClusterFirst - } - if obj.RestartPolicy == "" { - obj.RestartPolicy = v1.RestartPolicyAlways - } - if obj.SecurityContext == nil { - obj.SecurityContext = &v1.PodSecurityContext{} - } - if obj.TerminationGracePeriodSeconds == nil { - period := int64(v1.DefaultTerminationGracePeriodSeconds) - obj.TerminationGracePeriodSeconds = &period - } - if obj.SchedulerName == "" { - obj.SchedulerName = v1.DefaultSchedulerName - } -} -func SetDefaults_Probe(obj *v1.Probe) { - if obj.TimeoutSeconds == 0 { - obj.TimeoutSeconds = 1 - } - if obj.PeriodSeconds == 0 { - obj.PeriodSeconds = 10 - } - if obj.SuccessThreshold == 0 { - obj.SuccessThreshold = 1 - } - if obj.FailureThreshold == 0 { - obj.FailureThreshold = 3 - } -} -func SetDefaults_SecretVolumeSource(obj *v1.SecretVolumeSource) { - if obj.DefaultMode == nil { - perm := int32(v1.SecretVolumeSourceDefaultMode) - obj.DefaultMode = &perm - } -} -func SetDefaults_ConfigMapVolumeSource(obj *v1.ConfigMapVolumeSource) { - if obj.DefaultMode == nil { - perm := int32(v1.ConfigMapVolumeSourceDefaultMode) - obj.DefaultMode = &perm - } -} -func SetDefaults_DownwardAPIVolumeSource(obj *v1.DownwardAPIVolumeSource) { - if obj.DefaultMode == nil { - perm := int32(v1.DownwardAPIVolumeSourceDefaultMode) - obj.DefaultMode = &perm - } -} -func SetDefaults_Secret(obj *v1.Secret) { - if obj.Type == "" { - obj.Type = v1.SecretTypeOpaque - } -} -func SetDefaults_ProjectedVolumeSource(obj *v1.ProjectedVolumeSource) { - if obj.DefaultMode == nil { - perm := int32(v1.ProjectedVolumeSourceDefaultMode) - obj.DefaultMode = &perm - } -} -func SetDefaults_ServiceAccountTokenProjection(obj *v1.ServiceAccountTokenProjection) { - hour := int64(time.Hour.Seconds()) - if obj.ExpirationSeconds == nil { - obj.ExpirationSeconds = &hour - } -} -func SetDefaults_PersistentVolume(obj *v1.PersistentVolume) { - if obj.Status.Phase == "" { - obj.Status.Phase = v1.VolumePending - } - if obj.Spec.PersistentVolumeReclaimPolicy == "" { - obj.Spec.PersistentVolumeReclaimPolicy = v1.PersistentVolumeReclaimRetain - } - if obj.Spec.VolumeMode == nil { - obj.Spec.VolumeMode = new(v1.PersistentVolumeMode) - *obj.Spec.VolumeMode = v1.PersistentVolumeFilesystem - } -} -func SetDefaults_PersistentVolumeClaim(obj *v1.PersistentVolumeClaim) { - if obj.Status.Phase == "" { - obj.Status.Phase = v1.ClaimPending - } -} -func SetDefaults_PersistentVolumeClaimSpec(obj *v1.PersistentVolumeClaimSpec) { - if obj.VolumeMode == nil { - obj.VolumeMode = new(v1.PersistentVolumeMode) - *obj.VolumeMode = v1.PersistentVolumeFilesystem - } -} -func SetDefaults_Endpoints(obj *v1.Endpoints) { - for i := range obj.Subsets { - ss := &obj.Subsets[i] - for i := range ss.Ports { - ep := &ss.Ports[i] - if ep.Protocol == "" { - ep.Protocol = v1.ProtocolTCP - } - } - } -} -func SetDefaults_HTTPGetAction(obj *v1.HTTPGetAction) { - if obj.Path == "" { - obj.Path = "/" - } - if obj.Scheme == "" { - obj.Scheme = v1.URISchemeHTTP - } -} - -// SetDefaults_Namespace adds a default label for all namespaces -func SetDefaults_Namespace(obj *v1.Namespace) { - // we can't SetDefaults for nameless namespaces (generateName). - // This code needs to be kept in sync with the implementation that exists - // in Namespace Canonicalize strategy (pkg/registry/core/namespace) - - // note that this can result in many calls to feature enablement in some cases, but - // we assume that there's no real cost there. - if len(obj.Name) > 0 { - if obj.Labels == nil { - obj.Labels = map[string]string{} - } - obj.Labels[v1.LabelMetadataName] = obj.Name - } -} - -func SetDefaults_NamespaceStatus(obj *v1.NamespaceStatus) { - if obj.Phase == "" { - obj.Phase = v1.NamespaceActive - } -} -func SetDefaults_NodeStatus(obj *v1.NodeStatus) { - if obj.Allocatable == nil && obj.Capacity != nil { - obj.Allocatable = make(v1.ResourceList, len(obj.Capacity)) - for key, value := range obj.Capacity { - obj.Allocatable[key] = value.DeepCopy() - } - obj.Allocatable = obj.Capacity - } -} -func SetDefaults_ObjectFieldSelector(obj *v1.ObjectFieldSelector) { - if obj.APIVersion == "" { - obj.APIVersion = "v1" - } -} -func SetDefaults_LimitRangeItem(obj *v1.LimitRangeItem) { - // for container limits, we apply default values - if obj.Type == v1.LimitTypeContainer { - - if obj.Default == nil { - obj.Default = make(v1.ResourceList) - } - if obj.DefaultRequest == nil { - obj.DefaultRequest = make(v1.ResourceList) - } - - // If a default limit is unspecified, but the max is specified, default the limit to the max - for key, value := range obj.Max { - if _, exists := obj.Default[key]; !exists { - obj.Default[key] = value.DeepCopy() - } - } - // If a default limit is specified, but the default request is not, default request to limit - for key, value := range obj.Default { - if _, exists := obj.DefaultRequest[key]; !exists { - obj.DefaultRequest[key] = value.DeepCopy() - } - } - // If a default request is not specified, but the min is provided, default request to the min - for key, value := range obj.Min { - if _, exists := obj.DefaultRequest[key]; !exists { - obj.DefaultRequest[key] = value.DeepCopy() - } - } - } -} -func SetDefaults_ConfigMap(obj *v1.ConfigMap) { - if obj.Data == nil { - obj.Data = make(map[string]string) - } -} - -// With host networking default all container ports to host ports. -func defaultHostNetworkPorts(containers *[]v1.Container) { - for i := range *containers { - for j := range (*containers)[i].Ports { - if (*containers)[i].Ports[j].HostPort == 0 { - (*containers)[i].Ports[j].HostPort = (*containers)[i].Ports[j].ContainerPort - } - } - } -} - -func SetDefaults_HostPathVolumeSource(obj *v1.HostPathVolumeSource) { - typeVol := v1.HostPathUnset - if obj.Type == nil { - obj.Type = &typeVol - } -} - -func SetDefaults_PodLogOptions(obj *v1.PodLogOptions) { - if utilfeature.DefaultFeatureGate.Enabled(features.PodLogsQuerySplitStreams) { - if obj.Stream == nil { - obj.Stream = ptr.To(v1.LogStreamAll) - } - } -} - -// defaultPodRequests applies default values for pod-level requests, only when -// pod-level limits are set, in following scenarios: -// 1. When at least one container (regular, init or sidecar) has requests set: -// The pod-level requests become equal to the effective requests of all containers -// in the pod. -// 2. When no containers have requests set: The pod-level requests become equal to -// pod-level limits. -// This defaulting behavior ensures consistent resource accounting at the pod-level -// while maintaining compatibility with the container-level specifications, as detailed -// in KEP-2837: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/2837-pod-level-resource-spec/README.md#proposed-validation--defaulting-rules -func defaultPodRequests(obj *v1.Pod) { - // We only populate defaults when the pod-level resources are partly specified already. - if obj.Spec.Resources == nil { - return - } - - if len(obj.Spec.Resources.Limits) == 0 { - return - } - - var podReqs v1.ResourceList - podReqs = obj.Spec.Resources.Requests - if podReqs == nil { - podReqs = make(v1.ResourceList) - } - - aggrCtrReqs := resourcehelper.AggregateContainerRequests(obj, resourcehelper.PodResourcesOptions{}) - - // When containers specify requests for a resource (supported by - // PodLevelResources feature) and pod-level requests are not set, the pod-level requests - // default to the effective requests of all the containers for that resource. - for key, aggrCtrLim := range aggrCtrReqs { - // Default pod level requests for overcommittable resources from aggregated container requests. - if _, exists := podReqs[key]; !exists && resourcehelper.IsSupportedPodLevelResource(key) && corev1helper.IsOvercommitAllowed(key) { - podReqs[key] = aggrCtrLim.DeepCopy() - } - } - - // When no containers specify requests for a resource, the pod-level requests - // will default to match the pod-level limits, if pod-level - // limits exist for that resource. - // Defaulting for pod level hugepages requests is dependent on defaultHugePagePodLimits, - // if defaultHugePagePodLimits defined the limit, the request will be set here. - for key, podLim := range obj.Spec.Resources.Limits { - if _, exists := podReqs[key]; !exists && resourcehelper.IsSupportedPodLevelResource(key) { - podReqs[key] = podLim.DeepCopy() - } - } - - // Only set pod-level resource requests in the PodSpec if the requirements map - // contains entries after collecting container-level requests and pod-level limits. - if len(podReqs) > 0 { - obj.Spec.Resources.Requests = podReqs - } -} - -// defaultHugePagePodLimits applies default values for pod-level limits, only when -// container hugepage limits are set, but not at pod level, in following -// scenario: -// 1. When at least one container (regular, init or sidecar) has hugepage -// limits set: -// The pod-level limit becomes equal to the aggregated hugepages limit of all -// the containers in the pod. -func defaultHugePagePodLimits(pod *v1.Pod) { - // We only populate hugepage limit defaults when the pod-level resources are partly specified. - if pod.Spec.Resources == nil { - return - } - - if len(pod.Spec.Resources.Limits) == 0 && len(pod.Spec.Resources.Requests) == 0 { - return - } - - var podLims v1.ResourceList - podLims = pod.Spec.Resources.Limits - if podLims == nil { - podLims = make(v1.ResourceList) - } - - aggrCtrLims := resourcehelper.AggregateContainerLimits(pod, resourcehelper.PodResourcesOptions{}) - - // When containers specify limits for hugepages and pod-level limits are not - // set for that resource, the pod-level limit will default to the aggregated - // hugepages limit of all the containers. - for key, aggrCtrLim := range aggrCtrLims { - if !resourcehelper.IsSupportedPodLevelResource(key) || !corev1helper.IsHugePageResourceName(key) { - continue - } - - // We do not default pod-level hugepage limits if there is a hugepage request. - if _, exists := pod.Spec.Resources.Requests[key]; exists { - continue - } - - if _, exists := podLims[key]; !exists { - podLims[key] = aggrCtrLim.DeepCopy() - } - } - - // Only set pod-level resource limits in the PodSpec if the requirements map - // contains entries after collecting container-level limits and pod-level limits for hugepages. - if len(podLims) > 0 { - pod.Spec.Resources.Limits = podLims - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/doc.go deleted file mode 100644 index 879079662..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/doc.go +++ /dev/null @@ -1,25 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/core -// +k8s:conversion-gen-external-types=k8s.io/api/core/v1 -// +k8s:defaulter-gen=TypeMeta -// +k8s:defaulter-gen-input=k8s.io/api/core/v1 -// +k8s:validation-gen=TypeMeta -// +k8s:validation-gen-input=k8s.io/api/core/v1 - -// Package v1 is the v1 version of the API. -package v1 diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go deleted file mode 100644 index 87fc484c8..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go +++ /dev/null @@ -1,341 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package helper - -import ( - "fmt" - "k8s.io/klog/v2" - "strings" - - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/resource" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/selection" - "k8s.io/apimachinery/pkg/util/validation" - utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/kubernetes/pkg/apis/core/helper" - "k8s.io/kubernetes/pkg/features" -) - -// IsExtendedResourceName returns true if: -// 1. the resource name is not in the default namespace; -// 2. resource name does not have "requests." prefix, -// to avoid confusion with the convention in quota -// 3. it satisfies the rules in IsQualifiedName() after converted into quota resource name -func IsExtendedResourceName(name v1.ResourceName) bool { - if IsNativeResource(name) || strings.HasPrefix(string(name), v1.DefaultResourceRequestsPrefix) { - return false - } - // Ensure it satisfies the rules in IsQualifiedName() after converted into quota resource name - nameForQuota := fmt.Sprintf("%s%s", v1.DefaultResourceRequestsPrefix, string(name)) - if errs := validation.IsQualifiedName(nameForQuota); len(errs) != 0 { - return false - } - return true -} - -// IsPrefixedNativeResource returns true if the resource name is in the -// *kubernetes.io/ namespace. -func IsPrefixedNativeResource(name v1.ResourceName) bool { - return strings.Contains(string(name), v1.ResourceDefaultNamespacePrefix) -} - -// IsNativeResource returns true if the resource name is in the -// *kubernetes.io/ namespace. Partially-qualified (unprefixed) names are -// implicitly in the kubernetes.io/ namespace. -func IsNativeResource(name v1.ResourceName) bool { - return !strings.Contains(string(name), "/") || - IsPrefixedNativeResource(name) -} - -// IsHugePageResourceName returns true if the resource name has the huge page -// resource prefix. -func IsHugePageResourceName(name v1.ResourceName) bool { - return strings.HasPrefix(string(name), v1.ResourceHugePagesPrefix) -} - -// HugePageResourceName returns a ResourceName with the canonical hugepage -// prefix prepended for the specified page size. The page size is converted -// to its canonical representation. -func HugePageResourceName(pageSize resource.Quantity) v1.ResourceName { - return v1.ResourceName(fmt.Sprintf("%s%s", v1.ResourceHugePagesPrefix, pageSize.String())) -} - -// HugePageSizeFromResourceName returns the page size for the specified huge page -// resource name. If the specified input is not a valid huge page resource name -// an error is returned. -func HugePageSizeFromResourceName(name v1.ResourceName) (resource.Quantity, error) { - if !IsHugePageResourceName(name) { - return resource.Quantity{}, fmt.Errorf("resource name: %s is an invalid hugepage name", name) - } - pageSize := strings.TrimPrefix(string(name), v1.ResourceHugePagesPrefix) - return resource.ParseQuantity(pageSize) -} - -// HugePageUnitSizeFromByteSize returns hugepage size has the format. -// `size` must be guaranteed to divisible into the largest units that can be expressed. -// B (1024 = "1KB", 1048576 = "1MB", etc). -func HugePageUnitSizeFromByteSize(size int64) (string, error) { - // hugePageSizeUnitList is borrowed from opencontainers/runc/libcontainer/cgroups/utils.go - var hugePageSizeUnitList = []string{"B", "KB", "MB", "GB", "TB", "PB"} - idx := 0 - len := len(hugePageSizeUnitList) - 1 - for size%1024 == 0 && idx < len { - size /= 1024 - idx++ - } - if size > 1024 && idx < len { - return "", fmt.Errorf("size: %d%s must be guaranteed to divisible into the largest units", size, hugePageSizeUnitList[idx]) - } - return fmt.Sprintf("%d%s", size, hugePageSizeUnitList[idx]), nil -} - -// IsHugePageMedium returns true if the volume medium is in 'HugePages[-size]' format -func IsHugePageMedium(medium v1.StorageMedium) bool { - if medium == v1.StorageMediumHugePages { - return true - } - return strings.HasPrefix(string(medium), string(v1.StorageMediumHugePagesPrefix)) -} - -// HugePageSizeFromMedium returns the page size for the specified huge page medium. -// If the specified input is not a valid huge page medium an error is returned. -func HugePageSizeFromMedium(medium v1.StorageMedium) (resource.Quantity, error) { - if !IsHugePageMedium(medium) { - return resource.Quantity{}, fmt.Errorf("medium: %s is not a hugepage medium", medium) - } - if medium == v1.StorageMediumHugePages { - return resource.Quantity{}, fmt.Errorf("medium: %s doesn't have size information", medium) - } - pageSize := strings.TrimPrefix(string(medium), string(v1.StorageMediumHugePagesPrefix)) - return resource.ParseQuantity(pageSize) -} - -// IsOvercommitAllowed returns true if the resource is in the default -// namespace and is not hugepages. -func IsOvercommitAllowed(name v1.ResourceName) bool { - return IsNativeResource(name) && - !IsHugePageResourceName(name) -} - -// IsAttachableVolumeResourceName returns true when the resource name is prefixed in attachable volume -func IsAttachableVolumeResourceName(name v1.ResourceName) bool { - return strings.HasPrefix(string(name), v1.ResourceAttachableVolumesPrefix) -} - -// IsServiceIPSet aims to check if the service's ClusterIP is set or not -// the objective is not to perform validation here -func IsServiceIPSet(service *v1.Service) bool { - return service.Spec.ClusterIP != v1.ClusterIPNone && service.Spec.ClusterIP != "" -} - -// GetAccessModesAsString returns a string representation of an array of access modes. -// modes, when present, are always in the same order: RWO,ROX,RWX,RWOP. -func GetAccessModesAsString(modes []v1.PersistentVolumeAccessMode) string { - modes = removeDuplicateAccessModes(modes) - modesStr := []string{} - if ContainsAccessMode(modes, v1.ReadWriteOnce) { - modesStr = append(modesStr, "RWO") - } - if ContainsAccessMode(modes, v1.ReadOnlyMany) { - modesStr = append(modesStr, "ROX") - } - if ContainsAccessMode(modes, v1.ReadWriteMany) { - modesStr = append(modesStr, "RWX") - } - if ContainsAccessMode(modes, v1.ReadWriteOncePod) { - modesStr = append(modesStr, "RWOP") - } - return strings.Join(modesStr, ",") -} - -// GetAccessModesFromString returns an array of AccessModes from a string created by GetAccessModesAsString -func GetAccessModesFromString(modes string) []v1.PersistentVolumeAccessMode { - strmodes := strings.Split(modes, ",") - accessModes := []v1.PersistentVolumeAccessMode{} - for _, s := range strmodes { - s = strings.Trim(s, " ") - switch { - case s == "RWO": - accessModes = append(accessModes, v1.ReadWriteOnce) - case s == "ROX": - accessModes = append(accessModes, v1.ReadOnlyMany) - case s == "RWX": - accessModes = append(accessModes, v1.ReadWriteMany) - case s == "RWOP": - accessModes = append(accessModes, v1.ReadWriteOncePod) - } - } - return accessModes -} - -// removeDuplicateAccessModes returns an array of access modes without any duplicates -func removeDuplicateAccessModes(modes []v1.PersistentVolumeAccessMode) []v1.PersistentVolumeAccessMode { - accessModes := []v1.PersistentVolumeAccessMode{} - for _, m := range modes { - if !ContainsAccessMode(accessModes, m) { - accessModes = append(accessModes, m) - } - } - return accessModes -} - -func ContainsAccessMode(modes []v1.PersistentVolumeAccessMode, mode v1.PersistentVolumeAccessMode) bool { - for _, m := range modes { - if m == mode { - return true - } - } - return false -} - -// NodeSelectorRequirementKeysExistInNodeSelectorTerms checks if a NodeSelectorTerm with key is already specified in terms -func NodeSelectorRequirementKeysExistInNodeSelectorTerms(reqs []v1.NodeSelectorRequirement, terms []v1.NodeSelectorTerm) bool { - for _, req := range reqs { - for _, term := range terms { - for _, r := range term.MatchExpressions { - if r.Key == req.Key { - return true - } - } - } - } - return false -} - -// TopologySelectorRequirementsAsSelector converts the []TopologySelectorLabelRequirement api type into a struct -// that implements labels.Selector. -func TopologySelectorRequirementsAsSelector(tsm []v1.TopologySelectorLabelRequirement) (labels.Selector, error) { - if len(tsm) == 0 { - return labels.Nothing(), nil - } - - selector := labels.NewSelector() - for _, expr := range tsm { - r, err := labels.NewRequirement(expr.Key, selection.In, expr.Values) - if err != nil { - return nil, err - } - selector = selector.Add(*r) - } - - return selector, nil -} - -// MatchTopologySelectorTerms checks whether given labels match topology selector terms in ORed; -// nil or empty term matches no objects; while empty term list matches all objects. -func MatchTopologySelectorTerms(topologySelectorTerms []v1.TopologySelectorTerm, lbls labels.Set) bool { - if len(topologySelectorTerms) == 0 { - // empty term list matches all objects - return true - } - - for _, req := range topologySelectorTerms { - // nil or empty term selects no objects - if len(req.MatchLabelExpressions) == 0 { - continue - } - - labelSelector, err := TopologySelectorRequirementsAsSelector(req.MatchLabelExpressions) - if err != nil || !labelSelector.Matches(lbls) { - continue - } - - return true - } - - return false -} - -// AddOrUpdateTolerationInPodSpec tries to add a toleration to the toleration list in PodSpec. -// Returns true if something was updated, false otherwise. -func AddOrUpdateTolerationInPodSpec(spec *v1.PodSpec, toleration *v1.Toleration) bool { - podTolerations := spec.Tolerations - - var newTolerations []v1.Toleration - updated := false - for i := range podTolerations { - if toleration.MatchToleration(&podTolerations[i]) { - if helper.Semantic.DeepEqual(toleration, podTolerations[i]) { - return false - } - newTolerations = append(newTolerations, *toleration) - updated = true - continue - } - - newTolerations = append(newTolerations, podTolerations[i]) - } - - if !updated { - newTolerations = append(newTolerations, *toleration) - } - - spec.Tolerations = newTolerations - return true -} - -// GetMatchingTolerations returns true and list of Tolerations matching all Taints if all are tolerated, or false otherwise. -func GetMatchingTolerations(logger klog.Logger, taints []v1.Taint, tolerations []v1.Toleration) (bool, []v1.Toleration) { - if len(taints) == 0 { - return true, []v1.Toleration{} - } - if len(tolerations) == 0 && len(taints) > 0 { - return false, []v1.Toleration{} - } - enableComparisonOperators := utilfeature.DefaultFeatureGate.Enabled(features.TaintTolerationComparisonOperators) - result := []v1.Toleration{} - for i := range taints { - tolerated := false - for j := range tolerations { - if tolerations[j].ToleratesTaint(logger, &taints[i], enableComparisonOperators) { - result = append(result, tolerations[j]) - tolerated = true - break - } - } - if !tolerated { - return false, []v1.Toleration{} - } - } - return true, result -} - -// ScopedResourceSelectorRequirementsAsSelector converts the ScopedResourceSelectorRequirement api type into a struct that implements -// labels.Selector. -func ScopedResourceSelectorRequirementsAsSelector(ssr v1.ScopedResourceSelectorRequirement) (labels.Selector, error) { - selector := labels.NewSelector() - var op selection.Operator - switch ssr.Operator { - case v1.ScopeSelectorOpIn: - op = selection.In - case v1.ScopeSelectorOpNotIn: - op = selection.NotIn - case v1.ScopeSelectorOpExists: - op = selection.Exists - case v1.ScopeSelectorOpDoesNotExist: - op = selection.DoesNotExist - default: - return nil, fmt.Errorf("%q is not a valid scope selector operator", ssr.Operator) - } - r, err := labels.NewRequirement(string(ssr.ScopeName), op, ssr.Values) - if err != nil { - return nil, err - } - selector = selector.Add(*r) - return selector, nil -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/register.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/register.go deleted file mode 100644 index adf620fa4..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/register.go +++ /dev/null @@ -1,46 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import ( - "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -var ( - localSchemeBuilder = &v1.SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addDefaultingFuncs, addConversionFuncs) -} - -// TODO: remove these global variables -// GroupName is the group name use in this package -const GroupName = "" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go deleted file mode 100644 index 3770ea191..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go +++ /dev/null @@ -1,9404 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1 - -import ( - url "net/url" - unsafe "unsafe" - - corev1 "k8s.io/api/core/v1" - resource "k8s.io/apimachinery/pkg/api/resource" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" - types "k8s.io/apimachinery/pkg/types" - apps "k8s.io/kubernetes/pkg/apis/apps" - core "k8s.io/kubernetes/pkg/apis/core" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*corev1.AWSElasticBlockStoreVolumeSource)(nil), (*core.AWSElasticBlockStoreVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AWSElasticBlockStoreVolumeSource_To_core_AWSElasticBlockStoreVolumeSource(a.(*corev1.AWSElasticBlockStoreVolumeSource), b.(*core.AWSElasticBlockStoreVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AWSElasticBlockStoreVolumeSource)(nil), (*corev1.AWSElasticBlockStoreVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AWSElasticBlockStoreVolumeSource_To_v1_AWSElasticBlockStoreVolumeSource(a.(*core.AWSElasticBlockStoreVolumeSource), b.(*corev1.AWSElasticBlockStoreVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Affinity)(nil), (*core.Affinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Affinity_To_core_Affinity(a.(*corev1.Affinity), b.(*core.Affinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Affinity)(nil), (*corev1.Affinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Affinity_To_v1_Affinity(a.(*core.Affinity), b.(*corev1.Affinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AppArmorProfile)(nil), (*core.AppArmorProfile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AppArmorProfile_To_core_AppArmorProfile(a.(*corev1.AppArmorProfile), b.(*core.AppArmorProfile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AppArmorProfile)(nil), (*corev1.AppArmorProfile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AppArmorProfile_To_v1_AppArmorProfile(a.(*core.AppArmorProfile), b.(*corev1.AppArmorProfile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AttachedVolume)(nil), (*core.AttachedVolume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AttachedVolume_To_core_AttachedVolume(a.(*corev1.AttachedVolume), b.(*core.AttachedVolume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AttachedVolume)(nil), (*corev1.AttachedVolume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AttachedVolume_To_v1_AttachedVolume(a.(*core.AttachedVolume), b.(*corev1.AttachedVolume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AvoidPods)(nil), (*core.AvoidPods)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AvoidPods_To_core_AvoidPods(a.(*corev1.AvoidPods), b.(*core.AvoidPods), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AvoidPods)(nil), (*corev1.AvoidPods)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AvoidPods_To_v1_AvoidPods(a.(*core.AvoidPods), b.(*corev1.AvoidPods), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AzureDiskVolumeSource)(nil), (*core.AzureDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AzureDiskVolumeSource_To_core_AzureDiskVolumeSource(a.(*corev1.AzureDiskVolumeSource), b.(*core.AzureDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AzureDiskVolumeSource)(nil), (*corev1.AzureDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AzureDiskVolumeSource_To_v1_AzureDiskVolumeSource(a.(*core.AzureDiskVolumeSource), b.(*corev1.AzureDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AzureFilePersistentVolumeSource)(nil), (*core.AzureFilePersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AzureFilePersistentVolumeSource_To_core_AzureFilePersistentVolumeSource(a.(*corev1.AzureFilePersistentVolumeSource), b.(*core.AzureFilePersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AzureFilePersistentVolumeSource)(nil), (*corev1.AzureFilePersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AzureFilePersistentVolumeSource_To_v1_AzureFilePersistentVolumeSource(a.(*core.AzureFilePersistentVolumeSource), b.(*corev1.AzureFilePersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.AzureFileVolumeSource)(nil), (*core.AzureFileVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_AzureFileVolumeSource_To_core_AzureFileVolumeSource(a.(*corev1.AzureFileVolumeSource), b.(*core.AzureFileVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.AzureFileVolumeSource)(nil), (*corev1.AzureFileVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_AzureFileVolumeSource_To_v1_AzureFileVolumeSource(a.(*core.AzureFileVolumeSource), b.(*corev1.AzureFileVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Binding)(nil), (*core.Binding)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Binding_To_core_Binding(a.(*corev1.Binding), b.(*core.Binding), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Binding)(nil), (*corev1.Binding)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Binding_To_v1_Binding(a.(*core.Binding), b.(*corev1.Binding), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CSIPersistentVolumeSource)(nil), (*core.CSIPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource(a.(*corev1.CSIPersistentVolumeSource), b.(*core.CSIPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CSIPersistentVolumeSource)(nil), (*corev1.CSIPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource(a.(*core.CSIPersistentVolumeSource), b.(*corev1.CSIPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CSIVolumeSource)(nil), (*core.CSIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CSIVolumeSource_To_core_CSIVolumeSource(a.(*corev1.CSIVolumeSource), b.(*core.CSIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CSIVolumeSource)(nil), (*corev1.CSIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CSIVolumeSource_To_v1_CSIVolumeSource(a.(*core.CSIVolumeSource), b.(*corev1.CSIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Capabilities)(nil), (*core.Capabilities)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Capabilities_To_core_Capabilities(a.(*corev1.Capabilities), b.(*core.Capabilities), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Capabilities)(nil), (*corev1.Capabilities)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Capabilities_To_v1_Capabilities(a.(*core.Capabilities), b.(*corev1.Capabilities), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CephFSPersistentVolumeSource)(nil), (*core.CephFSPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CephFSPersistentVolumeSource_To_core_CephFSPersistentVolumeSource(a.(*corev1.CephFSPersistentVolumeSource), b.(*core.CephFSPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CephFSPersistentVolumeSource)(nil), (*corev1.CephFSPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CephFSPersistentVolumeSource_To_v1_CephFSPersistentVolumeSource(a.(*core.CephFSPersistentVolumeSource), b.(*corev1.CephFSPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CephFSVolumeSource)(nil), (*core.CephFSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CephFSVolumeSource_To_core_CephFSVolumeSource(a.(*corev1.CephFSVolumeSource), b.(*core.CephFSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CephFSVolumeSource)(nil), (*corev1.CephFSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CephFSVolumeSource_To_v1_CephFSVolumeSource(a.(*core.CephFSVolumeSource), b.(*corev1.CephFSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CinderPersistentVolumeSource)(nil), (*core.CinderPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CinderPersistentVolumeSource_To_core_CinderPersistentVolumeSource(a.(*corev1.CinderPersistentVolumeSource), b.(*core.CinderPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CinderPersistentVolumeSource)(nil), (*corev1.CinderPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CinderPersistentVolumeSource_To_v1_CinderPersistentVolumeSource(a.(*core.CinderPersistentVolumeSource), b.(*corev1.CinderPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.CinderVolumeSource)(nil), (*core.CinderVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_CinderVolumeSource_To_core_CinderVolumeSource(a.(*corev1.CinderVolumeSource), b.(*core.CinderVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.CinderVolumeSource)(nil), (*corev1.CinderVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_CinderVolumeSource_To_v1_CinderVolumeSource(a.(*core.CinderVolumeSource), b.(*corev1.CinderVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ClientIPConfig)(nil), (*core.ClientIPConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ClientIPConfig_To_core_ClientIPConfig(a.(*corev1.ClientIPConfig), b.(*core.ClientIPConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ClientIPConfig)(nil), (*corev1.ClientIPConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ClientIPConfig_To_v1_ClientIPConfig(a.(*core.ClientIPConfig), b.(*corev1.ClientIPConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ClusterTrustBundleProjection)(nil), (*core.ClusterTrustBundleProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ClusterTrustBundleProjection_To_core_ClusterTrustBundleProjection(a.(*corev1.ClusterTrustBundleProjection), b.(*core.ClusterTrustBundleProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ClusterTrustBundleProjection)(nil), (*corev1.ClusterTrustBundleProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ClusterTrustBundleProjection_To_v1_ClusterTrustBundleProjection(a.(*core.ClusterTrustBundleProjection), b.(*corev1.ClusterTrustBundleProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ComponentCondition)(nil), (*core.ComponentCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ComponentCondition_To_core_ComponentCondition(a.(*corev1.ComponentCondition), b.(*core.ComponentCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ComponentCondition)(nil), (*corev1.ComponentCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ComponentCondition_To_v1_ComponentCondition(a.(*core.ComponentCondition), b.(*corev1.ComponentCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ComponentStatus)(nil), (*core.ComponentStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ComponentStatus_To_core_ComponentStatus(a.(*corev1.ComponentStatus), b.(*core.ComponentStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ComponentStatus)(nil), (*corev1.ComponentStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ComponentStatus_To_v1_ComponentStatus(a.(*core.ComponentStatus), b.(*corev1.ComponentStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ComponentStatusList)(nil), (*core.ComponentStatusList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ComponentStatusList_To_core_ComponentStatusList(a.(*corev1.ComponentStatusList), b.(*core.ComponentStatusList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ComponentStatusList)(nil), (*corev1.ComponentStatusList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ComponentStatusList_To_v1_ComponentStatusList(a.(*core.ComponentStatusList), b.(*corev1.ComponentStatusList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMap)(nil), (*core.ConfigMap)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMap_To_core_ConfigMap(a.(*corev1.ConfigMap), b.(*core.ConfigMap), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMap)(nil), (*corev1.ConfigMap)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMap_To_v1_ConfigMap(a.(*core.ConfigMap), b.(*corev1.ConfigMap), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapEnvSource)(nil), (*core.ConfigMapEnvSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapEnvSource_To_core_ConfigMapEnvSource(a.(*corev1.ConfigMapEnvSource), b.(*core.ConfigMapEnvSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapEnvSource)(nil), (*corev1.ConfigMapEnvSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapEnvSource_To_v1_ConfigMapEnvSource(a.(*core.ConfigMapEnvSource), b.(*corev1.ConfigMapEnvSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapKeySelector)(nil), (*core.ConfigMapKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapKeySelector_To_core_ConfigMapKeySelector(a.(*corev1.ConfigMapKeySelector), b.(*core.ConfigMapKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapKeySelector)(nil), (*corev1.ConfigMapKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapKeySelector_To_v1_ConfigMapKeySelector(a.(*core.ConfigMapKeySelector), b.(*corev1.ConfigMapKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapList)(nil), (*core.ConfigMapList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapList_To_core_ConfigMapList(a.(*corev1.ConfigMapList), b.(*core.ConfigMapList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapList)(nil), (*corev1.ConfigMapList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapList_To_v1_ConfigMapList(a.(*core.ConfigMapList), b.(*corev1.ConfigMapList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapNodeConfigSource)(nil), (*core.ConfigMapNodeConfigSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapNodeConfigSource_To_core_ConfigMapNodeConfigSource(a.(*corev1.ConfigMapNodeConfigSource), b.(*core.ConfigMapNodeConfigSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapNodeConfigSource)(nil), (*corev1.ConfigMapNodeConfigSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapNodeConfigSource_To_v1_ConfigMapNodeConfigSource(a.(*core.ConfigMapNodeConfigSource), b.(*corev1.ConfigMapNodeConfigSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapProjection)(nil), (*core.ConfigMapProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapProjection_To_core_ConfigMapProjection(a.(*corev1.ConfigMapProjection), b.(*core.ConfigMapProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapProjection)(nil), (*corev1.ConfigMapProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapProjection_To_v1_ConfigMapProjection(a.(*core.ConfigMapProjection), b.(*corev1.ConfigMapProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ConfigMapVolumeSource)(nil), (*core.ConfigMapVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ConfigMapVolumeSource_To_core_ConfigMapVolumeSource(a.(*corev1.ConfigMapVolumeSource), b.(*core.ConfigMapVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ConfigMapVolumeSource)(nil), (*corev1.ConfigMapVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ConfigMapVolumeSource_To_v1_ConfigMapVolumeSource(a.(*core.ConfigMapVolumeSource), b.(*corev1.ConfigMapVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Container)(nil), (*core.Container)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Container_To_core_Container(a.(*corev1.Container), b.(*core.Container), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Container)(nil), (*corev1.Container)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Container_To_v1_Container(a.(*core.Container), b.(*corev1.Container), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerExtendedResourceRequest)(nil), (*core.ContainerExtendedResourceRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerExtendedResourceRequest_To_core_ContainerExtendedResourceRequest(a.(*corev1.ContainerExtendedResourceRequest), b.(*core.ContainerExtendedResourceRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerExtendedResourceRequest)(nil), (*corev1.ContainerExtendedResourceRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerExtendedResourceRequest_To_v1_ContainerExtendedResourceRequest(a.(*core.ContainerExtendedResourceRequest), b.(*corev1.ContainerExtendedResourceRequest), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerImage)(nil), (*core.ContainerImage)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerImage_To_core_ContainerImage(a.(*corev1.ContainerImage), b.(*core.ContainerImage), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerImage)(nil), (*corev1.ContainerImage)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerImage_To_v1_ContainerImage(a.(*core.ContainerImage), b.(*corev1.ContainerImage), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerPort)(nil), (*core.ContainerPort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerPort_To_core_ContainerPort(a.(*corev1.ContainerPort), b.(*core.ContainerPort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerPort)(nil), (*corev1.ContainerPort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerPort_To_v1_ContainerPort(a.(*core.ContainerPort), b.(*corev1.ContainerPort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerResizePolicy)(nil), (*core.ContainerResizePolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerResizePolicy_To_core_ContainerResizePolicy(a.(*corev1.ContainerResizePolicy), b.(*core.ContainerResizePolicy), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerResizePolicy)(nil), (*corev1.ContainerResizePolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerResizePolicy_To_v1_ContainerResizePolicy(a.(*core.ContainerResizePolicy), b.(*corev1.ContainerResizePolicy), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerRestartRule)(nil), (*core.ContainerRestartRule)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerRestartRule_To_core_ContainerRestartRule(a.(*corev1.ContainerRestartRule), b.(*core.ContainerRestartRule), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerRestartRule)(nil), (*corev1.ContainerRestartRule)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerRestartRule_To_v1_ContainerRestartRule(a.(*core.ContainerRestartRule), b.(*corev1.ContainerRestartRule), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerRestartRuleOnExitCodes)(nil), (*core.ContainerRestartRuleOnExitCodes)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerRestartRuleOnExitCodes_To_core_ContainerRestartRuleOnExitCodes(a.(*corev1.ContainerRestartRuleOnExitCodes), b.(*core.ContainerRestartRuleOnExitCodes), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerRestartRuleOnExitCodes)(nil), (*corev1.ContainerRestartRuleOnExitCodes)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerRestartRuleOnExitCodes_To_v1_ContainerRestartRuleOnExitCodes(a.(*core.ContainerRestartRuleOnExitCodes), b.(*corev1.ContainerRestartRuleOnExitCodes), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerState)(nil), (*core.ContainerState)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerState_To_core_ContainerState(a.(*corev1.ContainerState), b.(*core.ContainerState), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerState)(nil), (*corev1.ContainerState)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerState_To_v1_ContainerState(a.(*core.ContainerState), b.(*corev1.ContainerState), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerStateRunning)(nil), (*core.ContainerStateRunning)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerStateRunning_To_core_ContainerStateRunning(a.(*corev1.ContainerStateRunning), b.(*core.ContainerStateRunning), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerStateRunning)(nil), (*corev1.ContainerStateRunning)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerStateRunning_To_v1_ContainerStateRunning(a.(*core.ContainerStateRunning), b.(*corev1.ContainerStateRunning), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerStateTerminated)(nil), (*core.ContainerStateTerminated)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerStateTerminated_To_core_ContainerStateTerminated(a.(*corev1.ContainerStateTerminated), b.(*core.ContainerStateTerminated), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerStateTerminated)(nil), (*corev1.ContainerStateTerminated)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerStateTerminated_To_v1_ContainerStateTerminated(a.(*core.ContainerStateTerminated), b.(*corev1.ContainerStateTerminated), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerStateWaiting)(nil), (*core.ContainerStateWaiting)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerStateWaiting_To_core_ContainerStateWaiting(a.(*corev1.ContainerStateWaiting), b.(*core.ContainerStateWaiting), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerStateWaiting)(nil), (*corev1.ContainerStateWaiting)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerStateWaiting_To_v1_ContainerStateWaiting(a.(*core.ContainerStateWaiting), b.(*corev1.ContainerStateWaiting), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerStatus)(nil), (*core.ContainerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerStatus_To_core_ContainerStatus(a.(*corev1.ContainerStatus), b.(*core.ContainerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerStatus)(nil), (*corev1.ContainerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerStatus_To_v1_ContainerStatus(a.(*core.ContainerStatus), b.(*corev1.ContainerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ContainerUser)(nil), (*core.ContainerUser)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ContainerUser_To_core_ContainerUser(a.(*corev1.ContainerUser), b.(*core.ContainerUser), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ContainerUser)(nil), (*corev1.ContainerUser)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ContainerUser_To_v1_ContainerUser(a.(*core.ContainerUser), b.(*corev1.ContainerUser), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.DaemonEndpoint)(nil), (*core.DaemonEndpoint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_DaemonEndpoint_To_core_DaemonEndpoint(a.(*corev1.DaemonEndpoint), b.(*core.DaemonEndpoint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.DaemonEndpoint)(nil), (*corev1.DaemonEndpoint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_DaemonEndpoint_To_v1_DaemonEndpoint(a.(*core.DaemonEndpoint), b.(*corev1.DaemonEndpoint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.DownwardAPIProjection)(nil), (*core.DownwardAPIProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_DownwardAPIProjection_To_core_DownwardAPIProjection(a.(*corev1.DownwardAPIProjection), b.(*core.DownwardAPIProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.DownwardAPIProjection)(nil), (*corev1.DownwardAPIProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_DownwardAPIProjection_To_v1_DownwardAPIProjection(a.(*core.DownwardAPIProjection), b.(*corev1.DownwardAPIProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.DownwardAPIVolumeFile)(nil), (*core.DownwardAPIVolumeFile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_DownwardAPIVolumeFile_To_core_DownwardAPIVolumeFile(a.(*corev1.DownwardAPIVolumeFile), b.(*core.DownwardAPIVolumeFile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.DownwardAPIVolumeFile)(nil), (*corev1.DownwardAPIVolumeFile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_DownwardAPIVolumeFile_To_v1_DownwardAPIVolumeFile(a.(*core.DownwardAPIVolumeFile), b.(*corev1.DownwardAPIVolumeFile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.DownwardAPIVolumeSource)(nil), (*core.DownwardAPIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_DownwardAPIVolumeSource_To_core_DownwardAPIVolumeSource(a.(*corev1.DownwardAPIVolumeSource), b.(*core.DownwardAPIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.DownwardAPIVolumeSource)(nil), (*corev1.DownwardAPIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_DownwardAPIVolumeSource_To_v1_DownwardAPIVolumeSource(a.(*core.DownwardAPIVolumeSource), b.(*corev1.DownwardAPIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EmptyDirVolumeSource)(nil), (*core.EmptyDirVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EmptyDirVolumeSource_To_core_EmptyDirVolumeSource(a.(*corev1.EmptyDirVolumeSource), b.(*core.EmptyDirVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EmptyDirVolumeSource)(nil), (*corev1.EmptyDirVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EmptyDirVolumeSource_To_v1_EmptyDirVolumeSource(a.(*core.EmptyDirVolumeSource), b.(*corev1.EmptyDirVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EndpointAddress)(nil), (*core.EndpointAddress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EndpointAddress_To_core_EndpointAddress(a.(*corev1.EndpointAddress), b.(*core.EndpointAddress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EndpointAddress)(nil), (*corev1.EndpointAddress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EndpointAddress_To_v1_EndpointAddress(a.(*core.EndpointAddress), b.(*corev1.EndpointAddress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EndpointPort)(nil), (*core.EndpointPort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EndpointPort_To_core_EndpointPort(a.(*corev1.EndpointPort), b.(*core.EndpointPort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EndpointPort)(nil), (*corev1.EndpointPort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EndpointPort_To_v1_EndpointPort(a.(*core.EndpointPort), b.(*corev1.EndpointPort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EndpointSubset)(nil), (*core.EndpointSubset)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EndpointSubset_To_core_EndpointSubset(a.(*corev1.EndpointSubset), b.(*core.EndpointSubset), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EndpointSubset)(nil), (*corev1.EndpointSubset)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EndpointSubset_To_v1_EndpointSubset(a.(*core.EndpointSubset), b.(*corev1.EndpointSubset), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Endpoints)(nil), (*core.Endpoints)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Endpoints_To_core_Endpoints(a.(*corev1.Endpoints), b.(*core.Endpoints), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Endpoints)(nil), (*corev1.Endpoints)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Endpoints_To_v1_Endpoints(a.(*core.Endpoints), b.(*corev1.Endpoints), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EndpointsList)(nil), (*core.EndpointsList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EndpointsList_To_core_EndpointsList(a.(*corev1.EndpointsList), b.(*core.EndpointsList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EndpointsList)(nil), (*corev1.EndpointsList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EndpointsList_To_v1_EndpointsList(a.(*core.EndpointsList), b.(*corev1.EndpointsList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EnvFromSource)(nil), (*core.EnvFromSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EnvFromSource_To_core_EnvFromSource(a.(*corev1.EnvFromSource), b.(*core.EnvFromSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EnvFromSource)(nil), (*corev1.EnvFromSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EnvFromSource_To_v1_EnvFromSource(a.(*core.EnvFromSource), b.(*corev1.EnvFromSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EnvVar)(nil), (*core.EnvVar)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EnvVar_To_core_EnvVar(a.(*corev1.EnvVar), b.(*core.EnvVar), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EnvVar)(nil), (*corev1.EnvVar)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EnvVar_To_v1_EnvVar(a.(*core.EnvVar), b.(*corev1.EnvVar), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EnvVarSource)(nil), (*core.EnvVarSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EnvVarSource_To_core_EnvVarSource(a.(*corev1.EnvVarSource), b.(*core.EnvVarSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EnvVarSource)(nil), (*corev1.EnvVarSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EnvVarSource_To_v1_EnvVarSource(a.(*core.EnvVarSource), b.(*corev1.EnvVarSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EphemeralContainer)(nil), (*core.EphemeralContainer)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EphemeralContainer_To_core_EphemeralContainer(a.(*corev1.EphemeralContainer), b.(*core.EphemeralContainer), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EphemeralContainer)(nil), (*corev1.EphemeralContainer)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EphemeralContainer_To_v1_EphemeralContainer(a.(*core.EphemeralContainer), b.(*corev1.EphemeralContainer), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EphemeralContainerCommon)(nil), (*core.EphemeralContainerCommon)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon(a.(*corev1.EphemeralContainerCommon), b.(*core.EphemeralContainerCommon), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EphemeralContainerCommon)(nil), (*corev1.EphemeralContainerCommon)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon(a.(*core.EphemeralContainerCommon), b.(*corev1.EphemeralContainerCommon), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EphemeralVolumeSource)(nil), (*core.EphemeralVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EphemeralVolumeSource_To_core_EphemeralVolumeSource(a.(*corev1.EphemeralVolumeSource), b.(*core.EphemeralVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EphemeralVolumeSource)(nil), (*corev1.EphemeralVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EphemeralVolumeSource_To_v1_EphemeralVolumeSource(a.(*core.EphemeralVolumeSource), b.(*corev1.EphemeralVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Event)(nil), (*core.Event)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Event_To_core_Event(a.(*corev1.Event), b.(*core.Event), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Event)(nil), (*corev1.Event)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Event_To_v1_Event(a.(*core.Event), b.(*corev1.Event), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EventList)(nil), (*core.EventList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EventList_To_core_EventList(a.(*corev1.EventList), b.(*core.EventList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EventList)(nil), (*corev1.EventList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EventList_To_v1_EventList(a.(*core.EventList), b.(*corev1.EventList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EventSeries)(nil), (*core.EventSeries)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EventSeries_To_core_EventSeries(a.(*corev1.EventSeries), b.(*core.EventSeries), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EventSeries)(nil), (*corev1.EventSeries)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EventSeries_To_v1_EventSeries(a.(*core.EventSeries), b.(*corev1.EventSeries), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.EventSource)(nil), (*core.EventSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_EventSource_To_core_EventSource(a.(*corev1.EventSource), b.(*core.EventSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.EventSource)(nil), (*corev1.EventSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_EventSource_To_v1_EventSource(a.(*core.EventSource), b.(*corev1.EventSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ExecAction)(nil), (*core.ExecAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ExecAction_To_core_ExecAction(a.(*corev1.ExecAction), b.(*core.ExecAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ExecAction)(nil), (*corev1.ExecAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ExecAction_To_v1_ExecAction(a.(*core.ExecAction), b.(*corev1.ExecAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.FCVolumeSource)(nil), (*core.FCVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_FCVolumeSource_To_core_FCVolumeSource(a.(*corev1.FCVolumeSource), b.(*core.FCVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.FCVolumeSource)(nil), (*corev1.FCVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_FCVolumeSource_To_v1_FCVolumeSource(a.(*core.FCVolumeSource), b.(*corev1.FCVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.FileKeySelector)(nil), (*core.FileKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_FileKeySelector_To_core_FileKeySelector(a.(*corev1.FileKeySelector), b.(*core.FileKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.FileKeySelector)(nil), (*corev1.FileKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_FileKeySelector_To_v1_FileKeySelector(a.(*core.FileKeySelector), b.(*corev1.FileKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.FlexPersistentVolumeSource)(nil), (*core.FlexPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(a.(*corev1.FlexPersistentVolumeSource), b.(*core.FlexPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.FlexPersistentVolumeSource)(nil), (*corev1.FlexPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(a.(*core.FlexPersistentVolumeSource), b.(*corev1.FlexPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.FlexVolumeSource)(nil), (*core.FlexVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_FlexVolumeSource_To_core_FlexVolumeSource(a.(*corev1.FlexVolumeSource), b.(*core.FlexVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.FlexVolumeSource)(nil), (*corev1.FlexVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_FlexVolumeSource_To_v1_FlexVolumeSource(a.(*core.FlexVolumeSource), b.(*corev1.FlexVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.FlockerVolumeSource)(nil), (*core.FlockerVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource(a.(*corev1.FlockerVolumeSource), b.(*core.FlockerVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.FlockerVolumeSource)(nil), (*corev1.FlockerVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_FlockerVolumeSource_To_v1_FlockerVolumeSource(a.(*core.FlockerVolumeSource), b.(*corev1.FlockerVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.GCEPersistentDiskVolumeSource)(nil), (*core.GCEPersistentDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_GCEPersistentDiskVolumeSource_To_core_GCEPersistentDiskVolumeSource(a.(*corev1.GCEPersistentDiskVolumeSource), b.(*core.GCEPersistentDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.GCEPersistentDiskVolumeSource)(nil), (*corev1.GCEPersistentDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_GCEPersistentDiskVolumeSource_To_v1_GCEPersistentDiskVolumeSource(a.(*core.GCEPersistentDiskVolumeSource), b.(*corev1.GCEPersistentDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.GRPCAction)(nil), (*core.GRPCAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_GRPCAction_To_core_GRPCAction(a.(*corev1.GRPCAction), b.(*core.GRPCAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.GRPCAction)(nil), (*corev1.GRPCAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_GRPCAction_To_v1_GRPCAction(a.(*core.GRPCAction), b.(*corev1.GRPCAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.GitRepoVolumeSource)(nil), (*core.GitRepoVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_GitRepoVolumeSource_To_core_GitRepoVolumeSource(a.(*corev1.GitRepoVolumeSource), b.(*core.GitRepoVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.GitRepoVolumeSource)(nil), (*corev1.GitRepoVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_GitRepoVolumeSource_To_v1_GitRepoVolumeSource(a.(*core.GitRepoVolumeSource), b.(*corev1.GitRepoVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.GlusterfsPersistentVolumeSource)(nil), (*core.GlusterfsPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_GlusterfsPersistentVolumeSource_To_core_GlusterfsPersistentVolumeSource(a.(*corev1.GlusterfsPersistentVolumeSource), b.(*core.GlusterfsPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.GlusterfsPersistentVolumeSource)(nil), (*corev1.GlusterfsPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_GlusterfsPersistentVolumeSource_To_v1_GlusterfsPersistentVolumeSource(a.(*core.GlusterfsPersistentVolumeSource), b.(*corev1.GlusterfsPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.GlusterfsVolumeSource)(nil), (*core.GlusterfsVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_GlusterfsVolumeSource_To_core_GlusterfsVolumeSource(a.(*corev1.GlusterfsVolumeSource), b.(*core.GlusterfsVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.GlusterfsVolumeSource)(nil), (*corev1.GlusterfsVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_GlusterfsVolumeSource_To_v1_GlusterfsVolumeSource(a.(*core.GlusterfsVolumeSource), b.(*corev1.GlusterfsVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.HTTPGetAction)(nil), (*core.HTTPGetAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_HTTPGetAction_To_core_HTTPGetAction(a.(*corev1.HTTPGetAction), b.(*core.HTTPGetAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.HTTPGetAction)(nil), (*corev1.HTTPGetAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_HTTPGetAction_To_v1_HTTPGetAction(a.(*core.HTTPGetAction), b.(*corev1.HTTPGetAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.HTTPHeader)(nil), (*core.HTTPHeader)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_HTTPHeader_To_core_HTTPHeader(a.(*corev1.HTTPHeader), b.(*core.HTTPHeader), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.HTTPHeader)(nil), (*corev1.HTTPHeader)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_HTTPHeader_To_v1_HTTPHeader(a.(*core.HTTPHeader), b.(*corev1.HTTPHeader), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.HostAlias)(nil), (*core.HostAlias)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_HostAlias_To_core_HostAlias(a.(*corev1.HostAlias), b.(*core.HostAlias), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.HostAlias)(nil), (*corev1.HostAlias)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_HostAlias_To_v1_HostAlias(a.(*core.HostAlias), b.(*corev1.HostAlias), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.HostIP)(nil), (*core.HostIP)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_HostIP_To_core_HostIP(a.(*corev1.HostIP), b.(*core.HostIP), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.HostIP)(nil), (*corev1.HostIP)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_HostIP_To_v1_HostIP(a.(*core.HostIP), b.(*corev1.HostIP), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.HostPathVolumeSource)(nil), (*core.HostPathVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_HostPathVolumeSource_To_core_HostPathVolumeSource(a.(*corev1.HostPathVolumeSource), b.(*core.HostPathVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.HostPathVolumeSource)(nil), (*corev1.HostPathVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_HostPathVolumeSource_To_v1_HostPathVolumeSource(a.(*core.HostPathVolumeSource), b.(*corev1.HostPathVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ISCSIPersistentVolumeSource)(nil), (*core.ISCSIPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ISCSIPersistentVolumeSource_To_core_ISCSIPersistentVolumeSource(a.(*corev1.ISCSIPersistentVolumeSource), b.(*core.ISCSIPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ISCSIPersistentVolumeSource)(nil), (*corev1.ISCSIPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ISCSIPersistentVolumeSource_To_v1_ISCSIPersistentVolumeSource(a.(*core.ISCSIPersistentVolumeSource), b.(*corev1.ISCSIPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ISCSIVolumeSource)(nil), (*core.ISCSIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ISCSIVolumeSource_To_core_ISCSIVolumeSource(a.(*corev1.ISCSIVolumeSource), b.(*core.ISCSIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ISCSIVolumeSource)(nil), (*corev1.ISCSIVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(a.(*core.ISCSIVolumeSource), b.(*corev1.ISCSIVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ImageVolumeSource)(nil), (*core.ImageVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ImageVolumeSource_To_core_ImageVolumeSource(a.(*corev1.ImageVolumeSource), b.(*core.ImageVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ImageVolumeSource)(nil), (*corev1.ImageVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ImageVolumeSource_To_v1_ImageVolumeSource(a.(*core.ImageVolumeSource), b.(*corev1.ImageVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.KeyToPath)(nil), (*core.KeyToPath)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_KeyToPath_To_core_KeyToPath(a.(*corev1.KeyToPath), b.(*core.KeyToPath), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.KeyToPath)(nil), (*corev1.KeyToPath)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_KeyToPath_To_v1_KeyToPath(a.(*core.KeyToPath), b.(*corev1.KeyToPath), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Lifecycle)(nil), (*core.Lifecycle)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Lifecycle_To_core_Lifecycle(a.(*corev1.Lifecycle), b.(*core.Lifecycle), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Lifecycle)(nil), (*corev1.Lifecycle)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Lifecycle_To_v1_Lifecycle(a.(*core.Lifecycle), b.(*corev1.Lifecycle), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LifecycleHandler)(nil), (*core.LifecycleHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LifecycleHandler_To_core_LifecycleHandler(a.(*corev1.LifecycleHandler), b.(*core.LifecycleHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LifecycleHandler)(nil), (*corev1.LifecycleHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LifecycleHandler_To_v1_LifecycleHandler(a.(*core.LifecycleHandler), b.(*corev1.LifecycleHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LimitRange)(nil), (*core.LimitRange)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LimitRange_To_core_LimitRange(a.(*corev1.LimitRange), b.(*core.LimitRange), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LimitRange)(nil), (*corev1.LimitRange)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LimitRange_To_v1_LimitRange(a.(*core.LimitRange), b.(*corev1.LimitRange), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LimitRangeItem)(nil), (*core.LimitRangeItem)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LimitRangeItem_To_core_LimitRangeItem(a.(*corev1.LimitRangeItem), b.(*core.LimitRangeItem), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LimitRangeItem)(nil), (*corev1.LimitRangeItem)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LimitRangeItem_To_v1_LimitRangeItem(a.(*core.LimitRangeItem), b.(*corev1.LimitRangeItem), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LimitRangeList)(nil), (*core.LimitRangeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LimitRangeList_To_core_LimitRangeList(a.(*corev1.LimitRangeList), b.(*core.LimitRangeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LimitRangeList)(nil), (*corev1.LimitRangeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LimitRangeList_To_v1_LimitRangeList(a.(*core.LimitRangeList), b.(*corev1.LimitRangeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LimitRangeSpec)(nil), (*core.LimitRangeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LimitRangeSpec_To_core_LimitRangeSpec(a.(*corev1.LimitRangeSpec), b.(*core.LimitRangeSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LimitRangeSpec)(nil), (*corev1.LimitRangeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LimitRangeSpec_To_v1_LimitRangeSpec(a.(*core.LimitRangeSpec), b.(*corev1.LimitRangeSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LinuxContainerUser)(nil), (*core.LinuxContainerUser)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LinuxContainerUser_To_core_LinuxContainerUser(a.(*corev1.LinuxContainerUser), b.(*core.LinuxContainerUser), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LinuxContainerUser)(nil), (*corev1.LinuxContainerUser)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LinuxContainerUser_To_v1_LinuxContainerUser(a.(*core.LinuxContainerUser), b.(*corev1.LinuxContainerUser), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.List)(nil), (*core.List)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_List_To_core_List(a.(*corev1.List), b.(*core.List), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.List)(nil), (*corev1.List)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_List_To_v1_List(a.(*core.List), b.(*corev1.List), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LoadBalancerIngress)(nil), (*core.LoadBalancerIngress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LoadBalancerIngress_To_core_LoadBalancerIngress(a.(*corev1.LoadBalancerIngress), b.(*core.LoadBalancerIngress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LoadBalancerIngress)(nil), (*corev1.LoadBalancerIngress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LoadBalancerIngress_To_v1_LoadBalancerIngress(a.(*core.LoadBalancerIngress), b.(*corev1.LoadBalancerIngress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LoadBalancerStatus)(nil), (*core.LoadBalancerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus(a.(*corev1.LoadBalancerStatus), b.(*core.LoadBalancerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LoadBalancerStatus)(nil), (*corev1.LoadBalancerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus(a.(*core.LoadBalancerStatus), b.(*corev1.LoadBalancerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LocalObjectReference)(nil), (*core.LocalObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LocalObjectReference_To_core_LocalObjectReference(a.(*corev1.LocalObjectReference), b.(*core.LocalObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LocalObjectReference)(nil), (*corev1.LocalObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LocalObjectReference_To_v1_LocalObjectReference(a.(*core.LocalObjectReference), b.(*corev1.LocalObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.LocalVolumeSource)(nil), (*core.LocalVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_LocalVolumeSource_To_core_LocalVolumeSource(a.(*corev1.LocalVolumeSource), b.(*core.LocalVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.LocalVolumeSource)(nil), (*corev1.LocalVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_LocalVolumeSource_To_v1_LocalVolumeSource(a.(*core.LocalVolumeSource), b.(*corev1.LocalVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ModifyVolumeStatus)(nil), (*core.ModifyVolumeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ModifyVolumeStatus_To_core_ModifyVolumeStatus(a.(*corev1.ModifyVolumeStatus), b.(*core.ModifyVolumeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ModifyVolumeStatus)(nil), (*corev1.ModifyVolumeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ModifyVolumeStatus_To_v1_ModifyVolumeStatus(a.(*core.ModifyVolumeStatus), b.(*corev1.ModifyVolumeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NFSVolumeSource)(nil), (*core.NFSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NFSVolumeSource_To_core_NFSVolumeSource(a.(*corev1.NFSVolumeSource), b.(*core.NFSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NFSVolumeSource)(nil), (*corev1.NFSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NFSVolumeSource_To_v1_NFSVolumeSource(a.(*core.NFSVolumeSource), b.(*corev1.NFSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Namespace)(nil), (*core.Namespace)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Namespace_To_core_Namespace(a.(*corev1.Namespace), b.(*core.Namespace), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Namespace)(nil), (*corev1.Namespace)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Namespace_To_v1_Namespace(a.(*core.Namespace), b.(*corev1.Namespace), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NamespaceCondition)(nil), (*core.NamespaceCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NamespaceCondition_To_core_NamespaceCondition(a.(*corev1.NamespaceCondition), b.(*core.NamespaceCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NamespaceCondition)(nil), (*corev1.NamespaceCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NamespaceCondition_To_v1_NamespaceCondition(a.(*core.NamespaceCondition), b.(*corev1.NamespaceCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NamespaceList)(nil), (*core.NamespaceList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NamespaceList_To_core_NamespaceList(a.(*corev1.NamespaceList), b.(*core.NamespaceList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NamespaceList)(nil), (*corev1.NamespaceList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NamespaceList_To_v1_NamespaceList(a.(*core.NamespaceList), b.(*corev1.NamespaceList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NamespaceSpec)(nil), (*core.NamespaceSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NamespaceSpec_To_core_NamespaceSpec(a.(*corev1.NamespaceSpec), b.(*core.NamespaceSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NamespaceSpec)(nil), (*corev1.NamespaceSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NamespaceSpec_To_v1_NamespaceSpec(a.(*core.NamespaceSpec), b.(*corev1.NamespaceSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NamespaceStatus)(nil), (*core.NamespaceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NamespaceStatus_To_core_NamespaceStatus(a.(*corev1.NamespaceStatus), b.(*core.NamespaceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NamespaceStatus)(nil), (*corev1.NamespaceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NamespaceStatus_To_v1_NamespaceStatus(a.(*core.NamespaceStatus), b.(*corev1.NamespaceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Node)(nil), (*core.Node)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Node_To_core_Node(a.(*corev1.Node), b.(*core.Node), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Node)(nil), (*corev1.Node)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Node_To_v1_Node(a.(*core.Node), b.(*corev1.Node), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeAddress)(nil), (*core.NodeAddress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeAddress_To_core_NodeAddress(a.(*corev1.NodeAddress), b.(*core.NodeAddress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeAddress)(nil), (*corev1.NodeAddress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeAddress_To_v1_NodeAddress(a.(*core.NodeAddress), b.(*corev1.NodeAddress), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeAffinity)(nil), (*core.NodeAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeAffinity_To_core_NodeAffinity(a.(*corev1.NodeAffinity), b.(*core.NodeAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeAffinity)(nil), (*corev1.NodeAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeAffinity_To_v1_NodeAffinity(a.(*core.NodeAffinity), b.(*corev1.NodeAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeCondition)(nil), (*core.NodeCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeCondition_To_core_NodeCondition(a.(*corev1.NodeCondition), b.(*core.NodeCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeCondition)(nil), (*corev1.NodeCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeCondition_To_v1_NodeCondition(a.(*core.NodeCondition), b.(*corev1.NodeCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeConfigSource)(nil), (*core.NodeConfigSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeConfigSource_To_core_NodeConfigSource(a.(*corev1.NodeConfigSource), b.(*core.NodeConfigSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeConfigSource)(nil), (*corev1.NodeConfigSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeConfigSource_To_v1_NodeConfigSource(a.(*core.NodeConfigSource), b.(*corev1.NodeConfigSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeConfigStatus)(nil), (*core.NodeConfigStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeConfigStatus_To_core_NodeConfigStatus(a.(*corev1.NodeConfigStatus), b.(*core.NodeConfigStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeConfigStatus)(nil), (*corev1.NodeConfigStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeConfigStatus_To_v1_NodeConfigStatus(a.(*core.NodeConfigStatus), b.(*corev1.NodeConfigStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeDaemonEndpoints)(nil), (*core.NodeDaemonEndpoints)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints(a.(*corev1.NodeDaemonEndpoints), b.(*core.NodeDaemonEndpoints), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeDaemonEndpoints)(nil), (*corev1.NodeDaemonEndpoints)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints(a.(*core.NodeDaemonEndpoints), b.(*corev1.NodeDaemonEndpoints), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeFeatures)(nil), (*core.NodeFeatures)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeFeatures_To_core_NodeFeatures(a.(*corev1.NodeFeatures), b.(*core.NodeFeatures), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeFeatures)(nil), (*corev1.NodeFeatures)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeFeatures_To_v1_NodeFeatures(a.(*core.NodeFeatures), b.(*corev1.NodeFeatures), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeList)(nil), (*core.NodeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeList_To_core_NodeList(a.(*corev1.NodeList), b.(*core.NodeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeList)(nil), (*corev1.NodeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeList_To_v1_NodeList(a.(*core.NodeList), b.(*corev1.NodeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeProxyOptions)(nil), (*core.NodeProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeProxyOptions_To_core_NodeProxyOptions(a.(*corev1.NodeProxyOptions), b.(*core.NodeProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeProxyOptions)(nil), (*corev1.NodeProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeProxyOptions_To_v1_NodeProxyOptions(a.(*core.NodeProxyOptions), b.(*corev1.NodeProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeRuntimeHandler)(nil), (*core.NodeRuntimeHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeRuntimeHandler_To_core_NodeRuntimeHandler(a.(*corev1.NodeRuntimeHandler), b.(*core.NodeRuntimeHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeRuntimeHandler)(nil), (*corev1.NodeRuntimeHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeRuntimeHandler_To_v1_NodeRuntimeHandler(a.(*core.NodeRuntimeHandler), b.(*corev1.NodeRuntimeHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeRuntimeHandlerFeatures)(nil), (*core.NodeRuntimeHandlerFeatures)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeRuntimeHandlerFeatures_To_core_NodeRuntimeHandlerFeatures(a.(*corev1.NodeRuntimeHandlerFeatures), b.(*core.NodeRuntimeHandlerFeatures), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeRuntimeHandlerFeatures)(nil), (*corev1.NodeRuntimeHandlerFeatures)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeRuntimeHandlerFeatures_To_v1_NodeRuntimeHandlerFeatures(a.(*core.NodeRuntimeHandlerFeatures), b.(*corev1.NodeRuntimeHandlerFeatures), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeSelector)(nil), (*core.NodeSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSelector_To_core_NodeSelector(a.(*corev1.NodeSelector), b.(*core.NodeSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeSelector)(nil), (*corev1.NodeSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSelector_To_v1_NodeSelector(a.(*core.NodeSelector), b.(*corev1.NodeSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeSelectorRequirement)(nil), (*core.NodeSelectorRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSelectorRequirement_To_core_NodeSelectorRequirement(a.(*corev1.NodeSelectorRequirement), b.(*core.NodeSelectorRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeSelectorRequirement)(nil), (*corev1.NodeSelectorRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSelectorRequirement_To_v1_NodeSelectorRequirement(a.(*core.NodeSelectorRequirement), b.(*corev1.NodeSelectorRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeSelectorTerm)(nil), (*core.NodeSelectorTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm(a.(*corev1.NodeSelectorTerm), b.(*core.NodeSelectorTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeSelectorTerm)(nil), (*corev1.NodeSelectorTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm(a.(*core.NodeSelectorTerm), b.(*corev1.NodeSelectorTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeStatus)(nil), (*core.NodeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeStatus_To_core_NodeStatus(a.(*corev1.NodeStatus), b.(*core.NodeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeStatus)(nil), (*corev1.NodeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeStatus_To_v1_NodeStatus(a.(*core.NodeStatus), b.(*corev1.NodeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeSwapStatus)(nil), (*core.NodeSwapStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSwapStatus_To_core_NodeSwapStatus(a.(*corev1.NodeSwapStatus), b.(*core.NodeSwapStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeSwapStatus)(nil), (*corev1.NodeSwapStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSwapStatus_To_v1_NodeSwapStatus(a.(*core.NodeSwapStatus), b.(*corev1.NodeSwapStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.NodeSystemInfo)(nil), (*core.NodeSystemInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSystemInfo_To_core_NodeSystemInfo(a.(*corev1.NodeSystemInfo), b.(*core.NodeSystemInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.NodeSystemInfo)(nil), (*corev1.NodeSystemInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSystemInfo_To_v1_NodeSystemInfo(a.(*core.NodeSystemInfo), b.(*corev1.NodeSystemInfo), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ObjectFieldSelector)(nil), (*core.ObjectFieldSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ObjectFieldSelector_To_core_ObjectFieldSelector(a.(*corev1.ObjectFieldSelector), b.(*core.ObjectFieldSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ObjectFieldSelector)(nil), (*corev1.ObjectFieldSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ObjectFieldSelector_To_v1_ObjectFieldSelector(a.(*core.ObjectFieldSelector), b.(*corev1.ObjectFieldSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ObjectReference)(nil), (*core.ObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ObjectReference_To_core_ObjectReference(a.(*corev1.ObjectReference), b.(*core.ObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ObjectReference)(nil), (*corev1.ObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ObjectReference_To_v1_ObjectReference(a.(*core.ObjectReference), b.(*corev1.ObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolume)(nil), (*core.PersistentVolume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolume_To_core_PersistentVolume(a.(*corev1.PersistentVolume), b.(*core.PersistentVolume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolume)(nil), (*corev1.PersistentVolume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolume_To_v1_PersistentVolume(a.(*core.PersistentVolume), b.(*corev1.PersistentVolume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaim)(nil), (*core.PersistentVolumeClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaim_To_core_PersistentVolumeClaim(a.(*corev1.PersistentVolumeClaim), b.(*core.PersistentVolumeClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaim)(nil), (*corev1.PersistentVolumeClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaim_To_v1_PersistentVolumeClaim(a.(*core.PersistentVolumeClaim), b.(*corev1.PersistentVolumeClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimCondition)(nil), (*core.PersistentVolumeClaimCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimCondition_To_core_PersistentVolumeClaimCondition(a.(*corev1.PersistentVolumeClaimCondition), b.(*core.PersistentVolumeClaimCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimCondition)(nil), (*corev1.PersistentVolumeClaimCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimCondition_To_v1_PersistentVolumeClaimCondition(a.(*core.PersistentVolumeClaimCondition), b.(*corev1.PersistentVolumeClaimCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimList)(nil), (*core.PersistentVolumeClaimList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimList_To_core_PersistentVolumeClaimList(a.(*corev1.PersistentVolumeClaimList), b.(*core.PersistentVolumeClaimList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimList)(nil), (*corev1.PersistentVolumeClaimList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimList_To_v1_PersistentVolumeClaimList(a.(*core.PersistentVolumeClaimList), b.(*corev1.PersistentVolumeClaimList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimSpec)(nil), (*core.PersistentVolumeClaimSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(a.(*corev1.PersistentVolumeClaimSpec), b.(*core.PersistentVolumeClaimSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimSpec)(nil), (*corev1.PersistentVolumeClaimSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(a.(*core.PersistentVolumeClaimSpec), b.(*corev1.PersistentVolumeClaimSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimStatus)(nil), (*core.PersistentVolumeClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus(a.(*corev1.PersistentVolumeClaimStatus), b.(*core.PersistentVolumeClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimStatus)(nil), (*corev1.PersistentVolumeClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus(a.(*core.PersistentVolumeClaimStatus), b.(*corev1.PersistentVolumeClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimTemplate)(nil), (*core.PersistentVolumeClaimTemplate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimTemplate_To_core_PersistentVolumeClaimTemplate(a.(*corev1.PersistentVolumeClaimTemplate), b.(*core.PersistentVolumeClaimTemplate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimTemplate)(nil), (*corev1.PersistentVolumeClaimTemplate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimTemplate_To_v1_PersistentVolumeClaimTemplate(a.(*core.PersistentVolumeClaimTemplate), b.(*corev1.PersistentVolumeClaimTemplate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeClaimVolumeSource)(nil), (*core.PersistentVolumeClaimVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeClaimVolumeSource_To_core_PersistentVolumeClaimVolumeSource(a.(*corev1.PersistentVolumeClaimVolumeSource), b.(*core.PersistentVolumeClaimVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeClaimVolumeSource)(nil), (*corev1.PersistentVolumeClaimVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeClaimVolumeSource_To_v1_PersistentVolumeClaimVolumeSource(a.(*core.PersistentVolumeClaimVolumeSource), b.(*corev1.PersistentVolumeClaimVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeList)(nil), (*core.PersistentVolumeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeList_To_core_PersistentVolumeList(a.(*corev1.PersistentVolumeList), b.(*core.PersistentVolumeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeList)(nil), (*corev1.PersistentVolumeList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeList_To_v1_PersistentVolumeList(a.(*core.PersistentVolumeList), b.(*corev1.PersistentVolumeList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeSource)(nil), (*core.PersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(a.(*corev1.PersistentVolumeSource), b.(*core.PersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeSource)(nil), (*corev1.PersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(a.(*core.PersistentVolumeSource), b.(*corev1.PersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PersistentVolumeStatus)(nil), (*core.PersistentVolumeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus(a.(*corev1.PersistentVolumeStatus), b.(*core.PersistentVolumeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PersistentVolumeStatus)(nil), (*corev1.PersistentVolumeStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus(a.(*core.PersistentVolumeStatus), b.(*corev1.PersistentVolumeStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PhotonPersistentDiskVolumeSource)(nil), (*core.PhotonPersistentDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PhotonPersistentDiskVolumeSource_To_core_PhotonPersistentDiskVolumeSource(a.(*corev1.PhotonPersistentDiskVolumeSource), b.(*core.PhotonPersistentDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PhotonPersistentDiskVolumeSource)(nil), (*corev1.PhotonPersistentDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PhotonPersistentDiskVolumeSource_To_v1_PhotonPersistentDiskVolumeSource(a.(*core.PhotonPersistentDiskVolumeSource), b.(*corev1.PhotonPersistentDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodAffinity)(nil), (*core.PodAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodAffinity_To_core_PodAffinity(a.(*corev1.PodAffinity), b.(*core.PodAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodAffinity)(nil), (*corev1.PodAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodAffinity_To_v1_PodAffinity(a.(*core.PodAffinity), b.(*corev1.PodAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodAffinityTerm)(nil), (*core.PodAffinityTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodAffinityTerm_To_core_PodAffinityTerm(a.(*corev1.PodAffinityTerm), b.(*core.PodAffinityTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodAffinityTerm)(nil), (*corev1.PodAffinityTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodAffinityTerm_To_v1_PodAffinityTerm(a.(*core.PodAffinityTerm), b.(*corev1.PodAffinityTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodAntiAffinity)(nil), (*core.PodAntiAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodAntiAffinity_To_core_PodAntiAffinity(a.(*corev1.PodAntiAffinity), b.(*core.PodAntiAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodAntiAffinity)(nil), (*corev1.PodAntiAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodAntiAffinity_To_v1_PodAntiAffinity(a.(*core.PodAntiAffinity), b.(*corev1.PodAntiAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodAttachOptions)(nil), (*core.PodAttachOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodAttachOptions_To_core_PodAttachOptions(a.(*corev1.PodAttachOptions), b.(*core.PodAttachOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodAttachOptions)(nil), (*corev1.PodAttachOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodAttachOptions_To_v1_PodAttachOptions(a.(*core.PodAttachOptions), b.(*corev1.PodAttachOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodCertificateProjection)(nil), (*core.PodCertificateProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodCertificateProjection_To_core_PodCertificateProjection(a.(*corev1.PodCertificateProjection), b.(*core.PodCertificateProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodCertificateProjection)(nil), (*corev1.PodCertificateProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodCertificateProjection_To_v1_PodCertificateProjection(a.(*core.PodCertificateProjection), b.(*corev1.PodCertificateProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodCondition)(nil), (*core.PodCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodCondition_To_core_PodCondition(a.(*corev1.PodCondition), b.(*core.PodCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodCondition)(nil), (*corev1.PodCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodCondition_To_v1_PodCondition(a.(*core.PodCondition), b.(*corev1.PodCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodDNSConfig)(nil), (*core.PodDNSConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodDNSConfig_To_core_PodDNSConfig(a.(*corev1.PodDNSConfig), b.(*core.PodDNSConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodDNSConfig)(nil), (*corev1.PodDNSConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodDNSConfig_To_v1_PodDNSConfig(a.(*core.PodDNSConfig), b.(*corev1.PodDNSConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodDNSConfigOption)(nil), (*core.PodDNSConfigOption)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodDNSConfigOption_To_core_PodDNSConfigOption(a.(*corev1.PodDNSConfigOption), b.(*core.PodDNSConfigOption), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodDNSConfigOption)(nil), (*corev1.PodDNSConfigOption)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodDNSConfigOption_To_v1_PodDNSConfigOption(a.(*core.PodDNSConfigOption), b.(*corev1.PodDNSConfigOption), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodExecOptions)(nil), (*core.PodExecOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodExecOptions_To_core_PodExecOptions(a.(*corev1.PodExecOptions), b.(*core.PodExecOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodExecOptions)(nil), (*corev1.PodExecOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodExecOptions_To_v1_PodExecOptions(a.(*core.PodExecOptions), b.(*corev1.PodExecOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodExtendedResourceClaimStatus)(nil), (*core.PodExtendedResourceClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodExtendedResourceClaimStatus_To_core_PodExtendedResourceClaimStatus(a.(*corev1.PodExtendedResourceClaimStatus), b.(*core.PodExtendedResourceClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodExtendedResourceClaimStatus)(nil), (*corev1.PodExtendedResourceClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodExtendedResourceClaimStatus_To_v1_PodExtendedResourceClaimStatus(a.(*core.PodExtendedResourceClaimStatus), b.(*corev1.PodExtendedResourceClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodIP)(nil), (*core.PodIP)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodIP_To_core_PodIP(a.(*corev1.PodIP), b.(*core.PodIP), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodIP)(nil), (*corev1.PodIP)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodIP_To_v1_PodIP(a.(*core.PodIP), b.(*corev1.PodIP), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodList)(nil), (*core.PodList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodList_To_core_PodList(a.(*corev1.PodList), b.(*core.PodList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodList)(nil), (*corev1.PodList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodList_To_v1_PodList(a.(*core.PodList), b.(*corev1.PodList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodLogOptions)(nil), (*core.PodLogOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodLogOptions_To_core_PodLogOptions(a.(*corev1.PodLogOptions), b.(*core.PodLogOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodLogOptions)(nil), (*corev1.PodLogOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodLogOptions_To_v1_PodLogOptions(a.(*core.PodLogOptions), b.(*corev1.PodLogOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodOS)(nil), (*core.PodOS)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodOS_To_core_PodOS(a.(*corev1.PodOS), b.(*core.PodOS), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodOS)(nil), (*corev1.PodOS)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodOS_To_v1_PodOS(a.(*core.PodOS), b.(*corev1.PodOS), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodPortForwardOptions)(nil), (*core.PodPortForwardOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodPortForwardOptions_To_core_PodPortForwardOptions(a.(*corev1.PodPortForwardOptions), b.(*core.PodPortForwardOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodPortForwardOptions)(nil), (*corev1.PodPortForwardOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodPortForwardOptions_To_v1_PodPortForwardOptions(a.(*core.PodPortForwardOptions), b.(*corev1.PodPortForwardOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodProxyOptions)(nil), (*core.PodProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodProxyOptions_To_core_PodProxyOptions(a.(*corev1.PodProxyOptions), b.(*core.PodProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodProxyOptions)(nil), (*corev1.PodProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodProxyOptions_To_v1_PodProxyOptions(a.(*core.PodProxyOptions), b.(*corev1.PodProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodReadinessGate)(nil), (*core.PodReadinessGate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodReadinessGate_To_core_PodReadinessGate(a.(*corev1.PodReadinessGate), b.(*core.PodReadinessGate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodReadinessGate)(nil), (*corev1.PodReadinessGate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodReadinessGate_To_v1_PodReadinessGate(a.(*core.PodReadinessGate), b.(*corev1.PodReadinessGate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodResourceClaim)(nil), (*core.PodResourceClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodResourceClaim_To_core_PodResourceClaim(a.(*corev1.PodResourceClaim), b.(*core.PodResourceClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodResourceClaim)(nil), (*corev1.PodResourceClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodResourceClaim_To_v1_PodResourceClaim(a.(*core.PodResourceClaim), b.(*corev1.PodResourceClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodResourceClaimStatus)(nil), (*core.PodResourceClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodResourceClaimStatus_To_core_PodResourceClaimStatus(a.(*corev1.PodResourceClaimStatus), b.(*core.PodResourceClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodResourceClaimStatus)(nil), (*corev1.PodResourceClaimStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodResourceClaimStatus_To_v1_PodResourceClaimStatus(a.(*core.PodResourceClaimStatus), b.(*corev1.PodResourceClaimStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodSchedulingGate)(nil), (*core.PodSchedulingGate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodSchedulingGate_To_core_PodSchedulingGate(a.(*corev1.PodSchedulingGate), b.(*core.PodSchedulingGate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodSchedulingGate)(nil), (*corev1.PodSchedulingGate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodSchedulingGate_To_v1_PodSchedulingGate(a.(*core.PodSchedulingGate), b.(*corev1.PodSchedulingGate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodSecurityContext)(nil), (*core.PodSecurityContext)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodSecurityContext_To_core_PodSecurityContext(a.(*corev1.PodSecurityContext), b.(*core.PodSecurityContext), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodSecurityContext)(nil), (*corev1.PodSecurityContext)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodSecurityContext_To_v1_PodSecurityContext(a.(*core.PodSecurityContext), b.(*corev1.PodSecurityContext), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodSignature)(nil), (*core.PodSignature)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodSignature_To_core_PodSignature(a.(*corev1.PodSignature), b.(*core.PodSignature), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodSignature)(nil), (*corev1.PodSignature)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodSignature_To_v1_PodSignature(a.(*core.PodSignature), b.(*corev1.PodSignature), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodStatusResult)(nil), (*core.PodStatusResult)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodStatusResult_To_core_PodStatusResult(a.(*corev1.PodStatusResult), b.(*core.PodStatusResult), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodStatusResult)(nil), (*corev1.PodStatusResult)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodStatusResult_To_v1_PodStatusResult(a.(*core.PodStatusResult), b.(*corev1.PodStatusResult), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodTemplate)(nil), (*core.PodTemplate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodTemplate_To_core_PodTemplate(a.(*corev1.PodTemplate), b.(*core.PodTemplate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodTemplate)(nil), (*corev1.PodTemplate)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodTemplate_To_v1_PodTemplate(a.(*core.PodTemplate), b.(*corev1.PodTemplate), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PodTemplateList)(nil), (*core.PodTemplateList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodTemplateList_To_core_PodTemplateList(a.(*corev1.PodTemplateList), b.(*core.PodTemplateList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PodTemplateList)(nil), (*corev1.PodTemplateList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodTemplateList_To_v1_PodTemplateList(a.(*core.PodTemplateList), b.(*corev1.PodTemplateList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PortStatus)(nil), (*core.PortStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PortStatus_To_core_PortStatus(a.(*corev1.PortStatus), b.(*core.PortStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PortStatus)(nil), (*corev1.PortStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PortStatus_To_v1_PortStatus(a.(*core.PortStatus), b.(*corev1.PortStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PortworxVolumeSource)(nil), (*core.PortworxVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PortworxVolumeSource_To_core_PortworxVolumeSource(a.(*corev1.PortworxVolumeSource), b.(*core.PortworxVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PortworxVolumeSource)(nil), (*corev1.PortworxVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PortworxVolumeSource_To_v1_PortworxVolumeSource(a.(*core.PortworxVolumeSource), b.(*corev1.PortworxVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Preconditions)(nil), (*core.Preconditions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Preconditions_To_core_Preconditions(a.(*corev1.Preconditions), b.(*core.Preconditions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Preconditions)(nil), (*corev1.Preconditions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Preconditions_To_v1_Preconditions(a.(*core.Preconditions), b.(*corev1.Preconditions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PreferAvoidPodsEntry)(nil), (*core.PreferAvoidPodsEntry)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PreferAvoidPodsEntry_To_core_PreferAvoidPodsEntry(a.(*corev1.PreferAvoidPodsEntry), b.(*core.PreferAvoidPodsEntry), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PreferAvoidPodsEntry)(nil), (*corev1.PreferAvoidPodsEntry)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PreferAvoidPodsEntry_To_v1_PreferAvoidPodsEntry(a.(*core.PreferAvoidPodsEntry), b.(*corev1.PreferAvoidPodsEntry), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.PreferredSchedulingTerm)(nil), (*core.PreferredSchedulingTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PreferredSchedulingTerm_To_core_PreferredSchedulingTerm(a.(*corev1.PreferredSchedulingTerm), b.(*core.PreferredSchedulingTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.PreferredSchedulingTerm)(nil), (*corev1.PreferredSchedulingTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PreferredSchedulingTerm_To_v1_PreferredSchedulingTerm(a.(*core.PreferredSchedulingTerm), b.(*corev1.PreferredSchedulingTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Probe)(nil), (*core.Probe)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Probe_To_core_Probe(a.(*corev1.Probe), b.(*core.Probe), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Probe)(nil), (*corev1.Probe)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Probe_To_v1_Probe(a.(*core.Probe), b.(*corev1.Probe), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ProbeHandler)(nil), (*core.ProbeHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ProbeHandler_To_core_ProbeHandler(a.(*corev1.ProbeHandler), b.(*core.ProbeHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ProbeHandler)(nil), (*corev1.ProbeHandler)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ProbeHandler_To_v1_ProbeHandler(a.(*core.ProbeHandler), b.(*corev1.ProbeHandler), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ProjectedVolumeSource)(nil), (*core.ProjectedVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource(a.(*corev1.ProjectedVolumeSource), b.(*core.ProjectedVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ProjectedVolumeSource)(nil), (*corev1.ProjectedVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource(a.(*core.ProjectedVolumeSource), b.(*corev1.ProjectedVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.QuobyteVolumeSource)(nil), (*core.QuobyteVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_QuobyteVolumeSource_To_core_QuobyteVolumeSource(a.(*corev1.QuobyteVolumeSource), b.(*core.QuobyteVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.QuobyteVolumeSource)(nil), (*corev1.QuobyteVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_QuobyteVolumeSource_To_v1_QuobyteVolumeSource(a.(*core.QuobyteVolumeSource), b.(*corev1.QuobyteVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.RBDPersistentVolumeSource)(nil), (*core.RBDPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_RBDPersistentVolumeSource_To_core_RBDPersistentVolumeSource(a.(*corev1.RBDPersistentVolumeSource), b.(*core.RBDPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.RBDPersistentVolumeSource)(nil), (*corev1.RBDPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_RBDPersistentVolumeSource_To_v1_RBDPersistentVolumeSource(a.(*core.RBDPersistentVolumeSource), b.(*corev1.RBDPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.RBDVolumeSource)(nil), (*core.RBDVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_RBDVolumeSource_To_core_RBDVolumeSource(a.(*corev1.RBDVolumeSource), b.(*core.RBDVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.RBDVolumeSource)(nil), (*corev1.RBDVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_RBDVolumeSource_To_v1_RBDVolumeSource(a.(*core.RBDVolumeSource), b.(*corev1.RBDVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.RangeAllocation)(nil), (*core.RangeAllocation)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_RangeAllocation_To_core_RangeAllocation(a.(*corev1.RangeAllocation), b.(*core.RangeAllocation), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.RangeAllocation)(nil), (*corev1.RangeAllocation)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_RangeAllocation_To_v1_RangeAllocation(a.(*core.RangeAllocation), b.(*corev1.RangeAllocation), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ReplicationController)(nil), (*core.ReplicationController)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationController_To_core_ReplicationController(a.(*corev1.ReplicationController), b.(*core.ReplicationController), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ReplicationController)(nil), (*corev1.ReplicationController)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ReplicationController_To_v1_ReplicationController(a.(*core.ReplicationController), b.(*corev1.ReplicationController), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ReplicationControllerCondition)(nil), (*core.ReplicationControllerCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerCondition_To_core_ReplicationControllerCondition(a.(*corev1.ReplicationControllerCondition), b.(*core.ReplicationControllerCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ReplicationControllerCondition)(nil), (*corev1.ReplicationControllerCondition)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ReplicationControllerCondition_To_v1_ReplicationControllerCondition(a.(*core.ReplicationControllerCondition), b.(*corev1.ReplicationControllerCondition), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ReplicationControllerList)(nil), (*core.ReplicationControllerList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerList_To_core_ReplicationControllerList(a.(*corev1.ReplicationControllerList), b.(*core.ReplicationControllerList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ReplicationControllerList)(nil), (*corev1.ReplicationControllerList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ReplicationControllerList_To_v1_ReplicationControllerList(a.(*core.ReplicationControllerList), b.(*corev1.ReplicationControllerList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ReplicationControllerStatus)(nil), (*core.ReplicationControllerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus(a.(*corev1.ReplicationControllerStatus), b.(*core.ReplicationControllerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ReplicationControllerStatus)(nil), (*corev1.ReplicationControllerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus(a.(*core.ReplicationControllerStatus), b.(*corev1.ReplicationControllerStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceClaim)(nil), (*core.ResourceClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceClaim_To_core_ResourceClaim(a.(*corev1.ResourceClaim), b.(*core.ResourceClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceClaim)(nil), (*corev1.ResourceClaim)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceClaim_To_v1_ResourceClaim(a.(*core.ResourceClaim), b.(*corev1.ResourceClaim), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceFieldSelector)(nil), (*core.ResourceFieldSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceFieldSelector_To_core_ResourceFieldSelector(a.(*corev1.ResourceFieldSelector), b.(*core.ResourceFieldSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceFieldSelector)(nil), (*corev1.ResourceFieldSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceFieldSelector_To_v1_ResourceFieldSelector(a.(*core.ResourceFieldSelector), b.(*corev1.ResourceFieldSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceHealth)(nil), (*core.ResourceHealth)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceHealth_To_core_ResourceHealth(a.(*corev1.ResourceHealth), b.(*core.ResourceHealth), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceHealth)(nil), (*corev1.ResourceHealth)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceHealth_To_v1_ResourceHealth(a.(*core.ResourceHealth), b.(*corev1.ResourceHealth), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceQuota)(nil), (*core.ResourceQuota)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceQuota_To_core_ResourceQuota(a.(*corev1.ResourceQuota), b.(*core.ResourceQuota), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceQuota)(nil), (*corev1.ResourceQuota)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceQuota_To_v1_ResourceQuota(a.(*core.ResourceQuota), b.(*corev1.ResourceQuota), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceQuotaList)(nil), (*core.ResourceQuotaList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceQuotaList_To_core_ResourceQuotaList(a.(*corev1.ResourceQuotaList), b.(*core.ResourceQuotaList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceQuotaList)(nil), (*corev1.ResourceQuotaList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceQuotaList_To_v1_ResourceQuotaList(a.(*core.ResourceQuotaList), b.(*corev1.ResourceQuotaList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceQuotaSpec)(nil), (*core.ResourceQuotaSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec(a.(*corev1.ResourceQuotaSpec), b.(*core.ResourceQuotaSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceQuotaSpec)(nil), (*corev1.ResourceQuotaSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec(a.(*core.ResourceQuotaSpec), b.(*corev1.ResourceQuotaSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceQuotaStatus)(nil), (*core.ResourceQuotaStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus(a.(*corev1.ResourceQuotaStatus), b.(*core.ResourceQuotaStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceQuotaStatus)(nil), (*corev1.ResourceQuotaStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus(a.(*core.ResourceQuotaStatus), b.(*corev1.ResourceQuotaStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceRequirements)(nil), (*core.ResourceRequirements)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceRequirements_To_core_ResourceRequirements(a.(*corev1.ResourceRequirements), b.(*core.ResourceRequirements), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceRequirements)(nil), (*corev1.ResourceRequirements)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceRequirements_To_v1_ResourceRequirements(a.(*core.ResourceRequirements), b.(*corev1.ResourceRequirements), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ResourceStatus)(nil), (*core.ResourceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceStatus_To_core_ResourceStatus(a.(*corev1.ResourceStatus), b.(*core.ResourceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ResourceStatus)(nil), (*corev1.ResourceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ResourceStatus_To_v1_ResourceStatus(a.(*core.ResourceStatus), b.(*corev1.ResourceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SELinuxOptions)(nil), (*core.SELinuxOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SELinuxOptions_To_core_SELinuxOptions(a.(*corev1.SELinuxOptions), b.(*core.SELinuxOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SELinuxOptions)(nil), (*corev1.SELinuxOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SELinuxOptions_To_v1_SELinuxOptions(a.(*core.SELinuxOptions), b.(*corev1.SELinuxOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ScaleIOPersistentVolumeSource)(nil), (*core.ScaleIOPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ScaleIOPersistentVolumeSource_To_core_ScaleIOPersistentVolumeSource(a.(*corev1.ScaleIOPersistentVolumeSource), b.(*core.ScaleIOPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ScaleIOPersistentVolumeSource)(nil), (*corev1.ScaleIOPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ScaleIOPersistentVolumeSource_To_v1_ScaleIOPersistentVolumeSource(a.(*core.ScaleIOPersistentVolumeSource), b.(*corev1.ScaleIOPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ScaleIOVolumeSource)(nil), (*core.ScaleIOVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ScaleIOVolumeSource_To_core_ScaleIOVolumeSource(a.(*corev1.ScaleIOVolumeSource), b.(*core.ScaleIOVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ScaleIOVolumeSource)(nil), (*corev1.ScaleIOVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ScaleIOVolumeSource_To_v1_ScaleIOVolumeSource(a.(*core.ScaleIOVolumeSource), b.(*corev1.ScaleIOVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ScopeSelector)(nil), (*core.ScopeSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ScopeSelector_To_core_ScopeSelector(a.(*corev1.ScopeSelector), b.(*core.ScopeSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ScopeSelector)(nil), (*corev1.ScopeSelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ScopeSelector_To_v1_ScopeSelector(a.(*core.ScopeSelector), b.(*corev1.ScopeSelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ScopedResourceSelectorRequirement)(nil), (*core.ScopedResourceSelectorRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ScopedResourceSelectorRequirement_To_core_ScopedResourceSelectorRequirement(a.(*corev1.ScopedResourceSelectorRequirement), b.(*core.ScopedResourceSelectorRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ScopedResourceSelectorRequirement)(nil), (*corev1.ScopedResourceSelectorRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ScopedResourceSelectorRequirement_To_v1_ScopedResourceSelectorRequirement(a.(*core.ScopedResourceSelectorRequirement), b.(*corev1.ScopedResourceSelectorRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SeccompProfile)(nil), (*core.SeccompProfile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SeccompProfile_To_core_SeccompProfile(a.(*corev1.SeccompProfile), b.(*core.SeccompProfile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SeccompProfile)(nil), (*corev1.SeccompProfile)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SeccompProfile_To_v1_SeccompProfile(a.(*core.SeccompProfile), b.(*corev1.SeccompProfile), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Secret)(nil), (*corev1.Secret)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Secret_To_v1_Secret(a.(*core.Secret), b.(*corev1.Secret), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretEnvSource)(nil), (*core.SecretEnvSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretEnvSource_To_core_SecretEnvSource(a.(*corev1.SecretEnvSource), b.(*core.SecretEnvSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretEnvSource)(nil), (*corev1.SecretEnvSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretEnvSource_To_v1_SecretEnvSource(a.(*core.SecretEnvSource), b.(*corev1.SecretEnvSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretKeySelector)(nil), (*core.SecretKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretKeySelector_To_core_SecretKeySelector(a.(*corev1.SecretKeySelector), b.(*core.SecretKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretKeySelector)(nil), (*corev1.SecretKeySelector)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretKeySelector_To_v1_SecretKeySelector(a.(*core.SecretKeySelector), b.(*corev1.SecretKeySelector), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretList)(nil), (*core.SecretList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretList_To_core_SecretList(a.(*corev1.SecretList), b.(*core.SecretList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretList)(nil), (*corev1.SecretList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretList_To_v1_SecretList(a.(*core.SecretList), b.(*corev1.SecretList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretProjection)(nil), (*core.SecretProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretProjection_To_core_SecretProjection(a.(*corev1.SecretProjection), b.(*core.SecretProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretProjection)(nil), (*corev1.SecretProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretProjection_To_v1_SecretProjection(a.(*core.SecretProjection), b.(*corev1.SecretProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretReference)(nil), (*core.SecretReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretReference_To_core_SecretReference(a.(*corev1.SecretReference), b.(*core.SecretReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretReference)(nil), (*corev1.SecretReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretReference_To_v1_SecretReference(a.(*core.SecretReference), b.(*corev1.SecretReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecretVolumeSource)(nil), (*core.SecretVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecretVolumeSource_To_core_SecretVolumeSource(a.(*corev1.SecretVolumeSource), b.(*core.SecretVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecretVolumeSource)(nil), (*corev1.SecretVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecretVolumeSource_To_v1_SecretVolumeSource(a.(*core.SecretVolumeSource), b.(*corev1.SecretVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SecurityContext)(nil), (*core.SecurityContext)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SecurityContext_To_core_SecurityContext(a.(*corev1.SecurityContext), b.(*core.SecurityContext), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SecurityContext)(nil), (*corev1.SecurityContext)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SecurityContext_To_v1_SecurityContext(a.(*core.SecurityContext), b.(*corev1.SecurityContext), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SerializedReference)(nil), (*core.SerializedReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SerializedReference_To_core_SerializedReference(a.(*corev1.SerializedReference), b.(*core.SerializedReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SerializedReference)(nil), (*corev1.SerializedReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SerializedReference_To_v1_SerializedReference(a.(*core.SerializedReference), b.(*corev1.SerializedReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Service)(nil), (*core.Service)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Service_To_core_Service(a.(*corev1.Service), b.(*core.Service), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Service)(nil), (*corev1.Service)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Service_To_v1_Service(a.(*core.Service), b.(*corev1.Service), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceAccount)(nil), (*core.ServiceAccount)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceAccount_To_core_ServiceAccount(a.(*corev1.ServiceAccount), b.(*core.ServiceAccount), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceAccount)(nil), (*corev1.ServiceAccount)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceAccount_To_v1_ServiceAccount(a.(*core.ServiceAccount), b.(*corev1.ServiceAccount), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceAccountList)(nil), (*core.ServiceAccountList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceAccountList_To_core_ServiceAccountList(a.(*corev1.ServiceAccountList), b.(*core.ServiceAccountList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceAccountList)(nil), (*corev1.ServiceAccountList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceAccountList_To_v1_ServiceAccountList(a.(*core.ServiceAccountList), b.(*corev1.ServiceAccountList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceAccountTokenProjection)(nil), (*core.ServiceAccountTokenProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection(a.(*corev1.ServiceAccountTokenProjection), b.(*core.ServiceAccountTokenProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceAccountTokenProjection)(nil), (*corev1.ServiceAccountTokenProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection(a.(*core.ServiceAccountTokenProjection), b.(*corev1.ServiceAccountTokenProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceList)(nil), (*core.ServiceList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceList_To_core_ServiceList(a.(*corev1.ServiceList), b.(*core.ServiceList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceList)(nil), (*corev1.ServiceList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceList_To_v1_ServiceList(a.(*core.ServiceList), b.(*corev1.ServiceList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServicePort)(nil), (*core.ServicePort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServicePort_To_core_ServicePort(a.(*corev1.ServicePort), b.(*core.ServicePort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServicePort)(nil), (*corev1.ServicePort)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServicePort_To_v1_ServicePort(a.(*core.ServicePort), b.(*corev1.ServicePort), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceProxyOptions)(nil), (*core.ServiceProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceProxyOptions_To_core_ServiceProxyOptions(a.(*corev1.ServiceProxyOptions), b.(*core.ServiceProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceProxyOptions)(nil), (*corev1.ServiceProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceProxyOptions_To_v1_ServiceProxyOptions(a.(*core.ServiceProxyOptions), b.(*corev1.ServiceProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceSpec)(nil), (*core.ServiceSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceSpec_To_core_ServiceSpec(a.(*corev1.ServiceSpec), b.(*core.ServiceSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceSpec)(nil), (*corev1.ServiceSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceSpec_To_v1_ServiceSpec(a.(*core.ServiceSpec), b.(*corev1.ServiceSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.ServiceStatus)(nil), (*core.ServiceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ServiceStatus_To_core_ServiceStatus(a.(*corev1.ServiceStatus), b.(*core.ServiceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.ServiceStatus)(nil), (*corev1.ServiceStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ServiceStatus_To_v1_ServiceStatus(a.(*core.ServiceStatus), b.(*corev1.ServiceStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SessionAffinityConfig)(nil), (*core.SessionAffinityConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SessionAffinityConfig_To_core_SessionAffinityConfig(a.(*corev1.SessionAffinityConfig), b.(*core.SessionAffinityConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SessionAffinityConfig)(nil), (*corev1.SessionAffinityConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SessionAffinityConfig_To_v1_SessionAffinityConfig(a.(*core.SessionAffinityConfig), b.(*corev1.SessionAffinityConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.SleepAction)(nil), (*core.SleepAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_SleepAction_To_core_SleepAction(a.(*corev1.SleepAction), b.(*core.SleepAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.SleepAction)(nil), (*corev1.SleepAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_SleepAction_To_v1_SleepAction(a.(*core.SleepAction), b.(*corev1.SleepAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.StorageOSPersistentVolumeSource)(nil), (*core.StorageOSPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_StorageOSPersistentVolumeSource_To_core_StorageOSPersistentVolumeSource(a.(*corev1.StorageOSPersistentVolumeSource), b.(*core.StorageOSPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.StorageOSPersistentVolumeSource)(nil), (*corev1.StorageOSPersistentVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_StorageOSPersistentVolumeSource_To_v1_StorageOSPersistentVolumeSource(a.(*core.StorageOSPersistentVolumeSource), b.(*corev1.StorageOSPersistentVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.StorageOSVolumeSource)(nil), (*core.StorageOSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_StorageOSVolumeSource_To_core_StorageOSVolumeSource(a.(*corev1.StorageOSVolumeSource), b.(*core.StorageOSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.StorageOSVolumeSource)(nil), (*corev1.StorageOSVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_StorageOSVolumeSource_To_v1_StorageOSVolumeSource(a.(*core.StorageOSVolumeSource), b.(*corev1.StorageOSVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Sysctl)(nil), (*core.Sysctl)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Sysctl_To_core_Sysctl(a.(*corev1.Sysctl), b.(*core.Sysctl), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Sysctl)(nil), (*corev1.Sysctl)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Sysctl_To_v1_Sysctl(a.(*core.Sysctl), b.(*corev1.Sysctl), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TCPSocketAction)(nil), (*core.TCPSocketAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TCPSocketAction_To_core_TCPSocketAction(a.(*corev1.TCPSocketAction), b.(*core.TCPSocketAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TCPSocketAction)(nil), (*corev1.TCPSocketAction)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TCPSocketAction_To_v1_TCPSocketAction(a.(*core.TCPSocketAction), b.(*corev1.TCPSocketAction), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Taint)(nil), (*core.Taint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Taint_To_core_Taint(a.(*corev1.Taint), b.(*core.Taint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Taint)(nil), (*corev1.Taint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Taint_To_v1_Taint(a.(*core.Taint), b.(*corev1.Taint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Toleration)(nil), (*core.Toleration)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Toleration_To_core_Toleration(a.(*corev1.Toleration), b.(*core.Toleration), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Toleration)(nil), (*corev1.Toleration)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Toleration_To_v1_Toleration(a.(*core.Toleration), b.(*corev1.Toleration), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TopologySelectorLabelRequirement)(nil), (*core.TopologySelectorLabelRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TopologySelectorLabelRequirement_To_core_TopologySelectorLabelRequirement(a.(*corev1.TopologySelectorLabelRequirement), b.(*core.TopologySelectorLabelRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TopologySelectorLabelRequirement)(nil), (*corev1.TopologySelectorLabelRequirement)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TopologySelectorLabelRequirement_To_v1_TopologySelectorLabelRequirement(a.(*core.TopologySelectorLabelRequirement), b.(*corev1.TopologySelectorLabelRequirement), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TopologySelectorTerm)(nil), (*core.TopologySelectorTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TopologySelectorTerm_To_core_TopologySelectorTerm(a.(*corev1.TopologySelectorTerm), b.(*core.TopologySelectorTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TopologySelectorTerm)(nil), (*corev1.TopologySelectorTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TopologySelectorTerm_To_v1_TopologySelectorTerm(a.(*core.TopologySelectorTerm), b.(*corev1.TopologySelectorTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TopologySpreadConstraint)(nil), (*core.TopologySpreadConstraint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TopologySpreadConstraint_To_core_TopologySpreadConstraint(a.(*corev1.TopologySpreadConstraint), b.(*core.TopologySpreadConstraint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TopologySpreadConstraint)(nil), (*corev1.TopologySpreadConstraint)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TopologySpreadConstraint_To_v1_TopologySpreadConstraint(a.(*core.TopologySpreadConstraint), b.(*corev1.TopologySpreadConstraint), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TypedLocalObjectReference)(nil), (*core.TypedLocalObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TypedLocalObjectReference_To_core_TypedLocalObjectReference(a.(*corev1.TypedLocalObjectReference), b.(*core.TypedLocalObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TypedLocalObjectReference)(nil), (*corev1.TypedLocalObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TypedLocalObjectReference_To_v1_TypedLocalObjectReference(a.(*core.TypedLocalObjectReference), b.(*corev1.TypedLocalObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.TypedObjectReference)(nil), (*core.TypedObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_TypedObjectReference_To_core_TypedObjectReference(a.(*corev1.TypedObjectReference), b.(*core.TypedObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.TypedObjectReference)(nil), (*corev1.TypedObjectReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_TypedObjectReference_To_v1_TypedObjectReference(a.(*core.TypedObjectReference), b.(*corev1.TypedObjectReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.Volume)(nil), (*core.Volume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Volume_To_core_Volume(a.(*corev1.Volume), b.(*core.Volume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.Volume)(nil), (*corev1.Volume)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Volume_To_v1_Volume(a.(*core.Volume), b.(*corev1.Volume), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeDevice)(nil), (*core.VolumeDevice)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeDevice_To_core_VolumeDevice(a.(*corev1.VolumeDevice), b.(*core.VolumeDevice), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeDevice)(nil), (*corev1.VolumeDevice)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeDevice_To_v1_VolumeDevice(a.(*core.VolumeDevice), b.(*corev1.VolumeDevice), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeMount)(nil), (*core.VolumeMount)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeMount_To_core_VolumeMount(a.(*corev1.VolumeMount), b.(*core.VolumeMount), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeMount)(nil), (*corev1.VolumeMount)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeMount_To_v1_VolumeMount(a.(*core.VolumeMount), b.(*corev1.VolumeMount), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeMountStatus)(nil), (*core.VolumeMountStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeMountStatus_To_core_VolumeMountStatus(a.(*corev1.VolumeMountStatus), b.(*core.VolumeMountStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeMountStatus)(nil), (*corev1.VolumeMountStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeMountStatus_To_v1_VolumeMountStatus(a.(*core.VolumeMountStatus), b.(*corev1.VolumeMountStatus), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeNodeAffinity)(nil), (*core.VolumeNodeAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(a.(*corev1.VolumeNodeAffinity), b.(*core.VolumeNodeAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeNodeAffinity)(nil), (*corev1.VolumeNodeAffinity)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(a.(*core.VolumeNodeAffinity), b.(*corev1.VolumeNodeAffinity), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeProjection)(nil), (*core.VolumeProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeProjection_To_core_VolumeProjection(a.(*corev1.VolumeProjection), b.(*core.VolumeProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeProjection)(nil), (*corev1.VolumeProjection)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeProjection_To_v1_VolumeProjection(a.(*core.VolumeProjection), b.(*corev1.VolumeProjection), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeResourceRequirements)(nil), (*core.VolumeResourceRequirements)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements(a.(*corev1.VolumeResourceRequirements), b.(*core.VolumeResourceRequirements), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeResourceRequirements)(nil), (*corev1.VolumeResourceRequirements)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements(a.(*core.VolumeResourceRequirements), b.(*corev1.VolumeResourceRequirements), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VolumeSource)(nil), (*core.VolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VolumeSource_To_core_VolumeSource(a.(*corev1.VolumeSource), b.(*core.VolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VolumeSource)(nil), (*corev1.VolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VolumeSource_To_v1_VolumeSource(a.(*core.VolumeSource), b.(*corev1.VolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.VsphereVirtualDiskVolumeSource)(nil), (*core.VsphereVirtualDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_VsphereVirtualDiskVolumeSource_To_core_VsphereVirtualDiskVolumeSource(a.(*corev1.VsphereVirtualDiskVolumeSource), b.(*core.VsphereVirtualDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.VsphereVirtualDiskVolumeSource)(nil), (*corev1.VsphereVirtualDiskVolumeSource)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_VsphereVirtualDiskVolumeSource_To_v1_VsphereVirtualDiskVolumeSource(a.(*core.VsphereVirtualDiskVolumeSource), b.(*corev1.VsphereVirtualDiskVolumeSource), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.WeightedPodAffinityTerm)(nil), (*core.WeightedPodAffinityTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_WeightedPodAffinityTerm_To_core_WeightedPodAffinityTerm(a.(*corev1.WeightedPodAffinityTerm), b.(*core.WeightedPodAffinityTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.WeightedPodAffinityTerm)(nil), (*corev1.WeightedPodAffinityTerm)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_WeightedPodAffinityTerm_To_v1_WeightedPodAffinityTerm(a.(*core.WeightedPodAffinityTerm), b.(*corev1.WeightedPodAffinityTerm), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.WindowsSecurityContextOptions)(nil), (*core.WindowsSecurityContextOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_WindowsSecurityContextOptions_To_core_WindowsSecurityContextOptions(a.(*corev1.WindowsSecurityContextOptions), b.(*core.WindowsSecurityContextOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.WindowsSecurityContextOptions)(nil), (*corev1.WindowsSecurityContextOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_WindowsSecurityContextOptions_To_v1_WindowsSecurityContextOptions(a.(*core.WindowsSecurityContextOptions), b.(*corev1.WindowsSecurityContextOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*corev1.WorkloadReference)(nil), (*core.WorkloadReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_WorkloadReference_To_core_WorkloadReference(a.(*corev1.WorkloadReference), b.(*core.WorkloadReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*core.WorkloadReference)(nil), (*corev1.WorkloadReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_WorkloadReference_To_v1_WorkloadReference(a.(*core.WorkloadReference), b.(*corev1.WorkloadReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.NodeProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_NodeProxyOptions(a.(*url.Values), b.(*corev1.NodeProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.PodAttachOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_PodAttachOptions(a.(*url.Values), b.(*corev1.PodAttachOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.PodExecOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_PodExecOptions(a.(*url.Values), b.(*corev1.PodExecOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.PodLogOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_PodLogOptions(a.(*url.Values), b.(*corev1.PodLogOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.PodPortForwardOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_PodPortForwardOptions(a.(*url.Values), b.(*corev1.PodPortForwardOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.PodProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_PodProxyOptions(a.(*url.Values), b.(*corev1.PodProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*url.Values)(nil), (*corev1.ServiceProxyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_url_Values_To_v1_ServiceProxyOptions(a.(*url.Values), b.(*corev1.ServiceProxyOptions), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*[]string)(nil), (**string)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_Slice_string_To_Pointer_string(a.(*[]string), b.(**string), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*apps.ReplicaSetSpec)(nil), (*corev1.ReplicationControllerSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_apps_ReplicaSetSpec_To_v1_ReplicationControllerSpec(a.(*apps.ReplicaSetSpec), b.(*corev1.ReplicationControllerSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*apps.ReplicaSetStatus)(nil), (*corev1.ReplicationControllerStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_apps_ReplicaSetStatus_To_v1_ReplicationControllerStatus(a.(*apps.ReplicaSetStatus), b.(*corev1.ReplicationControllerStatus), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*apps.ReplicaSet)(nil), (*corev1.ReplicationController)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_apps_ReplicaSet_To_v1_ReplicationController(a.(*apps.ReplicaSet), b.(*corev1.ReplicationController), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.NodeSpec)(nil), (*corev1.NodeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_NodeSpec_To_v1_NodeSpec(a.(*core.NodeSpec), b.(*corev1.NodeSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.PersistentVolumeSpec)(nil), (*corev1.PersistentVolumeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(a.(*core.PersistentVolumeSpec), b.(*corev1.PersistentVolumeSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.PodSpec)(nil), (*corev1.PodSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodSpec_To_v1_PodSpec(a.(*core.PodSpec), b.(*corev1.PodSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.PodStatus)(nil), (*corev1.PodStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodStatus_To_v1_PodStatus(a.(*core.PodStatus), b.(*corev1.PodStatus), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.PodTemplateSpec)(nil), (*corev1.PodTemplateSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(a.(*core.PodTemplateSpec), b.(*corev1.PodTemplateSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.Pod)(nil), (*corev1.Pod)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_Pod_To_v1_Pod(a.(*core.Pod), b.(*corev1.Pod), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*core.ReplicationControllerSpec)(nil), (*corev1.ReplicationControllerSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_core_ReplicationControllerSpec_To_v1_ReplicationControllerSpec(a.(*core.ReplicationControllerSpec), b.(*corev1.ReplicationControllerSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.NodeSpec)(nil), (*core.NodeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_NodeSpec_To_core_NodeSpec(a.(*corev1.NodeSpec), b.(*core.NodeSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.PersistentVolumeSpec)(nil), (*core.PersistentVolumeSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(a.(*corev1.PersistentVolumeSpec), b.(*core.PersistentVolumeSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.PodSpec)(nil), (*core.PodSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodSpec_To_core_PodSpec(a.(*corev1.PodSpec), b.(*core.PodSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.PodStatus)(nil), (*core.PodStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodStatus_To_core_PodStatus(a.(*corev1.PodStatus), b.(*core.PodStatus), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.PodTemplateSpec)(nil), (*core.PodTemplateSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(a.(*corev1.PodTemplateSpec), b.(*core.PodTemplateSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.Pod)(nil), (*core.Pod)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Pod_To_core_Pod(a.(*corev1.Pod), b.(*core.Pod), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.ReplicationControllerSpec)(nil), (*apps.ReplicaSetSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerSpec_To_apps_ReplicaSetSpec(a.(*corev1.ReplicationControllerSpec), b.(*apps.ReplicaSetSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.ReplicationControllerSpec)(nil), (*core.ReplicationControllerSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerSpec_To_core_ReplicationControllerSpec(a.(*corev1.ReplicationControllerSpec), b.(*core.ReplicationControllerSpec), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.ReplicationControllerStatus)(nil), (*apps.ReplicaSetStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationControllerStatus_To_apps_ReplicaSetStatus(a.(*corev1.ReplicationControllerStatus), b.(*apps.ReplicaSetStatus), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.ReplicationController)(nil), (*apps.ReplicaSet)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ReplicationController_To_apps_ReplicaSet(a.(*corev1.ReplicationController), b.(*apps.ReplicaSet), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.ResourceList)(nil), (*core.ResourceList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_ResourceList_To_core_ResourceList(a.(*corev1.ResourceList), b.(*core.ResourceList), scope) - }); err != nil { - return err - } - if err := s.AddConversionFunc((*corev1.Secret)(nil), (*core.Secret)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1_Secret_To_core_Secret(a.(*corev1.Secret), b.(*core.Secret), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1_AWSElasticBlockStoreVolumeSource_To_core_AWSElasticBlockStoreVolumeSource(in *corev1.AWSElasticBlockStoreVolumeSource, out *core.AWSElasticBlockStoreVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.Partition = in.Partition - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_AWSElasticBlockStoreVolumeSource_To_core_AWSElasticBlockStoreVolumeSource is an autogenerated conversion function. -func Convert_v1_AWSElasticBlockStoreVolumeSource_To_core_AWSElasticBlockStoreVolumeSource(in *corev1.AWSElasticBlockStoreVolumeSource, out *core.AWSElasticBlockStoreVolumeSource, s conversion.Scope) error { - return autoConvert_v1_AWSElasticBlockStoreVolumeSource_To_core_AWSElasticBlockStoreVolumeSource(in, out, s) -} - -func autoConvert_core_AWSElasticBlockStoreVolumeSource_To_v1_AWSElasticBlockStoreVolumeSource(in *core.AWSElasticBlockStoreVolumeSource, out *corev1.AWSElasticBlockStoreVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.Partition = in.Partition - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_AWSElasticBlockStoreVolumeSource_To_v1_AWSElasticBlockStoreVolumeSource is an autogenerated conversion function. -func Convert_core_AWSElasticBlockStoreVolumeSource_To_v1_AWSElasticBlockStoreVolumeSource(in *core.AWSElasticBlockStoreVolumeSource, out *corev1.AWSElasticBlockStoreVolumeSource, s conversion.Scope) error { - return autoConvert_core_AWSElasticBlockStoreVolumeSource_To_v1_AWSElasticBlockStoreVolumeSource(in, out, s) -} - -func autoConvert_v1_Affinity_To_core_Affinity(in *corev1.Affinity, out *core.Affinity, s conversion.Scope) error { - out.NodeAffinity = (*core.NodeAffinity)(unsafe.Pointer(in.NodeAffinity)) - out.PodAffinity = (*core.PodAffinity)(unsafe.Pointer(in.PodAffinity)) - out.PodAntiAffinity = (*core.PodAntiAffinity)(unsafe.Pointer(in.PodAntiAffinity)) - return nil -} - -// Convert_v1_Affinity_To_core_Affinity is an autogenerated conversion function. -func Convert_v1_Affinity_To_core_Affinity(in *corev1.Affinity, out *core.Affinity, s conversion.Scope) error { - return autoConvert_v1_Affinity_To_core_Affinity(in, out, s) -} - -func autoConvert_core_Affinity_To_v1_Affinity(in *core.Affinity, out *corev1.Affinity, s conversion.Scope) error { - out.NodeAffinity = (*corev1.NodeAffinity)(unsafe.Pointer(in.NodeAffinity)) - out.PodAffinity = (*corev1.PodAffinity)(unsafe.Pointer(in.PodAffinity)) - out.PodAntiAffinity = (*corev1.PodAntiAffinity)(unsafe.Pointer(in.PodAntiAffinity)) - return nil -} - -// Convert_core_Affinity_To_v1_Affinity is an autogenerated conversion function. -func Convert_core_Affinity_To_v1_Affinity(in *core.Affinity, out *corev1.Affinity, s conversion.Scope) error { - return autoConvert_core_Affinity_To_v1_Affinity(in, out, s) -} - -func autoConvert_v1_AppArmorProfile_To_core_AppArmorProfile(in *corev1.AppArmorProfile, out *core.AppArmorProfile, s conversion.Scope) error { - out.Type = core.AppArmorProfileType(in.Type) - out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile)) - return nil -} - -// Convert_v1_AppArmorProfile_To_core_AppArmorProfile is an autogenerated conversion function. -func Convert_v1_AppArmorProfile_To_core_AppArmorProfile(in *corev1.AppArmorProfile, out *core.AppArmorProfile, s conversion.Scope) error { - return autoConvert_v1_AppArmorProfile_To_core_AppArmorProfile(in, out, s) -} - -func autoConvert_core_AppArmorProfile_To_v1_AppArmorProfile(in *core.AppArmorProfile, out *corev1.AppArmorProfile, s conversion.Scope) error { - out.Type = corev1.AppArmorProfileType(in.Type) - out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile)) - return nil -} - -// Convert_core_AppArmorProfile_To_v1_AppArmorProfile is an autogenerated conversion function. -func Convert_core_AppArmorProfile_To_v1_AppArmorProfile(in *core.AppArmorProfile, out *corev1.AppArmorProfile, s conversion.Scope) error { - return autoConvert_core_AppArmorProfile_To_v1_AppArmorProfile(in, out, s) -} - -func autoConvert_v1_AttachedVolume_To_core_AttachedVolume(in *corev1.AttachedVolume, out *core.AttachedVolume, s conversion.Scope) error { - out.Name = core.UniqueVolumeName(in.Name) - out.DevicePath = in.DevicePath - return nil -} - -// Convert_v1_AttachedVolume_To_core_AttachedVolume is an autogenerated conversion function. -func Convert_v1_AttachedVolume_To_core_AttachedVolume(in *corev1.AttachedVolume, out *core.AttachedVolume, s conversion.Scope) error { - return autoConvert_v1_AttachedVolume_To_core_AttachedVolume(in, out, s) -} - -func autoConvert_core_AttachedVolume_To_v1_AttachedVolume(in *core.AttachedVolume, out *corev1.AttachedVolume, s conversion.Scope) error { - out.Name = corev1.UniqueVolumeName(in.Name) - out.DevicePath = in.DevicePath - return nil -} - -// Convert_core_AttachedVolume_To_v1_AttachedVolume is an autogenerated conversion function. -func Convert_core_AttachedVolume_To_v1_AttachedVolume(in *core.AttachedVolume, out *corev1.AttachedVolume, s conversion.Scope) error { - return autoConvert_core_AttachedVolume_To_v1_AttachedVolume(in, out, s) -} - -func autoConvert_v1_AvoidPods_To_core_AvoidPods(in *corev1.AvoidPods, out *core.AvoidPods, s conversion.Scope) error { - out.PreferAvoidPods = *(*[]core.PreferAvoidPodsEntry)(unsafe.Pointer(&in.PreferAvoidPods)) - return nil -} - -// Convert_v1_AvoidPods_To_core_AvoidPods is an autogenerated conversion function. -func Convert_v1_AvoidPods_To_core_AvoidPods(in *corev1.AvoidPods, out *core.AvoidPods, s conversion.Scope) error { - return autoConvert_v1_AvoidPods_To_core_AvoidPods(in, out, s) -} - -func autoConvert_core_AvoidPods_To_v1_AvoidPods(in *core.AvoidPods, out *corev1.AvoidPods, s conversion.Scope) error { - out.PreferAvoidPods = *(*[]corev1.PreferAvoidPodsEntry)(unsafe.Pointer(&in.PreferAvoidPods)) - return nil -} - -// Convert_core_AvoidPods_To_v1_AvoidPods is an autogenerated conversion function. -func Convert_core_AvoidPods_To_v1_AvoidPods(in *core.AvoidPods, out *corev1.AvoidPods, s conversion.Scope) error { - return autoConvert_core_AvoidPods_To_v1_AvoidPods(in, out, s) -} - -func autoConvert_v1_AzureDiskVolumeSource_To_core_AzureDiskVolumeSource(in *corev1.AzureDiskVolumeSource, out *core.AzureDiskVolumeSource, s conversion.Scope) error { - out.DiskName = in.DiskName - out.DataDiskURI = in.DataDiskURI - out.CachingMode = (*core.AzureDataDiskCachingMode)(unsafe.Pointer(in.CachingMode)) - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - out.ReadOnly = (*bool)(unsafe.Pointer(in.ReadOnly)) - out.Kind = (*core.AzureDataDiskKind)(unsafe.Pointer(in.Kind)) - return nil -} - -// Convert_v1_AzureDiskVolumeSource_To_core_AzureDiskVolumeSource is an autogenerated conversion function. -func Convert_v1_AzureDiskVolumeSource_To_core_AzureDiskVolumeSource(in *corev1.AzureDiskVolumeSource, out *core.AzureDiskVolumeSource, s conversion.Scope) error { - return autoConvert_v1_AzureDiskVolumeSource_To_core_AzureDiskVolumeSource(in, out, s) -} - -func autoConvert_core_AzureDiskVolumeSource_To_v1_AzureDiskVolumeSource(in *core.AzureDiskVolumeSource, out *corev1.AzureDiskVolumeSource, s conversion.Scope) error { - out.DiskName = in.DiskName - out.DataDiskURI = in.DataDiskURI - out.CachingMode = (*corev1.AzureDataDiskCachingMode)(unsafe.Pointer(in.CachingMode)) - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - out.ReadOnly = (*bool)(unsafe.Pointer(in.ReadOnly)) - out.Kind = (*corev1.AzureDataDiskKind)(unsafe.Pointer(in.Kind)) - return nil -} - -// Convert_core_AzureDiskVolumeSource_To_v1_AzureDiskVolumeSource is an autogenerated conversion function. -func Convert_core_AzureDiskVolumeSource_To_v1_AzureDiskVolumeSource(in *core.AzureDiskVolumeSource, out *corev1.AzureDiskVolumeSource, s conversion.Scope) error { - return autoConvert_core_AzureDiskVolumeSource_To_v1_AzureDiskVolumeSource(in, out, s) -} - -func autoConvert_v1_AzureFilePersistentVolumeSource_To_core_AzureFilePersistentVolumeSource(in *corev1.AzureFilePersistentVolumeSource, out *core.AzureFilePersistentVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.ShareName = in.ShareName - out.ReadOnly = in.ReadOnly - out.SecretNamespace = (*string)(unsafe.Pointer(in.SecretNamespace)) - return nil -} - -// Convert_v1_AzureFilePersistentVolumeSource_To_core_AzureFilePersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_AzureFilePersistentVolumeSource_To_core_AzureFilePersistentVolumeSource(in *corev1.AzureFilePersistentVolumeSource, out *core.AzureFilePersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_AzureFilePersistentVolumeSource_To_core_AzureFilePersistentVolumeSource(in, out, s) -} - -func autoConvert_core_AzureFilePersistentVolumeSource_To_v1_AzureFilePersistentVolumeSource(in *core.AzureFilePersistentVolumeSource, out *corev1.AzureFilePersistentVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.ShareName = in.ShareName - out.ReadOnly = in.ReadOnly - out.SecretNamespace = (*string)(unsafe.Pointer(in.SecretNamespace)) - return nil -} - -// Convert_core_AzureFilePersistentVolumeSource_To_v1_AzureFilePersistentVolumeSource is an autogenerated conversion function. -func Convert_core_AzureFilePersistentVolumeSource_To_v1_AzureFilePersistentVolumeSource(in *core.AzureFilePersistentVolumeSource, out *corev1.AzureFilePersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_AzureFilePersistentVolumeSource_To_v1_AzureFilePersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_AzureFileVolumeSource_To_core_AzureFileVolumeSource(in *corev1.AzureFileVolumeSource, out *core.AzureFileVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.ShareName = in.ShareName - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_AzureFileVolumeSource_To_core_AzureFileVolumeSource is an autogenerated conversion function. -func Convert_v1_AzureFileVolumeSource_To_core_AzureFileVolumeSource(in *corev1.AzureFileVolumeSource, out *core.AzureFileVolumeSource, s conversion.Scope) error { - return autoConvert_v1_AzureFileVolumeSource_To_core_AzureFileVolumeSource(in, out, s) -} - -func autoConvert_core_AzureFileVolumeSource_To_v1_AzureFileVolumeSource(in *core.AzureFileVolumeSource, out *corev1.AzureFileVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.ShareName = in.ShareName - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_AzureFileVolumeSource_To_v1_AzureFileVolumeSource is an autogenerated conversion function. -func Convert_core_AzureFileVolumeSource_To_v1_AzureFileVolumeSource(in *core.AzureFileVolumeSource, out *corev1.AzureFileVolumeSource, s conversion.Scope) error { - return autoConvert_core_AzureFileVolumeSource_To_v1_AzureFileVolumeSource(in, out, s) -} - -func autoConvert_v1_Binding_To_core_Binding(in *corev1.Binding, out *core.Binding, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ObjectReference_To_core_ObjectReference(&in.Target, &out.Target, s); err != nil { - return err - } - return nil -} - -// Convert_v1_Binding_To_core_Binding is an autogenerated conversion function. -func Convert_v1_Binding_To_core_Binding(in *corev1.Binding, out *core.Binding, s conversion.Scope) error { - return autoConvert_v1_Binding_To_core_Binding(in, out, s) -} - -func autoConvert_core_Binding_To_v1_Binding(in *core.Binding, out *corev1.Binding, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_ObjectReference_To_v1_ObjectReference(&in.Target, &out.Target, s); err != nil { - return err - } - return nil -} - -// Convert_core_Binding_To_v1_Binding is an autogenerated conversion function. -func Convert_core_Binding_To_v1_Binding(in *core.Binding, out *corev1.Binding, s conversion.Scope) error { - return autoConvert_core_Binding_To_v1_Binding(in, out, s) -} - -func autoConvert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource(in *corev1.CSIPersistentVolumeSource, out *core.CSIPersistentVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.VolumeHandle = in.VolumeHandle - out.ReadOnly = in.ReadOnly - out.FSType = in.FSType - out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes)) - out.ControllerPublishSecretRef = (*core.SecretReference)(unsafe.Pointer(in.ControllerPublishSecretRef)) - out.NodeStageSecretRef = (*core.SecretReference)(unsafe.Pointer(in.NodeStageSecretRef)) - out.NodePublishSecretRef = (*core.SecretReference)(unsafe.Pointer(in.NodePublishSecretRef)) - out.ControllerExpandSecretRef = (*core.SecretReference)(unsafe.Pointer(in.ControllerExpandSecretRef)) - out.NodeExpandSecretRef = (*core.SecretReference)(unsafe.Pointer(in.NodeExpandSecretRef)) - return nil -} - -// Convert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource(in *corev1.CSIPersistentVolumeSource, out *core.CSIPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource(in *core.CSIPersistentVolumeSource, out *corev1.CSIPersistentVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.VolumeHandle = in.VolumeHandle - out.ReadOnly = in.ReadOnly - out.FSType = in.FSType - out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes)) - out.ControllerPublishSecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.ControllerPublishSecretRef)) - out.NodeStageSecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.NodeStageSecretRef)) - out.NodePublishSecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.NodePublishSecretRef)) - out.ControllerExpandSecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.ControllerExpandSecretRef)) - out.NodeExpandSecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.NodeExpandSecretRef)) - return nil -} - -// Convert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource(in *core.CSIPersistentVolumeSource, out *corev1.CSIPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_CSIVolumeSource_To_core_CSIVolumeSource(in *corev1.CSIVolumeSource, out *core.CSIVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.ReadOnly = (*bool)(unsafe.Pointer(in.ReadOnly)) - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes)) - out.NodePublishSecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.NodePublishSecretRef)) - return nil -} - -// Convert_v1_CSIVolumeSource_To_core_CSIVolumeSource is an autogenerated conversion function. -func Convert_v1_CSIVolumeSource_To_core_CSIVolumeSource(in *corev1.CSIVolumeSource, out *core.CSIVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CSIVolumeSource_To_core_CSIVolumeSource(in, out, s) -} - -func autoConvert_core_CSIVolumeSource_To_v1_CSIVolumeSource(in *core.CSIVolumeSource, out *corev1.CSIVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.ReadOnly = (*bool)(unsafe.Pointer(in.ReadOnly)) - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes)) - out.NodePublishSecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.NodePublishSecretRef)) - return nil -} - -// Convert_core_CSIVolumeSource_To_v1_CSIVolumeSource is an autogenerated conversion function. -func Convert_core_CSIVolumeSource_To_v1_CSIVolumeSource(in *core.CSIVolumeSource, out *corev1.CSIVolumeSource, s conversion.Scope) error { - return autoConvert_core_CSIVolumeSource_To_v1_CSIVolumeSource(in, out, s) -} - -func autoConvert_v1_Capabilities_To_core_Capabilities(in *corev1.Capabilities, out *core.Capabilities, s conversion.Scope) error { - out.Add = *(*[]core.Capability)(unsafe.Pointer(&in.Add)) - out.Drop = *(*[]core.Capability)(unsafe.Pointer(&in.Drop)) - return nil -} - -// Convert_v1_Capabilities_To_core_Capabilities is an autogenerated conversion function. -func Convert_v1_Capabilities_To_core_Capabilities(in *corev1.Capabilities, out *core.Capabilities, s conversion.Scope) error { - return autoConvert_v1_Capabilities_To_core_Capabilities(in, out, s) -} - -func autoConvert_core_Capabilities_To_v1_Capabilities(in *core.Capabilities, out *corev1.Capabilities, s conversion.Scope) error { - out.Add = *(*[]corev1.Capability)(unsafe.Pointer(&in.Add)) - out.Drop = *(*[]corev1.Capability)(unsafe.Pointer(&in.Drop)) - return nil -} - -// Convert_core_Capabilities_To_v1_Capabilities is an autogenerated conversion function. -func Convert_core_Capabilities_To_v1_Capabilities(in *core.Capabilities, out *corev1.Capabilities, s conversion.Scope) error { - return autoConvert_core_Capabilities_To_v1_Capabilities(in, out, s) -} - -func autoConvert_v1_CephFSPersistentVolumeSource_To_core_CephFSPersistentVolumeSource(in *corev1.CephFSPersistentVolumeSource, out *core.CephFSPersistentVolumeSource, s conversion.Scope) error { - out.Monitors = *(*[]string)(unsafe.Pointer(&in.Monitors)) - out.Path = in.Path - out.User = in.User - out.SecretFile = in.SecretFile - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_CephFSPersistentVolumeSource_To_core_CephFSPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_CephFSPersistentVolumeSource_To_core_CephFSPersistentVolumeSource(in *corev1.CephFSPersistentVolumeSource, out *core.CephFSPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CephFSPersistentVolumeSource_To_core_CephFSPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_CephFSPersistentVolumeSource_To_v1_CephFSPersistentVolumeSource(in *core.CephFSPersistentVolumeSource, out *corev1.CephFSPersistentVolumeSource, s conversion.Scope) error { - out.Monitors = *(*[]string)(unsafe.Pointer(&in.Monitors)) - out.Path = in.Path - out.User = in.User - out.SecretFile = in.SecretFile - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_CephFSPersistentVolumeSource_To_v1_CephFSPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_CephFSPersistentVolumeSource_To_v1_CephFSPersistentVolumeSource(in *core.CephFSPersistentVolumeSource, out *corev1.CephFSPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_CephFSPersistentVolumeSource_To_v1_CephFSPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_CephFSVolumeSource_To_core_CephFSVolumeSource(in *corev1.CephFSVolumeSource, out *core.CephFSVolumeSource, s conversion.Scope) error { - out.Monitors = *(*[]string)(unsafe.Pointer(&in.Monitors)) - out.Path = in.Path - out.User = in.User - out.SecretFile = in.SecretFile - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_CephFSVolumeSource_To_core_CephFSVolumeSource is an autogenerated conversion function. -func Convert_v1_CephFSVolumeSource_To_core_CephFSVolumeSource(in *corev1.CephFSVolumeSource, out *core.CephFSVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CephFSVolumeSource_To_core_CephFSVolumeSource(in, out, s) -} - -func autoConvert_core_CephFSVolumeSource_To_v1_CephFSVolumeSource(in *core.CephFSVolumeSource, out *corev1.CephFSVolumeSource, s conversion.Scope) error { - out.Monitors = *(*[]string)(unsafe.Pointer(&in.Monitors)) - out.Path = in.Path - out.User = in.User - out.SecretFile = in.SecretFile - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_CephFSVolumeSource_To_v1_CephFSVolumeSource is an autogenerated conversion function. -func Convert_core_CephFSVolumeSource_To_v1_CephFSVolumeSource(in *core.CephFSVolumeSource, out *corev1.CephFSVolumeSource, s conversion.Scope) error { - return autoConvert_core_CephFSVolumeSource_To_v1_CephFSVolumeSource(in, out, s) -} - -func autoConvert_v1_CinderPersistentVolumeSource_To_core_CinderPersistentVolumeSource(in *corev1.CinderPersistentVolumeSource, out *core.CinderPersistentVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_v1_CinderPersistentVolumeSource_To_core_CinderPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_CinderPersistentVolumeSource_To_core_CinderPersistentVolumeSource(in *corev1.CinderPersistentVolumeSource, out *core.CinderPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CinderPersistentVolumeSource_To_core_CinderPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_CinderPersistentVolumeSource_To_v1_CinderPersistentVolumeSource(in *core.CinderPersistentVolumeSource, out *corev1.CinderPersistentVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_core_CinderPersistentVolumeSource_To_v1_CinderPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_CinderPersistentVolumeSource_To_v1_CinderPersistentVolumeSource(in *core.CinderPersistentVolumeSource, out *corev1.CinderPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_CinderPersistentVolumeSource_To_v1_CinderPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_CinderVolumeSource_To_core_CinderVolumeSource(in *corev1.CinderVolumeSource, out *core.CinderVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_v1_CinderVolumeSource_To_core_CinderVolumeSource is an autogenerated conversion function. -func Convert_v1_CinderVolumeSource_To_core_CinderVolumeSource(in *corev1.CinderVolumeSource, out *core.CinderVolumeSource, s conversion.Scope) error { - return autoConvert_v1_CinderVolumeSource_To_core_CinderVolumeSource(in, out, s) -} - -func autoConvert_core_CinderVolumeSource_To_v1_CinderVolumeSource(in *core.CinderVolumeSource, out *corev1.CinderVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_core_CinderVolumeSource_To_v1_CinderVolumeSource is an autogenerated conversion function. -func Convert_core_CinderVolumeSource_To_v1_CinderVolumeSource(in *core.CinderVolumeSource, out *corev1.CinderVolumeSource, s conversion.Scope) error { - return autoConvert_core_CinderVolumeSource_To_v1_CinderVolumeSource(in, out, s) -} - -func autoConvert_v1_ClientIPConfig_To_core_ClientIPConfig(in *corev1.ClientIPConfig, out *core.ClientIPConfig, s conversion.Scope) error { - out.TimeoutSeconds = (*int32)(unsafe.Pointer(in.TimeoutSeconds)) - return nil -} - -// Convert_v1_ClientIPConfig_To_core_ClientIPConfig is an autogenerated conversion function. -func Convert_v1_ClientIPConfig_To_core_ClientIPConfig(in *corev1.ClientIPConfig, out *core.ClientIPConfig, s conversion.Scope) error { - return autoConvert_v1_ClientIPConfig_To_core_ClientIPConfig(in, out, s) -} - -func autoConvert_core_ClientIPConfig_To_v1_ClientIPConfig(in *core.ClientIPConfig, out *corev1.ClientIPConfig, s conversion.Scope) error { - out.TimeoutSeconds = (*int32)(unsafe.Pointer(in.TimeoutSeconds)) - return nil -} - -// Convert_core_ClientIPConfig_To_v1_ClientIPConfig is an autogenerated conversion function. -func Convert_core_ClientIPConfig_To_v1_ClientIPConfig(in *core.ClientIPConfig, out *corev1.ClientIPConfig, s conversion.Scope) error { - return autoConvert_core_ClientIPConfig_To_v1_ClientIPConfig(in, out, s) -} - -func autoConvert_v1_ClusterTrustBundleProjection_To_core_ClusterTrustBundleProjection(in *corev1.ClusterTrustBundleProjection, out *core.ClusterTrustBundleProjection, s conversion.Scope) error { - out.Name = (*string)(unsafe.Pointer(in.Name)) - out.SignerName = (*string)(unsafe.Pointer(in.SignerName)) - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - out.Path = in.Path - return nil -} - -// Convert_v1_ClusterTrustBundleProjection_To_core_ClusterTrustBundleProjection is an autogenerated conversion function. -func Convert_v1_ClusterTrustBundleProjection_To_core_ClusterTrustBundleProjection(in *corev1.ClusterTrustBundleProjection, out *core.ClusterTrustBundleProjection, s conversion.Scope) error { - return autoConvert_v1_ClusterTrustBundleProjection_To_core_ClusterTrustBundleProjection(in, out, s) -} - -func autoConvert_core_ClusterTrustBundleProjection_To_v1_ClusterTrustBundleProjection(in *core.ClusterTrustBundleProjection, out *corev1.ClusterTrustBundleProjection, s conversion.Scope) error { - out.Name = (*string)(unsafe.Pointer(in.Name)) - out.SignerName = (*string)(unsafe.Pointer(in.SignerName)) - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - out.Path = in.Path - return nil -} - -// Convert_core_ClusterTrustBundleProjection_To_v1_ClusterTrustBundleProjection is an autogenerated conversion function. -func Convert_core_ClusterTrustBundleProjection_To_v1_ClusterTrustBundleProjection(in *core.ClusterTrustBundleProjection, out *corev1.ClusterTrustBundleProjection, s conversion.Scope) error { - return autoConvert_core_ClusterTrustBundleProjection_To_v1_ClusterTrustBundleProjection(in, out, s) -} - -func autoConvert_v1_ComponentCondition_To_core_ComponentCondition(in *corev1.ComponentCondition, out *core.ComponentCondition, s conversion.Scope) error { - out.Type = core.ComponentConditionType(in.Type) - out.Status = core.ConditionStatus(in.Status) - out.Message = in.Message - out.Error = in.Error - return nil -} - -// Convert_v1_ComponentCondition_To_core_ComponentCondition is an autogenerated conversion function. -func Convert_v1_ComponentCondition_To_core_ComponentCondition(in *corev1.ComponentCondition, out *core.ComponentCondition, s conversion.Scope) error { - return autoConvert_v1_ComponentCondition_To_core_ComponentCondition(in, out, s) -} - -func autoConvert_core_ComponentCondition_To_v1_ComponentCondition(in *core.ComponentCondition, out *corev1.ComponentCondition, s conversion.Scope) error { - out.Type = corev1.ComponentConditionType(in.Type) - out.Status = corev1.ConditionStatus(in.Status) - out.Message = in.Message - out.Error = in.Error - return nil -} - -// Convert_core_ComponentCondition_To_v1_ComponentCondition is an autogenerated conversion function. -func Convert_core_ComponentCondition_To_v1_ComponentCondition(in *core.ComponentCondition, out *corev1.ComponentCondition, s conversion.Scope) error { - return autoConvert_core_ComponentCondition_To_v1_ComponentCondition(in, out, s) -} - -func autoConvert_v1_ComponentStatus_To_core_ComponentStatus(in *corev1.ComponentStatus, out *core.ComponentStatus, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Conditions = *(*[]core.ComponentCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_v1_ComponentStatus_To_core_ComponentStatus is an autogenerated conversion function. -func Convert_v1_ComponentStatus_To_core_ComponentStatus(in *corev1.ComponentStatus, out *core.ComponentStatus, s conversion.Scope) error { - return autoConvert_v1_ComponentStatus_To_core_ComponentStatus(in, out, s) -} - -func autoConvert_core_ComponentStatus_To_v1_ComponentStatus(in *core.ComponentStatus, out *corev1.ComponentStatus, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Conditions = *(*[]corev1.ComponentCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_core_ComponentStatus_To_v1_ComponentStatus is an autogenerated conversion function. -func Convert_core_ComponentStatus_To_v1_ComponentStatus(in *core.ComponentStatus, out *corev1.ComponentStatus, s conversion.Scope) error { - return autoConvert_core_ComponentStatus_To_v1_ComponentStatus(in, out, s) -} - -func autoConvert_v1_ComponentStatusList_To_core_ComponentStatusList(in *corev1.ComponentStatusList, out *core.ComponentStatusList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.ComponentStatus)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_ComponentStatusList_To_core_ComponentStatusList is an autogenerated conversion function. -func Convert_v1_ComponentStatusList_To_core_ComponentStatusList(in *corev1.ComponentStatusList, out *core.ComponentStatusList, s conversion.Scope) error { - return autoConvert_v1_ComponentStatusList_To_core_ComponentStatusList(in, out, s) -} - -func autoConvert_core_ComponentStatusList_To_v1_ComponentStatusList(in *core.ComponentStatusList, out *corev1.ComponentStatusList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.ComponentStatus)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_ComponentStatusList_To_v1_ComponentStatusList is an autogenerated conversion function. -func Convert_core_ComponentStatusList_To_v1_ComponentStatusList(in *core.ComponentStatusList, out *corev1.ComponentStatusList, s conversion.Scope) error { - return autoConvert_core_ComponentStatusList_To_v1_ComponentStatusList(in, out, s) -} - -func autoConvert_v1_ConfigMap_To_core_ConfigMap(in *corev1.ConfigMap, out *core.ConfigMap, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Immutable = (*bool)(unsafe.Pointer(in.Immutable)) - out.Data = *(*map[string]string)(unsafe.Pointer(&in.Data)) - out.BinaryData = *(*map[string][]byte)(unsafe.Pointer(&in.BinaryData)) - return nil -} - -// Convert_v1_ConfigMap_To_core_ConfigMap is an autogenerated conversion function. -func Convert_v1_ConfigMap_To_core_ConfigMap(in *corev1.ConfigMap, out *core.ConfigMap, s conversion.Scope) error { - return autoConvert_v1_ConfigMap_To_core_ConfigMap(in, out, s) -} - -func autoConvert_core_ConfigMap_To_v1_ConfigMap(in *core.ConfigMap, out *corev1.ConfigMap, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Immutable = (*bool)(unsafe.Pointer(in.Immutable)) - out.Data = *(*map[string]string)(unsafe.Pointer(&in.Data)) - out.BinaryData = *(*map[string][]byte)(unsafe.Pointer(&in.BinaryData)) - return nil -} - -// Convert_core_ConfigMap_To_v1_ConfigMap is an autogenerated conversion function. -func Convert_core_ConfigMap_To_v1_ConfigMap(in *core.ConfigMap, out *corev1.ConfigMap, s conversion.Scope) error { - return autoConvert_core_ConfigMap_To_v1_ConfigMap(in, out, s) -} - -func autoConvert_v1_ConfigMapEnvSource_To_core_ConfigMapEnvSource(in *corev1.ConfigMapEnvSource, out *core.ConfigMapEnvSource, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_ConfigMapEnvSource_To_core_ConfigMapEnvSource is an autogenerated conversion function. -func Convert_v1_ConfigMapEnvSource_To_core_ConfigMapEnvSource(in *corev1.ConfigMapEnvSource, out *core.ConfigMapEnvSource, s conversion.Scope) error { - return autoConvert_v1_ConfigMapEnvSource_To_core_ConfigMapEnvSource(in, out, s) -} - -func autoConvert_core_ConfigMapEnvSource_To_v1_ConfigMapEnvSource(in *core.ConfigMapEnvSource, out *corev1.ConfigMapEnvSource, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_ConfigMapEnvSource_To_v1_ConfigMapEnvSource is an autogenerated conversion function. -func Convert_core_ConfigMapEnvSource_To_v1_ConfigMapEnvSource(in *core.ConfigMapEnvSource, out *corev1.ConfigMapEnvSource, s conversion.Scope) error { - return autoConvert_core_ConfigMapEnvSource_To_v1_ConfigMapEnvSource(in, out, s) -} - -func autoConvert_v1_ConfigMapKeySelector_To_core_ConfigMapKeySelector(in *corev1.ConfigMapKeySelector, out *core.ConfigMapKeySelector, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_ConfigMapKeySelector_To_core_ConfigMapKeySelector is an autogenerated conversion function. -func Convert_v1_ConfigMapKeySelector_To_core_ConfigMapKeySelector(in *corev1.ConfigMapKeySelector, out *core.ConfigMapKeySelector, s conversion.Scope) error { - return autoConvert_v1_ConfigMapKeySelector_To_core_ConfigMapKeySelector(in, out, s) -} - -func autoConvert_core_ConfigMapKeySelector_To_v1_ConfigMapKeySelector(in *core.ConfigMapKeySelector, out *corev1.ConfigMapKeySelector, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_ConfigMapKeySelector_To_v1_ConfigMapKeySelector is an autogenerated conversion function. -func Convert_core_ConfigMapKeySelector_To_v1_ConfigMapKeySelector(in *core.ConfigMapKeySelector, out *corev1.ConfigMapKeySelector, s conversion.Scope) error { - return autoConvert_core_ConfigMapKeySelector_To_v1_ConfigMapKeySelector(in, out, s) -} - -func autoConvert_v1_ConfigMapList_To_core_ConfigMapList(in *corev1.ConfigMapList, out *core.ConfigMapList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.ConfigMap)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_ConfigMapList_To_core_ConfigMapList is an autogenerated conversion function. -func Convert_v1_ConfigMapList_To_core_ConfigMapList(in *corev1.ConfigMapList, out *core.ConfigMapList, s conversion.Scope) error { - return autoConvert_v1_ConfigMapList_To_core_ConfigMapList(in, out, s) -} - -func autoConvert_core_ConfigMapList_To_v1_ConfigMapList(in *core.ConfigMapList, out *corev1.ConfigMapList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.ConfigMap)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_ConfigMapList_To_v1_ConfigMapList is an autogenerated conversion function. -func Convert_core_ConfigMapList_To_v1_ConfigMapList(in *core.ConfigMapList, out *corev1.ConfigMapList, s conversion.Scope) error { - return autoConvert_core_ConfigMapList_To_v1_ConfigMapList(in, out, s) -} - -func autoConvert_v1_ConfigMapNodeConfigSource_To_core_ConfigMapNodeConfigSource(in *corev1.ConfigMapNodeConfigSource, out *core.ConfigMapNodeConfigSource, s conversion.Scope) error { - out.Namespace = in.Namespace - out.Name = in.Name - out.UID = types.UID(in.UID) - out.ResourceVersion = in.ResourceVersion - out.KubeletConfigKey = in.KubeletConfigKey - return nil -} - -// Convert_v1_ConfigMapNodeConfigSource_To_core_ConfigMapNodeConfigSource is an autogenerated conversion function. -func Convert_v1_ConfigMapNodeConfigSource_To_core_ConfigMapNodeConfigSource(in *corev1.ConfigMapNodeConfigSource, out *core.ConfigMapNodeConfigSource, s conversion.Scope) error { - return autoConvert_v1_ConfigMapNodeConfigSource_To_core_ConfigMapNodeConfigSource(in, out, s) -} - -func autoConvert_core_ConfigMapNodeConfigSource_To_v1_ConfigMapNodeConfigSource(in *core.ConfigMapNodeConfigSource, out *corev1.ConfigMapNodeConfigSource, s conversion.Scope) error { - out.Namespace = in.Namespace - out.Name = in.Name - out.UID = types.UID(in.UID) - out.ResourceVersion = in.ResourceVersion - out.KubeletConfigKey = in.KubeletConfigKey - return nil -} - -// Convert_core_ConfigMapNodeConfigSource_To_v1_ConfigMapNodeConfigSource is an autogenerated conversion function. -func Convert_core_ConfigMapNodeConfigSource_To_v1_ConfigMapNodeConfigSource(in *core.ConfigMapNodeConfigSource, out *corev1.ConfigMapNodeConfigSource, s conversion.Scope) error { - return autoConvert_core_ConfigMapNodeConfigSource_To_v1_ConfigMapNodeConfigSource(in, out, s) -} - -func autoConvert_v1_ConfigMapProjection_To_core_ConfigMapProjection(in *corev1.ConfigMapProjection, out *core.ConfigMapProjection, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]core.KeyToPath)(unsafe.Pointer(&in.Items)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_ConfigMapProjection_To_core_ConfigMapProjection is an autogenerated conversion function. -func Convert_v1_ConfigMapProjection_To_core_ConfigMapProjection(in *corev1.ConfigMapProjection, out *core.ConfigMapProjection, s conversion.Scope) error { - return autoConvert_v1_ConfigMapProjection_To_core_ConfigMapProjection(in, out, s) -} - -func autoConvert_core_ConfigMapProjection_To_v1_ConfigMapProjection(in *core.ConfigMapProjection, out *corev1.ConfigMapProjection, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]corev1.KeyToPath)(unsafe.Pointer(&in.Items)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_ConfigMapProjection_To_v1_ConfigMapProjection is an autogenerated conversion function. -func Convert_core_ConfigMapProjection_To_v1_ConfigMapProjection(in *core.ConfigMapProjection, out *corev1.ConfigMapProjection, s conversion.Scope) error { - return autoConvert_core_ConfigMapProjection_To_v1_ConfigMapProjection(in, out, s) -} - -func autoConvert_v1_ConfigMapVolumeSource_To_core_ConfigMapVolumeSource(in *corev1.ConfigMapVolumeSource, out *core.ConfigMapVolumeSource, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]core.KeyToPath)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_ConfigMapVolumeSource_To_core_ConfigMapVolumeSource is an autogenerated conversion function. -func Convert_v1_ConfigMapVolumeSource_To_core_ConfigMapVolumeSource(in *corev1.ConfigMapVolumeSource, out *core.ConfigMapVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ConfigMapVolumeSource_To_core_ConfigMapVolumeSource(in, out, s) -} - -func autoConvert_core_ConfigMapVolumeSource_To_v1_ConfigMapVolumeSource(in *core.ConfigMapVolumeSource, out *corev1.ConfigMapVolumeSource, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]corev1.KeyToPath)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_ConfigMapVolumeSource_To_v1_ConfigMapVolumeSource is an autogenerated conversion function. -func Convert_core_ConfigMapVolumeSource_To_v1_ConfigMapVolumeSource(in *core.ConfigMapVolumeSource, out *corev1.ConfigMapVolumeSource, s conversion.Scope) error { - return autoConvert_core_ConfigMapVolumeSource_To_v1_ConfigMapVolumeSource(in, out, s) -} - -func autoConvert_v1_Container_To_core_Container(in *corev1.Container, out *core.Container, s conversion.Scope) error { - out.Name = in.Name - out.Image = in.Image - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - out.Args = *(*[]string)(unsafe.Pointer(&in.Args)) - out.WorkingDir = in.WorkingDir - out.Ports = *(*[]core.ContainerPort)(unsafe.Pointer(&in.Ports)) - out.EnvFrom = *(*[]core.EnvFromSource)(unsafe.Pointer(&in.EnvFrom)) - out.Env = *(*[]core.EnvVar)(unsafe.Pointer(&in.Env)) - if err := Convert_v1_ResourceRequirements_To_core_ResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.ResizePolicy = *(*[]core.ContainerResizePolicy)(unsafe.Pointer(&in.ResizePolicy)) - out.RestartPolicy = (*core.ContainerRestartPolicy)(unsafe.Pointer(in.RestartPolicy)) - out.RestartPolicyRules = *(*[]core.ContainerRestartRule)(unsafe.Pointer(&in.RestartPolicyRules)) - out.VolumeMounts = *(*[]core.VolumeMount)(unsafe.Pointer(&in.VolumeMounts)) - out.VolumeDevices = *(*[]core.VolumeDevice)(unsafe.Pointer(&in.VolumeDevices)) - out.LivenessProbe = (*core.Probe)(unsafe.Pointer(in.LivenessProbe)) - out.ReadinessProbe = (*core.Probe)(unsafe.Pointer(in.ReadinessProbe)) - out.StartupProbe = (*core.Probe)(unsafe.Pointer(in.StartupProbe)) - out.Lifecycle = (*core.Lifecycle)(unsafe.Pointer(in.Lifecycle)) - out.TerminationMessagePath = in.TerminationMessagePath - out.TerminationMessagePolicy = core.TerminationMessagePolicy(in.TerminationMessagePolicy) - out.ImagePullPolicy = core.PullPolicy(in.ImagePullPolicy) - out.SecurityContext = (*core.SecurityContext)(unsafe.Pointer(in.SecurityContext)) - out.Stdin = in.Stdin - out.StdinOnce = in.StdinOnce - out.TTY = in.TTY - return nil -} - -// Convert_v1_Container_To_core_Container is an autogenerated conversion function. -func Convert_v1_Container_To_core_Container(in *corev1.Container, out *core.Container, s conversion.Scope) error { - return autoConvert_v1_Container_To_core_Container(in, out, s) -} - -func autoConvert_core_Container_To_v1_Container(in *core.Container, out *corev1.Container, s conversion.Scope) error { - out.Name = in.Name - out.Image = in.Image - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - out.Args = *(*[]string)(unsafe.Pointer(&in.Args)) - out.WorkingDir = in.WorkingDir - out.Ports = *(*[]corev1.ContainerPort)(unsafe.Pointer(&in.Ports)) - out.EnvFrom = *(*[]corev1.EnvFromSource)(unsafe.Pointer(&in.EnvFrom)) - out.Env = *(*[]corev1.EnvVar)(unsafe.Pointer(&in.Env)) - if err := Convert_core_ResourceRequirements_To_v1_ResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.ResizePolicy = *(*[]corev1.ContainerResizePolicy)(unsafe.Pointer(&in.ResizePolicy)) - out.RestartPolicy = (*corev1.ContainerRestartPolicy)(unsafe.Pointer(in.RestartPolicy)) - out.RestartPolicyRules = *(*[]corev1.ContainerRestartRule)(unsafe.Pointer(&in.RestartPolicyRules)) - out.VolumeMounts = *(*[]corev1.VolumeMount)(unsafe.Pointer(&in.VolumeMounts)) - out.VolumeDevices = *(*[]corev1.VolumeDevice)(unsafe.Pointer(&in.VolumeDevices)) - out.LivenessProbe = (*corev1.Probe)(unsafe.Pointer(in.LivenessProbe)) - out.ReadinessProbe = (*corev1.Probe)(unsafe.Pointer(in.ReadinessProbe)) - out.StartupProbe = (*corev1.Probe)(unsafe.Pointer(in.StartupProbe)) - out.Lifecycle = (*corev1.Lifecycle)(unsafe.Pointer(in.Lifecycle)) - out.TerminationMessagePath = in.TerminationMessagePath - out.TerminationMessagePolicy = corev1.TerminationMessagePolicy(in.TerminationMessagePolicy) - out.ImagePullPolicy = corev1.PullPolicy(in.ImagePullPolicy) - out.SecurityContext = (*corev1.SecurityContext)(unsafe.Pointer(in.SecurityContext)) - out.Stdin = in.Stdin - out.StdinOnce = in.StdinOnce - out.TTY = in.TTY - return nil -} - -// Convert_core_Container_To_v1_Container is an autogenerated conversion function. -func Convert_core_Container_To_v1_Container(in *core.Container, out *corev1.Container, s conversion.Scope) error { - return autoConvert_core_Container_To_v1_Container(in, out, s) -} - -func autoConvert_v1_ContainerExtendedResourceRequest_To_core_ContainerExtendedResourceRequest(in *corev1.ContainerExtendedResourceRequest, out *core.ContainerExtendedResourceRequest, s conversion.Scope) error { - out.ContainerName = in.ContainerName - out.ResourceName = in.ResourceName - out.RequestName = in.RequestName - return nil -} - -// Convert_v1_ContainerExtendedResourceRequest_To_core_ContainerExtendedResourceRequest is an autogenerated conversion function. -func Convert_v1_ContainerExtendedResourceRequest_To_core_ContainerExtendedResourceRequest(in *corev1.ContainerExtendedResourceRequest, out *core.ContainerExtendedResourceRequest, s conversion.Scope) error { - return autoConvert_v1_ContainerExtendedResourceRequest_To_core_ContainerExtendedResourceRequest(in, out, s) -} - -func autoConvert_core_ContainerExtendedResourceRequest_To_v1_ContainerExtendedResourceRequest(in *core.ContainerExtendedResourceRequest, out *corev1.ContainerExtendedResourceRequest, s conversion.Scope) error { - out.ContainerName = in.ContainerName - out.ResourceName = in.ResourceName - out.RequestName = in.RequestName - return nil -} - -// Convert_core_ContainerExtendedResourceRequest_To_v1_ContainerExtendedResourceRequest is an autogenerated conversion function. -func Convert_core_ContainerExtendedResourceRequest_To_v1_ContainerExtendedResourceRequest(in *core.ContainerExtendedResourceRequest, out *corev1.ContainerExtendedResourceRequest, s conversion.Scope) error { - return autoConvert_core_ContainerExtendedResourceRequest_To_v1_ContainerExtendedResourceRequest(in, out, s) -} - -func autoConvert_v1_ContainerImage_To_core_ContainerImage(in *corev1.ContainerImage, out *core.ContainerImage, s conversion.Scope) error { - out.Names = *(*[]string)(unsafe.Pointer(&in.Names)) - out.SizeBytes = in.SizeBytes - return nil -} - -// Convert_v1_ContainerImage_To_core_ContainerImage is an autogenerated conversion function. -func Convert_v1_ContainerImage_To_core_ContainerImage(in *corev1.ContainerImage, out *core.ContainerImage, s conversion.Scope) error { - return autoConvert_v1_ContainerImage_To_core_ContainerImage(in, out, s) -} - -func autoConvert_core_ContainerImage_To_v1_ContainerImage(in *core.ContainerImage, out *corev1.ContainerImage, s conversion.Scope) error { - out.Names = *(*[]string)(unsafe.Pointer(&in.Names)) - out.SizeBytes = in.SizeBytes - return nil -} - -// Convert_core_ContainerImage_To_v1_ContainerImage is an autogenerated conversion function. -func Convert_core_ContainerImage_To_v1_ContainerImage(in *core.ContainerImage, out *corev1.ContainerImage, s conversion.Scope) error { - return autoConvert_core_ContainerImage_To_v1_ContainerImage(in, out, s) -} - -func autoConvert_v1_ContainerPort_To_core_ContainerPort(in *corev1.ContainerPort, out *core.ContainerPort, s conversion.Scope) error { - out.Name = in.Name - out.HostPort = in.HostPort - out.ContainerPort = in.ContainerPort - out.Protocol = core.Protocol(in.Protocol) - out.HostIP = in.HostIP - return nil -} - -// Convert_v1_ContainerPort_To_core_ContainerPort is an autogenerated conversion function. -func Convert_v1_ContainerPort_To_core_ContainerPort(in *corev1.ContainerPort, out *core.ContainerPort, s conversion.Scope) error { - return autoConvert_v1_ContainerPort_To_core_ContainerPort(in, out, s) -} - -func autoConvert_core_ContainerPort_To_v1_ContainerPort(in *core.ContainerPort, out *corev1.ContainerPort, s conversion.Scope) error { - out.Name = in.Name - out.HostPort = in.HostPort - out.ContainerPort = in.ContainerPort - out.Protocol = corev1.Protocol(in.Protocol) - out.HostIP = in.HostIP - return nil -} - -// Convert_core_ContainerPort_To_v1_ContainerPort is an autogenerated conversion function. -func Convert_core_ContainerPort_To_v1_ContainerPort(in *core.ContainerPort, out *corev1.ContainerPort, s conversion.Scope) error { - return autoConvert_core_ContainerPort_To_v1_ContainerPort(in, out, s) -} - -func autoConvert_v1_ContainerResizePolicy_To_core_ContainerResizePolicy(in *corev1.ContainerResizePolicy, out *core.ContainerResizePolicy, s conversion.Scope) error { - out.ResourceName = core.ResourceName(in.ResourceName) - out.RestartPolicy = core.ResourceResizeRestartPolicy(in.RestartPolicy) - return nil -} - -// Convert_v1_ContainerResizePolicy_To_core_ContainerResizePolicy is an autogenerated conversion function. -func Convert_v1_ContainerResizePolicy_To_core_ContainerResizePolicy(in *corev1.ContainerResizePolicy, out *core.ContainerResizePolicy, s conversion.Scope) error { - return autoConvert_v1_ContainerResizePolicy_To_core_ContainerResizePolicy(in, out, s) -} - -func autoConvert_core_ContainerResizePolicy_To_v1_ContainerResizePolicy(in *core.ContainerResizePolicy, out *corev1.ContainerResizePolicy, s conversion.Scope) error { - out.ResourceName = corev1.ResourceName(in.ResourceName) - out.RestartPolicy = corev1.ResourceResizeRestartPolicy(in.RestartPolicy) - return nil -} - -// Convert_core_ContainerResizePolicy_To_v1_ContainerResizePolicy is an autogenerated conversion function. -func Convert_core_ContainerResizePolicy_To_v1_ContainerResizePolicy(in *core.ContainerResizePolicy, out *corev1.ContainerResizePolicy, s conversion.Scope) error { - return autoConvert_core_ContainerResizePolicy_To_v1_ContainerResizePolicy(in, out, s) -} - -func autoConvert_v1_ContainerRestartRule_To_core_ContainerRestartRule(in *corev1.ContainerRestartRule, out *core.ContainerRestartRule, s conversion.Scope) error { - out.Action = core.ContainerRestartRuleAction(in.Action) - out.ExitCodes = (*core.ContainerRestartRuleOnExitCodes)(unsafe.Pointer(in.ExitCodes)) - return nil -} - -// Convert_v1_ContainerRestartRule_To_core_ContainerRestartRule is an autogenerated conversion function. -func Convert_v1_ContainerRestartRule_To_core_ContainerRestartRule(in *corev1.ContainerRestartRule, out *core.ContainerRestartRule, s conversion.Scope) error { - return autoConvert_v1_ContainerRestartRule_To_core_ContainerRestartRule(in, out, s) -} - -func autoConvert_core_ContainerRestartRule_To_v1_ContainerRestartRule(in *core.ContainerRestartRule, out *corev1.ContainerRestartRule, s conversion.Scope) error { - out.Action = corev1.ContainerRestartRuleAction(in.Action) - out.ExitCodes = (*corev1.ContainerRestartRuleOnExitCodes)(unsafe.Pointer(in.ExitCodes)) - return nil -} - -// Convert_core_ContainerRestartRule_To_v1_ContainerRestartRule is an autogenerated conversion function. -func Convert_core_ContainerRestartRule_To_v1_ContainerRestartRule(in *core.ContainerRestartRule, out *corev1.ContainerRestartRule, s conversion.Scope) error { - return autoConvert_core_ContainerRestartRule_To_v1_ContainerRestartRule(in, out, s) -} - -func autoConvert_v1_ContainerRestartRuleOnExitCodes_To_core_ContainerRestartRuleOnExitCodes(in *corev1.ContainerRestartRuleOnExitCodes, out *core.ContainerRestartRuleOnExitCodes, s conversion.Scope) error { - out.Operator = core.ContainerRestartRuleOnExitCodesOperator(in.Operator) - out.Values = *(*[]int32)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_v1_ContainerRestartRuleOnExitCodes_To_core_ContainerRestartRuleOnExitCodes is an autogenerated conversion function. -func Convert_v1_ContainerRestartRuleOnExitCodes_To_core_ContainerRestartRuleOnExitCodes(in *corev1.ContainerRestartRuleOnExitCodes, out *core.ContainerRestartRuleOnExitCodes, s conversion.Scope) error { - return autoConvert_v1_ContainerRestartRuleOnExitCodes_To_core_ContainerRestartRuleOnExitCodes(in, out, s) -} - -func autoConvert_core_ContainerRestartRuleOnExitCodes_To_v1_ContainerRestartRuleOnExitCodes(in *core.ContainerRestartRuleOnExitCodes, out *corev1.ContainerRestartRuleOnExitCodes, s conversion.Scope) error { - out.Operator = corev1.ContainerRestartRuleOnExitCodesOperator(in.Operator) - out.Values = *(*[]int32)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_core_ContainerRestartRuleOnExitCodes_To_v1_ContainerRestartRuleOnExitCodes is an autogenerated conversion function. -func Convert_core_ContainerRestartRuleOnExitCodes_To_v1_ContainerRestartRuleOnExitCodes(in *core.ContainerRestartRuleOnExitCodes, out *corev1.ContainerRestartRuleOnExitCodes, s conversion.Scope) error { - return autoConvert_core_ContainerRestartRuleOnExitCodes_To_v1_ContainerRestartRuleOnExitCodes(in, out, s) -} - -func autoConvert_v1_ContainerState_To_core_ContainerState(in *corev1.ContainerState, out *core.ContainerState, s conversion.Scope) error { - out.Waiting = (*core.ContainerStateWaiting)(unsafe.Pointer(in.Waiting)) - out.Running = (*core.ContainerStateRunning)(unsafe.Pointer(in.Running)) - out.Terminated = (*core.ContainerStateTerminated)(unsafe.Pointer(in.Terminated)) - return nil -} - -// Convert_v1_ContainerState_To_core_ContainerState is an autogenerated conversion function. -func Convert_v1_ContainerState_To_core_ContainerState(in *corev1.ContainerState, out *core.ContainerState, s conversion.Scope) error { - return autoConvert_v1_ContainerState_To_core_ContainerState(in, out, s) -} - -func autoConvert_core_ContainerState_To_v1_ContainerState(in *core.ContainerState, out *corev1.ContainerState, s conversion.Scope) error { - out.Waiting = (*corev1.ContainerStateWaiting)(unsafe.Pointer(in.Waiting)) - out.Running = (*corev1.ContainerStateRunning)(unsafe.Pointer(in.Running)) - out.Terminated = (*corev1.ContainerStateTerminated)(unsafe.Pointer(in.Terminated)) - return nil -} - -// Convert_core_ContainerState_To_v1_ContainerState is an autogenerated conversion function. -func Convert_core_ContainerState_To_v1_ContainerState(in *core.ContainerState, out *corev1.ContainerState, s conversion.Scope) error { - return autoConvert_core_ContainerState_To_v1_ContainerState(in, out, s) -} - -func autoConvert_v1_ContainerStateRunning_To_core_ContainerStateRunning(in *corev1.ContainerStateRunning, out *core.ContainerStateRunning, s conversion.Scope) error { - out.StartedAt = in.StartedAt - return nil -} - -// Convert_v1_ContainerStateRunning_To_core_ContainerStateRunning is an autogenerated conversion function. -func Convert_v1_ContainerStateRunning_To_core_ContainerStateRunning(in *corev1.ContainerStateRunning, out *core.ContainerStateRunning, s conversion.Scope) error { - return autoConvert_v1_ContainerStateRunning_To_core_ContainerStateRunning(in, out, s) -} - -func autoConvert_core_ContainerStateRunning_To_v1_ContainerStateRunning(in *core.ContainerStateRunning, out *corev1.ContainerStateRunning, s conversion.Scope) error { - out.StartedAt = in.StartedAt - return nil -} - -// Convert_core_ContainerStateRunning_To_v1_ContainerStateRunning is an autogenerated conversion function. -func Convert_core_ContainerStateRunning_To_v1_ContainerStateRunning(in *core.ContainerStateRunning, out *corev1.ContainerStateRunning, s conversion.Scope) error { - return autoConvert_core_ContainerStateRunning_To_v1_ContainerStateRunning(in, out, s) -} - -func autoConvert_v1_ContainerStateTerminated_To_core_ContainerStateTerminated(in *corev1.ContainerStateTerminated, out *core.ContainerStateTerminated, s conversion.Scope) error { - out.ExitCode = in.ExitCode - out.Signal = in.Signal - out.Reason = in.Reason - out.Message = in.Message - out.StartedAt = in.StartedAt - out.FinishedAt = in.FinishedAt - out.ContainerID = in.ContainerID - return nil -} - -// Convert_v1_ContainerStateTerminated_To_core_ContainerStateTerminated is an autogenerated conversion function. -func Convert_v1_ContainerStateTerminated_To_core_ContainerStateTerminated(in *corev1.ContainerStateTerminated, out *core.ContainerStateTerminated, s conversion.Scope) error { - return autoConvert_v1_ContainerStateTerminated_To_core_ContainerStateTerminated(in, out, s) -} - -func autoConvert_core_ContainerStateTerminated_To_v1_ContainerStateTerminated(in *core.ContainerStateTerminated, out *corev1.ContainerStateTerminated, s conversion.Scope) error { - out.ExitCode = in.ExitCode - out.Signal = in.Signal - out.Reason = in.Reason - out.Message = in.Message - out.StartedAt = in.StartedAt - out.FinishedAt = in.FinishedAt - out.ContainerID = in.ContainerID - return nil -} - -// Convert_core_ContainerStateTerminated_To_v1_ContainerStateTerminated is an autogenerated conversion function. -func Convert_core_ContainerStateTerminated_To_v1_ContainerStateTerminated(in *core.ContainerStateTerminated, out *corev1.ContainerStateTerminated, s conversion.Scope) error { - return autoConvert_core_ContainerStateTerminated_To_v1_ContainerStateTerminated(in, out, s) -} - -func autoConvert_v1_ContainerStateWaiting_To_core_ContainerStateWaiting(in *corev1.ContainerStateWaiting, out *core.ContainerStateWaiting, s conversion.Scope) error { - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_ContainerStateWaiting_To_core_ContainerStateWaiting is an autogenerated conversion function. -func Convert_v1_ContainerStateWaiting_To_core_ContainerStateWaiting(in *corev1.ContainerStateWaiting, out *core.ContainerStateWaiting, s conversion.Scope) error { - return autoConvert_v1_ContainerStateWaiting_To_core_ContainerStateWaiting(in, out, s) -} - -func autoConvert_core_ContainerStateWaiting_To_v1_ContainerStateWaiting(in *core.ContainerStateWaiting, out *corev1.ContainerStateWaiting, s conversion.Scope) error { - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_ContainerStateWaiting_To_v1_ContainerStateWaiting is an autogenerated conversion function. -func Convert_core_ContainerStateWaiting_To_v1_ContainerStateWaiting(in *core.ContainerStateWaiting, out *corev1.ContainerStateWaiting, s conversion.Scope) error { - return autoConvert_core_ContainerStateWaiting_To_v1_ContainerStateWaiting(in, out, s) -} - -func autoConvert_v1_ContainerStatus_To_core_ContainerStatus(in *corev1.ContainerStatus, out *core.ContainerStatus, s conversion.Scope) error { - out.Name = in.Name - if err := Convert_v1_ContainerState_To_core_ContainerState(&in.State, &out.State, s); err != nil { - return err - } - if err := Convert_v1_ContainerState_To_core_ContainerState(&in.LastTerminationState, &out.LastTerminationState, s); err != nil { - return err - } - out.Ready = in.Ready - out.RestartCount = in.RestartCount - out.Image = in.Image - out.ImageID = in.ImageID - out.ContainerID = in.ContainerID - out.Started = (*bool)(unsafe.Pointer(in.Started)) - out.AllocatedResources = *(*core.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.Resources = (*core.ResourceRequirements)(unsafe.Pointer(in.Resources)) - out.VolumeMounts = *(*[]core.VolumeMountStatus)(unsafe.Pointer(&in.VolumeMounts)) - out.User = (*core.ContainerUser)(unsafe.Pointer(in.User)) - out.AllocatedResourcesStatus = *(*[]core.ResourceStatus)(unsafe.Pointer(&in.AllocatedResourcesStatus)) - out.StopSignal = (*core.Signal)(unsafe.Pointer(in.StopSignal)) - return nil -} - -// Convert_v1_ContainerStatus_To_core_ContainerStatus is an autogenerated conversion function. -func Convert_v1_ContainerStatus_To_core_ContainerStatus(in *corev1.ContainerStatus, out *core.ContainerStatus, s conversion.Scope) error { - return autoConvert_v1_ContainerStatus_To_core_ContainerStatus(in, out, s) -} - -func autoConvert_core_ContainerStatus_To_v1_ContainerStatus(in *core.ContainerStatus, out *corev1.ContainerStatus, s conversion.Scope) error { - out.Name = in.Name - if err := Convert_core_ContainerState_To_v1_ContainerState(&in.State, &out.State, s); err != nil { - return err - } - if err := Convert_core_ContainerState_To_v1_ContainerState(&in.LastTerminationState, &out.LastTerminationState, s); err != nil { - return err - } - out.Ready = in.Ready - out.RestartCount = in.RestartCount - out.Image = in.Image - out.ImageID = in.ImageID - out.ContainerID = in.ContainerID - out.Started = (*bool)(unsafe.Pointer(in.Started)) - out.AllocatedResources = *(*corev1.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.Resources = (*corev1.ResourceRequirements)(unsafe.Pointer(in.Resources)) - out.VolumeMounts = *(*[]corev1.VolumeMountStatus)(unsafe.Pointer(&in.VolumeMounts)) - out.User = (*corev1.ContainerUser)(unsafe.Pointer(in.User)) - out.AllocatedResourcesStatus = *(*[]corev1.ResourceStatus)(unsafe.Pointer(&in.AllocatedResourcesStatus)) - out.StopSignal = (*corev1.Signal)(unsafe.Pointer(in.StopSignal)) - return nil -} - -// Convert_core_ContainerStatus_To_v1_ContainerStatus is an autogenerated conversion function. -func Convert_core_ContainerStatus_To_v1_ContainerStatus(in *core.ContainerStatus, out *corev1.ContainerStatus, s conversion.Scope) error { - return autoConvert_core_ContainerStatus_To_v1_ContainerStatus(in, out, s) -} - -func autoConvert_v1_ContainerUser_To_core_ContainerUser(in *corev1.ContainerUser, out *core.ContainerUser, s conversion.Scope) error { - out.Linux = (*core.LinuxContainerUser)(unsafe.Pointer(in.Linux)) - return nil -} - -// Convert_v1_ContainerUser_To_core_ContainerUser is an autogenerated conversion function. -func Convert_v1_ContainerUser_To_core_ContainerUser(in *corev1.ContainerUser, out *core.ContainerUser, s conversion.Scope) error { - return autoConvert_v1_ContainerUser_To_core_ContainerUser(in, out, s) -} - -func autoConvert_core_ContainerUser_To_v1_ContainerUser(in *core.ContainerUser, out *corev1.ContainerUser, s conversion.Scope) error { - out.Linux = (*corev1.LinuxContainerUser)(unsafe.Pointer(in.Linux)) - return nil -} - -// Convert_core_ContainerUser_To_v1_ContainerUser is an autogenerated conversion function. -func Convert_core_ContainerUser_To_v1_ContainerUser(in *core.ContainerUser, out *corev1.ContainerUser, s conversion.Scope) error { - return autoConvert_core_ContainerUser_To_v1_ContainerUser(in, out, s) -} - -func autoConvert_v1_DaemonEndpoint_To_core_DaemonEndpoint(in *corev1.DaemonEndpoint, out *core.DaemonEndpoint, s conversion.Scope) error { - out.Port = in.Port - return nil -} - -// Convert_v1_DaemonEndpoint_To_core_DaemonEndpoint is an autogenerated conversion function. -func Convert_v1_DaemonEndpoint_To_core_DaemonEndpoint(in *corev1.DaemonEndpoint, out *core.DaemonEndpoint, s conversion.Scope) error { - return autoConvert_v1_DaemonEndpoint_To_core_DaemonEndpoint(in, out, s) -} - -func autoConvert_core_DaemonEndpoint_To_v1_DaemonEndpoint(in *core.DaemonEndpoint, out *corev1.DaemonEndpoint, s conversion.Scope) error { - out.Port = in.Port - return nil -} - -// Convert_core_DaemonEndpoint_To_v1_DaemonEndpoint is an autogenerated conversion function. -func Convert_core_DaemonEndpoint_To_v1_DaemonEndpoint(in *core.DaemonEndpoint, out *corev1.DaemonEndpoint, s conversion.Scope) error { - return autoConvert_core_DaemonEndpoint_To_v1_DaemonEndpoint(in, out, s) -} - -func autoConvert_v1_DownwardAPIProjection_To_core_DownwardAPIProjection(in *corev1.DownwardAPIProjection, out *core.DownwardAPIProjection, s conversion.Scope) error { - out.Items = *(*[]core.DownwardAPIVolumeFile)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_DownwardAPIProjection_To_core_DownwardAPIProjection is an autogenerated conversion function. -func Convert_v1_DownwardAPIProjection_To_core_DownwardAPIProjection(in *corev1.DownwardAPIProjection, out *core.DownwardAPIProjection, s conversion.Scope) error { - return autoConvert_v1_DownwardAPIProjection_To_core_DownwardAPIProjection(in, out, s) -} - -func autoConvert_core_DownwardAPIProjection_To_v1_DownwardAPIProjection(in *core.DownwardAPIProjection, out *corev1.DownwardAPIProjection, s conversion.Scope) error { - out.Items = *(*[]corev1.DownwardAPIVolumeFile)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_DownwardAPIProjection_To_v1_DownwardAPIProjection is an autogenerated conversion function. -func Convert_core_DownwardAPIProjection_To_v1_DownwardAPIProjection(in *core.DownwardAPIProjection, out *corev1.DownwardAPIProjection, s conversion.Scope) error { - return autoConvert_core_DownwardAPIProjection_To_v1_DownwardAPIProjection(in, out, s) -} - -func autoConvert_v1_DownwardAPIVolumeFile_To_core_DownwardAPIVolumeFile(in *corev1.DownwardAPIVolumeFile, out *core.DownwardAPIVolumeFile, s conversion.Scope) error { - out.Path = in.Path - out.FieldRef = (*core.ObjectFieldSelector)(unsafe.Pointer(in.FieldRef)) - out.ResourceFieldRef = (*core.ResourceFieldSelector)(unsafe.Pointer(in.ResourceFieldRef)) - out.Mode = (*int32)(unsafe.Pointer(in.Mode)) - return nil -} - -// Convert_v1_DownwardAPIVolumeFile_To_core_DownwardAPIVolumeFile is an autogenerated conversion function. -func Convert_v1_DownwardAPIVolumeFile_To_core_DownwardAPIVolumeFile(in *corev1.DownwardAPIVolumeFile, out *core.DownwardAPIVolumeFile, s conversion.Scope) error { - return autoConvert_v1_DownwardAPIVolumeFile_To_core_DownwardAPIVolumeFile(in, out, s) -} - -func autoConvert_core_DownwardAPIVolumeFile_To_v1_DownwardAPIVolumeFile(in *core.DownwardAPIVolumeFile, out *corev1.DownwardAPIVolumeFile, s conversion.Scope) error { - out.Path = in.Path - out.FieldRef = (*corev1.ObjectFieldSelector)(unsafe.Pointer(in.FieldRef)) - out.ResourceFieldRef = (*corev1.ResourceFieldSelector)(unsafe.Pointer(in.ResourceFieldRef)) - out.Mode = (*int32)(unsafe.Pointer(in.Mode)) - return nil -} - -// Convert_core_DownwardAPIVolumeFile_To_v1_DownwardAPIVolumeFile is an autogenerated conversion function. -func Convert_core_DownwardAPIVolumeFile_To_v1_DownwardAPIVolumeFile(in *core.DownwardAPIVolumeFile, out *corev1.DownwardAPIVolumeFile, s conversion.Scope) error { - return autoConvert_core_DownwardAPIVolumeFile_To_v1_DownwardAPIVolumeFile(in, out, s) -} - -func autoConvert_v1_DownwardAPIVolumeSource_To_core_DownwardAPIVolumeSource(in *corev1.DownwardAPIVolumeSource, out *core.DownwardAPIVolumeSource, s conversion.Scope) error { - out.Items = *(*[]core.DownwardAPIVolumeFile)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - return nil -} - -// Convert_v1_DownwardAPIVolumeSource_To_core_DownwardAPIVolumeSource is an autogenerated conversion function. -func Convert_v1_DownwardAPIVolumeSource_To_core_DownwardAPIVolumeSource(in *corev1.DownwardAPIVolumeSource, out *core.DownwardAPIVolumeSource, s conversion.Scope) error { - return autoConvert_v1_DownwardAPIVolumeSource_To_core_DownwardAPIVolumeSource(in, out, s) -} - -func autoConvert_core_DownwardAPIVolumeSource_To_v1_DownwardAPIVolumeSource(in *core.DownwardAPIVolumeSource, out *corev1.DownwardAPIVolumeSource, s conversion.Scope) error { - out.Items = *(*[]corev1.DownwardAPIVolumeFile)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - return nil -} - -// Convert_core_DownwardAPIVolumeSource_To_v1_DownwardAPIVolumeSource is an autogenerated conversion function. -func Convert_core_DownwardAPIVolumeSource_To_v1_DownwardAPIVolumeSource(in *core.DownwardAPIVolumeSource, out *corev1.DownwardAPIVolumeSource, s conversion.Scope) error { - return autoConvert_core_DownwardAPIVolumeSource_To_v1_DownwardAPIVolumeSource(in, out, s) -} - -func autoConvert_v1_EmptyDirVolumeSource_To_core_EmptyDirVolumeSource(in *corev1.EmptyDirVolumeSource, out *core.EmptyDirVolumeSource, s conversion.Scope) error { - out.Medium = core.StorageMedium(in.Medium) - out.SizeLimit = (*resource.Quantity)(unsafe.Pointer(in.SizeLimit)) - return nil -} - -// Convert_v1_EmptyDirVolumeSource_To_core_EmptyDirVolumeSource is an autogenerated conversion function. -func Convert_v1_EmptyDirVolumeSource_To_core_EmptyDirVolumeSource(in *corev1.EmptyDirVolumeSource, out *core.EmptyDirVolumeSource, s conversion.Scope) error { - return autoConvert_v1_EmptyDirVolumeSource_To_core_EmptyDirVolumeSource(in, out, s) -} - -func autoConvert_core_EmptyDirVolumeSource_To_v1_EmptyDirVolumeSource(in *core.EmptyDirVolumeSource, out *corev1.EmptyDirVolumeSource, s conversion.Scope) error { - out.Medium = corev1.StorageMedium(in.Medium) - out.SizeLimit = (*resource.Quantity)(unsafe.Pointer(in.SizeLimit)) - return nil -} - -// Convert_core_EmptyDirVolumeSource_To_v1_EmptyDirVolumeSource is an autogenerated conversion function. -func Convert_core_EmptyDirVolumeSource_To_v1_EmptyDirVolumeSource(in *core.EmptyDirVolumeSource, out *corev1.EmptyDirVolumeSource, s conversion.Scope) error { - return autoConvert_core_EmptyDirVolumeSource_To_v1_EmptyDirVolumeSource(in, out, s) -} - -func autoConvert_v1_EndpointAddress_To_core_EndpointAddress(in *corev1.EndpointAddress, out *core.EndpointAddress, s conversion.Scope) error { - out.IP = in.IP - out.Hostname = in.Hostname - out.NodeName = (*string)(unsafe.Pointer(in.NodeName)) - out.TargetRef = (*core.ObjectReference)(unsafe.Pointer(in.TargetRef)) - return nil -} - -// Convert_v1_EndpointAddress_To_core_EndpointAddress is an autogenerated conversion function. -func Convert_v1_EndpointAddress_To_core_EndpointAddress(in *corev1.EndpointAddress, out *core.EndpointAddress, s conversion.Scope) error { - return autoConvert_v1_EndpointAddress_To_core_EndpointAddress(in, out, s) -} - -func autoConvert_core_EndpointAddress_To_v1_EndpointAddress(in *core.EndpointAddress, out *corev1.EndpointAddress, s conversion.Scope) error { - out.IP = in.IP - out.Hostname = in.Hostname - out.NodeName = (*string)(unsafe.Pointer(in.NodeName)) - out.TargetRef = (*corev1.ObjectReference)(unsafe.Pointer(in.TargetRef)) - return nil -} - -// Convert_core_EndpointAddress_To_v1_EndpointAddress is an autogenerated conversion function. -func Convert_core_EndpointAddress_To_v1_EndpointAddress(in *core.EndpointAddress, out *corev1.EndpointAddress, s conversion.Scope) error { - return autoConvert_core_EndpointAddress_To_v1_EndpointAddress(in, out, s) -} - -func autoConvert_v1_EndpointPort_To_core_EndpointPort(in *corev1.EndpointPort, out *core.EndpointPort, s conversion.Scope) error { - out.Name = in.Name - out.Port = in.Port - out.Protocol = core.Protocol(in.Protocol) - out.AppProtocol = (*string)(unsafe.Pointer(in.AppProtocol)) - return nil -} - -// Convert_v1_EndpointPort_To_core_EndpointPort is an autogenerated conversion function. -func Convert_v1_EndpointPort_To_core_EndpointPort(in *corev1.EndpointPort, out *core.EndpointPort, s conversion.Scope) error { - return autoConvert_v1_EndpointPort_To_core_EndpointPort(in, out, s) -} - -func autoConvert_core_EndpointPort_To_v1_EndpointPort(in *core.EndpointPort, out *corev1.EndpointPort, s conversion.Scope) error { - out.Name = in.Name - out.Port = in.Port - out.Protocol = corev1.Protocol(in.Protocol) - out.AppProtocol = (*string)(unsafe.Pointer(in.AppProtocol)) - return nil -} - -// Convert_core_EndpointPort_To_v1_EndpointPort is an autogenerated conversion function. -func Convert_core_EndpointPort_To_v1_EndpointPort(in *core.EndpointPort, out *corev1.EndpointPort, s conversion.Scope) error { - return autoConvert_core_EndpointPort_To_v1_EndpointPort(in, out, s) -} - -func autoConvert_v1_EndpointSubset_To_core_EndpointSubset(in *corev1.EndpointSubset, out *core.EndpointSubset, s conversion.Scope) error { - out.Addresses = *(*[]core.EndpointAddress)(unsafe.Pointer(&in.Addresses)) - out.NotReadyAddresses = *(*[]core.EndpointAddress)(unsafe.Pointer(&in.NotReadyAddresses)) - out.Ports = *(*[]core.EndpointPort)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_v1_EndpointSubset_To_core_EndpointSubset is an autogenerated conversion function. -func Convert_v1_EndpointSubset_To_core_EndpointSubset(in *corev1.EndpointSubset, out *core.EndpointSubset, s conversion.Scope) error { - return autoConvert_v1_EndpointSubset_To_core_EndpointSubset(in, out, s) -} - -func autoConvert_core_EndpointSubset_To_v1_EndpointSubset(in *core.EndpointSubset, out *corev1.EndpointSubset, s conversion.Scope) error { - out.Addresses = *(*[]corev1.EndpointAddress)(unsafe.Pointer(&in.Addresses)) - out.NotReadyAddresses = *(*[]corev1.EndpointAddress)(unsafe.Pointer(&in.NotReadyAddresses)) - out.Ports = *(*[]corev1.EndpointPort)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_core_EndpointSubset_To_v1_EndpointSubset is an autogenerated conversion function. -func Convert_core_EndpointSubset_To_v1_EndpointSubset(in *core.EndpointSubset, out *corev1.EndpointSubset, s conversion.Scope) error { - return autoConvert_core_EndpointSubset_To_v1_EndpointSubset(in, out, s) -} - -func autoConvert_v1_Endpoints_To_core_Endpoints(in *corev1.Endpoints, out *core.Endpoints, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Subsets = *(*[]core.EndpointSubset)(unsafe.Pointer(&in.Subsets)) - return nil -} - -// Convert_v1_Endpoints_To_core_Endpoints is an autogenerated conversion function. -func Convert_v1_Endpoints_To_core_Endpoints(in *corev1.Endpoints, out *core.Endpoints, s conversion.Scope) error { - return autoConvert_v1_Endpoints_To_core_Endpoints(in, out, s) -} - -func autoConvert_core_Endpoints_To_v1_Endpoints(in *core.Endpoints, out *corev1.Endpoints, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Subsets = *(*[]corev1.EndpointSubset)(unsafe.Pointer(&in.Subsets)) - return nil -} - -// Convert_core_Endpoints_To_v1_Endpoints is an autogenerated conversion function. -func Convert_core_Endpoints_To_v1_Endpoints(in *core.Endpoints, out *corev1.Endpoints, s conversion.Scope) error { - return autoConvert_core_Endpoints_To_v1_Endpoints(in, out, s) -} - -func autoConvert_v1_EndpointsList_To_core_EndpointsList(in *corev1.EndpointsList, out *core.EndpointsList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.Endpoints)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_EndpointsList_To_core_EndpointsList is an autogenerated conversion function. -func Convert_v1_EndpointsList_To_core_EndpointsList(in *corev1.EndpointsList, out *core.EndpointsList, s conversion.Scope) error { - return autoConvert_v1_EndpointsList_To_core_EndpointsList(in, out, s) -} - -func autoConvert_core_EndpointsList_To_v1_EndpointsList(in *core.EndpointsList, out *corev1.EndpointsList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.Endpoints)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_EndpointsList_To_v1_EndpointsList is an autogenerated conversion function. -func Convert_core_EndpointsList_To_v1_EndpointsList(in *core.EndpointsList, out *corev1.EndpointsList, s conversion.Scope) error { - return autoConvert_core_EndpointsList_To_v1_EndpointsList(in, out, s) -} - -func autoConvert_v1_EnvFromSource_To_core_EnvFromSource(in *corev1.EnvFromSource, out *core.EnvFromSource, s conversion.Scope) error { - out.Prefix = in.Prefix - out.ConfigMapRef = (*core.ConfigMapEnvSource)(unsafe.Pointer(in.ConfigMapRef)) - out.SecretRef = (*core.SecretEnvSource)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_v1_EnvFromSource_To_core_EnvFromSource is an autogenerated conversion function. -func Convert_v1_EnvFromSource_To_core_EnvFromSource(in *corev1.EnvFromSource, out *core.EnvFromSource, s conversion.Scope) error { - return autoConvert_v1_EnvFromSource_To_core_EnvFromSource(in, out, s) -} - -func autoConvert_core_EnvFromSource_To_v1_EnvFromSource(in *core.EnvFromSource, out *corev1.EnvFromSource, s conversion.Scope) error { - out.Prefix = in.Prefix - out.ConfigMapRef = (*corev1.ConfigMapEnvSource)(unsafe.Pointer(in.ConfigMapRef)) - out.SecretRef = (*corev1.SecretEnvSource)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_core_EnvFromSource_To_v1_EnvFromSource is an autogenerated conversion function. -func Convert_core_EnvFromSource_To_v1_EnvFromSource(in *core.EnvFromSource, out *corev1.EnvFromSource, s conversion.Scope) error { - return autoConvert_core_EnvFromSource_To_v1_EnvFromSource(in, out, s) -} - -func autoConvert_v1_EnvVar_To_core_EnvVar(in *corev1.EnvVar, out *core.EnvVar, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - out.ValueFrom = (*core.EnvVarSource)(unsafe.Pointer(in.ValueFrom)) - return nil -} - -// Convert_v1_EnvVar_To_core_EnvVar is an autogenerated conversion function. -func Convert_v1_EnvVar_To_core_EnvVar(in *corev1.EnvVar, out *core.EnvVar, s conversion.Scope) error { - return autoConvert_v1_EnvVar_To_core_EnvVar(in, out, s) -} - -func autoConvert_core_EnvVar_To_v1_EnvVar(in *core.EnvVar, out *corev1.EnvVar, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - out.ValueFrom = (*corev1.EnvVarSource)(unsafe.Pointer(in.ValueFrom)) - return nil -} - -// Convert_core_EnvVar_To_v1_EnvVar is an autogenerated conversion function. -func Convert_core_EnvVar_To_v1_EnvVar(in *core.EnvVar, out *corev1.EnvVar, s conversion.Scope) error { - return autoConvert_core_EnvVar_To_v1_EnvVar(in, out, s) -} - -func autoConvert_v1_EnvVarSource_To_core_EnvVarSource(in *corev1.EnvVarSource, out *core.EnvVarSource, s conversion.Scope) error { - out.FieldRef = (*core.ObjectFieldSelector)(unsafe.Pointer(in.FieldRef)) - out.ResourceFieldRef = (*core.ResourceFieldSelector)(unsafe.Pointer(in.ResourceFieldRef)) - out.ConfigMapKeyRef = (*core.ConfigMapKeySelector)(unsafe.Pointer(in.ConfigMapKeyRef)) - out.SecretKeyRef = (*core.SecretKeySelector)(unsafe.Pointer(in.SecretKeyRef)) - out.FileKeyRef = (*core.FileKeySelector)(unsafe.Pointer(in.FileKeyRef)) - return nil -} - -// Convert_v1_EnvVarSource_To_core_EnvVarSource is an autogenerated conversion function. -func Convert_v1_EnvVarSource_To_core_EnvVarSource(in *corev1.EnvVarSource, out *core.EnvVarSource, s conversion.Scope) error { - return autoConvert_v1_EnvVarSource_To_core_EnvVarSource(in, out, s) -} - -func autoConvert_core_EnvVarSource_To_v1_EnvVarSource(in *core.EnvVarSource, out *corev1.EnvVarSource, s conversion.Scope) error { - out.FieldRef = (*corev1.ObjectFieldSelector)(unsafe.Pointer(in.FieldRef)) - out.ResourceFieldRef = (*corev1.ResourceFieldSelector)(unsafe.Pointer(in.ResourceFieldRef)) - out.ConfigMapKeyRef = (*corev1.ConfigMapKeySelector)(unsafe.Pointer(in.ConfigMapKeyRef)) - out.SecretKeyRef = (*corev1.SecretKeySelector)(unsafe.Pointer(in.SecretKeyRef)) - out.FileKeyRef = (*corev1.FileKeySelector)(unsafe.Pointer(in.FileKeyRef)) - return nil -} - -// Convert_core_EnvVarSource_To_v1_EnvVarSource is an autogenerated conversion function. -func Convert_core_EnvVarSource_To_v1_EnvVarSource(in *core.EnvVarSource, out *corev1.EnvVarSource, s conversion.Scope) error { - return autoConvert_core_EnvVarSource_To_v1_EnvVarSource(in, out, s) -} - -func autoConvert_v1_EphemeralContainer_To_core_EphemeralContainer(in *corev1.EphemeralContainer, out *core.EphemeralContainer, s conversion.Scope) error { - if err := Convert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon(&in.EphemeralContainerCommon, &out.EphemeralContainerCommon, s); err != nil { - return err - } - out.TargetContainerName = in.TargetContainerName - return nil -} - -// Convert_v1_EphemeralContainer_To_core_EphemeralContainer is an autogenerated conversion function. -func Convert_v1_EphemeralContainer_To_core_EphemeralContainer(in *corev1.EphemeralContainer, out *core.EphemeralContainer, s conversion.Scope) error { - return autoConvert_v1_EphemeralContainer_To_core_EphemeralContainer(in, out, s) -} - -func autoConvert_core_EphemeralContainer_To_v1_EphemeralContainer(in *core.EphemeralContainer, out *corev1.EphemeralContainer, s conversion.Scope) error { - if err := Convert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon(&in.EphemeralContainerCommon, &out.EphemeralContainerCommon, s); err != nil { - return err - } - out.TargetContainerName = in.TargetContainerName - return nil -} - -// Convert_core_EphemeralContainer_To_v1_EphemeralContainer is an autogenerated conversion function. -func Convert_core_EphemeralContainer_To_v1_EphemeralContainer(in *core.EphemeralContainer, out *corev1.EphemeralContainer, s conversion.Scope) error { - return autoConvert_core_EphemeralContainer_To_v1_EphemeralContainer(in, out, s) -} - -func autoConvert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon(in *corev1.EphemeralContainerCommon, out *core.EphemeralContainerCommon, s conversion.Scope) error { - out.Name = in.Name - out.Image = in.Image - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - out.Args = *(*[]string)(unsafe.Pointer(&in.Args)) - out.WorkingDir = in.WorkingDir - out.Ports = *(*[]core.ContainerPort)(unsafe.Pointer(&in.Ports)) - out.EnvFrom = *(*[]core.EnvFromSource)(unsafe.Pointer(&in.EnvFrom)) - out.Env = *(*[]core.EnvVar)(unsafe.Pointer(&in.Env)) - if err := Convert_v1_ResourceRequirements_To_core_ResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.ResizePolicy = *(*[]core.ContainerResizePolicy)(unsafe.Pointer(&in.ResizePolicy)) - out.RestartPolicy = (*core.ContainerRestartPolicy)(unsafe.Pointer(in.RestartPolicy)) - out.RestartPolicyRules = *(*[]core.ContainerRestartRule)(unsafe.Pointer(&in.RestartPolicyRules)) - out.VolumeMounts = *(*[]core.VolumeMount)(unsafe.Pointer(&in.VolumeMounts)) - out.VolumeDevices = *(*[]core.VolumeDevice)(unsafe.Pointer(&in.VolumeDevices)) - out.LivenessProbe = (*core.Probe)(unsafe.Pointer(in.LivenessProbe)) - out.ReadinessProbe = (*core.Probe)(unsafe.Pointer(in.ReadinessProbe)) - out.StartupProbe = (*core.Probe)(unsafe.Pointer(in.StartupProbe)) - out.Lifecycle = (*core.Lifecycle)(unsafe.Pointer(in.Lifecycle)) - out.TerminationMessagePath = in.TerminationMessagePath - out.TerminationMessagePolicy = core.TerminationMessagePolicy(in.TerminationMessagePolicy) - out.ImagePullPolicy = core.PullPolicy(in.ImagePullPolicy) - out.SecurityContext = (*core.SecurityContext)(unsafe.Pointer(in.SecurityContext)) - out.Stdin = in.Stdin - out.StdinOnce = in.StdinOnce - out.TTY = in.TTY - return nil -} - -// Convert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon is an autogenerated conversion function. -func Convert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon(in *corev1.EphemeralContainerCommon, out *core.EphemeralContainerCommon, s conversion.Scope) error { - return autoConvert_v1_EphemeralContainerCommon_To_core_EphemeralContainerCommon(in, out, s) -} - -func autoConvert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon(in *core.EphemeralContainerCommon, out *corev1.EphemeralContainerCommon, s conversion.Scope) error { - out.Name = in.Name - out.Image = in.Image - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - out.Args = *(*[]string)(unsafe.Pointer(&in.Args)) - out.WorkingDir = in.WorkingDir - out.Ports = *(*[]corev1.ContainerPort)(unsafe.Pointer(&in.Ports)) - out.EnvFrom = *(*[]corev1.EnvFromSource)(unsafe.Pointer(&in.EnvFrom)) - out.Env = *(*[]corev1.EnvVar)(unsafe.Pointer(&in.Env)) - if err := Convert_core_ResourceRequirements_To_v1_ResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.ResizePolicy = *(*[]corev1.ContainerResizePolicy)(unsafe.Pointer(&in.ResizePolicy)) - out.RestartPolicy = (*corev1.ContainerRestartPolicy)(unsafe.Pointer(in.RestartPolicy)) - out.RestartPolicyRules = *(*[]corev1.ContainerRestartRule)(unsafe.Pointer(&in.RestartPolicyRules)) - out.VolumeMounts = *(*[]corev1.VolumeMount)(unsafe.Pointer(&in.VolumeMounts)) - out.VolumeDevices = *(*[]corev1.VolumeDevice)(unsafe.Pointer(&in.VolumeDevices)) - out.LivenessProbe = (*corev1.Probe)(unsafe.Pointer(in.LivenessProbe)) - out.ReadinessProbe = (*corev1.Probe)(unsafe.Pointer(in.ReadinessProbe)) - out.StartupProbe = (*corev1.Probe)(unsafe.Pointer(in.StartupProbe)) - out.Lifecycle = (*corev1.Lifecycle)(unsafe.Pointer(in.Lifecycle)) - out.TerminationMessagePath = in.TerminationMessagePath - out.TerminationMessagePolicy = corev1.TerminationMessagePolicy(in.TerminationMessagePolicy) - out.ImagePullPolicy = corev1.PullPolicy(in.ImagePullPolicy) - out.SecurityContext = (*corev1.SecurityContext)(unsafe.Pointer(in.SecurityContext)) - out.Stdin = in.Stdin - out.StdinOnce = in.StdinOnce - out.TTY = in.TTY - return nil -} - -// Convert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon is an autogenerated conversion function. -func Convert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon(in *core.EphemeralContainerCommon, out *corev1.EphemeralContainerCommon, s conversion.Scope) error { - return autoConvert_core_EphemeralContainerCommon_To_v1_EphemeralContainerCommon(in, out, s) -} - -func autoConvert_v1_EphemeralVolumeSource_To_core_EphemeralVolumeSource(in *corev1.EphemeralVolumeSource, out *core.EphemeralVolumeSource, s conversion.Scope) error { - out.VolumeClaimTemplate = (*core.PersistentVolumeClaimTemplate)(unsafe.Pointer(in.VolumeClaimTemplate)) - return nil -} - -// Convert_v1_EphemeralVolumeSource_To_core_EphemeralVolumeSource is an autogenerated conversion function. -func Convert_v1_EphemeralVolumeSource_To_core_EphemeralVolumeSource(in *corev1.EphemeralVolumeSource, out *core.EphemeralVolumeSource, s conversion.Scope) error { - return autoConvert_v1_EphemeralVolumeSource_To_core_EphemeralVolumeSource(in, out, s) -} - -func autoConvert_core_EphemeralVolumeSource_To_v1_EphemeralVolumeSource(in *core.EphemeralVolumeSource, out *corev1.EphemeralVolumeSource, s conversion.Scope) error { - out.VolumeClaimTemplate = (*corev1.PersistentVolumeClaimTemplate)(unsafe.Pointer(in.VolumeClaimTemplate)) - return nil -} - -// Convert_core_EphemeralVolumeSource_To_v1_EphemeralVolumeSource is an autogenerated conversion function. -func Convert_core_EphemeralVolumeSource_To_v1_EphemeralVolumeSource(in *core.EphemeralVolumeSource, out *corev1.EphemeralVolumeSource, s conversion.Scope) error { - return autoConvert_core_EphemeralVolumeSource_To_v1_EphemeralVolumeSource(in, out, s) -} - -func autoConvert_v1_Event_To_core_Event(in *corev1.Event, out *core.Event, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ObjectReference_To_core_ObjectReference(&in.InvolvedObject, &out.InvolvedObject, s); err != nil { - return err - } - out.Reason = in.Reason - out.Message = in.Message - if err := Convert_v1_EventSource_To_core_EventSource(&in.Source, &out.Source, s); err != nil { - return err - } - out.FirstTimestamp = in.FirstTimestamp - out.LastTimestamp = in.LastTimestamp - out.Count = in.Count - out.Type = in.Type - out.EventTime = in.EventTime - out.Series = (*core.EventSeries)(unsafe.Pointer(in.Series)) - out.Action = in.Action - out.Related = (*core.ObjectReference)(unsafe.Pointer(in.Related)) - out.ReportingController = in.ReportingController - out.ReportingInstance = in.ReportingInstance - return nil -} - -// Convert_v1_Event_To_core_Event is an autogenerated conversion function. -func Convert_v1_Event_To_core_Event(in *corev1.Event, out *core.Event, s conversion.Scope) error { - return autoConvert_v1_Event_To_core_Event(in, out, s) -} - -func autoConvert_core_Event_To_v1_Event(in *core.Event, out *corev1.Event, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_ObjectReference_To_v1_ObjectReference(&in.InvolvedObject, &out.InvolvedObject, s); err != nil { - return err - } - out.Reason = in.Reason - out.Message = in.Message - if err := Convert_core_EventSource_To_v1_EventSource(&in.Source, &out.Source, s); err != nil { - return err - } - out.FirstTimestamp = in.FirstTimestamp - out.LastTimestamp = in.LastTimestamp - out.Count = in.Count - out.Type = in.Type - out.EventTime = in.EventTime - out.Series = (*corev1.EventSeries)(unsafe.Pointer(in.Series)) - out.Action = in.Action - out.Related = (*corev1.ObjectReference)(unsafe.Pointer(in.Related)) - out.ReportingController = in.ReportingController - out.ReportingInstance = in.ReportingInstance - return nil -} - -// Convert_core_Event_To_v1_Event is an autogenerated conversion function. -func Convert_core_Event_To_v1_Event(in *core.Event, out *corev1.Event, s conversion.Scope) error { - return autoConvert_core_Event_To_v1_Event(in, out, s) -} - -func autoConvert_v1_EventList_To_core_EventList(in *corev1.EventList, out *core.EventList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.Event)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_EventList_To_core_EventList is an autogenerated conversion function. -func Convert_v1_EventList_To_core_EventList(in *corev1.EventList, out *core.EventList, s conversion.Scope) error { - return autoConvert_v1_EventList_To_core_EventList(in, out, s) -} - -func autoConvert_core_EventList_To_v1_EventList(in *core.EventList, out *corev1.EventList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.Event)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_EventList_To_v1_EventList is an autogenerated conversion function. -func Convert_core_EventList_To_v1_EventList(in *core.EventList, out *corev1.EventList, s conversion.Scope) error { - return autoConvert_core_EventList_To_v1_EventList(in, out, s) -} - -func autoConvert_v1_EventSeries_To_core_EventSeries(in *corev1.EventSeries, out *core.EventSeries, s conversion.Scope) error { - out.Count = in.Count - out.LastObservedTime = in.LastObservedTime - return nil -} - -// Convert_v1_EventSeries_To_core_EventSeries is an autogenerated conversion function. -func Convert_v1_EventSeries_To_core_EventSeries(in *corev1.EventSeries, out *core.EventSeries, s conversion.Scope) error { - return autoConvert_v1_EventSeries_To_core_EventSeries(in, out, s) -} - -func autoConvert_core_EventSeries_To_v1_EventSeries(in *core.EventSeries, out *corev1.EventSeries, s conversion.Scope) error { - out.Count = in.Count - out.LastObservedTime = in.LastObservedTime - return nil -} - -// Convert_core_EventSeries_To_v1_EventSeries is an autogenerated conversion function. -func Convert_core_EventSeries_To_v1_EventSeries(in *core.EventSeries, out *corev1.EventSeries, s conversion.Scope) error { - return autoConvert_core_EventSeries_To_v1_EventSeries(in, out, s) -} - -func autoConvert_v1_EventSource_To_core_EventSource(in *corev1.EventSource, out *core.EventSource, s conversion.Scope) error { - out.Component = in.Component - out.Host = in.Host - return nil -} - -// Convert_v1_EventSource_To_core_EventSource is an autogenerated conversion function. -func Convert_v1_EventSource_To_core_EventSource(in *corev1.EventSource, out *core.EventSource, s conversion.Scope) error { - return autoConvert_v1_EventSource_To_core_EventSource(in, out, s) -} - -func autoConvert_core_EventSource_To_v1_EventSource(in *core.EventSource, out *corev1.EventSource, s conversion.Scope) error { - out.Component = in.Component - out.Host = in.Host - return nil -} - -// Convert_core_EventSource_To_v1_EventSource is an autogenerated conversion function. -func Convert_core_EventSource_To_v1_EventSource(in *core.EventSource, out *corev1.EventSource, s conversion.Scope) error { - return autoConvert_core_EventSource_To_v1_EventSource(in, out, s) -} - -func autoConvert_v1_ExecAction_To_core_ExecAction(in *corev1.ExecAction, out *core.ExecAction, s conversion.Scope) error { - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - return nil -} - -// Convert_v1_ExecAction_To_core_ExecAction is an autogenerated conversion function. -func Convert_v1_ExecAction_To_core_ExecAction(in *corev1.ExecAction, out *core.ExecAction, s conversion.Scope) error { - return autoConvert_v1_ExecAction_To_core_ExecAction(in, out, s) -} - -func autoConvert_core_ExecAction_To_v1_ExecAction(in *core.ExecAction, out *corev1.ExecAction, s conversion.Scope) error { - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - return nil -} - -// Convert_core_ExecAction_To_v1_ExecAction is an autogenerated conversion function. -func Convert_core_ExecAction_To_v1_ExecAction(in *core.ExecAction, out *corev1.ExecAction, s conversion.Scope) error { - return autoConvert_core_ExecAction_To_v1_ExecAction(in, out, s) -} - -func autoConvert_v1_FCVolumeSource_To_core_FCVolumeSource(in *corev1.FCVolumeSource, out *core.FCVolumeSource, s conversion.Scope) error { - out.TargetWWNs = *(*[]string)(unsafe.Pointer(&in.TargetWWNs)) - out.Lun = (*int32)(unsafe.Pointer(in.Lun)) - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.WWIDs = *(*[]string)(unsafe.Pointer(&in.WWIDs)) - return nil -} - -// Convert_v1_FCVolumeSource_To_core_FCVolumeSource is an autogenerated conversion function. -func Convert_v1_FCVolumeSource_To_core_FCVolumeSource(in *corev1.FCVolumeSource, out *core.FCVolumeSource, s conversion.Scope) error { - return autoConvert_v1_FCVolumeSource_To_core_FCVolumeSource(in, out, s) -} - -func autoConvert_core_FCVolumeSource_To_v1_FCVolumeSource(in *core.FCVolumeSource, out *corev1.FCVolumeSource, s conversion.Scope) error { - out.TargetWWNs = *(*[]string)(unsafe.Pointer(&in.TargetWWNs)) - out.Lun = (*int32)(unsafe.Pointer(in.Lun)) - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.WWIDs = *(*[]string)(unsafe.Pointer(&in.WWIDs)) - return nil -} - -// Convert_core_FCVolumeSource_To_v1_FCVolumeSource is an autogenerated conversion function. -func Convert_core_FCVolumeSource_To_v1_FCVolumeSource(in *core.FCVolumeSource, out *corev1.FCVolumeSource, s conversion.Scope) error { - return autoConvert_core_FCVolumeSource_To_v1_FCVolumeSource(in, out, s) -} - -func autoConvert_v1_FileKeySelector_To_core_FileKeySelector(in *corev1.FileKeySelector, out *core.FileKeySelector, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.Path = in.Path - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_FileKeySelector_To_core_FileKeySelector is an autogenerated conversion function. -func Convert_v1_FileKeySelector_To_core_FileKeySelector(in *corev1.FileKeySelector, out *core.FileKeySelector, s conversion.Scope) error { - return autoConvert_v1_FileKeySelector_To_core_FileKeySelector(in, out, s) -} - -func autoConvert_core_FileKeySelector_To_v1_FileKeySelector(in *core.FileKeySelector, out *corev1.FileKeySelector, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.Path = in.Path - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_FileKeySelector_To_v1_FileKeySelector is an autogenerated conversion function. -func Convert_core_FileKeySelector_To_v1_FileKeySelector(in *core.FileKeySelector, out *corev1.FileKeySelector, s conversion.Scope) error { - return autoConvert_core_FileKeySelector_To_v1_FileKeySelector(in, out, s) -} - -func autoConvert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in *corev1.FlexPersistentVolumeSource, out *core.FlexPersistentVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.FSType = in.FSType - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in *corev1.FlexPersistentVolumeSource, out *core.FlexPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in *core.FlexPersistentVolumeSource, out *corev1.FlexPersistentVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.FSType = in.FSType - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in *core.FlexPersistentVolumeSource, out *corev1.FlexPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_FlexVolumeSource_To_core_FlexVolumeSource(in *corev1.FlexVolumeSource, out *core.FlexVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.FSType = in.FSType - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_v1_FlexVolumeSource_To_core_FlexVolumeSource is an autogenerated conversion function. -func Convert_v1_FlexVolumeSource_To_core_FlexVolumeSource(in *corev1.FlexVolumeSource, out *core.FlexVolumeSource, s conversion.Scope) error { - return autoConvert_v1_FlexVolumeSource_To_core_FlexVolumeSource(in, out, s) -} - -func autoConvert_core_FlexVolumeSource_To_v1_FlexVolumeSource(in *core.FlexVolumeSource, out *corev1.FlexVolumeSource, s conversion.Scope) error { - out.Driver = in.Driver - out.FSType = in.FSType - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_core_FlexVolumeSource_To_v1_FlexVolumeSource is an autogenerated conversion function. -func Convert_core_FlexVolumeSource_To_v1_FlexVolumeSource(in *core.FlexVolumeSource, out *corev1.FlexVolumeSource, s conversion.Scope) error { - return autoConvert_core_FlexVolumeSource_To_v1_FlexVolumeSource(in, out, s) -} - -func autoConvert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource(in *corev1.FlockerVolumeSource, out *core.FlockerVolumeSource, s conversion.Scope) error { - out.DatasetName = in.DatasetName - out.DatasetUUID = in.DatasetUUID - return nil -} - -// Convert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource is an autogenerated conversion function. -func Convert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource(in *corev1.FlockerVolumeSource, out *core.FlockerVolumeSource, s conversion.Scope) error { - return autoConvert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource(in, out, s) -} - -func autoConvert_core_FlockerVolumeSource_To_v1_FlockerVolumeSource(in *core.FlockerVolumeSource, out *corev1.FlockerVolumeSource, s conversion.Scope) error { - out.DatasetName = in.DatasetName - out.DatasetUUID = in.DatasetUUID - return nil -} - -// Convert_core_FlockerVolumeSource_To_v1_FlockerVolumeSource is an autogenerated conversion function. -func Convert_core_FlockerVolumeSource_To_v1_FlockerVolumeSource(in *core.FlockerVolumeSource, out *corev1.FlockerVolumeSource, s conversion.Scope) error { - return autoConvert_core_FlockerVolumeSource_To_v1_FlockerVolumeSource(in, out, s) -} - -func autoConvert_v1_GCEPersistentDiskVolumeSource_To_core_GCEPersistentDiskVolumeSource(in *corev1.GCEPersistentDiskVolumeSource, out *core.GCEPersistentDiskVolumeSource, s conversion.Scope) error { - out.PDName = in.PDName - out.FSType = in.FSType - out.Partition = in.Partition - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_GCEPersistentDiskVolumeSource_To_core_GCEPersistentDiskVolumeSource is an autogenerated conversion function. -func Convert_v1_GCEPersistentDiskVolumeSource_To_core_GCEPersistentDiskVolumeSource(in *corev1.GCEPersistentDiskVolumeSource, out *core.GCEPersistentDiskVolumeSource, s conversion.Scope) error { - return autoConvert_v1_GCEPersistentDiskVolumeSource_To_core_GCEPersistentDiskVolumeSource(in, out, s) -} - -func autoConvert_core_GCEPersistentDiskVolumeSource_To_v1_GCEPersistentDiskVolumeSource(in *core.GCEPersistentDiskVolumeSource, out *corev1.GCEPersistentDiskVolumeSource, s conversion.Scope) error { - out.PDName = in.PDName - out.FSType = in.FSType - out.Partition = in.Partition - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_GCEPersistentDiskVolumeSource_To_v1_GCEPersistentDiskVolumeSource is an autogenerated conversion function. -func Convert_core_GCEPersistentDiskVolumeSource_To_v1_GCEPersistentDiskVolumeSource(in *core.GCEPersistentDiskVolumeSource, out *corev1.GCEPersistentDiskVolumeSource, s conversion.Scope) error { - return autoConvert_core_GCEPersistentDiskVolumeSource_To_v1_GCEPersistentDiskVolumeSource(in, out, s) -} - -func autoConvert_v1_GRPCAction_To_core_GRPCAction(in *corev1.GRPCAction, out *core.GRPCAction, s conversion.Scope) error { - out.Port = in.Port - out.Service = (*string)(unsafe.Pointer(in.Service)) - return nil -} - -// Convert_v1_GRPCAction_To_core_GRPCAction is an autogenerated conversion function. -func Convert_v1_GRPCAction_To_core_GRPCAction(in *corev1.GRPCAction, out *core.GRPCAction, s conversion.Scope) error { - return autoConvert_v1_GRPCAction_To_core_GRPCAction(in, out, s) -} - -func autoConvert_core_GRPCAction_To_v1_GRPCAction(in *core.GRPCAction, out *corev1.GRPCAction, s conversion.Scope) error { - out.Port = in.Port - out.Service = (*string)(unsafe.Pointer(in.Service)) - return nil -} - -// Convert_core_GRPCAction_To_v1_GRPCAction is an autogenerated conversion function. -func Convert_core_GRPCAction_To_v1_GRPCAction(in *core.GRPCAction, out *corev1.GRPCAction, s conversion.Scope) error { - return autoConvert_core_GRPCAction_To_v1_GRPCAction(in, out, s) -} - -func autoConvert_v1_GitRepoVolumeSource_To_core_GitRepoVolumeSource(in *corev1.GitRepoVolumeSource, out *core.GitRepoVolumeSource, s conversion.Scope) error { - out.Repository = in.Repository - out.Revision = in.Revision - out.Directory = in.Directory - return nil -} - -// Convert_v1_GitRepoVolumeSource_To_core_GitRepoVolumeSource is an autogenerated conversion function. -func Convert_v1_GitRepoVolumeSource_To_core_GitRepoVolumeSource(in *corev1.GitRepoVolumeSource, out *core.GitRepoVolumeSource, s conversion.Scope) error { - return autoConvert_v1_GitRepoVolumeSource_To_core_GitRepoVolumeSource(in, out, s) -} - -func autoConvert_core_GitRepoVolumeSource_To_v1_GitRepoVolumeSource(in *core.GitRepoVolumeSource, out *corev1.GitRepoVolumeSource, s conversion.Scope) error { - out.Repository = in.Repository - out.Revision = in.Revision - out.Directory = in.Directory - return nil -} - -// Convert_core_GitRepoVolumeSource_To_v1_GitRepoVolumeSource is an autogenerated conversion function. -func Convert_core_GitRepoVolumeSource_To_v1_GitRepoVolumeSource(in *core.GitRepoVolumeSource, out *corev1.GitRepoVolumeSource, s conversion.Scope) error { - return autoConvert_core_GitRepoVolumeSource_To_v1_GitRepoVolumeSource(in, out, s) -} - -func autoConvert_v1_GlusterfsPersistentVolumeSource_To_core_GlusterfsPersistentVolumeSource(in *corev1.GlusterfsPersistentVolumeSource, out *core.GlusterfsPersistentVolumeSource, s conversion.Scope) error { - out.EndpointsName = in.EndpointsName - out.Path = in.Path - out.ReadOnly = in.ReadOnly - out.EndpointsNamespace = (*string)(unsafe.Pointer(in.EndpointsNamespace)) - return nil -} - -// Convert_v1_GlusterfsPersistentVolumeSource_To_core_GlusterfsPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_GlusterfsPersistentVolumeSource_To_core_GlusterfsPersistentVolumeSource(in *corev1.GlusterfsPersistentVolumeSource, out *core.GlusterfsPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_GlusterfsPersistentVolumeSource_To_core_GlusterfsPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_GlusterfsPersistentVolumeSource_To_v1_GlusterfsPersistentVolumeSource(in *core.GlusterfsPersistentVolumeSource, out *corev1.GlusterfsPersistentVolumeSource, s conversion.Scope) error { - out.EndpointsName = in.EndpointsName - out.Path = in.Path - out.ReadOnly = in.ReadOnly - out.EndpointsNamespace = (*string)(unsafe.Pointer(in.EndpointsNamespace)) - return nil -} - -// Convert_core_GlusterfsPersistentVolumeSource_To_v1_GlusterfsPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_GlusterfsPersistentVolumeSource_To_v1_GlusterfsPersistentVolumeSource(in *core.GlusterfsPersistentVolumeSource, out *corev1.GlusterfsPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_GlusterfsPersistentVolumeSource_To_v1_GlusterfsPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_GlusterfsVolumeSource_To_core_GlusterfsVolumeSource(in *corev1.GlusterfsVolumeSource, out *core.GlusterfsVolumeSource, s conversion.Scope) error { - out.EndpointsName = in.EndpointsName - out.Path = in.Path - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_GlusterfsVolumeSource_To_core_GlusterfsVolumeSource is an autogenerated conversion function. -func Convert_v1_GlusterfsVolumeSource_To_core_GlusterfsVolumeSource(in *corev1.GlusterfsVolumeSource, out *core.GlusterfsVolumeSource, s conversion.Scope) error { - return autoConvert_v1_GlusterfsVolumeSource_To_core_GlusterfsVolumeSource(in, out, s) -} - -func autoConvert_core_GlusterfsVolumeSource_To_v1_GlusterfsVolumeSource(in *core.GlusterfsVolumeSource, out *corev1.GlusterfsVolumeSource, s conversion.Scope) error { - out.EndpointsName = in.EndpointsName - out.Path = in.Path - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_GlusterfsVolumeSource_To_v1_GlusterfsVolumeSource is an autogenerated conversion function. -func Convert_core_GlusterfsVolumeSource_To_v1_GlusterfsVolumeSource(in *core.GlusterfsVolumeSource, out *corev1.GlusterfsVolumeSource, s conversion.Scope) error { - return autoConvert_core_GlusterfsVolumeSource_To_v1_GlusterfsVolumeSource(in, out, s) -} - -func autoConvert_v1_HTTPGetAction_To_core_HTTPGetAction(in *corev1.HTTPGetAction, out *core.HTTPGetAction, s conversion.Scope) error { - out.Path = in.Path - out.Port = in.Port - out.Host = in.Host - out.Scheme = core.URIScheme(in.Scheme) - out.HTTPHeaders = *(*[]core.HTTPHeader)(unsafe.Pointer(&in.HTTPHeaders)) - return nil -} - -// Convert_v1_HTTPGetAction_To_core_HTTPGetAction is an autogenerated conversion function. -func Convert_v1_HTTPGetAction_To_core_HTTPGetAction(in *corev1.HTTPGetAction, out *core.HTTPGetAction, s conversion.Scope) error { - return autoConvert_v1_HTTPGetAction_To_core_HTTPGetAction(in, out, s) -} - -func autoConvert_core_HTTPGetAction_To_v1_HTTPGetAction(in *core.HTTPGetAction, out *corev1.HTTPGetAction, s conversion.Scope) error { - out.Path = in.Path - out.Port = in.Port - out.Host = in.Host - out.Scheme = corev1.URIScheme(in.Scheme) - out.HTTPHeaders = *(*[]corev1.HTTPHeader)(unsafe.Pointer(&in.HTTPHeaders)) - return nil -} - -// Convert_core_HTTPGetAction_To_v1_HTTPGetAction is an autogenerated conversion function. -func Convert_core_HTTPGetAction_To_v1_HTTPGetAction(in *core.HTTPGetAction, out *corev1.HTTPGetAction, s conversion.Scope) error { - return autoConvert_core_HTTPGetAction_To_v1_HTTPGetAction(in, out, s) -} - -func autoConvert_v1_HTTPHeader_To_core_HTTPHeader(in *corev1.HTTPHeader, out *core.HTTPHeader, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - return nil -} - -// Convert_v1_HTTPHeader_To_core_HTTPHeader is an autogenerated conversion function. -func Convert_v1_HTTPHeader_To_core_HTTPHeader(in *corev1.HTTPHeader, out *core.HTTPHeader, s conversion.Scope) error { - return autoConvert_v1_HTTPHeader_To_core_HTTPHeader(in, out, s) -} - -func autoConvert_core_HTTPHeader_To_v1_HTTPHeader(in *core.HTTPHeader, out *corev1.HTTPHeader, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - return nil -} - -// Convert_core_HTTPHeader_To_v1_HTTPHeader is an autogenerated conversion function. -func Convert_core_HTTPHeader_To_v1_HTTPHeader(in *core.HTTPHeader, out *corev1.HTTPHeader, s conversion.Scope) error { - return autoConvert_core_HTTPHeader_To_v1_HTTPHeader(in, out, s) -} - -func autoConvert_v1_HostAlias_To_core_HostAlias(in *corev1.HostAlias, out *core.HostAlias, s conversion.Scope) error { - out.IP = in.IP - out.Hostnames = *(*[]string)(unsafe.Pointer(&in.Hostnames)) - return nil -} - -// Convert_v1_HostAlias_To_core_HostAlias is an autogenerated conversion function. -func Convert_v1_HostAlias_To_core_HostAlias(in *corev1.HostAlias, out *core.HostAlias, s conversion.Scope) error { - return autoConvert_v1_HostAlias_To_core_HostAlias(in, out, s) -} - -func autoConvert_core_HostAlias_To_v1_HostAlias(in *core.HostAlias, out *corev1.HostAlias, s conversion.Scope) error { - out.IP = in.IP - out.Hostnames = *(*[]string)(unsafe.Pointer(&in.Hostnames)) - return nil -} - -// Convert_core_HostAlias_To_v1_HostAlias is an autogenerated conversion function. -func Convert_core_HostAlias_To_v1_HostAlias(in *core.HostAlias, out *corev1.HostAlias, s conversion.Scope) error { - return autoConvert_core_HostAlias_To_v1_HostAlias(in, out, s) -} - -func autoConvert_v1_HostIP_To_core_HostIP(in *corev1.HostIP, out *core.HostIP, s conversion.Scope) error { - out.IP = in.IP - return nil -} - -// Convert_v1_HostIP_To_core_HostIP is an autogenerated conversion function. -func Convert_v1_HostIP_To_core_HostIP(in *corev1.HostIP, out *core.HostIP, s conversion.Scope) error { - return autoConvert_v1_HostIP_To_core_HostIP(in, out, s) -} - -func autoConvert_core_HostIP_To_v1_HostIP(in *core.HostIP, out *corev1.HostIP, s conversion.Scope) error { - out.IP = in.IP - return nil -} - -// Convert_core_HostIP_To_v1_HostIP is an autogenerated conversion function. -func Convert_core_HostIP_To_v1_HostIP(in *core.HostIP, out *corev1.HostIP, s conversion.Scope) error { - return autoConvert_core_HostIP_To_v1_HostIP(in, out, s) -} - -func autoConvert_v1_HostPathVolumeSource_To_core_HostPathVolumeSource(in *corev1.HostPathVolumeSource, out *core.HostPathVolumeSource, s conversion.Scope) error { - out.Path = in.Path - out.Type = (*core.HostPathType)(unsafe.Pointer(in.Type)) - return nil -} - -// Convert_v1_HostPathVolumeSource_To_core_HostPathVolumeSource is an autogenerated conversion function. -func Convert_v1_HostPathVolumeSource_To_core_HostPathVolumeSource(in *corev1.HostPathVolumeSource, out *core.HostPathVolumeSource, s conversion.Scope) error { - return autoConvert_v1_HostPathVolumeSource_To_core_HostPathVolumeSource(in, out, s) -} - -func autoConvert_core_HostPathVolumeSource_To_v1_HostPathVolumeSource(in *core.HostPathVolumeSource, out *corev1.HostPathVolumeSource, s conversion.Scope) error { - out.Path = in.Path - out.Type = (*corev1.HostPathType)(unsafe.Pointer(in.Type)) - return nil -} - -// Convert_core_HostPathVolumeSource_To_v1_HostPathVolumeSource is an autogenerated conversion function. -func Convert_core_HostPathVolumeSource_To_v1_HostPathVolumeSource(in *core.HostPathVolumeSource, out *corev1.HostPathVolumeSource, s conversion.Scope) error { - return autoConvert_core_HostPathVolumeSource_To_v1_HostPathVolumeSource(in, out, s) -} - -func autoConvert_v1_ISCSIPersistentVolumeSource_To_core_ISCSIPersistentVolumeSource(in *corev1.ISCSIPersistentVolumeSource, out *core.ISCSIPersistentVolumeSource, s conversion.Scope) error { - out.TargetPortal = in.TargetPortal - out.IQN = in.IQN - out.Lun = in.Lun - out.ISCSIInterface = in.ISCSIInterface - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) - out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth - out.SessionCHAPAuth = in.SessionCHAPAuth - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.InitiatorName = (*string)(unsafe.Pointer(in.InitiatorName)) - return nil -} - -// Convert_v1_ISCSIPersistentVolumeSource_To_core_ISCSIPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_ISCSIPersistentVolumeSource_To_core_ISCSIPersistentVolumeSource(in *corev1.ISCSIPersistentVolumeSource, out *core.ISCSIPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ISCSIPersistentVolumeSource_To_core_ISCSIPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_ISCSIPersistentVolumeSource_To_v1_ISCSIPersistentVolumeSource(in *core.ISCSIPersistentVolumeSource, out *corev1.ISCSIPersistentVolumeSource, s conversion.Scope) error { - out.TargetPortal = in.TargetPortal - out.IQN = in.IQN - out.Lun = in.Lun - out.ISCSIInterface = in.ISCSIInterface - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) - out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth - out.SessionCHAPAuth = in.SessionCHAPAuth - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.InitiatorName = (*string)(unsafe.Pointer(in.InitiatorName)) - return nil -} - -// Convert_core_ISCSIPersistentVolumeSource_To_v1_ISCSIPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_ISCSIPersistentVolumeSource_To_v1_ISCSIPersistentVolumeSource(in *core.ISCSIPersistentVolumeSource, out *corev1.ISCSIPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_ISCSIPersistentVolumeSource_To_v1_ISCSIPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_ISCSIVolumeSource_To_core_ISCSIVolumeSource(in *corev1.ISCSIVolumeSource, out *core.ISCSIVolumeSource, s conversion.Scope) error { - out.TargetPortal = in.TargetPortal - out.IQN = in.IQN - out.Lun = in.Lun - out.ISCSIInterface = in.ISCSIInterface - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) - out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth - out.SessionCHAPAuth = in.SessionCHAPAuth - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.InitiatorName = (*string)(unsafe.Pointer(in.InitiatorName)) - return nil -} - -// Convert_v1_ISCSIVolumeSource_To_core_ISCSIVolumeSource is an autogenerated conversion function. -func Convert_v1_ISCSIVolumeSource_To_core_ISCSIVolumeSource(in *corev1.ISCSIVolumeSource, out *core.ISCSIVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ISCSIVolumeSource_To_core_ISCSIVolumeSource(in, out, s) -} - -func autoConvert_core_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in *core.ISCSIVolumeSource, out *corev1.ISCSIVolumeSource, s conversion.Scope) error { - out.TargetPortal = in.TargetPortal - out.IQN = in.IQN - out.Lun = in.Lun - out.ISCSIInterface = in.ISCSIInterface - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) - out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth - out.SessionCHAPAuth = in.SessionCHAPAuth - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.InitiatorName = (*string)(unsafe.Pointer(in.InitiatorName)) - return nil -} - -// Convert_core_ISCSIVolumeSource_To_v1_ISCSIVolumeSource is an autogenerated conversion function. -func Convert_core_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in *core.ISCSIVolumeSource, out *corev1.ISCSIVolumeSource, s conversion.Scope) error { - return autoConvert_core_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in, out, s) -} - -func autoConvert_v1_ImageVolumeSource_To_core_ImageVolumeSource(in *corev1.ImageVolumeSource, out *core.ImageVolumeSource, s conversion.Scope) error { - out.Reference = in.Reference - out.PullPolicy = core.PullPolicy(in.PullPolicy) - return nil -} - -// Convert_v1_ImageVolumeSource_To_core_ImageVolumeSource is an autogenerated conversion function. -func Convert_v1_ImageVolumeSource_To_core_ImageVolumeSource(in *corev1.ImageVolumeSource, out *core.ImageVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ImageVolumeSource_To_core_ImageVolumeSource(in, out, s) -} - -func autoConvert_core_ImageVolumeSource_To_v1_ImageVolumeSource(in *core.ImageVolumeSource, out *corev1.ImageVolumeSource, s conversion.Scope) error { - out.Reference = in.Reference - out.PullPolicy = corev1.PullPolicy(in.PullPolicy) - return nil -} - -// Convert_core_ImageVolumeSource_To_v1_ImageVolumeSource is an autogenerated conversion function. -func Convert_core_ImageVolumeSource_To_v1_ImageVolumeSource(in *core.ImageVolumeSource, out *corev1.ImageVolumeSource, s conversion.Scope) error { - return autoConvert_core_ImageVolumeSource_To_v1_ImageVolumeSource(in, out, s) -} - -func autoConvert_v1_KeyToPath_To_core_KeyToPath(in *corev1.KeyToPath, out *core.KeyToPath, s conversion.Scope) error { - out.Key = in.Key - out.Path = in.Path - out.Mode = (*int32)(unsafe.Pointer(in.Mode)) - return nil -} - -// Convert_v1_KeyToPath_To_core_KeyToPath is an autogenerated conversion function. -func Convert_v1_KeyToPath_To_core_KeyToPath(in *corev1.KeyToPath, out *core.KeyToPath, s conversion.Scope) error { - return autoConvert_v1_KeyToPath_To_core_KeyToPath(in, out, s) -} - -func autoConvert_core_KeyToPath_To_v1_KeyToPath(in *core.KeyToPath, out *corev1.KeyToPath, s conversion.Scope) error { - out.Key = in.Key - out.Path = in.Path - out.Mode = (*int32)(unsafe.Pointer(in.Mode)) - return nil -} - -// Convert_core_KeyToPath_To_v1_KeyToPath is an autogenerated conversion function. -func Convert_core_KeyToPath_To_v1_KeyToPath(in *core.KeyToPath, out *corev1.KeyToPath, s conversion.Scope) error { - return autoConvert_core_KeyToPath_To_v1_KeyToPath(in, out, s) -} - -func autoConvert_v1_Lifecycle_To_core_Lifecycle(in *corev1.Lifecycle, out *core.Lifecycle, s conversion.Scope) error { - out.PostStart = (*core.LifecycleHandler)(unsafe.Pointer(in.PostStart)) - out.PreStop = (*core.LifecycleHandler)(unsafe.Pointer(in.PreStop)) - out.StopSignal = (*core.Signal)(unsafe.Pointer(in.StopSignal)) - return nil -} - -// Convert_v1_Lifecycle_To_core_Lifecycle is an autogenerated conversion function. -func Convert_v1_Lifecycle_To_core_Lifecycle(in *corev1.Lifecycle, out *core.Lifecycle, s conversion.Scope) error { - return autoConvert_v1_Lifecycle_To_core_Lifecycle(in, out, s) -} - -func autoConvert_core_Lifecycle_To_v1_Lifecycle(in *core.Lifecycle, out *corev1.Lifecycle, s conversion.Scope) error { - out.PostStart = (*corev1.LifecycleHandler)(unsafe.Pointer(in.PostStart)) - out.PreStop = (*corev1.LifecycleHandler)(unsafe.Pointer(in.PreStop)) - out.StopSignal = (*corev1.Signal)(unsafe.Pointer(in.StopSignal)) - return nil -} - -// Convert_core_Lifecycle_To_v1_Lifecycle is an autogenerated conversion function. -func Convert_core_Lifecycle_To_v1_Lifecycle(in *core.Lifecycle, out *corev1.Lifecycle, s conversion.Scope) error { - return autoConvert_core_Lifecycle_To_v1_Lifecycle(in, out, s) -} - -func autoConvert_v1_LifecycleHandler_To_core_LifecycleHandler(in *corev1.LifecycleHandler, out *core.LifecycleHandler, s conversion.Scope) error { - out.Exec = (*core.ExecAction)(unsafe.Pointer(in.Exec)) - out.HTTPGet = (*core.HTTPGetAction)(unsafe.Pointer(in.HTTPGet)) - out.TCPSocket = (*core.TCPSocketAction)(unsafe.Pointer(in.TCPSocket)) - out.Sleep = (*core.SleepAction)(unsafe.Pointer(in.Sleep)) - return nil -} - -// Convert_v1_LifecycleHandler_To_core_LifecycleHandler is an autogenerated conversion function. -func Convert_v1_LifecycleHandler_To_core_LifecycleHandler(in *corev1.LifecycleHandler, out *core.LifecycleHandler, s conversion.Scope) error { - return autoConvert_v1_LifecycleHandler_To_core_LifecycleHandler(in, out, s) -} - -func autoConvert_core_LifecycleHandler_To_v1_LifecycleHandler(in *core.LifecycleHandler, out *corev1.LifecycleHandler, s conversion.Scope) error { - out.Exec = (*corev1.ExecAction)(unsafe.Pointer(in.Exec)) - out.HTTPGet = (*corev1.HTTPGetAction)(unsafe.Pointer(in.HTTPGet)) - out.TCPSocket = (*corev1.TCPSocketAction)(unsafe.Pointer(in.TCPSocket)) - out.Sleep = (*corev1.SleepAction)(unsafe.Pointer(in.Sleep)) - return nil -} - -// Convert_core_LifecycleHandler_To_v1_LifecycleHandler is an autogenerated conversion function. -func Convert_core_LifecycleHandler_To_v1_LifecycleHandler(in *core.LifecycleHandler, out *corev1.LifecycleHandler, s conversion.Scope) error { - return autoConvert_core_LifecycleHandler_To_v1_LifecycleHandler(in, out, s) -} - -func autoConvert_v1_LimitRange_To_core_LimitRange(in *corev1.LimitRange, out *core.LimitRange, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_LimitRangeSpec_To_core_LimitRangeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_v1_LimitRange_To_core_LimitRange is an autogenerated conversion function. -func Convert_v1_LimitRange_To_core_LimitRange(in *corev1.LimitRange, out *core.LimitRange, s conversion.Scope) error { - return autoConvert_v1_LimitRange_To_core_LimitRange(in, out, s) -} - -func autoConvert_core_LimitRange_To_v1_LimitRange(in *core.LimitRange, out *corev1.LimitRange, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_LimitRangeSpec_To_v1_LimitRangeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_core_LimitRange_To_v1_LimitRange is an autogenerated conversion function. -func Convert_core_LimitRange_To_v1_LimitRange(in *core.LimitRange, out *corev1.LimitRange, s conversion.Scope) error { - return autoConvert_core_LimitRange_To_v1_LimitRange(in, out, s) -} - -func autoConvert_v1_LimitRangeItem_To_core_LimitRangeItem(in *corev1.LimitRangeItem, out *core.LimitRangeItem, s conversion.Scope) error { - out.Type = core.LimitType(in.Type) - out.Max = *(*core.ResourceList)(unsafe.Pointer(&in.Max)) - out.Min = *(*core.ResourceList)(unsafe.Pointer(&in.Min)) - out.Default = *(*core.ResourceList)(unsafe.Pointer(&in.Default)) - out.DefaultRequest = *(*core.ResourceList)(unsafe.Pointer(&in.DefaultRequest)) - out.MaxLimitRequestRatio = *(*core.ResourceList)(unsafe.Pointer(&in.MaxLimitRequestRatio)) - return nil -} - -// Convert_v1_LimitRangeItem_To_core_LimitRangeItem is an autogenerated conversion function. -func Convert_v1_LimitRangeItem_To_core_LimitRangeItem(in *corev1.LimitRangeItem, out *core.LimitRangeItem, s conversion.Scope) error { - return autoConvert_v1_LimitRangeItem_To_core_LimitRangeItem(in, out, s) -} - -func autoConvert_core_LimitRangeItem_To_v1_LimitRangeItem(in *core.LimitRangeItem, out *corev1.LimitRangeItem, s conversion.Scope) error { - out.Type = corev1.LimitType(in.Type) - out.Max = *(*corev1.ResourceList)(unsafe.Pointer(&in.Max)) - out.Min = *(*corev1.ResourceList)(unsafe.Pointer(&in.Min)) - out.Default = *(*corev1.ResourceList)(unsafe.Pointer(&in.Default)) - out.DefaultRequest = *(*corev1.ResourceList)(unsafe.Pointer(&in.DefaultRequest)) - out.MaxLimitRequestRatio = *(*corev1.ResourceList)(unsafe.Pointer(&in.MaxLimitRequestRatio)) - return nil -} - -// Convert_core_LimitRangeItem_To_v1_LimitRangeItem is an autogenerated conversion function. -func Convert_core_LimitRangeItem_To_v1_LimitRangeItem(in *core.LimitRangeItem, out *corev1.LimitRangeItem, s conversion.Scope) error { - return autoConvert_core_LimitRangeItem_To_v1_LimitRangeItem(in, out, s) -} - -func autoConvert_v1_LimitRangeList_To_core_LimitRangeList(in *corev1.LimitRangeList, out *core.LimitRangeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.LimitRange)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_LimitRangeList_To_core_LimitRangeList is an autogenerated conversion function. -func Convert_v1_LimitRangeList_To_core_LimitRangeList(in *corev1.LimitRangeList, out *core.LimitRangeList, s conversion.Scope) error { - return autoConvert_v1_LimitRangeList_To_core_LimitRangeList(in, out, s) -} - -func autoConvert_core_LimitRangeList_To_v1_LimitRangeList(in *core.LimitRangeList, out *corev1.LimitRangeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.LimitRange)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_LimitRangeList_To_v1_LimitRangeList is an autogenerated conversion function. -func Convert_core_LimitRangeList_To_v1_LimitRangeList(in *core.LimitRangeList, out *corev1.LimitRangeList, s conversion.Scope) error { - return autoConvert_core_LimitRangeList_To_v1_LimitRangeList(in, out, s) -} - -func autoConvert_v1_LimitRangeSpec_To_core_LimitRangeSpec(in *corev1.LimitRangeSpec, out *core.LimitRangeSpec, s conversion.Scope) error { - out.Limits = *(*[]core.LimitRangeItem)(unsafe.Pointer(&in.Limits)) - return nil -} - -// Convert_v1_LimitRangeSpec_To_core_LimitRangeSpec is an autogenerated conversion function. -func Convert_v1_LimitRangeSpec_To_core_LimitRangeSpec(in *corev1.LimitRangeSpec, out *core.LimitRangeSpec, s conversion.Scope) error { - return autoConvert_v1_LimitRangeSpec_To_core_LimitRangeSpec(in, out, s) -} - -func autoConvert_core_LimitRangeSpec_To_v1_LimitRangeSpec(in *core.LimitRangeSpec, out *corev1.LimitRangeSpec, s conversion.Scope) error { - out.Limits = *(*[]corev1.LimitRangeItem)(unsafe.Pointer(&in.Limits)) - return nil -} - -// Convert_core_LimitRangeSpec_To_v1_LimitRangeSpec is an autogenerated conversion function. -func Convert_core_LimitRangeSpec_To_v1_LimitRangeSpec(in *core.LimitRangeSpec, out *corev1.LimitRangeSpec, s conversion.Scope) error { - return autoConvert_core_LimitRangeSpec_To_v1_LimitRangeSpec(in, out, s) -} - -func autoConvert_v1_LinuxContainerUser_To_core_LinuxContainerUser(in *corev1.LinuxContainerUser, out *core.LinuxContainerUser, s conversion.Scope) error { - out.UID = in.UID - out.GID = in.GID - out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups)) - return nil -} - -// Convert_v1_LinuxContainerUser_To_core_LinuxContainerUser is an autogenerated conversion function. -func Convert_v1_LinuxContainerUser_To_core_LinuxContainerUser(in *corev1.LinuxContainerUser, out *core.LinuxContainerUser, s conversion.Scope) error { - return autoConvert_v1_LinuxContainerUser_To_core_LinuxContainerUser(in, out, s) -} - -func autoConvert_core_LinuxContainerUser_To_v1_LinuxContainerUser(in *core.LinuxContainerUser, out *corev1.LinuxContainerUser, s conversion.Scope) error { - out.UID = in.UID - out.GID = in.GID - out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups)) - return nil -} - -// Convert_core_LinuxContainerUser_To_v1_LinuxContainerUser is an autogenerated conversion function. -func Convert_core_LinuxContainerUser_To_v1_LinuxContainerUser(in *core.LinuxContainerUser, out *corev1.LinuxContainerUser, s conversion.Scope) error { - return autoConvert_core_LinuxContainerUser_To_v1_LinuxContainerUser(in, out, s) -} - -func autoConvert_v1_List_To_core_List(in *corev1.List, out *core.List, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]runtime.Object, len(*in)) - for i := range *in { - if err := runtime.Convert_runtime_RawExtension_To_runtime_Object(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_List_To_core_List is an autogenerated conversion function. -func Convert_v1_List_To_core_List(in *corev1.List, out *core.List, s conversion.Scope) error { - return autoConvert_v1_List_To_core_List(in, out, s) -} - -func autoConvert_core_List_To_v1_List(in *core.List, out *corev1.List, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]runtime.RawExtension, len(*in)) - for i := range *in { - if err := runtime.Convert_runtime_Object_To_runtime_RawExtension(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_List_To_v1_List is an autogenerated conversion function. -func Convert_core_List_To_v1_List(in *core.List, out *corev1.List, s conversion.Scope) error { - return autoConvert_core_List_To_v1_List(in, out, s) -} - -func autoConvert_v1_LoadBalancerIngress_To_core_LoadBalancerIngress(in *corev1.LoadBalancerIngress, out *core.LoadBalancerIngress, s conversion.Scope) error { - out.IP = in.IP - out.Hostname = in.Hostname - out.IPMode = (*core.LoadBalancerIPMode)(unsafe.Pointer(in.IPMode)) - out.Ports = *(*[]core.PortStatus)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_v1_LoadBalancerIngress_To_core_LoadBalancerIngress is an autogenerated conversion function. -func Convert_v1_LoadBalancerIngress_To_core_LoadBalancerIngress(in *corev1.LoadBalancerIngress, out *core.LoadBalancerIngress, s conversion.Scope) error { - return autoConvert_v1_LoadBalancerIngress_To_core_LoadBalancerIngress(in, out, s) -} - -func autoConvert_core_LoadBalancerIngress_To_v1_LoadBalancerIngress(in *core.LoadBalancerIngress, out *corev1.LoadBalancerIngress, s conversion.Scope) error { - out.IP = in.IP - out.Hostname = in.Hostname - out.IPMode = (*corev1.LoadBalancerIPMode)(unsafe.Pointer(in.IPMode)) - out.Ports = *(*[]corev1.PortStatus)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_core_LoadBalancerIngress_To_v1_LoadBalancerIngress is an autogenerated conversion function. -func Convert_core_LoadBalancerIngress_To_v1_LoadBalancerIngress(in *core.LoadBalancerIngress, out *corev1.LoadBalancerIngress, s conversion.Scope) error { - return autoConvert_core_LoadBalancerIngress_To_v1_LoadBalancerIngress(in, out, s) -} - -func autoConvert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus(in *corev1.LoadBalancerStatus, out *core.LoadBalancerStatus, s conversion.Scope) error { - out.Ingress = *(*[]core.LoadBalancerIngress)(unsafe.Pointer(&in.Ingress)) - return nil -} - -// Convert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus is an autogenerated conversion function. -func Convert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus(in *corev1.LoadBalancerStatus, out *core.LoadBalancerStatus, s conversion.Scope) error { - return autoConvert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus(in, out, s) -} - -func autoConvert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus(in *core.LoadBalancerStatus, out *corev1.LoadBalancerStatus, s conversion.Scope) error { - out.Ingress = *(*[]corev1.LoadBalancerIngress)(unsafe.Pointer(&in.Ingress)) - return nil -} - -// Convert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus is an autogenerated conversion function. -func Convert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus(in *core.LoadBalancerStatus, out *corev1.LoadBalancerStatus, s conversion.Scope) error { - return autoConvert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus(in, out, s) -} - -func autoConvert_v1_LocalObjectReference_To_core_LocalObjectReference(in *corev1.LocalObjectReference, out *core.LocalObjectReference, s conversion.Scope) error { - out.Name = in.Name - return nil -} - -// Convert_v1_LocalObjectReference_To_core_LocalObjectReference is an autogenerated conversion function. -func Convert_v1_LocalObjectReference_To_core_LocalObjectReference(in *corev1.LocalObjectReference, out *core.LocalObjectReference, s conversion.Scope) error { - return autoConvert_v1_LocalObjectReference_To_core_LocalObjectReference(in, out, s) -} - -func autoConvert_core_LocalObjectReference_To_v1_LocalObjectReference(in *core.LocalObjectReference, out *corev1.LocalObjectReference, s conversion.Scope) error { - out.Name = in.Name - return nil -} - -// Convert_core_LocalObjectReference_To_v1_LocalObjectReference is an autogenerated conversion function. -func Convert_core_LocalObjectReference_To_v1_LocalObjectReference(in *core.LocalObjectReference, out *corev1.LocalObjectReference, s conversion.Scope) error { - return autoConvert_core_LocalObjectReference_To_v1_LocalObjectReference(in, out, s) -} - -func autoConvert_v1_LocalVolumeSource_To_core_LocalVolumeSource(in *corev1.LocalVolumeSource, out *core.LocalVolumeSource, s conversion.Scope) error { - out.Path = in.Path - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - return nil -} - -// Convert_v1_LocalVolumeSource_To_core_LocalVolumeSource is an autogenerated conversion function. -func Convert_v1_LocalVolumeSource_To_core_LocalVolumeSource(in *corev1.LocalVolumeSource, out *core.LocalVolumeSource, s conversion.Scope) error { - return autoConvert_v1_LocalVolumeSource_To_core_LocalVolumeSource(in, out, s) -} - -func autoConvert_core_LocalVolumeSource_To_v1_LocalVolumeSource(in *core.LocalVolumeSource, out *corev1.LocalVolumeSource, s conversion.Scope) error { - out.Path = in.Path - out.FSType = (*string)(unsafe.Pointer(in.FSType)) - return nil -} - -// Convert_core_LocalVolumeSource_To_v1_LocalVolumeSource is an autogenerated conversion function. -func Convert_core_LocalVolumeSource_To_v1_LocalVolumeSource(in *core.LocalVolumeSource, out *corev1.LocalVolumeSource, s conversion.Scope) error { - return autoConvert_core_LocalVolumeSource_To_v1_LocalVolumeSource(in, out, s) -} - -func autoConvert_v1_ModifyVolumeStatus_To_core_ModifyVolumeStatus(in *corev1.ModifyVolumeStatus, out *core.ModifyVolumeStatus, s conversion.Scope) error { - out.TargetVolumeAttributesClassName = in.TargetVolumeAttributesClassName - out.Status = core.PersistentVolumeClaimModifyVolumeStatus(in.Status) - return nil -} - -// Convert_v1_ModifyVolumeStatus_To_core_ModifyVolumeStatus is an autogenerated conversion function. -func Convert_v1_ModifyVolumeStatus_To_core_ModifyVolumeStatus(in *corev1.ModifyVolumeStatus, out *core.ModifyVolumeStatus, s conversion.Scope) error { - return autoConvert_v1_ModifyVolumeStatus_To_core_ModifyVolumeStatus(in, out, s) -} - -func autoConvert_core_ModifyVolumeStatus_To_v1_ModifyVolumeStatus(in *core.ModifyVolumeStatus, out *corev1.ModifyVolumeStatus, s conversion.Scope) error { - out.TargetVolumeAttributesClassName = in.TargetVolumeAttributesClassName - out.Status = corev1.PersistentVolumeClaimModifyVolumeStatus(in.Status) - return nil -} - -// Convert_core_ModifyVolumeStatus_To_v1_ModifyVolumeStatus is an autogenerated conversion function. -func Convert_core_ModifyVolumeStatus_To_v1_ModifyVolumeStatus(in *core.ModifyVolumeStatus, out *corev1.ModifyVolumeStatus, s conversion.Scope) error { - return autoConvert_core_ModifyVolumeStatus_To_v1_ModifyVolumeStatus(in, out, s) -} - -func autoConvert_v1_NFSVolumeSource_To_core_NFSVolumeSource(in *corev1.NFSVolumeSource, out *core.NFSVolumeSource, s conversion.Scope) error { - out.Server = in.Server - out.Path = in.Path - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_NFSVolumeSource_To_core_NFSVolumeSource is an autogenerated conversion function. -func Convert_v1_NFSVolumeSource_To_core_NFSVolumeSource(in *corev1.NFSVolumeSource, out *core.NFSVolumeSource, s conversion.Scope) error { - return autoConvert_v1_NFSVolumeSource_To_core_NFSVolumeSource(in, out, s) -} - -func autoConvert_core_NFSVolumeSource_To_v1_NFSVolumeSource(in *core.NFSVolumeSource, out *corev1.NFSVolumeSource, s conversion.Scope) error { - out.Server = in.Server - out.Path = in.Path - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_NFSVolumeSource_To_v1_NFSVolumeSource is an autogenerated conversion function. -func Convert_core_NFSVolumeSource_To_v1_NFSVolumeSource(in *core.NFSVolumeSource, out *corev1.NFSVolumeSource, s conversion.Scope) error { - return autoConvert_core_NFSVolumeSource_To_v1_NFSVolumeSource(in, out, s) -} - -func autoConvert_v1_Namespace_To_core_Namespace(in *corev1.Namespace, out *core.Namespace, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_NamespaceSpec_To_core_NamespaceSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_NamespaceStatus_To_core_NamespaceStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_Namespace_To_core_Namespace is an autogenerated conversion function. -func Convert_v1_Namespace_To_core_Namespace(in *corev1.Namespace, out *core.Namespace, s conversion.Scope) error { - return autoConvert_v1_Namespace_To_core_Namespace(in, out, s) -} - -func autoConvert_core_Namespace_To_v1_Namespace(in *core.Namespace, out *corev1.Namespace, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_NamespaceSpec_To_v1_NamespaceSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_NamespaceStatus_To_v1_NamespaceStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_Namespace_To_v1_Namespace is an autogenerated conversion function. -func Convert_core_Namespace_To_v1_Namespace(in *core.Namespace, out *corev1.Namespace, s conversion.Scope) error { - return autoConvert_core_Namespace_To_v1_Namespace(in, out, s) -} - -func autoConvert_v1_NamespaceCondition_To_core_NamespaceCondition(in *corev1.NamespaceCondition, out *core.NamespaceCondition, s conversion.Scope) error { - out.Type = core.NamespaceConditionType(in.Type) - out.Status = core.ConditionStatus(in.Status) - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_NamespaceCondition_To_core_NamespaceCondition is an autogenerated conversion function. -func Convert_v1_NamespaceCondition_To_core_NamespaceCondition(in *corev1.NamespaceCondition, out *core.NamespaceCondition, s conversion.Scope) error { - return autoConvert_v1_NamespaceCondition_To_core_NamespaceCondition(in, out, s) -} - -func autoConvert_core_NamespaceCondition_To_v1_NamespaceCondition(in *core.NamespaceCondition, out *corev1.NamespaceCondition, s conversion.Scope) error { - out.Type = corev1.NamespaceConditionType(in.Type) - out.Status = corev1.ConditionStatus(in.Status) - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_NamespaceCondition_To_v1_NamespaceCondition is an autogenerated conversion function. -func Convert_core_NamespaceCondition_To_v1_NamespaceCondition(in *core.NamespaceCondition, out *corev1.NamespaceCondition, s conversion.Scope) error { - return autoConvert_core_NamespaceCondition_To_v1_NamespaceCondition(in, out, s) -} - -func autoConvert_v1_NamespaceList_To_core_NamespaceList(in *corev1.NamespaceList, out *core.NamespaceList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.Namespace)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_NamespaceList_To_core_NamespaceList is an autogenerated conversion function. -func Convert_v1_NamespaceList_To_core_NamespaceList(in *corev1.NamespaceList, out *core.NamespaceList, s conversion.Scope) error { - return autoConvert_v1_NamespaceList_To_core_NamespaceList(in, out, s) -} - -func autoConvert_core_NamespaceList_To_v1_NamespaceList(in *core.NamespaceList, out *corev1.NamespaceList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.Namespace)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_NamespaceList_To_v1_NamespaceList is an autogenerated conversion function. -func Convert_core_NamespaceList_To_v1_NamespaceList(in *core.NamespaceList, out *corev1.NamespaceList, s conversion.Scope) error { - return autoConvert_core_NamespaceList_To_v1_NamespaceList(in, out, s) -} - -func autoConvert_v1_NamespaceSpec_To_core_NamespaceSpec(in *corev1.NamespaceSpec, out *core.NamespaceSpec, s conversion.Scope) error { - out.Finalizers = *(*[]core.FinalizerName)(unsafe.Pointer(&in.Finalizers)) - return nil -} - -// Convert_v1_NamespaceSpec_To_core_NamespaceSpec is an autogenerated conversion function. -func Convert_v1_NamespaceSpec_To_core_NamespaceSpec(in *corev1.NamespaceSpec, out *core.NamespaceSpec, s conversion.Scope) error { - return autoConvert_v1_NamespaceSpec_To_core_NamespaceSpec(in, out, s) -} - -func autoConvert_core_NamespaceSpec_To_v1_NamespaceSpec(in *core.NamespaceSpec, out *corev1.NamespaceSpec, s conversion.Scope) error { - out.Finalizers = *(*[]corev1.FinalizerName)(unsafe.Pointer(&in.Finalizers)) - return nil -} - -// Convert_core_NamespaceSpec_To_v1_NamespaceSpec is an autogenerated conversion function. -func Convert_core_NamespaceSpec_To_v1_NamespaceSpec(in *core.NamespaceSpec, out *corev1.NamespaceSpec, s conversion.Scope) error { - return autoConvert_core_NamespaceSpec_To_v1_NamespaceSpec(in, out, s) -} - -func autoConvert_v1_NamespaceStatus_To_core_NamespaceStatus(in *corev1.NamespaceStatus, out *core.NamespaceStatus, s conversion.Scope) error { - out.Phase = core.NamespacePhase(in.Phase) - out.Conditions = *(*[]core.NamespaceCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_v1_NamespaceStatus_To_core_NamespaceStatus is an autogenerated conversion function. -func Convert_v1_NamespaceStatus_To_core_NamespaceStatus(in *corev1.NamespaceStatus, out *core.NamespaceStatus, s conversion.Scope) error { - return autoConvert_v1_NamespaceStatus_To_core_NamespaceStatus(in, out, s) -} - -func autoConvert_core_NamespaceStatus_To_v1_NamespaceStatus(in *core.NamespaceStatus, out *corev1.NamespaceStatus, s conversion.Scope) error { - out.Phase = corev1.NamespacePhase(in.Phase) - out.Conditions = *(*[]corev1.NamespaceCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_core_NamespaceStatus_To_v1_NamespaceStatus is an autogenerated conversion function. -func Convert_core_NamespaceStatus_To_v1_NamespaceStatus(in *core.NamespaceStatus, out *corev1.NamespaceStatus, s conversion.Scope) error { - return autoConvert_core_NamespaceStatus_To_v1_NamespaceStatus(in, out, s) -} - -func autoConvert_v1_Node_To_core_Node(in *corev1.Node, out *core.Node, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_NodeSpec_To_core_NodeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_NodeStatus_To_core_NodeStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_Node_To_core_Node is an autogenerated conversion function. -func Convert_v1_Node_To_core_Node(in *corev1.Node, out *core.Node, s conversion.Scope) error { - return autoConvert_v1_Node_To_core_Node(in, out, s) -} - -func autoConvert_core_Node_To_v1_Node(in *core.Node, out *corev1.Node, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_NodeSpec_To_v1_NodeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_NodeStatus_To_v1_NodeStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_Node_To_v1_Node is an autogenerated conversion function. -func Convert_core_Node_To_v1_Node(in *core.Node, out *corev1.Node, s conversion.Scope) error { - return autoConvert_core_Node_To_v1_Node(in, out, s) -} - -func autoConvert_v1_NodeAddress_To_core_NodeAddress(in *corev1.NodeAddress, out *core.NodeAddress, s conversion.Scope) error { - out.Type = core.NodeAddressType(in.Type) - out.Address = in.Address - return nil -} - -// Convert_v1_NodeAddress_To_core_NodeAddress is an autogenerated conversion function. -func Convert_v1_NodeAddress_To_core_NodeAddress(in *corev1.NodeAddress, out *core.NodeAddress, s conversion.Scope) error { - return autoConvert_v1_NodeAddress_To_core_NodeAddress(in, out, s) -} - -func autoConvert_core_NodeAddress_To_v1_NodeAddress(in *core.NodeAddress, out *corev1.NodeAddress, s conversion.Scope) error { - out.Type = corev1.NodeAddressType(in.Type) - out.Address = in.Address - return nil -} - -// Convert_core_NodeAddress_To_v1_NodeAddress is an autogenerated conversion function. -func Convert_core_NodeAddress_To_v1_NodeAddress(in *core.NodeAddress, out *corev1.NodeAddress, s conversion.Scope) error { - return autoConvert_core_NodeAddress_To_v1_NodeAddress(in, out, s) -} - -func autoConvert_v1_NodeAffinity_To_core_NodeAffinity(in *corev1.NodeAffinity, out *core.NodeAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = (*core.NodeSelector)(unsafe.Pointer(in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]core.PreferredSchedulingTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_v1_NodeAffinity_To_core_NodeAffinity is an autogenerated conversion function. -func Convert_v1_NodeAffinity_To_core_NodeAffinity(in *corev1.NodeAffinity, out *core.NodeAffinity, s conversion.Scope) error { - return autoConvert_v1_NodeAffinity_To_core_NodeAffinity(in, out, s) -} - -func autoConvert_core_NodeAffinity_To_v1_NodeAffinity(in *core.NodeAffinity, out *corev1.NodeAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = (*corev1.NodeSelector)(unsafe.Pointer(in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]corev1.PreferredSchedulingTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_core_NodeAffinity_To_v1_NodeAffinity is an autogenerated conversion function. -func Convert_core_NodeAffinity_To_v1_NodeAffinity(in *core.NodeAffinity, out *corev1.NodeAffinity, s conversion.Scope) error { - return autoConvert_core_NodeAffinity_To_v1_NodeAffinity(in, out, s) -} - -func autoConvert_v1_NodeCondition_To_core_NodeCondition(in *corev1.NodeCondition, out *core.NodeCondition, s conversion.Scope) error { - out.Type = core.NodeConditionType(in.Type) - out.Status = core.ConditionStatus(in.Status) - out.LastHeartbeatTime = in.LastHeartbeatTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_NodeCondition_To_core_NodeCondition is an autogenerated conversion function. -func Convert_v1_NodeCondition_To_core_NodeCondition(in *corev1.NodeCondition, out *core.NodeCondition, s conversion.Scope) error { - return autoConvert_v1_NodeCondition_To_core_NodeCondition(in, out, s) -} - -func autoConvert_core_NodeCondition_To_v1_NodeCondition(in *core.NodeCondition, out *corev1.NodeCondition, s conversion.Scope) error { - out.Type = corev1.NodeConditionType(in.Type) - out.Status = corev1.ConditionStatus(in.Status) - out.LastHeartbeatTime = in.LastHeartbeatTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_NodeCondition_To_v1_NodeCondition is an autogenerated conversion function. -func Convert_core_NodeCondition_To_v1_NodeCondition(in *core.NodeCondition, out *corev1.NodeCondition, s conversion.Scope) error { - return autoConvert_core_NodeCondition_To_v1_NodeCondition(in, out, s) -} - -func autoConvert_v1_NodeConfigSource_To_core_NodeConfigSource(in *corev1.NodeConfigSource, out *core.NodeConfigSource, s conversion.Scope) error { - out.ConfigMap = (*core.ConfigMapNodeConfigSource)(unsafe.Pointer(in.ConfigMap)) - return nil -} - -// Convert_v1_NodeConfigSource_To_core_NodeConfigSource is an autogenerated conversion function. -func Convert_v1_NodeConfigSource_To_core_NodeConfigSource(in *corev1.NodeConfigSource, out *core.NodeConfigSource, s conversion.Scope) error { - return autoConvert_v1_NodeConfigSource_To_core_NodeConfigSource(in, out, s) -} - -func autoConvert_core_NodeConfigSource_To_v1_NodeConfigSource(in *core.NodeConfigSource, out *corev1.NodeConfigSource, s conversion.Scope) error { - out.ConfigMap = (*corev1.ConfigMapNodeConfigSource)(unsafe.Pointer(in.ConfigMap)) - return nil -} - -// Convert_core_NodeConfigSource_To_v1_NodeConfigSource is an autogenerated conversion function. -func Convert_core_NodeConfigSource_To_v1_NodeConfigSource(in *core.NodeConfigSource, out *corev1.NodeConfigSource, s conversion.Scope) error { - return autoConvert_core_NodeConfigSource_To_v1_NodeConfigSource(in, out, s) -} - -func autoConvert_v1_NodeConfigStatus_To_core_NodeConfigStatus(in *corev1.NodeConfigStatus, out *core.NodeConfigStatus, s conversion.Scope) error { - out.Assigned = (*core.NodeConfigSource)(unsafe.Pointer(in.Assigned)) - out.Active = (*core.NodeConfigSource)(unsafe.Pointer(in.Active)) - out.LastKnownGood = (*core.NodeConfigSource)(unsafe.Pointer(in.LastKnownGood)) - out.Error = in.Error - return nil -} - -// Convert_v1_NodeConfigStatus_To_core_NodeConfigStatus is an autogenerated conversion function. -func Convert_v1_NodeConfigStatus_To_core_NodeConfigStatus(in *corev1.NodeConfigStatus, out *core.NodeConfigStatus, s conversion.Scope) error { - return autoConvert_v1_NodeConfigStatus_To_core_NodeConfigStatus(in, out, s) -} - -func autoConvert_core_NodeConfigStatus_To_v1_NodeConfigStatus(in *core.NodeConfigStatus, out *corev1.NodeConfigStatus, s conversion.Scope) error { - out.Assigned = (*corev1.NodeConfigSource)(unsafe.Pointer(in.Assigned)) - out.Active = (*corev1.NodeConfigSource)(unsafe.Pointer(in.Active)) - out.LastKnownGood = (*corev1.NodeConfigSource)(unsafe.Pointer(in.LastKnownGood)) - out.Error = in.Error - return nil -} - -// Convert_core_NodeConfigStatus_To_v1_NodeConfigStatus is an autogenerated conversion function. -func Convert_core_NodeConfigStatus_To_v1_NodeConfigStatus(in *core.NodeConfigStatus, out *corev1.NodeConfigStatus, s conversion.Scope) error { - return autoConvert_core_NodeConfigStatus_To_v1_NodeConfigStatus(in, out, s) -} - -func autoConvert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints(in *corev1.NodeDaemonEndpoints, out *core.NodeDaemonEndpoints, s conversion.Scope) error { - if err := Convert_v1_DaemonEndpoint_To_core_DaemonEndpoint(&in.KubeletEndpoint, &out.KubeletEndpoint, s); err != nil { - return err - } - return nil -} - -// Convert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints is an autogenerated conversion function. -func Convert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints(in *corev1.NodeDaemonEndpoints, out *core.NodeDaemonEndpoints, s conversion.Scope) error { - return autoConvert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints(in, out, s) -} - -func autoConvert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints(in *core.NodeDaemonEndpoints, out *corev1.NodeDaemonEndpoints, s conversion.Scope) error { - if err := Convert_core_DaemonEndpoint_To_v1_DaemonEndpoint(&in.KubeletEndpoint, &out.KubeletEndpoint, s); err != nil { - return err - } - return nil -} - -// Convert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints is an autogenerated conversion function. -func Convert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints(in *core.NodeDaemonEndpoints, out *corev1.NodeDaemonEndpoints, s conversion.Scope) error { - return autoConvert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints(in, out, s) -} - -func autoConvert_v1_NodeFeatures_To_core_NodeFeatures(in *corev1.NodeFeatures, out *core.NodeFeatures, s conversion.Scope) error { - out.SupplementalGroupsPolicy = (*bool)(unsafe.Pointer(in.SupplementalGroupsPolicy)) - return nil -} - -// Convert_v1_NodeFeatures_To_core_NodeFeatures is an autogenerated conversion function. -func Convert_v1_NodeFeatures_To_core_NodeFeatures(in *corev1.NodeFeatures, out *core.NodeFeatures, s conversion.Scope) error { - return autoConvert_v1_NodeFeatures_To_core_NodeFeatures(in, out, s) -} - -func autoConvert_core_NodeFeatures_To_v1_NodeFeatures(in *core.NodeFeatures, out *corev1.NodeFeatures, s conversion.Scope) error { - out.SupplementalGroupsPolicy = (*bool)(unsafe.Pointer(in.SupplementalGroupsPolicy)) - return nil -} - -// Convert_core_NodeFeatures_To_v1_NodeFeatures is an autogenerated conversion function. -func Convert_core_NodeFeatures_To_v1_NodeFeatures(in *core.NodeFeatures, out *corev1.NodeFeatures, s conversion.Scope) error { - return autoConvert_core_NodeFeatures_To_v1_NodeFeatures(in, out, s) -} - -func autoConvert_v1_NodeList_To_core_NodeList(in *corev1.NodeList, out *core.NodeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.Node, len(*in)) - for i := range *in { - if err := Convert_v1_Node_To_core_Node(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_NodeList_To_core_NodeList is an autogenerated conversion function. -func Convert_v1_NodeList_To_core_NodeList(in *corev1.NodeList, out *core.NodeList, s conversion.Scope) error { - return autoConvert_v1_NodeList_To_core_NodeList(in, out, s) -} - -func autoConvert_core_NodeList_To_v1_NodeList(in *core.NodeList, out *corev1.NodeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.Node, len(*in)) - for i := range *in { - if err := Convert_core_Node_To_v1_Node(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_NodeList_To_v1_NodeList is an autogenerated conversion function. -func Convert_core_NodeList_To_v1_NodeList(in *core.NodeList, out *corev1.NodeList, s conversion.Scope) error { - return autoConvert_core_NodeList_To_v1_NodeList(in, out, s) -} - -func autoConvert_v1_NodeProxyOptions_To_core_NodeProxyOptions(in *corev1.NodeProxyOptions, out *core.NodeProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_v1_NodeProxyOptions_To_core_NodeProxyOptions is an autogenerated conversion function. -func Convert_v1_NodeProxyOptions_To_core_NodeProxyOptions(in *corev1.NodeProxyOptions, out *core.NodeProxyOptions, s conversion.Scope) error { - return autoConvert_v1_NodeProxyOptions_To_core_NodeProxyOptions(in, out, s) -} - -func autoConvert_core_NodeProxyOptions_To_v1_NodeProxyOptions(in *core.NodeProxyOptions, out *corev1.NodeProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_core_NodeProxyOptions_To_v1_NodeProxyOptions is an autogenerated conversion function. -func Convert_core_NodeProxyOptions_To_v1_NodeProxyOptions(in *core.NodeProxyOptions, out *corev1.NodeProxyOptions, s conversion.Scope) error { - return autoConvert_core_NodeProxyOptions_To_v1_NodeProxyOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_NodeProxyOptions(in *url.Values, out *corev1.NodeProxyOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["path"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Path, s); err != nil { - return err - } - } else { - out.Path = "" - } - return nil -} - -// Convert_url_Values_To_v1_NodeProxyOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_NodeProxyOptions(in *url.Values, out *corev1.NodeProxyOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_NodeProxyOptions(in, out, s) -} - -func autoConvert_v1_NodeRuntimeHandler_To_core_NodeRuntimeHandler(in *corev1.NodeRuntimeHandler, out *core.NodeRuntimeHandler, s conversion.Scope) error { - out.Name = in.Name - out.Features = (*core.NodeRuntimeHandlerFeatures)(unsafe.Pointer(in.Features)) - return nil -} - -// Convert_v1_NodeRuntimeHandler_To_core_NodeRuntimeHandler is an autogenerated conversion function. -func Convert_v1_NodeRuntimeHandler_To_core_NodeRuntimeHandler(in *corev1.NodeRuntimeHandler, out *core.NodeRuntimeHandler, s conversion.Scope) error { - return autoConvert_v1_NodeRuntimeHandler_To_core_NodeRuntimeHandler(in, out, s) -} - -func autoConvert_core_NodeRuntimeHandler_To_v1_NodeRuntimeHandler(in *core.NodeRuntimeHandler, out *corev1.NodeRuntimeHandler, s conversion.Scope) error { - out.Name = in.Name - out.Features = (*corev1.NodeRuntimeHandlerFeatures)(unsafe.Pointer(in.Features)) - return nil -} - -// Convert_core_NodeRuntimeHandler_To_v1_NodeRuntimeHandler is an autogenerated conversion function. -func Convert_core_NodeRuntimeHandler_To_v1_NodeRuntimeHandler(in *core.NodeRuntimeHandler, out *corev1.NodeRuntimeHandler, s conversion.Scope) error { - return autoConvert_core_NodeRuntimeHandler_To_v1_NodeRuntimeHandler(in, out, s) -} - -func autoConvert_v1_NodeRuntimeHandlerFeatures_To_core_NodeRuntimeHandlerFeatures(in *corev1.NodeRuntimeHandlerFeatures, out *core.NodeRuntimeHandlerFeatures, s conversion.Scope) error { - out.RecursiveReadOnlyMounts = (*bool)(unsafe.Pointer(in.RecursiveReadOnlyMounts)) - out.UserNamespaces = (*bool)(unsafe.Pointer(in.UserNamespaces)) - return nil -} - -// Convert_v1_NodeRuntimeHandlerFeatures_To_core_NodeRuntimeHandlerFeatures is an autogenerated conversion function. -func Convert_v1_NodeRuntimeHandlerFeatures_To_core_NodeRuntimeHandlerFeatures(in *corev1.NodeRuntimeHandlerFeatures, out *core.NodeRuntimeHandlerFeatures, s conversion.Scope) error { - return autoConvert_v1_NodeRuntimeHandlerFeatures_To_core_NodeRuntimeHandlerFeatures(in, out, s) -} - -func autoConvert_core_NodeRuntimeHandlerFeatures_To_v1_NodeRuntimeHandlerFeatures(in *core.NodeRuntimeHandlerFeatures, out *corev1.NodeRuntimeHandlerFeatures, s conversion.Scope) error { - out.RecursiveReadOnlyMounts = (*bool)(unsafe.Pointer(in.RecursiveReadOnlyMounts)) - out.UserNamespaces = (*bool)(unsafe.Pointer(in.UserNamespaces)) - return nil -} - -// Convert_core_NodeRuntimeHandlerFeatures_To_v1_NodeRuntimeHandlerFeatures is an autogenerated conversion function. -func Convert_core_NodeRuntimeHandlerFeatures_To_v1_NodeRuntimeHandlerFeatures(in *core.NodeRuntimeHandlerFeatures, out *corev1.NodeRuntimeHandlerFeatures, s conversion.Scope) error { - return autoConvert_core_NodeRuntimeHandlerFeatures_To_v1_NodeRuntimeHandlerFeatures(in, out, s) -} - -func autoConvert_v1_NodeSelector_To_core_NodeSelector(in *corev1.NodeSelector, out *core.NodeSelector, s conversion.Scope) error { - out.NodeSelectorTerms = *(*[]core.NodeSelectorTerm)(unsafe.Pointer(&in.NodeSelectorTerms)) - return nil -} - -// Convert_v1_NodeSelector_To_core_NodeSelector is an autogenerated conversion function. -func Convert_v1_NodeSelector_To_core_NodeSelector(in *corev1.NodeSelector, out *core.NodeSelector, s conversion.Scope) error { - return autoConvert_v1_NodeSelector_To_core_NodeSelector(in, out, s) -} - -func autoConvert_core_NodeSelector_To_v1_NodeSelector(in *core.NodeSelector, out *corev1.NodeSelector, s conversion.Scope) error { - out.NodeSelectorTerms = *(*[]corev1.NodeSelectorTerm)(unsafe.Pointer(&in.NodeSelectorTerms)) - return nil -} - -// Convert_core_NodeSelector_To_v1_NodeSelector is an autogenerated conversion function. -func Convert_core_NodeSelector_To_v1_NodeSelector(in *core.NodeSelector, out *corev1.NodeSelector, s conversion.Scope) error { - return autoConvert_core_NodeSelector_To_v1_NodeSelector(in, out, s) -} - -func autoConvert_v1_NodeSelectorRequirement_To_core_NodeSelectorRequirement(in *corev1.NodeSelectorRequirement, out *core.NodeSelectorRequirement, s conversion.Scope) error { - out.Key = in.Key - out.Operator = core.NodeSelectorOperator(in.Operator) - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_v1_NodeSelectorRequirement_To_core_NodeSelectorRequirement is an autogenerated conversion function. -func Convert_v1_NodeSelectorRequirement_To_core_NodeSelectorRequirement(in *corev1.NodeSelectorRequirement, out *core.NodeSelectorRequirement, s conversion.Scope) error { - return autoConvert_v1_NodeSelectorRequirement_To_core_NodeSelectorRequirement(in, out, s) -} - -func autoConvert_core_NodeSelectorRequirement_To_v1_NodeSelectorRequirement(in *core.NodeSelectorRequirement, out *corev1.NodeSelectorRequirement, s conversion.Scope) error { - out.Key = in.Key - out.Operator = corev1.NodeSelectorOperator(in.Operator) - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_core_NodeSelectorRequirement_To_v1_NodeSelectorRequirement is an autogenerated conversion function. -func Convert_core_NodeSelectorRequirement_To_v1_NodeSelectorRequirement(in *core.NodeSelectorRequirement, out *corev1.NodeSelectorRequirement, s conversion.Scope) error { - return autoConvert_core_NodeSelectorRequirement_To_v1_NodeSelectorRequirement(in, out, s) -} - -func autoConvert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm(in *corev1.NodeSelectorTerm, out *core.NodeSelectorTerm, s conversion.Scope) error { - out.MatchExpressions = *(*[]core.NodeSelectorRequirement)(unsafe.Pointer(&in.MatchExpressions)) - out.MatchFields = *(*[]core.NodeSelectorRequirement)(unsafe.Pointer(&in.MatchFields)) - return nil -} - -// Convert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm is an autogenerated conversion function. -func Convert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm(in *corev1.NodeSelectorTerm, out *core.NodeSelectorTerm, s conversion.Scope) error { - return autoConvert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm(in, out, s) -} - -func autoConvert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm(in *core.NodeSelectorTerm, out *corev1.NodeSelectorTerm, s conversion.Scope) error { - out.MatchExpressions = *(*[]corev1.NodeSelectorRequirement)(unsafe.Pointer(&in.MatchExpressions)) - out.MatchFields = *(*[]corev1.NodeSelectorRequirement)(unsafe.Pointer(&in.MatchFields)) - return nil -} - -// Convert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm is an autogenerated conversion function. -func Convert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm(in *core.NodeSelectorTerm, out *corev1.NodeSelectorTerm, s conversion.Scope) error { - return autoConvert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm(in, out, s) -} - -func autoConvert_v1_NodeSpec_To_core_NodeSpec(in *corev1.NodeSpec, out *core.NodeSpec, s conversion.Scope) error { - // WARNING: in.PodCIDR requires manual conversion: does not exist in peer-type - out.PodCIDRs = *(*[]string)(unsafe.Pointer(&in.PodCIDRs)) - out.ProviderID = in.ProviderID - out.Unschedulable = in.Unschedulable - out.Taints = *(*[]core.Taint)(unsafe.Pointer(&in.Taints)) - out.ConfigSource = (*core.NodeConfigSource)(unsafe.Pointer(in.ConfigSource)) - out.DoNotUseExternalID = in.DoNotUseExternalID - return nil -} - -func autoConvert_core_NodeSpec_To_v1_NodeSpec(in *core.NodeSpec, out *corev1.NodeSpec, s conversion.Scope) error { - out.PodCIDRs = *(*[]string)(unsafe.Pointer(&in.PodCIDRs)) - out.ProviderID = in.ProviderID - out.Unschedulable = in.Unschedulable - out.Taints = *(*[]corev1.Taint)(unsafe.Pointer(&in.Taints)) - out.ConfigSource = (*corev1.NodeConfigSource)(unsafe.Pointer(in.ConfigSource)) - out.DoNotUseExternalID = in.DoNotUseExternalID - return nil -} - -func autoConvert_v1_NodeStatus_To_core_NodeStatus(in *corev1.NodeStatus, out *core.NodeStatus, s conversion.Scope) error { - out.Capacity = *(*core.ResourceList)(unsafe.Pointer(&in.Capacity)) - out.Allocatable = *(*core.ResourceList)(unsafe.Pointer(&in.Allocatable)) - out.Phase = core.NodePhase(in.Phase) - out.Conditions = *(*[]core.NodeCondition)(unsafe.Pointer(&in.Conditions)) - out.Addresses = *(*[]core.NodeAddress)(unsafe.Pointer(&in.Addresses)) - if err := Convert_v1_NodeDaemonEndpoints_To_core_NodeDaemonEndpoints(&in.DaemonEndpoints, &out.DaemonEndpoints, s); err != nil { - return err - } - if err := Convert_v1_NodeSystemInfo_To_core_NodeSystemInfo(&in.NodeInfo, &out.NodeInfo, s); err != nil { - return err - } - out.Images = *(*[]core.ContainerImage)(unsafe.Pointer(&in.Images)) - out.VolumesInUse = *(*[]core.UniqueVolumeName)(unsafe.Pointer(&in.VolumesInUse)) - out.VolumesAttached = *(*[]core.AttachedVolume)(unsafe.Pointer(&in.VolumesAttached)) - out.Config = (*core.NodeConfigStatus)(unsafe.Pointer(in.Config)) - out.RuntimeHandlers = *(*[]core.NodeRuntimeHandler)(unsafe.Pointer(&in.RuntimeHandlers)) - out.Features = (*core.NodeFeatures)(unsafe.Pointer(in.Features)) - out.DeclaredFeatures = *(*[]string)(unsafe.Pointer(&in.DeclaredFeatures)) - return nil -} - -// Convert_v1_NodeStatus_To_core_NodeStatus is an autogenerated conversion function. -func Convert_v1_NodeStatus_To_core_NodeStatus(in *corev1.NodeStatus, out *core.NodeStatus, s conversion.Scope) error { - return autoConvert_v1_NodeStatus_To_core_NodeStatus(in, out, s) -} - -func autoConvert_core_NodeStatus_To_v1_NodeStatus(in *core.NodeStatus, out *corev1.NodeStatus, s conversion.Scope) error { - out.Capacity = *(*corev1.ResourceList)(unsafe.Pointer(&in.Capacity)) - out.Allocatable = *(*corev1.ResourceList)(unsafe.Pointer(&in.Allocatable)) - out.Phase = corev1.NodePhase(in.Phase) - out.Conditions = *(*[]corev1.NodeCondition)(unsafe.Pointer(&in.Conditions)) - out.Addresses = *(*[]corev1.NodeAddress)(unsafe.Pointer(&in.Addresses)) - if err := Convert_core_NodeDaemonEndpoints_To_v1_NodeDaemonEndpoints(&in.DaemonEndpoints, &out.DaemonEndpoints, s); err != nil { - return err - } - if err := Convert_core_NodeSystemInfo_To_v1_NodeSystemInfo(&in.NodeInfo, &out.NodeInfo, s); err != nil { - return err - } - out.Images = *(*[]corev1.ContainerImage)(unsafe.Pointer(&in.Images)) - out.VolumesInUse = *(*[]corev1.UniqueVolumeName)(unsafe.Pointer(&in.VolumesInUse)) - out.VolumesAttached = *(*[]corev1.AttachedVolume)(unsafe.Pointer(&in.VolumesAttached)) - out.Config = (*corev1.NodeConfigStatus)(unsafe.Pointer(in.Config)) - out.RuntimeHandlers = *(*[]corev1.NodeRuntimeHandler)(unsafe.Pointer(&in.RuntimeHandlers)) - out.Features = (*corev1.NodeFeatures)(unsafe.Pointer(in.Features)) - out.DeclaredFeatures = *(*[]string)(unsafe.Pointer(&in.DeclaredFeatures)) - return nil -} - -// Convert_core_NodeStatus_To_v1_NodeStatus is an autogenerated conversion function. -func Convert_core_NodeStatus_To_v1_NodeStatus(in *core.NodeStatus, out *corev1.NodeStatus, s conversion.Scope) error { - return autoConvert_core_NodeStatus_To_v1_NodeStatus(in, out, s) -} - -func autoConvert_v1_NodeSwapStatus_To_core_NodeSwapStatus(in *corev1.NodeSwapStatus, out *core.NodeSwapStatus, s conversion.Scope) error { - out.Capacity = (*int64)(unsafe.Pointer(in.Capacity)) - return nil -} - -// Convert_v1_NodeSwapStatus_To_core_NodeSwapStatus is an autogenerated conversion function. -func Convert_v1_NodeSwapStatus_To_core_NodeSwapStatus(in *corev1.NodeSwapStatus, out *core.NodeSwapStatus, s conversion.Scope) error { - return autoConvert_v1_NodeSwapStatus_To_core_NodeSwapStatus(in, out, s) -} - -func autoConvert_core_NodeSwapStatus_To_v1_NodeSwapStatus(in *core.NodeSwapStatus, out *corev1.NodeSwapStatus, s conversion.Scope) error { - out.Capacity = (*int64)(unsafe.Pointer(in.Capacity)) - return nil -} - -// Convert_core_NodeSwapStatus_To_v1_NodeSwapStatus is an autogenerated conversion function. -func Convert_core_NodeSwapStatus_To_v1_NodeSwapStatus(in *core.NodeSwapStatus, out *corev1.NodeSwapStatus, s conversion.Scope) error { - return autoConvert_core_NodeSwapStatus_To_v1_NodeSwapStatus(in, out, s) -} - -func autoConvert_v1_NodeSystemInfo_To_core_NodeSystemInfo(in *corev1.NodeSystemInfo, out *core.NodeSystemInfo, s conversion.Scope) error { - out.MachineID = in.MachineID - out.SystemUUID = in.SystemUUID - out.BootID = in.BootID - out.KernelVersion = in.KernelVersion - out.OSImage = in.OSImage - out.ContainerRuntimeVersion = in.ContainerRuntimeVersion - out.KubeletVersion = in.KubeletVersion - out.KubeProxyVersion = in.KubeProxyVersion - out.OperatingSystem = in.OperatingSystem - out.Architecture = in.Architecture - out.Swap = (*core.NodeSwapStatus)(unsafe.Pointer(in.Swap)) - return nil -} - -// Convert_v1_NodeSystemInfo_To_core_NodeSystemInfo is an autogenerated conversion function. -func Convert_v1_NodeSystemInfo_To_core_NodeSystemInfo(in *corev1.NodeSystemInfo, out *core.NodeSystemInfo, s conversion.Scope) error { - return autoConvert_v1_NodeSystemInfo_To_core_NodeSystemInfo(in, out, s) -} - -func autoConvert_core_NodeSystemInfo_To_v1_NodeSystemInfo(in *core.NodeSystemInfo, out *corev1.NodeSystemInfo, s conversion.Scope) error { - out.MachineID = in.MachineID - out.SystemUUID = in.SystemUUID - out.BootID = in.BootID - out.KernelVersion = in.KernelVersion - out.OSImage = in.OSImage - out.ContainerRuntimeVersion = in.ContainerRuntimeVersion - out.KubeletVersion = in.KubeletVersion - out.KubeProxyVersion = in.KubeProxyVersion - out.OperatingSystem = in.OperatingSystem - out.Architecture = in.Architecture - out.Swap = (*corev1.NodeSwapStatus)(unsafe.Pointer(in.Swap)) - return nil -} - -// Convert_core_NodeSystemInfo_To_v1_NodeSystemInfo is an autogenerated conversion function. -func Convert_core_NodeSystemInfo_To_v1_NodeSystemInfo(in *core.NodeSystemInfo, out *corev1.NodeSystemInfo, s conversion.Scope) error { - return autoConvert_core_NodeSystemInfo_To_v1_NodeSystemInfo(in, out, s) -} - -func autoConvert_v1_ObjectFieldSelector_To_core_ObjectFieldSelector(in *corev1.ObjectFieldSelector, out *core.ObjectFieldSelector, s conversion.Scope) error { - out.APIVersion = in.APIVersion - out.FieldPath = in.FieldPath - return nil -} - -// Convert_v1_ObjectFieldSelector_To_core_ObjectFieldSelector is an autogenerated conversion function. -func Convert_v1_ObjectFieldSelector_To_core_ObjectFieldSelector(in *corev1.ObjectFieldSelector, out *core.ObjectFieldSelector, s conversion.Scope) error { - return autoConvert_v1_ObjectFieldSelector_To_core_ObjectFieldSelector(in, out, s) -} - -func autoConvert_core_ObjectFieldSelector_To_v1_ObjectFieldSelector(in *core.ObjectFieldSelector, out *corev1.ObjectFieldSelector, s conversion.Scope) error { - out.APIVersion = in.APIVersion - out.FieldPath = in.FieldPath - return nil -} - -// Convert_core_ObjectFieldSelector_To_v1_ObjectFieldSelector is an autogenerated conversion function. -func Convert_core_ObjectFieldSelector_To_v1_ObjectFieldSelector(in *core.ObjectFieldSelector, out *corev1.ObjectFieldSelector, s conversion.Scope) error { - return autoConvert_core_ObjectFieldSelector_To_v1_ObjectFieldSelector(in, out, s) -} - -func autoConvert_v1_ObjectReference_To_core_ObjectReference(in *corev1.ObjectReference, out *core.ObjectReference, s conversion.Scope) error { - out.Kind = in.Kind - out.Namespace = in.Namespace - out.Name = in.Name - out.UID = types.UID(in.UID) - out.APIVersion = in.APIVersion - out.ResourceVersion = in.ResourceVersion - out.FieldPath = in.FieldPath - return nil -} - -// Convert_v1_ObjectReference_To_core_ObjectReference is an autogenerated conversion function. -func Convert_v1_ObjectReference_To_core_ObjectReference(in *corev1.ObjectReference, out *core.ObjectReference, s conversion.Scope) error { - return autoConvert_v1_ObjectReference_To_core_ObjectReference(in, out, s) -} - -func autoConvert_core_ObjectReference_To_v1_ObjectReference(in *core.ObjectReference, out *corev1.ObjectReference, s conversion.Scope) error { - out.Kind = in.Kind - out.Namespace = in.Namespace - out.Name = in.Name - out.UID = types.UID(in.UID) - out.APIVersion = in.APIVersion - out.ResourceVersion = in.ResourceVersion - out.FieldPath = in.FieldPath - return nil -} - -// Convert_core_ObjectReference_To_v1_ObjectReference is an autogenerated conversion function. -func Convert_core_ObjectReference_To_v1_ObjectReference(in *core.ObjectReference, out *corev1.ObjectReference, s conversion.Scope) error { - return autoConvert_core_ObjectReference_To_v1_ObjectReference(in, out, s) -} - -func autoConvert_v1_PersistentVolume_To_core_PersistentVolume(in *corev1.PersistentVolume, out *core.PersistentVolume, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PersistentVolume_To_core_PersistentVolume is an autogenerated conversion function. -func Convert_v1_PersistentVolume_To_core_PersistentVolume(in *corev1.PersistentVolume, out *core.PersistentVolume, s conversion.Scope) error { - return autoConvert_v1_PersistentVolume_To_core_PersistentVolume(in, out, s) -} - -func autoConvert_core_PersistentVolume_To_v1_PersistentVolume(in *core.PersistentVolume, out *corev1.PersistentVolume, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_PersistentVolume_To_v1_PersistentVolume is an autogenerated conversion function. -func Convert_core_PersistentVolume_To_v1_PersistentVolume(in *core.PersistentVolume, out *corev1.PersistentVolume, s conversion.Scope) error { - return autoConvert_core_PersistentVolume_To_v1_PersistentVolume(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaim_To_core_PersistentVolumeClaim(in *corev1.PersistentVolumeClaim, out *core.PersistentVolumeClaim, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PersistentVolumeClaim_To_core_PersistentVolumeClaim is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaim_To_core_PersistentVolumeClaim(in *corev1.PersistentVolumeClaim, out *core.PersistentVolumeClaim, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaim_To_core_PersistentVolumeClaim(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaim_To_v1_PersistentVolumeClaim(in *core.PersistentVolumeClaim, out *corev1.PersistentVolumeClaim, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_PersistentVolumeClaim_To_v1_PersistentVolumeClaim is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaim_To_v1_PersistentVolumeClaim(in *core.PersistentVolumeClaim, out *corev1.PersistentVolumeClaim, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaim_To_v1_PersistentVolumeClaim(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimCondition_To_core_PersistentVolumeClaimCondition(in *corev1.PersistentVolumeClaimCondition, out *core.PersistentVolumeClaimCondition, s conversion.Scope) error { - out.Type = core.PersistentVolumeClaimConditionType(in.Type) - out.Status = core.ConditionStatus(in.Status) - out.LastProbeTime = in.LastProbeTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_PersistentVolumeClaimCondition_To_core_PersistentVolumeClaimCondition is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimCondition_To_core_PersistentVolumeClaimCondition(in *corev1.PersistentVolumeClaimCondition, out *core.PersistentVolumeClaimCondition, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimCondition_To_core_PersistentVolumeClaimCondition(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimCondition_To_v1_PersistentVolumeClaimCondition(in *core.PersistentVolumeClaimCondition, out *corev1.PersistentVolumeClaimCondition, s conversion.Scope) error { - out.Type = corev1.PersistentVolumeClaimConditionType(in.Type) - out.Status = corev1.ConditionStatus(in.Status) - out.LastProbeTime = in.LastProbeTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_PersistentVolumeClaimCondition_To_v1_PersistentVolumeClaimCondition is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimCondition_To_v1_PersistentVolumeClaimCondition(in *core.PersistentVolumeClaimCondition, out *corev1.PersistentVolumeClaimCondition, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimCondition_To_v1_PersistentVolumeClaimCondition(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimList_To_core_PersistentVolumeClaimList(in *corev1.PersistentVolumeClaimList, out *core.PersistentVolumeClaimList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.PersistentVolumeClaim)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_PersistentVolumeClaimList_To_core_PersistentVolumeClaimList is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimList_To_core_PersistentVolumeClaimList(in *corev1.PersistentVolumeClaimList, out *core.PersistentVolumeClaimList, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimList_To_core_PersistentVolumeClaimList(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimList_To_v1_PersistentVolumeClaimList(in *core.PersistentVolumeClaimList, out *corev1.PersistentVolumeClaimList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.PersistentVolumeClaim)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_PersistentVolumeClaimList_To_v1_PersistentVolumeClaimList is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimList_To_v1_PersistentVolumeClaimList(in *core.PersistentVolumeClaimList, out *corev1.PersistentVolumeClaimList, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimList_To_v1_PersistentVolumeClaimList(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(in *corev1.PersistentVolumeClaimSpec, out *core.PersistentVolumeClaimSpec, s conversion.Scope) error { - out.AccessModes = *(*[]core.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.Selector = (*metav1.LabelSelector)(unsafe.Pointer(in.Selector)) - if err := Convert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.VolumeName = in.VolumeName - out.StorageClassName = (*string)(unsafe.Pointer(in.StorageClassName)) - out.VolumeMode = (*core.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode)) - out.DataSource = (*core.TypedLocalObjectReference)(unsafe.Pointer(in.DataSource)) - out.DataSourceRef = (*core.TypedObjectReference)(unsafe.Pointer(in.DataSourceRef)) - out.VolumeAttributesClassName = (*string)(unsafe.Pointer(in.VolumeAttributesClassName)) - return nil -} - -// Convert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(in *corev1.PersistentVolumeClaimSpec, out *core.PersistentVolumeClaimSpec, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(in *core.PersistentVolumeClaimSpec, out *corev1.PersistentVolumeClaimSpec, s conversion.Scope) error { - out.AccessModes = *(*[]corev1.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.Selector = (*metav1.LabelSelector)(unsafe.Pointer(in.Selector)) - if err := Convert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements(&in.Resources, &out.Resources, s); err != nil { - return err - } - out.VolumeName = in.VolumeName - out.StorageClassName = (*string)(unsafe.Pointer(in.StorageClassName)) - out.VolumeMode = (*corev1.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode)) - out.DataSource = (*corev1.TypedLocalObjectReference)(unsafe.Pointer(in.DataSource)) - out.DataSourceRef = (*corev1.TypedObjectReference)(unsafe.Pointer(in.DataSourceRef)) - out.VolumeAttributesClassName = (*string)(unsafe.Pointer(in.VolumeAttributesClassName)) - return nil -} - -// Convert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(in *core.PersistentVolumeClaimSpec, out *corev1.PersistentVolumeClaimSpec, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus(in *corev1.PersistentVolumeClaimStatus, out *core.PersistentVolumeClaimStatus, s conversion.Scope) error { - out.Phase = core.PersistentVolumeClaimPhase(in.Phase) - out.AccessModes = *(*[]core.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.Capacity = *(*core.ResourceList)(unsafe.Pointer(&in.Capacity)) - out.Conditions = *(*[]core.PersistentVolumeClaimCondition)(unsafe.Pointer(&in.Conditions)) - out.AllocatedResources = *(*core.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.AllocatedResourceStatuses = *(*map[core.ResourceName]core.ClaimResourceStatus)(unsafe.Pointer(&in.AllocatedResourceStatuses)) - out.CurrentVolumeAttributesClassName = (*string)(unsafe.Pointer(in.CurrentVolumeAttributesClassName)) - out.ModifyVolumeStatus = (*core.ModifyVolumeStatus)(unsafe.Pointer(in.ModifyVolumeStatus)) - return nil -} - -// Convert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus(in *corev1.PersistentVolumeClaimStatus, out *core.PersistentVolumeClaimStatus, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimStatus_To_core_PersistentVolumeClaimStatus(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus(in *core.PersistentVolumeClaimStatus, out *corev1.PersistentVolumeClaimStatus, s conversion.Scope) error { - out.Phase = corev1.PersistentVolumeClaimPhase(in.Phase) - out.AccessModes = *(*[]corev1.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.Capacity = *(*corev1.ResourceList)(unsafe.Pointer(&in.Capacity)) - out.Conditions = *(*[]corev1.PersistentVolumeClaimCondition)(unsafe.Pointer(&in.Conditions)) - out.AllocatedResources = *(*corev1.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.AllocatedResourceStatuses = *(*map[corev1.ResourceName]corev1.ClaimResourceStatus)(unsafe.Pointer(&in.AllocatedResourceStatuses)) - out.CurrentVolumeAttributesClassName = (*string)(unsafe.Pointer(in.CurrentVolumeAttributesClassName)) - out.ModifyVolumeStatus = (*corev1.ModifyVolumeStatus)(unsafe.Pointer(in.ModifyVolumeStatus)) - return nil -} - -// Convert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus(in *core.PersistentVolumeClaimStatus, out *corev1.PersistentVolumeClaimStatus, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimStatus_To_v1_PersistentVolumeClaimStatus(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimTemplate_To_core_PersistentVolumeClaimTemplate(in *corev1.PersistentVolumeClaimTemplate, out *core.PersistentVolumeClaimTemplate, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PersistentVolumeClaimSpec_To_core_PersistentVolumeClaimSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PersistentVolumeClaimTemplate_To_core_PersistentVolumeClaimTemplate is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimTemplate_To_core_PersistentVolumeClaimTemplate(in *corev1.PersistentVolumeClaimTemplate, out *core.PersistentVolumeClaimTemplate, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimTemplate_To_core_PersistentVolumeClaimTemplate(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimTemplate_To_v1_PersistentVolumeClaimTemplate(in *core.PersistentVolumeClaimTemplate, out *corev1.PersistentVolumeClaimTemplate, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PersistentVolumeClaimSpec_To_v1_PersistentVolumeClaimSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_core_PersistentVolumeClaimTemplate_To_v1_PersistentVolumeClaimTemplate is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimTemplate_To_v1_PersistentVolumeClaimTemplate(in *core.PersistentVolumeClaimTemplate, out *corev1.PersistentVolumeClaimTemplate, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimTemplate_To_v1_PersistentVolumeClaimTemplate(in, out, s) -} - -func autoConvert_v1_PersistentVolumeClaimVolumeSource_To_core_PersistentVolumeClaimVolumeSource(in *corev1.PersistentVolumeClaimVolumeSource, out *core.PersistentVolumeClaimVolumeSource, s conversion.Scope) error { - out.ClaimName = in.ClaimName - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_PersistentVolumeClaimVolumeSource_To_core_PersistentVolumeClaimVolumeSource is an autogenerated conversion function. -func Convert_v1_PersistentVolumeClaimVolumeSource_To_core_PersistentVolumeClaimVolumeSource(in *corev1.PersistentVolumeClaimVolumeSource, out *core.PersistentVolumeClaimVolumeSource, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeClaimVolumeSource_To_core_PersistentVolumeClaimVolumeSource(in, out, s) -} - -func autoConvert_core_PersistentVolumeClaimVolumeSource_To_v1_PersistentVolumeClaimVolumeSource(in *core.PersistentVolumeClaimVolumeSource, out *corev1.PersistentVolumeClaimVolumeSource, s conversion.Scope) error { - out.ClaimName = in.ClaimName - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_PersistentVolumeClaimVolumeSource_To_v1_PersistentVolumeClaimVolumeSource is an autogenerated conversion function. -func Convert_core_PersistentVolumeClaimVolumeSource_To_v1_PersistentVolumeClaimVolumeSource(in *core.PersistentVolumeClaimVolumeSource, out *corev1.PersistentVolumeClaimVolumeSource, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeClaimVolumeSource_To_v1_PersistentVolumeClaimVolumeSource(in, out, s) -} - -func autoConvert_v1_PersistentVolumeList_To_core_PersistentVolumeList(in *corev1.PersistentVolumeList, out *core.PersistentVolumeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.PersistentVolume, len(*in)) - for i := range *in { - if err := Convert_v1_PersistentVolume_To_core_PersistentVolume(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_PersistentVolumeList_To_core_PersistentVolumeList is an autogenerated conversion function. -func Convert_v1_PersistentVolumeList_To_core_PersistentVolumeList(in *corev1.PersistentVolumeList, out *core.PersistentVolumeList, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeList_To_core_PersistentVolumeList(in, out, s) -} - -func autoConvert_core_PersistentVolumeList_To_v1_PersistentVolumeList(in *core.PersistentVolumeList, out *corev1.PersistentVolumeList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.PersistentVolume, len(*in)) - for i := range *in { - if err := Convert_core_PersistentVolume_To_v1_PersistentVolume(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_PersistentVolumeList_To_v1_PersistentVolumeList is an autogenerated conversion function. -func Convert_core_PersistentVolumeList_To_v1_PersistentVolumeList(in *core.PersistentVolumeList, out *corev1.PersistentVolumeList, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeList_To_v1_PersistentVolumeList(in, out, s) -} - -func autoConvert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(in *corev1.PersistentVolumeSource, out *core.PersistentVolumeSource, s conversion.Scope) error { - out.GCEPersistentDisk = (*core.GCEPersistentDiskVolumeSource)(unsafe.Pointer(in.GCEPersistentDisk)) - out.AWSElasticBlockStore = (*core.AWSElasticBlockStoreVolumeSource)(unsafe.Pointer(in.AWSElasticBlockStore)) - out.HostPath = (*core.HostPathVolumeSource)(unsafe.Pointer(in.HostPath)) - out.Glusterfs = (*core.GlusterfsPersistentVolumeSource)(unsafe.Pointer(in.Glusterfs)) - out.NFS = (*core.NFSVolumeSource)(unsafe.Pointer(in.NFS)) - out.RBD = (*core.RBDPersistentVolumeSource)(unsafe.Pointer(in.RBD)) - out.ISCSI = (*core.ISCSIPersistentVolumeSource)(unsafe.Pointer(in.ISCSI)) - out.Cinder = (*core.CinderPersistentVolumeSource)(unsafe.Pointer(in.Cinder)) - out.CephFS = (*core.CephFSPersistentVolumeSource)(unsafe.Pointer(in.CephFS)) - out.FC = (*core.FCVolumeSource)(unsafe.Pointer(in.FC)) - out.Flocker = (*core.FlockerVolumeSource)(unsafe.Pointer(in.Flocker)) - out.FlexVolume = (*core.FlexPersistentVolumeSource)(unsafe.Pointer(in.FlexVolume)) - out.AzureFile = (*core.AzureFilePersistentVolumeSource)(unsafe.Pointer(in.AzureFile)) - out.VsphereVolume = (*core.VsphereVirtualDiskVolumeSource)(unsafe.Pointer(in.VsphereVolume)) - out.Quobyte = (*core.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte)) - out.AzureDisk = (*core.AzureDiskVolumeSource)(unsafe.Pointer(in.AzureDisk)) - out.PhotonPersistentDisk = (*core.PhotonPersistentDiskVolumeSource)(unsafe.Pointer(in.PhotonPersistentDisk)) - out.PortworxVolume = (*core.PortworxVolumeSource)(unsafe.Pointer(in.PortworxVolume)) - out.ScaleIO = (*core.ScaleIOPersistentVolumeSource)(unsafe.Pointer(in.ScaleIO)) - out.Local = (*core.LocalVolumeSource)(unsafe.Pointer(in.Local)) - out.StorageOS = (*core.StorageOSPersistentVolumeSource)(unsafe.Pointer(in.StorageOS)) - out.CSI = (*core.CSIPersistentVolumeSource)(unsafe.Pointer(in.CSI)) - return nil -} - -// Convert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(in *corev1.PersistentVolumeSource, out *core.PersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(in, out, s) -} - -func autoConvert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(in *core.PersistentVolumeSource, out *corev1.PersistentVolumeSource, s conversion.Scope) error { - out.GCEPersistentDisk = (*corev1.GCEPersistentDiskVolumeSource)(unsafe.Pointer(in.GCEPersistentDisk)) - out.AWSElasticBlockStore = (*corev1.AWSElasticBlockStoreVolumeSource)(unsafe.Pointer(in.AWSElasticBlockStore)) - out.HostPath = (*corev1.HostPathVolumeSource)(unsafe.Pointer(in.HostPath)) - out.Glusterfs = (*corev1.GlusterfsPersistentVolumeSource)(unsafe.Pointer(in.Glusterfs)) - out.NFS = (*corev1.NFSVolumeSource)(unsafe.Pointer(in.NFS)) - out.RBD = (*corev1.RBDPersistentVolumeSource)(unsafe.Pointer(in.RBD)) - out.Quobyte = (*corev1.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte)) - out.ISCSI = (*corev1.ISCSIPersistentVolumeSource)(unsafe.Pointer(in.ISCSI)) - out.FlexVolume = (*corev1.FlexPersistentVolumeSource)(unsafe.Pointer(in.FlexVolume)) - out.Cinder = (*corev1.CinderPersistentVolumeSource)(unsafe.Pointer(in.Cinder)) - out.CephFS = (*corev1.CephFSPersistentVolumeSource)(unsafe.Pointer(in.CephFS)) - out.FC = (*corev1.FCVolumeSource)(unsafe.Pointer(in.FC)) - out.Flocker = (*corev1.FlockerVolumeSource)(unsafe.Pointer(in.Flocker)) - out.AzureFile = (*corev1.AzureFilePersistentVolumeSource)(unsafe.Pointer(in.AzureFile)) - out.VsphereVolume = (*corev1.VsphereVirtualDiskVolumeSource)(unsafe.Pointer(in.VsphereVolume)) - out.AzureDisk = (*corev1.AzureDiskVolumeSource)(unsafe.Pointer(in.AzureDisk)) - out.PhotonPersistentDisk = (*corev1.PhotonPersistentDiskVolumeSource)(unsafe.Pointer(in.PhotonPersistentDisk)) - out.PortworxVolume = (*corev1.PortworxVolumeSource)(unsafe.Pointer(in.PortworxVolume)) - out.ScaleIO = (*corev1.ScaleIOPersistentVolumeSource)(unsafe.Pointer(in.ScaleIO)) - out.Local = (*corev1.LocalVolumeSource)(unsafe.Pointer(in.Local)) - out.StorageOS = (*corev1.StorageOSPersistentVolumeSource)(unsafe.Pointer(in.StorageOS)) - out.CSI = (*corev1.CSIPersistentVolumeSource)(unsafe.Pointer(in.CSI)) - return nil -} - -// Convert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource is an autogenerated conversion function. -func Convert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(in *core.PersistentVolumeSource, out *corev1.PersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(in *corev1.PersistentVolumeSpec, out *core.PersistentVolumeSpec, s conversion.Scope) error { - out.Capacity = *(*core.ResourceList)(unsafe.Pointer(&in.Capacity)) - if err := Convert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(&in.PersistentVolumeSource, &out.PersistentVolumeSource, s); err != nil { - return err - } - out.AccessModes = *(*[]core.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.ClaimRef = (*core.ObjectReference)(unsafe.Pointer(in.ClaimRef)) - out.PersistentVolumeReclaimPolicy = core.PersistentVolumeReclaimPolicy(in.PersistentVolumeReclaimPolicy) - out.StorageClassName = in.StorageClassName - out.MountOptions = *(*[]string)(unsafe.Pointer(&in.MountOptions)) - out.VolumeMode = (*core.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode)) - out.NodeAffinity = (*core.VolumeNodeAffinity)(unsafe.Pointer(in.NodeAffinity)) - out.VolumeAttributesClassName = (*string)(unsafe.Pointer(in.VolumeAttributesClassName)) - return nil -} - -func autoConvert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(in *core.PersistentVolumeSpec, out *corev1.PersistentVolumeSpec, s conversion.Scope) error { - out.Capacity = *(*corev1.ResourceList)(unsafe.Pointer(&in.Capacity)) - if err := Convert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(&in.PersistentVolumeSource, &out.PersistentVolumeSource, s); err != nil { - return err - } - out.AccessModes = *(*[]corev1.PersistentVolumeAccessMode)(unsafe.Pointer(&in.AccessModes)) - out.ClaimRef = (*corev1.ObjectReference)(unsafe.Pointer(in.ClaimRef)) - out.PersistentVolumeReclaimPolicy = corev1.PersistentVolumeReclaimPolicy(in.PersistentVolumeReclaimPolicy) - out.StorageClassName = in.StorageClassName - out.MountOptions = *(*[]string)(unsafe.Pointer(&in.MountOptions)) - out.VolumeMode = (*corev1.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode)) - out.NodeAffinity = (*corev1.VolumeNodeAffinity)(unsafe.Pointer(in.NodeAffinity)) - out.VolumeAttributesClassName = (*string)(unsafe.Pointer(in.VolumeAttributesClassName)) - return nil -} - -func autoConvert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus(in *corev1.PersistentVolumeStatus, out *core.PersistentVolumeStatus, s conversion.Scope) error { - out.Phase = core.PersistentVolumePhase(in.Phase) - out.Message = in.Message - out.Reason = in.Reason - out.LastPhaseTransitionTime = (*metav1.Time)(unsafe.Pointer(in.LastPhaseTransitionTime)) - return nil -} - -// Convert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus is an autogenerated conversion function. -func Convert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus(in *corev1.PersistentVolumeStatus, out *core.PersistentVolumeStatus, s conversion.Scope) error { - return autoConvert_v1_PersistentVolumeStatus_To_core_PersistentVolumeStatus(in, out, s) -} - -func autoConvert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus(in *core.PersistentVolumeStatus, out *corev1.PersistentVolumeStatus, s conversion.Scope) error { - out.Phase = corev1.PersistentVolumePhase(in.Phase) - out.Message = in.Message - out.Reason = in.Reason - out.LastPhaseTransitionTime = (*metav1.Time)(unsafe.Pointer(in.LastPhaseTransitionTime)) - return nil -} - -// Convert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus is an autogenerated conversion function. -func Convert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus(in *core.PersistentVolumeStatus, out *corev1.PersistentVolumeStatus, s conversion.Scope) error { - return autoConvert_core_PersistentVolumeStatus_To_v1_PersistentVolumeStatus(in, out, s) -} - -func autoConvert_v1_PhotonPersistentDiskVolumeSource_To_core_PhotonPersistentDiskVolumeSource(in *corev1.PhotonPersistentDiskVolumeSource, out *core.PhotonPersistentDiskVolumeSource, s conversion.Scope) error { - out.PdID = in.PdID - out.FSType = in.FSType - return nil -} - -// Convert_v1_PhotonPersistentDiskVolumeSource_To_core_PhotonPersistentDiskVolumeSource is an autogenerated conversion function. -func Convert_v1_PhotonPersistentDiskVolumeSource_To_core_PhotonPersistentDiskVolumeSource(in *corev1.PhotonPersistentDiskVolumeSource, out *core.PhotonPersistentDiskVolumeSource, s conversion.Scope) error { - return autoConvert_v1_PhotonPersistentDiskVolumeSource_To_core_PhotonPersistentDiskVolumeSource(in, out, s) -} - -func autoConvert_core_PhotonPersistentDiskVolumeSource_To_v1_PhotonPersistentDiskVolumeSource(in *core.PhotonPersistentDiskVolumeSource, out *corev1.PhotonPersistentDiskVolumeSource, s conversion.Scope) error { - out.PdID = in.PdID - out.FSType = in.FSType - return nil -} - -// Convert_core_PhotonPersistentDiskVolumeSource_To_v1_PhotonPersistentDiskVolumeSource is an autogenerated conversion function. -func Convert_core_PhotonPersistentDiskVolumeSource_To_v1_PhotonPersistentDiskVolumeSource(in *core.PhotonPersistentDiskVolumeSource, out *corev1.PhotonPersistentDiskVolumeSource, s conversion.Scope) error { - return autoConvert_core_PhotonPersistentDiskVolumeSource_To_v1_PhotonPersistentDiskVolumeSource(in, out, s) -} - -func autoConvert_v1_Pod_To_core_Pod(in *corev1.Pod, out *core.Pod, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PodSpec_To_core_PodSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_PodStatus_To_core_PodStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -func autoConvert_core_Pod_To_v1_Pod(in *core.Pod, out *corev1.Pod, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PodSpec_To_v1_PodSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_PodStatus_To_v1_PodStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -func autoConvert_v1_PodAffinity_To_core_PodAffinity(in *corev1.PodAffinity, out *core.PodAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = *(*[]core.PodAffinityTerm)(unsafe.Pointer(&in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]core.WeightedPodAffinityTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_v1_PodAffinity_To_core_PodAffinity is an autogenerated conversion function. -func Convert_v1_PodAffinity_To_core_PodAffinity(in *corev1.PodAffinity, out *core.PodAffinity, s conversion.Scope) error { - return autoConvert_v1_PodAffinity_To_core_PodAffinity(in, out, s) -} - -func autoConvert_core_PodAffinity_To_v1_PodAffinity(in *core.PodAffinity, out *corev1.PodAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = *(*[]corev1.PodAffinityTerm)(unsafe.Pointer(&in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]corev1.WeightedPodAffinityTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_core_PodAffinity_To_v1_PodAffinity is an autogenerated conversion function. -func Convert_core_PodAffinity_To_v1_PodAffinity(in *core.PodAffinity, out *corev1.PodAffinity, s conversion.Scope) error { - return autoConvert_core_PodAffinity_To_v1_PodAffinity(in, out, s) -} - -func autoConvert_v1_PodAffinityTerm_To_core_PodAffinityTerm(in *corev1.PodAffinityTerm, out *core.PodAffinityTerm, s conversion.Scope) error { - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.Namespaces = *(*[]string)(unsafe.Pointer(&in.Namespaces)) - out.TopologyKey = in.TopologyKey - out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) - out.MatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MatchLabelKeys)) - out.MismatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MismatchLabelKeys)) - return nil -} - -// Convert_v1_PodAffinityTerm_To_core_PodAffinityTerm is an autogenerated conversion function. -func Convert_v1_PodAffinityTerm_To_core_PodAffinityTerm(in *corev1.PodAffinityTerm, out *core.PodAffinityTerm, s conversion.Scope) error { - return autoConvert_v1_PodAffinityTerm_To_core_PodAffinityTerm(in, out, s) -} - -func autoConvert_core_PodAffinityTerm_To_v1_PodAffinityTerm(in *core.PodAffinityTerm, out *corev1.PodAffinityTerm, s conversion.Scope) error { - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.Namespaces = *(*[]string)(unsafe.Pointer(&in.Namespaces)) - out.TopologyKey = in.TopologyKey - out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) - out.MatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MatchLabelKeys)) - out.MismatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MismatchLabelKeys)) - return nil -} - -// Convert_core_PodAffinityTerm_To_v1_PodAffinityTerm is an autogenerated conversion function. -func Convert_core_PodAffinityTerm_To_v1_PodAffinityTerm(in *core.PodAffinityTerm, out *corev1.PodAffinityTerm, s conversion.Scope) error { - return autoConvert_core_PodAffinityTerm_To_v1_PodAffinityTerm(in, out, s) -} - -func autoConvert_v1_PodAntiAffinity_To_core_PodAntiAffinity(in *corev1.PodAntiAffinity, out *core.PodAntiAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = *(*[]core.PodAffinityTerm)(unsafe.Pointer(&in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]core.WeightedPodAffinityTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_v1_PodAntiAffinity_To_core_PodAntiAffinity is an autogenerated conversion function. -func Convert_v1_PodAntiAffinity_To_core_PodAntiAffinity(in *corev1.PodAntiAffinity, out *core.PodAntiAffinity, s conversion.Scope) error { - return autoConvert_v1_PodAntiAffinity_To_core_PodAntiAffinity(in, out, s) -} - -func autoConvert_core_PodAntiAffinity_To_v1_PodAntiAffinity(in *core.PodAntiAffinity, out *corev1.PodAntiAffinity, s conversion.Scope) error { - out.RequiredDuringSchedulingIgnoredDuringExecution = *(*[]corev1.PodAffinityTerm)(unsafe.Pointer(&in.RequiredDuringSchedulingIgnoredDuringExecution)) - out.PreferredDuringSchedulingIgnoredDuringExecution = *(*[]corev1.WeightedPodAffinityTerm)(unsafe.Pointer(&in.PreferredDuringSchedulingIgnoredDuringExecution)) - return nil -} - -// Convert_core_PodAntiAffinity_To_v1_PodAntiAffinity is an autogenerated conversion function. -func Convert_core_PodAntiAffinity_To_v1_PodAntiAffinity(in *core.PodAntiAffinity, out *corev1.PodAntiAffinity, s conversion.Scope) error { - return autoConvert_core_PodAntiAffinity_To_v1_PodAntiAffinity(in, out, s) -} - -func autoConvert_v1_PodAttachOptions_To_core_PodAttachOptions(in *corev1.PodAttachOptions, out *core.PodAttachOptions, s conversion.Scope) error { - out.Stdin = in.Stdin - out.Stdout = in.Stdout - out.Stderr = in.Stderr - out.TTY = in.TTY - out.Container = in.Container - return nil -} - -// Convert_v1_PodAttachOptions_To_core_PodAttachOptions is an autogenerated conversion function. -func Convert_v1_PodAttachOptions_To_core_PodAttachOptions(in *corev1.PodAttachOptions, out *core.PodAttachOptions, s conversion.Scope) error { - return autoConvert_v1_PodAttachOptions_To_core_PodAttachOptions(in, out, s) -} - -func autoConvert_core_PodAttachOptions_To_v1_PodAttachOptions(in *core.PodAttachOptions, out *corev1.PodAttachOptions, s conversion.Scope) error { - out.Stdin = in.Stdin - out.Stdout = in.Stdout - out.Stderr = in.Stderr - out.TTY = in.TTY - out.Container = in.Container - return nil -} - -// Convert_core_PodAttachOptions_To_v1_PodAttachOptions is an autogenerated conversion function. -func Convert_core_PodAttachOptions_To_v1_PodAttachOptions(in *core.PodAttachOptions, out *corev1.PodAttachOptions, s conversion.Scope) error { - return autoConvert_core_PodAttachOptions_To_v1_PodAttachOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_PodAttachOptions(in *url.Values, out *corev1.PodAttachOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["stdin"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stdin, s); err != nil { - return err - } - } else { - out.Stdin = false - } - if values, ok := map[string][]string(*in)["stdout"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stdout, s); err != nil { - return err - } - } else { - out.Stdout = false - } - if values, ok := map[string][]string(*in)["stderr"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stderr, s); err != nil { - return err - } - } else { - out.Stderr = false - } - if values, ok := map[string][]string(*in)["tty"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.TTY, s); err != nil { - return err - } - } else { - out.TTY = false - } - if values, ok := map[string][]string(*in)["container"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Container, s); err != nil { - return err - } - } else { - out.Container = "" - } - return nil -} - -// Convert_url_Values_To_v1_PodAttachOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_PodAttachOptions(in *url.Values, out *corev1.PodAttachOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_PodAttachOptions(in, out, s) -} - -func autoConvert_v1_PodCertificateProjection_To_core_PodCertificateProjection(in *corev1.PodCertificateProjection, out *core.PodCertificateProjection, s conversion.Scope) error { - out.SignerName = in.SignerName - out.KeyType = in.KeyType - out.MaxExpirationSeconds = (*int32)(unsafe.Pointer(in.MaxExpirationSeconds)) - out.CredentialBundlePath = in.CredentialBundlePath - out.KeyPath = in.KeyPath - out.CertificateChainPath = in.CertificateChainPath - out.UserAnnotations = *(*map[string]string)(unsafe.Pointer(&in.UserAnnotations)) - return nil -} - -// Convert_v1_PodCertificateProjection_To_core_PodCertificateProjection is an autogenerated conversion function. -func Convert_v1_PodCertificateProjection_To_core_PodCertificateProjection(in *corev1.PodCertificateProjection, out *core.PodCertificateProjection, s conversion.Scope) error { - return autoConvert_v1_PodCertificateProjection_To_core_PodCertificateProjection(in, out, s) -} - -func autoConvert_core_PodCertificateProjection_To_v1_PodCertificateProjection(in *core.PodCertificateProjection, out *corev1.PodCertificateProjection, s conversion.Scope) error { - out.SignerName = in.SignerName - out.KeyType = in.KeyType - out.MaxExpirationSeconds = (*int32)(unsafe.Pointer(in.MaxExpirationSeconds)) - out.CredentialBundlePath = in.CredentialBundlePath - out.KeyPath = in.KeyPath - out.CertificateChainPath = in.CertificateChainPath - out.UserAnnotations = *(*map[string]string)(unsafe.Pointer(&in.UserAnnotations)) - return nil -} - -// Convert_core_PodCertificateProjection_To_v1_PodCertificateProjection is an autogenerated conversion function. -func Convert_core_PodCertificateProjection_To_v1_PodCertificateProjection(in *core.PodCertificateProjection, out *corev1.PodCertificateProjection, s conversion.Scope) error { - return autoConvert_core_PodCertificateProjection_To_v1_PodCertificateProjection(in, out, s) -} - -func autoConvert_v1_PodCondition_To_core_PodCondition(in *corev1.PodCondition, out *core.PodCondition, s conversion.Scope) error { - out.Type = core.PodConditionType(in.Type) - out.ObservedGeneration = in.ObservedGeneration - out.Status = core.ConditionStatus(in.Status) - out.LastProbeTime = in.LastProbeTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_PodCondition_To_core_PodCondition is an autogenerated conversion function. -func Convert_v1_PodCondition_To_core_PodCondition(in *corev1.PodCondition, out *core.PodCondition, s conversion.Scope) error { - return autoConvert_v1_PodCondition_To_core_PodCondition(in, out, s) -} - -func autoConvert_core_PodCondition_To_v1_PodCondition(in *core.PodCondition, out *corev1.PodCondition, s conversion.Scope) error { - out.Type = corev1.PodConditionType(in.Type) - out.ObservedGeneration = in.ObservedGeneration - out.Status = corev1.ConditionStatus(in.Status) - out.LastProbeTime = in.LastProbeTime - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_PodCondition_To_v1_PodCondition is an autogenerated conversion function. -func Convert_core_PodCondition_To_v1_PodCondition(in *core.PodCondition, out *corev1.PodCondition, s conversion.Scope) error { - return autoConvert_core_PodCondition_To_v1_PodCondition(in, out, s) -} - -func autoConvert_v1_PodDNSConfig_To_core_PodDNSConfig(in *corev1.PodDNSConfig, out *core.PodDNSConfig, s conversion.Scope) error { - out.Nameservers = *(*[]string)(unsafe.Pointer(&in.Nameservers)) - out.Searches = *(*[]string)(unsafe.Pointer(&in.Searches)) - out.Options = *(*[]core.PodDNSConfigOption)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_v1_PodDNSConfig_To_core_PodDNSConfig is an autogenerated conversion function. -func Convert_v1_PodDNSConfig_To_core_PodDNSConfig(in *corev1.PodDNSConfig, out *core.PodDNSConfig, s conversion.Scope) error { - return autoConvert_v1_PodDNSConfig_To_core_PodDNSConfig(in, out, s) -} - -func autoConvert_core_PodDNSConfig_To_v1_PodDNSConfig(in *core.PodDNSConfig, out *corev1.PodDNSConfig, s conversion.Scope) error { - out.Nameservers = *(*[]string)(unsafe.Pointer(&in.Nameservers)) - out.Searches = *(*[]string)(unsafe.Pointer(&in.Searches)) - out.Options = *(*[]corev1.PodDNSConfigOption)(unsafe.Pointer(&in.Options)) - return nil -} - -// Convert_core_PodDNSConfig_To_v1_PodDNSConfig is an autogenerated conversion function. -func Convert_core_PodDNSConfig_To_v1_PodDNSConfig(in *core.PodDNSConfig, out *corev1.PodDNSConfig, s conversion.Scope) error { - return autoConvert_core_PodDNSConfig_To_v1_PodDNSConfig(in, out, s) -} - -func autoConvert_v1_PodDNSConfigOption_To_core_PodDNSConfigOption(in *corev1.PodDNSConfigOption, out *core.PodDNSConfigOption, s conversion.Scope) error { - out.Name = in.Name - out.Value = (*string)(unsafe.Pointer(in.Value)) - return nil -} - -// Convert_v1_PodDNSConfigOption_To_core_PodDNSConfigOption is an autogenerated conversion function. -func Convert_v1_PodDNSConfigOption_To_core_PodDNSConfigOption(in *corev1.PodDNSConfigOption, out *core.PodDNSConfigOption, s conversion.Scope) error { - return autoConvert_v1_PodDNSConfigOption_To_core_PodDNSConfigOption(in, out, s) -} - -func autoConvert_core_PodDNSConfigOption_To_v1_PodDNSConfigOption(in *core.PodDNSConfigOption, out *corev1.PodDNSConfigOption, s conversion.Scope) error { - out.Name = in.Name - out.Value = (*string)(unsafe.Pointer(in.Value)) - return nil -} - -// Convert_core_PodDNSConfigOption_To_v1_PodDNSConfigOption is an autogenerated conversion function. -func Convert_core_PodDNSConfigOption_To_v1_PodDNSConfigOption(in *core.PodDNSConfigOption, out *corev1.PodDNSConfigOption, s conversion.Scope) error { - return autoConvert_core_PodDNSConfigOption_To_v1_PodDNSConfigOption(in, out, s) -} - -func autoConvert_v1_PodExecOptions_To_core_PodExecOptions(in *corev1.PodExecOptions, out *core.PodExecOptions, s conversion.Scope) error { - out.Stdin = in.Stdin - out.Stdout = in.Stdout - out.Stderr = in.Stderr - out.TTY = in.TTY - out.Container = in.Container - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - return nil -} - -// Convert_v1_PodExecOptions_To_core_PodExecOptions is an autogenerated conversion function. -func Convert_v1_PodExecOptions_To_core_PodExecOptions(in *corev1.PodExecOptions, out *core.PodExecOptions, s conversion.Scope) error { - return autoConvert_v1_PodExecOptions_To_core_PodExecOptions(in, out, s) -} - -func autoConvert_core_PodExecOptions_To_v1_PodExecOptions(in *core.PodExecOptions, out *corev1.PodExecOptions, s conversion.Scope) error { - out.Stdin = in.Stdin - out.Stdout = in.Stdout - out.Stderr = in.Stderr - out.TTY = in.TTY - out.Container = in.Container - out.Command = *(*[]string)(unsafe.Pointer(&in.Command)) - return nil -} - -// Convert_core_PodExecOptions_To_v1_PodExecOptions is an autogenerated conversion function. -func Convert_core_PodExecOptions_To_v1_PodExecOptions(in *core.PodExecOptions, out *corev1.PodExecOptions, s conversion.Scope) error { - return autoConvert_core_PodExecOptions_To_v1_PodExecOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_PodExecOptions(in *url.Values, out *corev1.PodExecOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["stdin"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stdin, s); err != nil { - return err - } - } else { - out.Stdin = false - } - if values, ok := map[string][]string(*in)["stdout"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stdout, s); err != nil { - return err - } - } else { - out.Stdout = false - } - if values, ok := map[string][]string(*in)["stderr"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Stderr, s); err != nil { - return err - } - } else { - out.Stderr = false - } - if values, ok := map[string][]string(*in)["tty"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.TTY, s); err != nil { - return err - } - } else { - out.TTY = false - } - if values, ok := map[string][]string(*in)["container"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Container, s); err != nil { - return err - } - } else { - out.Container = "" - } - if values, ok := map[string][]string(*in)["command"]; ok && len(values) > 0 { - out.Command = *(*[]string)(unsafe.Pointer(&values)) - } else { - out.Command = nil - } - return nil -} - -// Convert_url_Values_To_v1_PodExecOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_PodExecOptions(in *url.Values, out *corev1.PodExecOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_PodExecOptions(in, out, s) -} - -func autoConvert_v1_PodExtendedResourceClaimStatus_To_core_PodExtendedResourceClaimStatus(in *corev1.PodExtendedResourceClaimStatus, out *core.PodExtendedResourceClaimStatus, s conversion.Scope) error { - out.RequestMappings = *(*[]core.ContainerExtendedResourceRequest)(unsafe.Pointer(&in.RequestMappings)) - out.ResourceClaimName = in.ResourceClaimName - return nil -} - -// Convert_v1_PodExtendedResourceClaimStatus_To_core_PodExtendedResourceClaimStatus is an autogenerated conversion function. -func Convert_v1_PodExtendedResourceClaimStatus_To_core_PodExtendedResourceClaimStatus(in *corev1.PodExtendedResourceClaimStatus, out *core.PodExtendedResourceClaimStatus, s conversion.Scope) error { - return autoConvert_v1_PodExtendedResourceClaimStatus_To_core_PodExtendedResourceClaimStatus(in, out, s) -} - -func autoConvert_core_PodExtendedResourceClaimStatus_To_v1_PodExtendedResourceClaimStatus(in *core.PodExtendedResourceClaimStatus, out *corev1.PodExtendedResourceClaimStatus, s conversion.Scope) error { - out.RequestMappings = *(*[]corev1.ContainerExtendedResourceRequest)(unsafe.Pointer(&in.RequestMappings)) - out.ResourceClaimName = in.ResourceClaimName - return nil -} - -// Convert_core_PodExtendedResourceClaimStatus_To_v1_PodExtendedResourceClaimStatus is an autogenerated conversion function. -func Convert_core_PodExtendedResourceClaimStatus_To_v1_PodExtendedResourceClaimStatus(in *core.PodExtendedResourceClaimStatus, out *corev1.PodExtendedResourceClaimStatus, s conversion.Scope) error { - return autoConvert_core_PodExtendedResourceClaimStatus_To_v1_PodExtendedResourceClaimStatus(in, out, s) -} - -func autoConvert_v1_PodIP_To_core_PodIP(in *corev1.PodIP, out *core.PodIP, s conversion.Scope) error { - out.IP = in.IP - return nil -} - -// Convert_v1_PodIP_To_core_PodIP is an autogenerated conversion function. -func Convert_v1_PodIP_To_core_PodIP(in *corev1.PodIP, out *core.PodIP, s conversion.Scope) error { - return autoConvert_v1_PodIP_To_core_PodIP(in, out, s) -} - -func autoConvert_core_PodIP_To_v1_PodIP(in *core.PodIP, out *corev1.PodIP, s conversion.Scope) error { - out.IP = in.IP - return nil -} - -// Convert_core_PodIP_To_v1_PodIP is an autogenerated conversion function. -func Convert_core_PodIP_To_v1_PodIP(in *core.PodIP, out *corev1.PodIP, s conversion.Scope) error { - return autoConvert_core_PodIP_To_v1_PodIP(in, out, s) -} - -func autoConvert_v1_PodList_To_core_PodList(in *corev1.PodList, out *core.PodList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.Pod, len(*in)) - for i := range *in { - if err := Convert_v1_Pod_To_core_Pod(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_PodList_To_core_PodList is an autogenerated conversion function. -func Convert_v1_PodList_To_core_PodList(in *corev1.PodList, out *core.PodList, s conversion.Scope) error { - return autoConvert_v1_PodList_To_core_PodList(in, out, s) -} - -func autoConvert_core_PodList_To_v1_PodList(in *core.PodList, out *corev1.PodList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.Pod, len(*in)) - for i := range *in { - if err := Convert_core_Pod_To_v1_Pod(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_PodList_To_v1_PodList is an autogenerated conversion function. -func Convert_core_PodList_To_v1_PodList(in *core.PodList, out *corev1.PodList, s conversion.Scope) error { - return autoConvert_core_PodList_To_v1_PodList(in, out, s) -} - -func autoConvert_v1_PodLogOptions_To_core_PodLogOptions(in *corev1.PodLogOptions, out *core.PodLogOptions, s conversion.Scope) error { - out.Container = in.Container - out.Follow = in.Follow - out.Previous = in.Previous - out.SinceSeconds = (*int64)(unsafe.Pointer(in.SinceSeconds)) - out.SinceTime = (*metav1.Time)(unsafe.Pointer(in.SinceTime)) - out.Timestamps = in.Timestamps - out.TailLines = (*int64)(unsafe.Pointer(in.TailLines)) - out.LimitBytes = (*int64)(unsafe.Pointer(in.LimitBytes)) - out.InsecureSkipTLSVerifyBackend = in.InsecureSkipTLSVerifyBackend - out.Stream = (*string)(unsafe.Pointer(in.Stream)) - return nil -} - -// Convert_v1_PodLogOptions_To_core_PodLogOptions is an autogenerated conversion function. -func Convert_v1_PodLogOptions_To_core_PodLogOptions(in *corev1.PodLogOptions, out *core.PodLogOptions, s conversion.Scope) error { - return autoConvert_v1_PodLogOptions_To_core_PodLogOptions(in, out, s) -} - -func autoConvert_core_PodLogOptions_To_v1_PodLogOptions(in *core.PodLogOptions, out *corev1.PodLogOptions, s conversion.Scope) error { - out.Container = in.Container - out.Follow = in.Follow - out.Previous = in.Previous - out.SinceSeconds = (*int64)(unsafe.Pointer(in.SinceSeconds)) - out.SinceTime = (*metav1.Time)(unsafe.Pointer(in.SinceTime)) - out.Timestamps = in.Timestamps - out.TailLines = (*int64)(unsafe.Pointer(in.TailLines)) - out.LimitBytes = (*int64)(unsafe.Pointer(in.LimitBytes)) - out.InsecureSkipTLSVerifyBackend = in.InsecureSkipTLSVerifyBackend - out.Stream = (*string)(unsafe.Pointer(in.Stream)) - return nil -} - -// Convert_core_PodLogOptions_To_v1_PodLogOptions is an autogenerated conversion function. -func Convert_core_PodLogOptions_To_v1_PodLogOptions(in *core.PodLogOptions, out *corev1.PodLogOptions, s conversion.Scope) error { - return autoConvert_core_PodLogOptions_To_v1_PodLogOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_PodLogOptions(in *url.Values, out *corev1.PodLogOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["container"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Container, s); err != nil { - return err - } - } else { - out.Container = "" - } - if values, ok := map[string][]string(*in)["follow"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Follow, s); err != nil { - return err - } - } else { - out.Follow = false - } - if values, ok := map[string][]string(*in)["previous"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Previous, s); err != nil { - return err - } - } else { - out.Previous = false - } - if values, ok := map[string][]string(*in)["sinceSeconds"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_Pointer_int64(&values, &out.SinceSeconds, s); err != nil { - return err - } - } else { - out.SinceSeconds = nil - } - if values, ok := map[string][]string(*in)["sinceTime"]; ok && len(values) > 0 { - if err := metav1.Convert_Slice_string_To_Pointer_v1_Time(&values, &out.SinceTime, s); err != nil { - return err - } - } else { - out.SinceTime = nil - } - if values, ok := map[string][]string(*in)["timestamps"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.Timestamps, s); err != nil { - return err - } - } else { - out.Timestamps = false - } - if values, ok := map[string][]string(*in)["tailLines"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_Pointer_int64(&values, &out.TailLines, s); err != nil { - return err - } - } else { - out.TailLines = nil - } - if values, ok := map[string][]string(*in)["limitBytes"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_Pointer_int64(&values, &out.LimitBytes, s); err != nil { - return err - } - } else { - out.LimitBytes = nil - } - if values, ok := map[string][]string(*in)["insecureSkipTLSVerifyBackend"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_bool(&values, &out.InsecureSkipTLSVerifyBackend, s); err != nil { - return err - } - } else { - out.InsecureSkipTLSVerifyBackend = false - } - if values, ok := map[string][]string(*in)["stream"]; ok && len(values) > 0 { - if err := Convert_Slice_string_To_Pointer_string(&values, &out.Stream, s); err != nil { - return err - } - } else { - out.Stream = nil - } - return nil -} - -// Convert_url_Values_To_v1_PodLogOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_PodLogOptions(in *url.Values, out *corev1.PodLogOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_PodLogOptions(in, out, s) -} - -func autoConvert_v1_PodOS_To_core_PodOS(in *corev1.PodOS, out *core.PodOS, s conversion.Scope) error { - out.Name = core.OSName(in.Name) - return nil -} - -// Convert_v1_PodOS_To_core_PodOS is an autogenerated conversion function. -func Convert_v1_PodOS_To_core_PodOS(in *corev1.PodOS, out *core.PodOS, s conversion.Scope) error { - return autoConvert_v1_PodOS_To_core_PodOS(in, out, s) -} - -func autoConvert_core_PodOS_To_v1_PodOS(in *core.PodOS, out *corev1.PodOS, s conversion.Scope) error { - out.Name = corev1.OSName(in.Name) - return nil -} - -// Convert_core_PodOS_To_v1_PodOS is an autogenerated conversion function. -func Convert_core_PodOS_To_v1_PodOS(in *core.PodOS, out *corev1.PodOS, s conversion.Scope) error { - return autoConvert_core_PodOS_To_v1_PodOS(in, out, s) -} - -func autoConvert_v1_PodPortForwardOptions_To_core_PodPortForwardOptions(in *corev1.PodPortForwardOptions, out *core.PodPortForwardOptions, s conversion.Scope) error { - out.Ports = *(*[]int32)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_v1_PodPortForwardOptions_To_core_PodPortForwardOptions is an autogenerated conversion function. -func Convert_v1_PodPortForwardOptions_To_core_PodPortForwardOptions(in *corev1.PodPortForwardOptions, out *core.PodPortForwardOptions, s conversion.Scope) error { - return autoConvert_v1_PodPortForwardOptions_To_core_PodPortForwardOptions(in, out, s) -} - -func autoConvert_core_PodPortForwardOptions_To_v1_PodPortForwardOptions(in *core.PodPortForwardOptions, out *corev1.PodPortForwardOptions, s conversion.Scope) error { - out.Ports = *(*[]int32)(unsafe.Pointer(&in.Ports)) - return nil -} - -// Convert_core_PodPortForwardOptions_To_v1_PodPortForwardOptions is an autogenerated conversion function. -func Convert_core_PodPortForwardOptions_To_v1_PodPortForwardOptions(in *core.PodPortForwardOptions, out *corev1.PodPortForwardOptions, s conversion.Scope) error { - return autoConvert_core_PodPortForwardOptions_To_v1_PodPortForwardOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_PodPortForwardOptions(in *url.Values, out *corev1.PodPortForwardOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["ports"]; ok && len(values) > 0 { - if err := metav1.Convert_Slice_string_To_Slice_int32(&values, &out.Ports, s); err != nil { - return err - } - } else { - out.Ports = nil - } - return nil -} - -// Convert_url_Values_To_v1_PodPortForwardOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_PodPortForwardOptions(in *url.Values, out *corev1.PodPortForwardOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_PodPortForwardOptions(in, out, s) -} - -func autoConvert_v1_PodProxyOptions_To_core_PodProxyOptions(in *corev1.PodProxyOptions, out *core.PodProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_v1_PodProxyOptions_To_core_PodProxyOptions is an autogenerated conversion function. -func Convert_v1_PodProxyOptions_To_core_PodProxyOptions(in *corev1.PodProxyOptions, out *core.PodProxyOptions, s conversion.Scope) error { - return autoConvert_v1_PodProxyOptions_To_core_PodProxyOptions(in, out, s) -} - -func autoConvert_core_PodProxyOptions_To_v1_PodProxyOptions(in *core.PodProxyOptions, out *corev1.PodProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_core_PodProxyOptions_To_v1_PodProxyOptions is an autogenerated conversion function. -func Convert_core_PodProxyOptions_To_v1_PodProxyOptions(in *core.PodProxyOptions, out *corev1.PodProxyOptions, s conversion.Scope) error { - return autoConvert_core_PodProxyOptions_To_v1_PodProxyOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_PodProxyOptions(in *url.Values, out *corev1.PodProxyOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["path"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Path, s); err != nil { - return err - } - } else { - out.Path = "" - } - return nil -} - -// Convert_url_Values_To_v1_PodProxyOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_PodProxyOptions(in *url.Values, out *corev1.PodProxyOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_PodProxyOptions(in, out, s) -} - -func autoConvert_v1_PodReadinessGate_To_core_PodReadinessGate(in *corev1.PodReadinessGate, out *core.PodReadinessGate, s conversion.Scope) error { - out.ConditionType = core.PodConditionType(in.ConditionType) - return nil -} - -// Convert_v1_PodReadinessGate_To_core_PodReadinessGate is an autogenerated conversion function. -func Convert_v1_PodReadinessGate_To_core_PodReadinessGate(in *corev1.PodReadinessGate, out *core.PodReadinessGate, s conversion.Scope) error { - return autoConvert_v1_PodReadinessGate_To_core_PodReadinessGate(in, out, s) -} - -func autoConvert_core_PodReadinessGate_To_v1_PodReadinessGate(in *core.PodReadinessGate, out *corev1.PodReadinessGate, s conversion.Scope) error { - out.ConditionType = corev1.PodConditionType(in.ConditionType) - return nil -} - -// Convert_core_PodReadinessGate_To_v1_PodReadinessGate is an autogenerated conversion function. -func Convert_core_PodReadinessGate_To_v1_PodReadinessGate(in *core.PodReadinessGate, out *corev1.PodReadinessGate, s conversion.Scope) error { - return autoConvert_core_PodReadinessGate_To_v1_PodReadinessGate(in, out, s) -} - -func autoConvert_v1_PodResourceClaim_To_core_PodResourceClaim(in *corev1.PodResourceClaim, out *core.PodResourceClaim, s conversion.Scope) error { - out.Name = in.Name - out.ResourceClaimName = (*string)(unsafe.Pointer(in.ResourceClaimName)) - out.ResourceClaimTemplateName = (*string)(unsafe.Pointer(in.ResourceClaimTemplateName)) - return nil -} - -// Convert_v1_PodResourceClaim_To_core_PodResourceClaim is an autogenerated conversion function. -func Convert_v1_PodResourceClaim_To_core_PodResourceClaim(in *corev1.PodResourceClaim, out *core.PodResourceClaim, s conversion.Scope) error { - return autoConvert_v1_PodResourceClaim_To_core_PodResourceClaim(in, out, s) -} - -func autoConvert_core_PodResourceClaim_To_v1_PodResourceClaim(in *core.PodResourceClaim, out *corev1.PodResourceClaim, s conversion.Scope) error { - out.Name = in.Name - out.ResourceClaimName = (*string)(unsafe.Pointer(in.ResourceClaimName)) - out.ResourceClaimTemplateName = (*string)(unsafe.Pointer(in.ResourceClaimTemplateName)) - return nil -} - -// Convert_core_PodResourceClaim_To_v1_PodResourceClaim is an autogenerated conversion function. -func Convert_core_PodResourceClaim_To_v1_PodResourceClaim(in *core.PodResourceClaim, out *corev1.PodResourceClaim, s conversion.Scope) error { - return autoConvert_core_PodResourceClaim_To_v1_PodResourceClaim(in, out, s) -} - -func autoConvert_v1_PodResourceClaimStatus_To_core_PodResourceClaimStatus(in *corev1.PodResourceClaimStatus, out *core.PodResourceClaimStatus, s conversion.Scope) error { - out.Name = in.Name - out.ResourceClaimName = (*string)(unsafe.Pointer(in.ResourceClaimName)) - return nil -} - -// Convert_v1_PodResourceClaimStatus_To_core_PodResourceClaimStatus is an autogenerated conversion function. -func Convert_v1_PodResourceClaimStatus_To_core_PodResourceClaimStatus(in *corev1.PodResourceClaimStatus, out *core.PodResourceClaimStatus, s conversion.Scope) error { - return autoConvert_v1_PodResourceClaimStatus_To_core_PodResourceClaimStatus(in, out, s) -} - -func autoConvert_core_PodResourceClaimStatus_To_v1_PodResourceClaimStatus(in *core.PodResourceClaimStatus, out *corev1.PodResourceClaimStatus, s conversion.Scope) error { - out.Name = in.Name - out.ResourceClaimName = (*string)(unsafe.Pointer(in.ResourceClaimName)) - return nil -} - -// Convert_core_PodResourceClaimStatus_To_v1_PodResourceClaimStatus is an autogenerated conversion function. -func Convert_core_PodResourceClaimStatus_To_v1_PodResourceClaimStatus(in *core.PodResourceClaimStatus, out *corev1.PodResourceClaimStatus, s conversion.Scope) error { - return autoConvert_core_PodResourceClaimStatus_To_v1_PodResourceClaimStatus(in, out, s) -} - -func autoConvert_v1_PodSchedulingGate_To_core_PodSchedulingGate(in *corev1.PodSchedulingGate, out *core.PodSchedulingGate, s conversion.Scope) error { - out.Name = in.Name - return nil -} - -// Convert_v1_PodSchedulingGate_To_core_PodSchedulingGate is an autogenerated conversion function. -func Convert_v1_PodSchedulingGate_To_core_PodSchedulingGate(in *corev1.PodSchedulingGate, out *core.PodSchedulingGate, s conversion.Scope) error { - return autoConvert_v1_PodSchedulingGate_To_core_PodSchedulingGate(in, out, s) -} - -func autoConvert_core_PodSchedulingGate_To_v1_PodSchedulingGate(in *core.PodSchedulingGate, out *corev1.PodSchedulingGate, s conversion.Scope) error { - out.Name = in.Name - return nil -} - -// Convert_core_PodSchedulingGate_To_v1_PodSchedulingGate is an autogenerated conversion function. -func Convert_core_PodSchedulingGate_To_v1_PodSchedulingGate(in *core.PodSchedulingGate, out *corev1.PodSchedulingGate, s conversion.Scope) error { - return autoConvert_core_PodSchedulingGate_To_v1_PodSchedulingGate(in, out, s) -} - -func autoConvert_v1_PodSecurityContext_To_core_PodSecurityContext(in *corev1.PodSecurityContext, out *core.PodSecurityContext, s conversion.Scope) error { - out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions)) - out.WindowsOptions = (*core.WindowsSecurityContextOptions)(unsafe.Pointer(in.WindowsOptions)) - out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser)) - out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup)) - out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot)) - out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups)) - out.SupplementalGroupsPolicy = (*core.SupplementalGroupsPolicy)(unsafe.Pointer(in.SupplementalGroupsPolicy)) - out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup)) - out.Sysctls = *(*[]core.Sysctl)(unsafe.Pointer(&in.Sysctls)) - out.FSGroupChangePolicy = (*core.PodFSGroupChangePolicy)(unsafe.Pointer(in.FSGroupChangePolicy)) - out.SeccompProfile = (*core.SeccompProfile)(unsafe.Pointer(in.SeccompProfile)) - out.AppArmorProfile = (*core.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile)) - out.SELinuxChangePolicy = (*core.PodSELinuxChangePolicy)(unsafe.Pointer(in.SELinuxChangePolicy)) - return nil -} - -// Convert_v1_PodSecurityContext_To_core_PodSecurityContext is an autogenerated conversion function. -func Convert_v1_PodSecurityContext_To_core_PodSecurityContext(in *corev1.PodSecurityContext, out *core.PodSecurityContext, s conversion.Scope) error { - return autoConvert_v1_PodSecurityContext_To_core_PodSecurityContext(in, out, s) -} - -func autoConvert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSecurityContext, out *corev1.PodSecurityContext, s conversion.Scope) error { - // INFO: in.HostNetwork opted out of conversion generation - // INFO: in.HostPID opted out of conversion generation - // INFO: in.HostIPC opted out of conversion generation - // INFO: in.ShareProcessNamespace opted out of conversion generation - // INFO: in.HostUsers opted out of conversion generation - out.SELinuxOptions = (*corev1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions)) - out.WindowsOptions = (*corev1.WindowsSecurityContextOptions)(unsafe.Pointer(in.WindowsOptions)) - out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser)) - out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup)) - out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot)) - out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups)) - out.SupplementalGroupsPolicy = (*corev1.SupplementalGroupsPolicy)(unsafe.Pointer(in.SupplementalGroupsPolicy)) - out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup)) - out.FSGroupChangePolicy = (*corev1.PodFSGroupChangePolicy)(unsafe.Pointer(in.FSGroupChangePolicy)) - out.Sysctls = *(*[]corev1.Sysctl)(unsafe.Pointer(&in.Sysctls)) - out.SeccompProfile = (*corev1.SeccompProfile)(unsafe.Pointer(in.SeccompProfile)) - out.AppArmorProfile = (*corev1.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile)) - out.SELinuxChangePolicy = (*corev1.PodSELinuxChangePolicy)(unsafe.Pointer(in.SELinuxChangePolicy)) - return nil -} - -// Convert_core_PodSecurityContext_To_v1_PodSecurityContext is an autogenerated conversion function. -func Convert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSecurityContext, out *corev1.PodSecurityContext, s conversion.Scope) error { - return autoConvert_core_PodSecurityContext_To_v1_PodSecurityContext(in, out, s) -} - -func autoConvert_v1_PodSignature_To_core_PodSignature(in *corev1.PodSignature, out *core.PodSignature, s conversion.Scope) error { - out.PodController = (*metav1.OwnerReference)(unsafe.Pointer(in.PodController)) - return nil -} - -// Convert_v1_PodSignature_To_core_PodSignature is an autogenerated conversion function. -func Convert_v1_PodSignature_To_core_PodSignature(in *corev1.PodSignature, out *core.PodSignature, s conversion.Scope) error { - return autoConvert_v1_PodSignature_To_core_PodSignature(in, out, s) -} - -func autoConvert_core_PodSignature_To_v1_PodSignature(in *core.PodSignature, out *corev1.PodSignature, s conversion.Scope) error { - out.PodController = (*metav1.OwnerReference)(unsafe.Pointer(in.PodController)) - return nil -} - -// Convert_core_PodSignature_To_v1_PodSignature is an autogenerated conversion function. -func Convert_core_PodSignature_To_v1_PodSignature(in *core.PodSignature, out *corev1.PodSignature, s conversion.Scope) error { - return autoConvert_core_PodSignature_To_v1_PodSignature(in, out, s) -} - -func autoConvert_v1_PodSpec_To_core_PodSpec(in *corev1.PodSpec, out *core.PodSpec, s conversion.Scope) error { - if in.Volumes != nil { - in, out := &in.Volumes, &out.Volumes - *out = make([]core.Volume, len(*in)) - for i := range *in { - if err := Convert_v1_Volume_To_core_Volume(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Volumes = nil - } - out.InitContainers = *(*[]core.Container)(unsafe.Pointer(&in.InitContainers)) - out.Containers = *(*[]core.Container)(unsafe.Pointer(&in.Containers)) - out.EphemeralContainers = *(*[]core.EphemeralContainer)(unsafe.Pointer(&in.EphemeralContainers)) - out.RestartPolicy = core.RestartPolicy(in.RestartPolicy) - out.TerminationGracePeriodSeconds = (*int64)(unsafe.Pointer(in.TerminationGracePeriodSeconds)) - out.ActiveDeadlineSeconds = (*int64)(unsafe.Pointer(in.ActiveDeadlineSeconds)) - out.DNSPolicy = core.DNSPolicy(in.DNSPolicy) - out.NodeSelector = *(*map[string]string)(unsafe.Pointer(&in.NodeSelector)) - out.ServiceAccountName = in.ServiceAccountName - // INFO: in.DeprecatedServiceAccount opted out of conversion generation - out.AutomountServiceAccountToken = (*bool)(unsafe.Pointer(in.AutomountServiceAccountToken)) - out.NodeName = in.NodeName - // INFO: in.HostNetwork opted out of conversion generation - // INFO: in.HostPID opted out of conversion generation - // INFO: in.HostIPC opted out of conversion generation - // INFO: in.ShareProcessNamespace opted out of conversion generation - if in.SecurityContext != nil { - in, out := &in.SecurityContext, &out.SecurityContext - *out = new(core.PodSecurityContext) - if err := Convert_v1_PodSecurityContext_To_core_PodSecurityContext(*in, *out, s); err != nil { - return err - } - } else { - out.SecurityContext = nil - } - out.ImagePullSecrets = *(*[]core.LocalObjectReference)(unsafe.Pointer(&in.ImagePullSecrets)) - out.Hostname = in.Hostname - out.Subdomain = in.Subdomain - out.Affinity = (*core.Affinity)(unsafe.Pointer(in.Affinity)) - out.SchedulerName = in.SchedulerName - out.Tolerations = *(*[]core.Toleration)(unsafe.Pointer(&in.Tolerations)) - out.HostAliases = *(*[]core.HostAlias)(unsafe.Pointer(&in.HostAliases)) - out.PriorityClassName = in.PriorityClassName - out.Priority = (*int32)(unsafe.Pointer(in.Priority)) - out.DNSConfig = (*core.PodDNSConfig)(unsafe.Pointer(in.DNSConfig)) - out.ReadinessGates = *(*[]core.PodReadinessGate)(unsafe.Pointer(&in.ReadinessGates)) - out.RuntimeClassName = (*string)(unsafe.Pointer(in.RuntimeClassName)) - out.EnableServiceLinks = (*bool)(unsafe.Pointer(in.EnableServiceLinks)) - out.PreemptionPolicy = (*core.PreemptionPolicy)(unsafe.Pointer(in.PreemptionPolicy)) - out.Overhead = *(*core.ResourceList)(unsafe.Pointer(&in.Overhead)) - out.TopologySpreadConstraints = *(*[]core.TopologySpreadConstraint)(unsafe.Pointer(&in.TopologySpreadConstraints)) - out.SetHostnameAsFQDN = (*bool)(unsafe.Pointer(in.SetHostnameAsFQDN)) - out.OS = (*core.PodOS)(unsafe.Pointer(in.OS)) - // INFO: in.HostUsers opted out of conversion generation - out.SchedulingGates = *(*[]core.PodSchedulingGate)(unsafe.Pointer(&in.SchedulingGates)) - out.ResourceClaims = *(*[]core.PodResourceClaim)(unsafe.Pointer(&in.ResourceClaims)) - out.Resources = (*core.ResourceRequirements)(unsafe.Pointer(in.Resources)) - out.HostnameOverride = (*string)(unsafe.Pointer(in.HostnameOverride)) - out.WorkloadRef = (*core.WorkloadReference)(unsafe.Pointer(in.WorkloadRef)) - return nil -} - -func autoConvert_core_PodSpec_To_v1_PodSpec(in *core.PodSpec, out *corev1.PodSpec, s conversion.Scope) error { - if in.Volumes != nil { - in, out := &in.Volumes, &out.Volumes - *out = make([]corev1.Volume, len(*in)) - for i := range *in { - if err := Convert_core_Volume_To_v1_Volume(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Volumes = nil - } - out.InitContainers = *(*[]corev1.Container)(unsafe.Pointer(&in.InitContainers)) - out.Containers = *(*[]corev1.Container)(unsafe.Pointer(&in.Containers)) - out.EphemeralContainers = *(*[]corev1.EphemeralContainer)(unsafe.Pointer(&in.EphemeralContainers)) - out.RestartPolicy = corev1.RestartPolicy(in.RestartPolicy) - out.TerminationGracePeriodSeconds = (*int64)(unsafe.Pointer(in.TerminationGracePeriodSeconds)) - out.ActiveDeadlineSeconds = (*int64)(unsafe.Pointer(in.ActiveDeadlineSeconds)) - out.DNSPolicy = corev1.DNSPolicy(in.DNSPolicy) - out.NodeSelector = *(*map[string]string)(unsafe.Pointer(&in.NodeSelector)) - out.ServiceAccountName = in.ServiceAccountName - out.AutomountServiceAccountToken = (*bool)(unsafe.Pointer(in.AutomountServiceAccountToken)) - out.NodeName = in.NodeName - if in.SecurityContext != nil { - in, out := &in.SecurityContext, &out.SecurityContext - *out = new(corev1.PodSecurityContext) - if err := Convert_core_PodSecurityContext_To_v1_PodSecurityContext(*in, *out, s); err != nil { - return err - } - } else { - out.SecurityContext = nil - } - out.ImagePullSecrets = *(*[]corev1.LocalObjectReference)(unsafe.Pointer(&in.ImagePullSecrets)) - out.Hostname = in.Hostname - out.Subdomain = in.Subdomain - out.SetHostnameAsFQDN = (*bool)(unsafe.Pointer(in.SetHostnameAsFQDN)) - out.Affinity = (*corev1.Affinity)(unsafe.Pointer(in.Affinity)) - out.SchedulerName = in.SchedulerName - out.Tolerations = *(*[]corev1.Toleration)(unsafe.Pointer(&in.Tolerations)) - out.HostAliases = *(*[]corev1.HostAlias)(unsafe.Pointer(&in.HostAliases)) - out.PriorityClassName = in.PriorityClassName - out.Priority = (*int32)(unsafe.Pointer(in.Priority)) - out.PreemptionPolicy = (*corev1.PreemptionPolicy)(unsafe.Pointer(in.PreemptionPolicy)) - out.DNSConfig = (*corev1.PodDNSConfig)(unsafe.Pointer(in.DNSConfig)) - out.ReadinessGates = *(*[]corev1.PodReadinessGate)(unsafe.Pointer(&in.ReadinessGates)) - out.RuntimeClassName = (*string)(unsafe.Pointer(in.RuntimeClassName)) - out.Overhead = *(*corev1.ResourceList)(unsafe.Pointer(&in.Overhead)) - out.EnableServiceLinks = (*bool)(unsafe.Pointer(in.EnableServiceLinks)) - out.TopologySpreadConstraints = *(*[]corev1.TopologySpreadConstraint)(unsafe.Pointer(&in.TopologySpreadConstraints)) - out.OS = (*corev1.PodOS)(unsafe.Pointer(in.OS)) - out.SchedulingGates = *(*[]corev1.PodSchedulingGate)(unsafe.Pointer(&in.SchedulingGates)) - out.ResourceClaims = *(*[]corev1.PodResourceClaim)(unsafe.Pointer(&in.ResourceClaims)) - out.Resources = (*corev1.ResourceRequirements)(unsafe.Pointer(in.Resources)) - out.HostnameOverride = (*string)(unsafe.Pointer(in.HostnameOverride)) - out.WorkloadRef = (*corev1.WorkloadReference)(unsafe.Pointer(in.WorkloadRef)) - return nil -} - -func autoConvert_v1_PodStatus_To_core_PodStatus(in *corev1.PodStatus, out *core.PodStatus, s conversion.Scope) error { - out.ObservedGeneration = in.ObservedGeneration - out.Phase = core.PodPhase(in.Phase) - out.Conditions = *(*[]core.PodCondition)(unsafe.Pointer(&in.Conditions)) - out.Message = in.Message - out.Reason = in.Reason - out.NominatedNodeName = in.NominatedNodeName - out.HostIP = in.HostIP - out.HostIPs = *(*[]core.HostIP)(unsafe.Pointer(&in.HostIPs)) - // WARNING: in.PodIP requires manual conversion: does not exist in peer-type - out.PodIPs = *(*[]core.PodIP)(unsafe.Pointer(&in.PodIPs)) - out.StartTime = (*metav1.Time)(unsafe.Pointer(in.StartTime)) - out.InitContainerStatuses = *(*[]core.ContainerStatus)(unsafe.Pointer(&in.InitContainerStatuses)) - out.ContainerStatuses = *(*[]core.ContainerStatus)(unsafe.Pointer(&in.ContainerStatuses)) - out.QOSClass = core.PodQOSClass(in.QOSClass) - out.EphemeralContainerStatuses = *(*[]core.ContainerStatus)(unsafe.Pointer(&in.EphemeralContainerStatuses)) - out.Resize = core.PodResizeStatus(in.Resize) - out.ResourceClaimStatuses = *(*[]core.PodResourceClaimStatus)(unsafe.Pointer(&in.ResourceClaimStatuses)) - out.ExtendedResourceClaimStatus = (*core.PodExtendedResourceClaimStatus)(unsafe.Pointer(in.ExtendedResourceClaimStatus)) - out.AllocatedResources = *(*core.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.Resources = (*core.ResourceRequirements)(unsafe.Pointer(in.Resources)) - return nil -} - -func autoConvert_core_PodStatus_To_v1_PodStatus(in *core.PodStatus, out *corev1.PodStatus, s conversion.Scope) error { - out.ObservedGeneration = in.ObservedGeneration - out.Phase = corev1.PodPhase(in.Phase) - out.Conditions = *(*[]corev1.PodCondition)(unsafe.Pointer(&in.Conditions)) - out.Message = in.Message - out.Reason = in.Reason - out.NominatedNodeName = in.NominatedNodeName - out.HostIP = in.HostIP - out.HostIPs = *(*[]corev1.HostIP)(unsafe.Pointer(&in.HostIPs)) - out.PodIPs = *(*[]corev1.PodIP)(unsafe.Pointer(&in.PodIPs)) - out.StartTime = (*metav1.Time)(unsafe.Pointer(in.StartTime)) - out.QOSClass = corev1.PodQOSClass(in.QOSClass) - out.InitContainerStatuses = *(*[]corev1.ContainerStatus)(unsafe.Pointer(&in.InitContainerStatuses)) - out.ContainerStatuses = *(*[]corev1.ContainerStatus)(unsafe.Pointer(&in.ContainerStatuses)) - out.EphemeralContainerStatuses = *(*[]corev1.ContainerStatus)(unsafe.Pointer(&in.EphemeralContainerStatuses)) - out.Resize = corev1.PodResizeStatus(in.Resize) - out.ResourceClaimStatuses = *(*[]corev1.PodResourceClaimStatus)(unsafe.Pointer(&in.ResourceClaimStatuses)) - out.ExtendedResourceClaimStatus = (*corev1.PodExtendedResourceClaimStatus)(unsafe.Pointer(in.ExtendedResourceClaimStatus)) - out.AllocatedResources = *(*corev1.ResourceList)(unsafe.Pointer(&in.AllocatedResources)) - out.Resources = (*corev1.ResourceRequirements)(unsafe.Pointer(in.Resources)) - return nil -} - -func autoConvert_v1_PodStatusResult_To_core_PodStatusResult(in *corev1.PodStatusResult, out *core.PodStatusResult, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PodStatus_To_core_PodStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PodStatusResult_To_core_PodStatusResult is an autogenerated conversion function. -func Convert_v1_PodStatusResult_To_core_PodStatusResult(in *corev1.PodStatusResult, out *core.PodStatusResult, s conversion.Scope) error { - return autoConvert_v1_PodStatusResult_To_core_PodStatusResult(in, out, s) -} - -func autoConvert_core_PodStatusResult_To_v1_PodStatusResult(in *core.PodStatusResult, out *corev1.PodStatusResult, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PodStatus_To_v1_PodStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_PodStatusResult_To_v1_PodStatusResult is an autogenerated conversion function. -func Convert_core_PodStatusResult_To_v1_PodStatusResult(in *core.PodStatusResult, out *corev1.PodStatusResult, s conversion.Scope) error { - return autoConvert_core_PodStatusResult_To_v1_PodStatusResult(in, out, s) -} - -func autoConvert_v1_PodTemplate_To_core_PodTemplate(in *corev1.PodTemplate, out *core.PodTemplate, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(&in.Template, &out.Template, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PodTemplate_To_core_PodTemplate is an autogenerated conversion function. -func Convert_v1_PodTemplate_To_core_PodTemplate(in *corev1.PodTemplate, out *core.PodTemplate, s conversion.Scope) error { - return autoConvert_v1_PodTemplate_To_core_PodTemplate(in, out, s) -} - -func autoConvert_core_PodTemplate_To_v1_PodTemplate(in *core.PodTemplate, out *corev1.PodTemplate, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(&in.Template, &out.Template, s); err != nil { - return err - } - return nil -} - -// Convert_core_PodTemplate_To_v1_PodTemplate is an autogenerated conversion function. -func Convert_core_PodTemplate_To_v1_PodTemplate(in *core.PodTemplate, out *corev1.PodTemplate, s conversion.Scope) error { - return autoConvert_core_PodTemplate_To_v1_PodTemplate(in, out, s) -} - -func autoConvert_v1_PodTemplateList_To_core_PodTemplateList(in *corev1.PodTemplateList, out *core.PodTemplateList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.PodTemplate, len(*in)) - for i := range *in { - if err := Convert_v1_PodTemplate_To_core_PodTemplate(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_PodTemplateList_To_core_PodTemplateList is an autogenerated conversion function. -func Convert_v1_PodTemplateList_To_core_PodTemplateList(in *corev1.PodTemplateList, out *core.PodTemplateList, s conversion.Scope) error { - return autoConvert_v1_PodTemplateList_To_core_PodTemplateList(in, out, s) -} - -func autoConvert_core_PodTemplateList_To_v1_PodTemplateList(in *core.PodTemplateList, out *corev1.PodTemplateList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.PodTemplate, len(*in)) - for i := range *in { - if err := Convert_core_PodTemplate_To_v1_PodTemplate(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_PodTemplateList_To_v1_PodTemplateList is an autogenerated conversion function. -func Convert_core_PodTemplateList_To_v1_PodTemplateList(in *core.PodTemplateList, out *corev1.PodTemplateList, s conversion.Scope) error { - return autoConvert_core_PodTemplateList_To_v1_PodTemplateList(in, out, s) -} - -func autoConvert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in *corev1.PodTemplateSpec, out *core.PodTemplateSpec, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_PodSpec_To_core_PodSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -func autoConvert_core_PodTemplateSpec_To_v1_PodTemplateSpec(in *core.PodTemplateSpec, out *corev1.PodTemplateSpec, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_PodSpec_To_v1_PodSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -func autoConvert_v1_PortStatus_To_core_PortStatus(in *corev1.PortStatus, out *core.PortStatus, s conversion.Scope) error { - out.Port = in.Port - out.Protocol = core.Protocol(in.Protocol) - out.Error = (*string)(unsafe.Pointer(in.Error)) - return nil -} - -// Convert_v1_PortStatus_To_core_PortStatus is an autogenerated conversion function. -func Convert_v1_PortStatus_To_core_PortStatus(in *corev1.PortStatus, out *core.PortStatus, s conversion.Scope) error { - return autoConvert_v1_PortStatus_To_core_PortStatus(in, out, s) -} - -func autoConvert_core_PortStatus_To_v1_PortStatus(in *core.PortStatus, out *corev1.PortStatus, s conversion.Scope) error { - out.Port = in.Port - out.Protocol = corev1.Protocol(in.Protocol) - out.Error = (*string)(unsafe.Pointer(in.Error)) - return nil -} - -// Convert_core_PortStatus_To_v1_PortStatus is an autogenerated conversion function. -func Convert_core_PortStatus_To_v1_PortStatus(in *core.PortStatus, out *corev1.PortStatus, s conversion.Scope) error { - return autoConvert_core_PortStatus_To_v1_PortStatus(in, out, s) -} - -func autoConvert_v1_PortworxVolumeSource_To_core_PortworxVolumeSource(in *corev1.PortworxVolumeSource, out *core.PortworxVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_PortworxVolumeSource_To_core_PortworxVolumeSource is an autogenerated conversion function. -func Convert_v1_PortworxVolumeSource_To_core_PortworxVolumeSource(in *corev1.PortworxVolumeSource, out *core.PortworxVolumeSource, s conversion.Scope) error { - return autoConvert_v1_PortworxVolumeSource_To_core_PortworxVolumeSource(in, out, s) -} - -func autoConvert_core_PortworxVolumeSource_To_v1_PortworxVolumeSource(in *core.PortworxVolumeSource, out *corev1.PortworxVolumeSource, s conversion.Scope) error { - out.VolumeID = in.VolumeID - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_PortworxVolumeSource_To_v1_PortworxVolumeSource is an autogenerated conversion function. -func Convert_core_PortworxVolumeSource_To_v1_PortworxVolumeSource(in *core.PortworxVolumeSource, out *corev1.PortworxVolumeSource, s conversion.Scope) error { - return autoConvert_core_PortworxVolumeSource_To_v1_PortworxVolumeSource(in, out, s) -} - -func autoConvert_v1_Preconditions_To_core_Preconditions(in *corev1.Preconditions, out *core.Preconditions, s conversion.Scope) error { - out.UID = (*types.UID)(unsafe.Pointer(in.UID)) - return nil -} - -// Convert_v1_Preconditions_To_core_Preconditions is an autogenerated conversion function. -func Convert_v1_Preconditions_To_core_Preconditions(in *corev1.Preconditions, out *core.Preconditions, s conversion.Scope) error { - return autoConvert_v1_Preconditions_To_core_Preconditions(in, out, s) -} - -func autoConvert_core_Preconditions_To_v1_Preconditions(in *core.Preconditions, out *corev1.Preconditions, s conversion.Scope) error { - out.UID = (*types.UID)(unsafe.Pointer(in.UID)) - return nil -} - -// Convert_core_Preconditions_To_v1_Preconditions is an autogenerated conversion function. -func Convert_core_Preconditions_To_v1_Preconditions(in *core.Preconditions, out *corev1.Preconditions, s conversion.Scope) error { - return autoConvert_core_Preconditions_To_v1_Preconditions(in, out, s) -} - -func autoConvert_v1_PreferAvoidPodsEntry_To_core_PreferAvoidPodsEntry(in *corev1.PreferAvoidPodsEntry, out *core.PreferAvoidPodsEntry, s conversion.Scope) error { - if err := Convert_v1_PodSignature_To_core_PodSignature(&in.PodSignature, &out.PodSignature, s); err != nil { - return err - } - out.EvictionTime = in.EvictionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_PreferAvoidPodsEntry_To_core_PreferAvoidPodsEntry is an autogenerated conversion function. -func Convert_v1_PreferAvoidPodsEntry_To_core_PreferAvoidPodsEntry(in *corev1.PreferAvoidPodsEntry, out *core.PreferAvoidPodsEntry, s conversion.Scope) error { - return autoConvert_v1_PreferAvoidPodsEntry_To_core_PreferAvoidPodsEntry(in, out, s) -} - -func autoConvert_core_PreferAvoidPodsEntry_To_v1_PreferAvoidPodsEntry(in *core.PreferAvoidPodsEntry, out *corev1.PreferAvoidPodsEntry, s conversion.Scope) error { - if err := Convert_core_PodSignature_To_v1_PodSignature(&in.PodSignature, &out.PodSignature, s); err != nil { - return err - } - out.EvictionTime = in.EvictionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_PreferAvoidPodsEntry_To_v1_PreferAvoidPodsEntry is an autogenerated conversion function. -func Convert_core_PreferAvoidPodsEntry_To_v1_PreferAvoidPodsEntry(in *core.PreferAvoidPodsEntry, out *corev1.PreferAvoidPodsEntry, s conversion.Scope) error { - return autoConvert_core_PreferAvoidPodsEntry_To_v1_PreferAvoidPodsEntry(in, out, s) -} - -func autoConvert_v1_PreferredSchedulingTerm_To_core_PreferredSchedulingTerm(in *corev1.PreferredSchedulingTerm, out *core.PreferredSchedulingTerm, s conversion.Scope) error { - out.Weight = in.Weight - if err := Convert_v1_NodeSelectorTerm_To_core_NodeSelectorTerm(&in.Preference, &out.Preference, s); err != nil { - return err - } - return nil -} - -// Convert_v1_PreferredSchedulingTerm_To_core_PreferredSchedulingTerm is an autogenerated conversion function. -func Convert_v1_PreferredSchedulingTerm_To_core_PreferredSchedulingTerm(in *corev1.PreferredSchedulingTerm, out *core.PreferredSchedulingTerm, s conversion.Scope) error { - return autoConvert_v1_PreferredSchedulingTerm_To_core_PreferredSchedulingTerm(in, out, s) -} - -func autoConvert_core_PreferredSchedulingTerm_To_v1_PreferredSchedulingTerm(in *core.PreferredSchedulingTerm, out *corev1.PreferredSchedulingTerm, s conversion.Scope) error { - out.Weight = in.Weight - if err := Convert_core_NodeSelectorTerm_To_v1_NodeSelectorTerm(&in.Preference, &out.Preference, s); err != nil { - return err - } - return nil -} - -// Convert_core_PreferredSchedulingTerm_To_v1_PreferredSchedulingTerm is an autogenerated conversion function. -func Convert_core_PreferredSchedulingTerm_To_v1_PreferredSchedulingTerm(in *core.PreferredSchedulingTerm, out *corev1.PreferredSchedulingTerm, s conversion.Scope) error { - return autoConvert_core_PreferredSchedulingTerm_To_v1_PreferredSchedulingTerm(in, out, s) -} - -func autoConvert_v1_Probe_To_core_Probe(in *corev1.Probe, out *core.Probe, s conversion.Scope) error { - if err := Convert_v1_ProbeHandler_To_core_ProbeHandler(&in.ProbeHandler, &out.ProbeHandler, s); err != nil { - return err - } - out.InitialDelaySeconds = in.InitialDelaySeconds - out.TimeoutSeconds = in.TimeoutSeconds - out.PeriodSeconds = in.PeriodSeconds - out.SuccessThreshold = in.SuccessThreshold - out.FailureThreshold = in.FailureThreshold - out.TerminationGracePeriodSeconds = (*int64)(unsafe.Pointer(in.TerminationGracePeriodSeconds)) - return nil -} - -// Convert_v1_Probe_To_core_Probe is an autogenerated conversion function. -func Convert_v1_Probe_To_core_Probe(in *corev1.Probe, out *core.Probe, s conversion.Scope) error { - return autoConvert_v1_Probe_To_core_Probe(in, out, s) -} - -func autoConvert_core_Probe_To_v1_Probe(in *core.Probe, out *corev1.Probe, s conversion.Scope) error { - if err := Convert_core_ProbeHandler_To_v1_ProbeHandler(&in.ProbeHandler, &out.ProbeHandler, s); err != nil { - return err - } - out.InitialDelaySeconds = in.InitialDelaySeconds - out.TimeoutSeconds = in.TimeoutSeconds - out.PeriodSeconds = in.PeriodSeconds - out.SuccessThreshold = in.SuccessThreshold - out.FailureThreshold = in.FailureThreshold - out.TerminationGracePeriodSeconds = (*int64)(unsafe.Pointer(in.TerminationGracePeriodSeconds)) - return nil -} - -// Convert_core_Probe_To_v1_Probe is an autogenerated conversion function. -func Convert_core_Probe_To_v1_Probe(in *core.Probe, out *corev1.Probe, s conversion.Scope) error { - return autoConvert_core_Probe_To_v1_Probe(in, out, s) -} - -func autoConvert_v1_ProbeHandler_To_core_ProbeHandler(in *corev1.ProbeHandler, out *core.ProbeHandler, s conversion.Scope) error { - out.Exec = (*core.ExecAction)(unsafe.Pointer(in.Exec)) - out.HTTPGet = (*core.HTTPGetAction)(unsafe.Pointer(in.HTTPGet)) - out.TCPSocket = (*core.TCPSocketAction)(unsafe.Pointer(in.TCPSocket)) - out.GRPC = (*core.GRPCAction)(unsafe.Pointer(in.GRPC)) - return nil -} - -// Convert_v1_ProbeHandler_To_core_ProbeHandler is an autogenerated conversion function. -func Convert_v1_ProbeHandler_To_core_ProbeHandler(in *corev1.ProbeHandler, out *core.ProbeHandler, s conversion.Scope) error { - return autoConvert_v1_ProbeHandler_To_core_ProbeHandler(in, out, s) -} - -func autoConvert_core_ProbeHandler_To_v1_ProbeHandler(in *core.ProbeHandler, out *corev1.ProbeHandler, s conversion.Scope) error { - out.Exec = (*corev1.ExecAction)(unsafe.Pointer(in.Exec)) - out.HTTPGet = (*corev1.HTTPGetAction)(unsafe.Pointer(in.HTTPGet)) - out.TCPSocket = (*corev1.TCPSocketAction)(unsafe.Pointer(in.TCPSocket)) - out.GRPC = (*corev1.GRPCAction)(unsafe.Pointer(in.GRPC)) - return nil -} - -// Convert_core_ProbeHandler_To_v1_ProbeHandler is an autogenerated conversion function. -func Convert_core_ProbeHandler_To_v1_ProbeHandler(in *core.ProbeHandler, out *corev1.ProbeHandler, s conversion.Scope) error { - return autoConvert_core_ProbeHandler_To_v1_ProbeHandler(in, out, s) -} - -func autoConvert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource(in *corev1.ProjectedVolumeSource, out *core.ProjectedVolumeSource, s conversion.Scope) error { - if in.Sources != nil { - in, out := &in.Sources, &out.Sources - *out = make([]core.VolumeProjection, len(*in)) - for i := range *in { - if err := Convert_v1_VolumeProjection_To_core_VolumeProjection(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Sources = nil - } - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - return nil -} - -// Convert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource is an autogenerated conversion function. -func Convert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource(in *corev1.ProjectedVolumeSource, out *core.ProjectedVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource(in, out, s) -} - -func autoConvert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource(in *core.ProjectedVolumeSource, out *corev1.ProjectedVolumeSource, s conversion.Scope) error { - if in.Sources != nil { - in, out := &in.Sources, &out.Sources - *out = make([]corev1.VolumeProjection, len(*in)) - for i := range *in { - if err := Convert_core_VolumeProjection_To_v1_VolumeProjection(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Sources = nil - } - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - return nil -} - -// Convert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource is an autogenerated conversion function. -func Convert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource(in *core.ProjectedVolumeSource, out *corev1.ProjectedVolumeSource, s conversion.Scope) error { - return autoConvert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource(in, out, s) -} - -func autoConvert_v1_QuobyteVolumeSource_To_core_QuobyteVolumeSource(in *corev1.QuobyteVolumeSource, out *core.QuobyteVolumeSource, s conversion.Scope) error { - out.Registry = in.Registry - out.Volume = in.Volume - out.ReadOnly = in.ReadOnly - out.User = in.User - out.Group = in.Group - out.Tenant = in.Tenant - return nil -} - -// Convert_v1_QuobyteVolumeSource_To_core_QuobyteVolumeSource is an autogenerated conversion function. -func Convert_v1_QuobyteVolumeSource_To_core_QuobyteVolumeSource(in *corev1.QuobyteVolumeSource, out *core.QuobyteVolumeSource, s conversion.Scope) error { - return autoConvert_v1_QuobyteVolumeSource_To_core_QuobyteVolumeSource(in, out, s) -} - -func autoConvert_core_QuobyteVolumeSource_To_v1_QuobyteVolumeSource(in *core.QuobyteVolumeSource, out *corev1.QuobyteVolumeSource, s conversion.Scope) error { - out.Registry = in.Registry - out.Volume = in.Volume - out.ReadOnly = in.ReadOnly - out.User = in.User - out.Group = in.Group - out.Tenant = in.Tenant - return nil -} - -// Convert_core_QuobyteVolumeSource_To_v1_QuobyteVolumeSource is an autogenerated conversion function. -func Convert_core_QuobyteVolumeSource_To_v1_QuobyteVolumeSource(in *core.QuobyteVolumeSource, out *corev1.QuobyteVolumeSource, s conversion.Scope) error { - return autoConvert_core_QuobyteVolumeSource_To_v1_QuobyteVolumeSource(in, out, s) -} - -func autoConvert_v1_RBDPersistentVolumeSource_To_core_RBDPersistentVolumeSource(in *corev1.RBDPersistentVolumeSource, out *core.RBDPersistentVolumeSource, s conversion.Scope) error { - out.CephMonitors = *(*[]string)(unsafe.Pointer(&in.CephMonitors)) - out.RBDImage = in.RBDImage - out.FSType = in.FSType - out.RBDPool = in.RBDPool - out.RadosUser = in.RadosUser - out.Keyring = in.Keyring - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_RBDPersistentVolumeSource_To_core_RBDPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_RBDPersistentVolumeSource_To_core_RBDPersistentVolumeSource(in *corev1.RBDPersistentVolumeSource, out *core.RBDPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_RBDPersistentVolumeSource_To_core_RBDPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_RBDPersistentVolumeSource_To_v1_RBDPersistentVolumeSource(in *core.RBDPersistentVolumeSource, out *corev1.RBDPersistentVolumeSource, s conversion.Scope) error { - out.CephMonitors = *(*[]string)(unsafe.Pointer(&in.CephMonitors)) - out.RBDImage = in.RBDImage - out.FSType = in.FSType - out.RBDPool = in.RBDPool - out.RadosUser = in.RadosUser - out.Keyring = in.Keyring - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_RBDPersistentVolumeSource_To_v1_RBDPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_RBDPersistentVolumeSource_To_v1_RBDPersistentVolumeSource(in *core.RBDPersistentVolumeSource, out *corev1.RBDPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_RBDPersistentVolumeSource_To_v1_RBDPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_RBDVolumeSource_To_core_RBDVolumeSource(in *corev1.RBDVolumeSource, out *core.RBDVolumeSource, s conversion.Scope) error { - out.CephMonitors = *(*[]string)(unsafe.Pointer(&in.CephMonitors)) - out.RBDImage = in.RBDImage - out.FSType = in.FSType - out.RBDPool = in.RBDPool - out.RadosUser = in.RadosUser - out.Keyring = in.Keyring - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_RBDVolumeSource_To_core_RBDVolumeSource is an autogenerated conversion function. -func Convert_v1_RBDVolumeSource_To_core_RBDVolumeSource(in *corev1.RBDVolumeSource, out *core.RBDVolumeSource, s conversion.Scope) error { - return autoConvert_v1_RBDVolumeSource_To_core_RBDVolumeSource(in, out, s) -} - -func autoConvert_core_RBDVolumeSource_To_v1_RBDVolumeSource(in *core.RBDVolumeSource, out *corev1.RBDVolumeSource, s conversion.Scope) error { - out.CephMonitors = *(*[]string)(unsafe.Pointer(&in.CephMonitors)) - out.RBDImage = in.RBDImage - out.FSType = in.FSType - out.RBDPool = in.RBDPool - out.RadosUser = in.RadosUser - out.Keyring = in.Keyring - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_RBDVolumeSource_To_v1_RBDVolumeSource is an autogenerated conversion function. -func Convert_core_RBDVolumeSource_To_v1_RBDVolumeSource(in *core.RBDVolumeSource, out *corev1.RBDVolumeSource, s conversion.Scope) error { - return autoConvert_core_RBDVolumeSource_To_v1_RBDVolumeSource(in, out, s) -} - -func autoConvert_v1_RangeAllocation_To_core_RangeAllocation(in *corev1.RangeAllocation, out *core.RangeAllocation, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Range = in.Range - out.Data = *(*[]byte)(unsafe.Pointer(&in.Data)) - return nil -} - -// Convert_v1_RangeAllocation_To_core_RangeAllocation is an autogenerated conversion function. -func Convert_v1_RangeAllocation_To_core_RangeAllocation(in *corev1.RangeAllocation, out *core.RangeAllocation, s conversion.Scope) error { - return autoConvert_v1_RangeAllocation_To_core_RangeAllocation(in, out, s) -} - -func autoConvert_core_RangeAllocation_To_v1_RangeAllocation(in *core.RangeAllocation, out *corev1.RangeAllocation, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Range = in.Range - out.Data = *(*[]byte)(unsafe.Pointer(&in.Data)) - return nil -} - -// Convert_core_RangeAllocation_To_v1_RangeAllocation is an autogenerated conversion function. -func Convert_core_RangeAllocation_To_v1_RangeAllocation(in *core.RangeAllocation, out *corev1.RangeAllocation, s conversion.Scope) error { - return autoConvert_core_RangeAllocation_To_v1_RangeAllocation(in, out, s) -} - -func autoConvert_v1_ReplicationController_To_core_ReplicationController(in *corev1.ReplicationController, out *core.ReplicationController, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ReplicationControllerSpec_To_core_ReplicationControllerSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_ReplicationController_To_core_ReplicationController is an autogenerated conversion function. -func Convert_v1_ReplicationController_To_core_ReplicationController(in *corev1.ReplicationController, out *core.ReplicationController, s conversion.Scope) error { - return autoConvert_v1_ReplicationController_To_core_ReplicationController(in, out, s) -} - -func autoConvert_core_ReplicationController_To_v1_ReplicationController(in *core.ReplicationController, out *corev1.ReplicationController, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_ReplicationControllerSpec_To_v1_ReplicationControllerSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_ReplicationController_To_v1_ReplicationController is an autogenerated conversion function. -func Convert_core_ReplicationController_To_v1_ReplicationController(in *core.ReplicationController, out *corev1.ReplicationController, s conversion.Scope) error { - return autoConvert_core_ReplicationController_To_v1_ReplicationController(in, out, s) -} - -func autoConvert_v1_ReplicationControllerCondition_To_core_ReplicationControllerCondition(in *corev1.ReplicationControllerCondition, out *core.ReplicationControllerCondition, s conversion.Scope) error { - out.Type = core.ReplicationControllerConditionType(in.Type) - out.Status = core.ConditionStatus(in.Status) - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_v1_ReplicationControllerCondition_To_core_ReplicationControllerCondition is an autogenerated conversion function. -func Convert_v1_ReplicationControllerCondition_To_core_ReplicationControllerCondition(in *corev1.ReplicationControllerCondition, out *core.ReplicationControllerCondition, s conversion.Scope) error { - return autoConvert_v1_ReplicationControllerCondition_To_core_ReplicationControllerCondition(in, out, s) -} - -func autoConvert_core_ReplicationControllerCondition_To_v1_ReplicationControllerCondition(in *core.ReplicationControllerCondition, out *corev1.ReplicationControllerCondition, s conversion.Scope) error { - out.Type = corev1.ReplicationControllerConditionType(in.Type) - out.Status = corev1.ConditionStatus(in.Status) - out.LastTransitionTime = in.LastTransitionTime - out.Reason = in.Reason - out.Message = in.Message - return nil -} - -// Convert_core_ReplicationControllerCondition_To_v1_ReplicationControllerCondition is an autogenerated conversion function. -func Convert_core_ReplicationControllerCondition_To_v1_ReplicationControllerCondition(in *core.ReplicationControllerCondition, out *corev1.ReplicationControllerCondition, s conversion.Scope) error { - return autoConvert_core_ReplicationControllerCondition_To_v1_ReplicationControllerCondition(in, out, s) -} - -func autoConvert_v1_ReplicationControllerList_To_core_ReplicationControllerList(in *corev1.ReplicationControllerList, out *core.ReplicationControllerList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.ReplicationController, len(*in)) - for i := range *in { - if err := Convert_v1_ReplicationController_To_core_ReplicationController(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_ReplicationControllerList_To_core_ReplicationControllerList is an autogenerated conversion function. -func Convert_v1_ReplicationControllerList_To_core_ReplicationControllerList(in *corev1.ReplicationControllerList, out *core.ReplicationControllerList, s conversion.Scope) error { - return autoConvert_v1_ReplicationControllerList_To_core_ReplicationControllerList(in, out, s) -} - -func autoConvert_core_ReplicationControllerList_To_v1_ReplicationControllerList(in *core.ReplicationControllerList, out *corev1.ReplicationControllerList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.ReplicationController, len(*in)) - for i := range *in { - if err := Convert_core_ReplicationController_To_v1_ReplicationController(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_ReplicationControllerList_To_v1_ReplicationControllerList is an autogenerated conversion function. -func Convert_core_ReplicationControllerList_To_v1_ReplicationControllerList(in *core.ReplicationControllerList, out *corev1.ReplicationControllerList, s conversion.Scope) error { - return autoConvert_core_ReplicationControllerList_To_v1_ReplicationControllerList(in, out, s) -} - -func autoConvert_v1_ReplicationControllerSpec_To_core_ReplicationControllerSpec(in *corev1.ReplicationControllerSpec, out *core.ReplicationControllerSpec, s conversion.Scope) error { - out.Replicas = (*int32)(unsafe.Pointer(in.Replicas)) - out.MinReadySeconds = in.MinReadySeconds - out.Selector = *(*map[string]string)(unsafe.Pointer(&in.Selector)) - if in.Template != nil { - in, out := &in.Template, &out.Template - *out = new(core.PodTemplateSpec) - if err := Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(*in, *out, s); err != nil { - return err - } - } else { - out.Template = nil - } - return nil -} - -func autoConvert_core_ReplicationControllerSpec_To_v1_ReplicationControllerSpec(in *core.ReplicationControllerSpec, out *corev1.ReplicationControllerSpec, s conversion.Scope) error { - out.Replicas = (*int32)(unsafe.Pointer(in.Replicas)) - out.MinReadySeconds = in.MinReadySeconds - out.Selector = *(*map[string]string)(unsafe.Pointer(&in.Selector)) - if in.Template != nil { - in, out := &in.Template, &out.Template - *out = new(corev1.PodTemplateSpec) - if err := Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(*in, *out, s); err != nil { - return err - } - } else { - out.Template = nil - } - return nil -} - -func autoConvert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus(in *corev1.ReplicationControllerStatus, out *core.ReplicationControllerStatus, s conversion.Scope) error { - out.Replicas = in.Replicas - out.FullyLabeledReplicas = in.FullyLabeledReplicas - out.ReadyReplicas = in.ReadyReplicas - out.AvailableReplicas = in.AvailableReplicas - out.ObservedGeneration = in.ObservedGeneration - out.Conditions = *(*[]core.ReplicationControllerCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus is an autogenerated conversion function. -func Convert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus(in *corev1.ReplicationControllerStatus, out *core.ReplicationControllerStatus, s conversion.Scope) error { - return autoConvert_v1_ReplicationControllerStatus_To_core_ReplicationControllerStatus(in, out, s) -} - -func autoConvert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus(in *core.ReplicationControllerStatus, out *corev1.ReplicationControllerStatus, s conversion.Scope) error { - out.Replicas = in.Replicas - out.FullyLabeledReplicas = in.FullyLabeledReplicas - out.ReadyReplicas = in.ReadyReplicas - out.AvailableReplicas = in.AvailableReplicas - out.ObservedGeneration = in.ObservedGeneration - out.Conditions = *(*[]corev1.ReplicationControllerCondition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus is an autogenerated conversion function. -func Convert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus(in *core.ReplicationControllerStatus, out *corev1.ReplicationControllerStatus, s conversion.Scope) error { - return autoConvert_core_ReplicationControllerStatus_To_v1_ReplicationControllerStatus(in, out, s) -} - -func autoConvert_v1_ResourceClaim_To_core_ResourceClaim(in *corev1.ResourceClaim, out *core.ResourceClaim, s conversion.Scope) error { - out.Name = in.Name - out.Request = in.Request - return nil -} - -// Convert_v1_ResourceClaim_To_core_ResourceClaim is an autogenerated conversion function. -func Convert_v1_ResourceClaim_To_core_ResourceClaim(in *corev1.ResourceClaim, out *core.ResourceClaim, s conversion.Scope) error { - return autoConvert_v1_ResourceClaim_To_core_ResourceClaim(in, out, s) -} - -func autoConvert_core_ResourceClaim_To_v1_ResourceClaim(in *core.ResourceClaim, out *corev1.ResourceClaim, s conversion.Scope) error { - out.Name = in.Name - out.Request = in.Request - return nil -} - -// Convert_core_ResourceClaim_To_v1_ResourceClaim is an autogenerated conversion function. -func Convert_core_ResourceClaim_To_v1_ResourceClaim(in *core.ResourceClaim, out *corev1.ResourceClaim, s conversion.Scope) error { - return autoConvert_core_ResourceClaim_To_v1_ResourceClaim(in, out, s) -} - -func autoConvert_v1_ResourceFieldSelector_To_core_ResourceFieldSelector(in *corev1.ResourceFieldSelector, out *core.ResourceFieldSelector, s conversion.Scope) error { - out.ContainerName = in.ContainerName - out.Resource = in.Resource - out.Divisor = in.Divisor - return nil -} - -// Convert_v1_ResourceFieldSelector_To_core_ResourceFieldSelector is an autogenerated conversion function. -func Convert_v1_ResourceFieldSelector_To_core_ResourceFieldSelector(in *corev1.ResourceFieldSelector, out *core.ResourceFieldSelector, s conversion.Scope) error { - return autoConvert_v1_ResourceFieldSelector_To_core_ResourceFieldSelector(in, out, s) -} - -func autoConvert_core_ResourceFieldSelector_To_v1_ResourceFieldSelector(in *core.ResourceFieldSelector, out *corev1.ResourceFieldSelector, s conversion.Scope) error { - out.ContainerName = in.ContainerName - out.Resource = in.Resource - out.Divisor = in.Divisor - return nil -} - -// Convert_core_ResourceFieldSelector_To_v1_ResourceFieldSelector is an autogenerated conversion function. -func Convert_core_ResourceFieldSelector_To_v1_ResourceFieldSelector(in *core.ResourceFieldSelector, out *corev1.ResourceFieldSelector, s conversion.Scope) error { - return autoConvert_core_ResourceFieldSelector_To_v1_ResourceFieldSelector(in, out, s) -} - -func autoConvert_v1_ResourceHealth_To_core_ResourceHealth(in *corev1.ResourceHealth, out *core.ResourceHealth, s conversion.Scope) error { - out.ResourceID = core.ResourceID(in.ResourceID) - out.Health = core.ResourceHealthStatus(in.Health) - return nil -} - -// Convert_v1_ResourceHealth_To_core_ResourceHealth is an autogenerated conversion function. -func Convert_v1_ResourceHealth_To_core_ResourceHealth(in *corev1.ResourceHealth, out *core.ResourceHealth, s conversion.Scope) error { - return autoConvert_v1_ResourceHealth_To_core_ResourceHealth(in, out, s) -} - -func autoConvert_core_ResourceHealth_To_v1_ResourceHealth(in *core.ResourceHealth, out *corev1.ResourceHealth, s conversion.Scope) error { - out.ResourceID = corev1.ResourceID(in.ResourceID) - out.Health = corev1.ResourceHealthStatus(in.Health) - return nil -} - -// Convert_core_ResourceHealth_To_v1_ResourceHealth is an autogenerated conversion function. -func Convert_core_ResourceHealth_To_v1_ResourceHealth(in *core.ResourceHealth, out *corev1.ResourceHealth, s conversion.Scope) error { - return autoConvert_core_ResourceHealth_To_v1_ResourceHealth(in, out, s) -} - -func autoConvert_v1_ResourceQuota_To_core_ResourceQuota(in *corev1.ResourceQuota, out *core.ResourceQuota, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_ResourceQuota_To_core_ResourceQuota is an autogenerated conversion function. -func Convert_v1_ResourceQuota_To_core_ResourceQuota(in *corev1.ResourceQuota, out *core.ResourceQuota, s conversion.Scope) error { - return autoConvert_v1_ResourceQuota_To_core_ResourceQuota(in, out, s) -} - -func autoConvert_core_ResourceQuota_To_v1_ResourceQuota(in *core.ResourceQuota, out *corev1.ResourceQuota, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_ResourceQuota_To_v1_ResourceQuota is an autogenerated conversion function. -func Convert_core_ResourceQuota_To_v1_ResourceQuota(in *core.ResourceQuota, out *corev1.ResourceQuota, s conversion.Scope) error { - return autoConvert_core_ResourceQuota_To_v1_ResourceQuota(in, out, s) -} - -func autoConvert_v1_ResourceQuotaList_To_core_ResourceQuotaList(in *corev1.ResourceQuotaList, out *core.ResourceQuotaList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.ResourceQuota)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_ResourceQuotaList_To_core_ResourceQuotaList is an autogenerated conversion function. -func Convert_v1_ResourceQuotaList_To_core_ResourceQuotaList(in *corev1.ResourceQuotaList, out *core.ResourceQuotaList, s conversion.Scope) error { - return autoConvert_v1_ResourceQuotaList_To_core_ResourceQuotaList(in, out, s) -} - -func autoConvert_core_ResourceQuotaList_To_v1_ResourceQuotaList(in *core.ResourceQuotaList, out *corev1.ResourceQuotaList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.ResourceQuota)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_ResourceQuotaList_To_v1_ResourceQuotaList is an autogenerated conversion function. -func Convert_core_ResourceQuotaList_To_v1_ResourceQuotaList(in *core.ResourceQuotaList, out *corev1.ResourceQuotaList, s conversion.Scope) error { - return autoConvert_core_ResourceQuotaList_To_v1_ResourceQuotaList(in, out, s) -} - -func autoConvert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec(in *corev1.ResourceQuotaSpec, out *core.ResourceQuotaSpec, s conversion.Scope) error { - out.Hard = *(*core.ResourceList)(unsafe.Pointer(&in.Hard)) - out.Scopes = *(*[]core.ResourceQuotaScope)(unsafe.Pointer(&in.Scopes)) - out.ScopeSelector = (*core.ScopeSelector)(unsafe.Pointer(in.ScopeSelector)) - return nil -} - -// Convert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec is an autogenerated conversion function. -func Convert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec(in *corev1.ResourceQuotaSpec, out *core.ResourceQuotaSpec, s conversion.Scope) error { - return autoConvert_v1_ResourceQuotaSpec_To_core_ResourceQuotaSpec(in, out, s) -} - -func autoConvert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec(in *core.ResourceQuotaSpec, out *corev1.ResourceQuotaSpec, s conversion.Scope) error { - out.Hard = *(*corev1.ResourceList)(unsafe.Pointer(&in.Hard)) - out.Scopes = *(*[]corev1.ResourceQuotaScope)(unsafe.Pointer(&in.Scopes)) - out.ScopeSelector = (*corev1.ScopeSelector)(unsafe.Pointer(in.ScopeSelector)) - return nil -} - -// Convert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec is an autogenerated conversion function. -func Convert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec(in *core.ResourceQuotaSpec, out *corev1.ResourceQuotaSpec, s conversion.Scope) error { - return autoConvert_core_ResourceQuotaSpec_To_v1_ResourceQuotaSpec(in, out, s) -} - -func autoConvert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus(in *corev1.ResourceQuotaStatus, out *core.ResourceQuotaStatus, s conversion.Scope) error { - out.Hard = *(*core.ResourceList)(unsafe.Pointer(&in.Hard)) - out.Used = *(*core.ResourceList)(unsafe.Pointer(&in.Used)) - return nil -} - -// Convert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus is an autogenerated conversion function. -func Convert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus(in *corev1.ResourceQuotaStatus, out *core.ResourceQuotaStatus, s conversion.Scope) error { - return autoConvert_v1_ResourceQuotaStatus_To_core_ResourceQuotaStatus(in, out, s) -} - -func autoConvert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus(in *core.ResourceQuotaStatus, out *corev1.ResourceQuotaStatus, s conversion.Scope) error { - out.Hard = *(*corev1.ResourceList)(unsafe.Pointer(&in.Hard)) - out.Used = *(*corev1.ResourceList)(unsafe.Pointer(&in.Used)) - return nil -} - -// Convert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus is an autogenerated conversion function. -func Convert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus(in *core.ResourceQuotaStatus, out *corev1.ResourceQuotaStatus, s conversion.Scope) error { - return autoConvert_core_ResourceQuotaStatus_To_v1_ResourceQuotaStatus(in, out, s) -} - -func autoConvert_v1_ResourceRequirements_To_core_ResourceRequirements(in *corev1.ResourceRequirements, out *core.ResourceRequirements, s conversion.Scope) error { - out.Limits = *(*core.ResourceList)(unsafe.Pointer(&in.Limits)) - out.Requests = *(*core.ResourceList)(unsafe.Pointer(&in.Requests)) - out.Claims = *(*[]core.ResourceClaim)(unsafe.Pointer(&in.Claims)) - return nil -} - -// Convert_v1_ResourceRequirements_To_core_ResourceRequirements is an autogenerated conversion function. -func Convert_v1_ResourceRequirements_To_core_ResourceRequirements(in *corev1.ResourceRequirements, out *core.ResourceRequirements, s conversion.Scope) error { - return autoConvert_v1_ResourceRequirements_To_core_ResourceRequirements(in, out, s) -} - -func autoConvert_core_ResourceRequirements_To_v1_ResourceRequirements(in *core.ResourceRequirements, out *corev1.ResourceRequirements, s conversion.Scope) error { - out.Limits = *(*corev1.ResourceList)(unsafe.Pointer(&in.Limits)) - out.Requests = *(*corev1.ResourceList)(unsafe.Pointer(&in.Requests)) - out.Claims = *(*[]corev1.ResourceClaim)(unsafe.Pointer(&in.Claims)) - return nil -} - -// Convert_core_ResourceRequirements_To_v1_ResourceRequirements is an autogenerated conversion function. -func Convert_core_ResourceRequirements_To_v1_ResourceRequirements(in *core.ResourceRequirements, out *corev1.ResourceRequirements, s conversion.Scope) error { - return autoConvert_core_ResourceRequirements_To_v1_ResourceRequirements(in, out, s) -} - -func autoConvert_v1_ResourceStatus_To_core_ResourceStatus(in *corev1.ResourceStatus, out *core.ResourceStatus, s conversion.Scope) error { - out.Name = core.ResourceName(in.Name) - out.Resources = *(*[]core.ResourceHealth)(unsafe.Pointer(&in.Resources)) - return nil -} - -// Convert_v1_ResourceStatus_To_core_ResourceStatus is an autogenerated conversion function. -func Convert_v1_ResourceStatus_To_core_ResourceStatus(in *corev1.ResourceStatus, out *core.ResourceStatus, s conversion.Scope) error { - return autoConvert_v1_ResourceStatus_To_core_ResourceStatus(in, out, s) -} - -func autoConvert_core_ResourceStatus_To_v1_ResourceStatus(in *core.ResourceStatus, out *corev1.ResourceStatus, s conversion.Scope) error { - out.Name = corev1.ResourceName(in.Name) - out.Resources = *(*[]corev1.ResourceHealth)(unsafe.Pointer(&in.Resources)) - return nil -} - -// Convert_core_ResourceStatus_To_v1_ResourceStatus is an autogenerated conversion function. -func Convert_core_ResourceStatus_To_v1_ResourceStatus(in *core.ResourceStatus, out *corev1.ResourceStatus, s conversion.Scope) error { - return autoConvert_core_ResourceStatus_To_v1_ResourceStatus(in, out, s) -} - -func autoConvert_v1_SELinuxOptions_To_core_SELinuxOptions(in *corev1.SELinuxOptions, out *core.SELinuxOptions, s conversion.Scope) error { - out.User = in.User - out.Role = in.Role - out.Type = in.Type - out.Level = in.Level - return nil -} - -// Convert_v1_SELinuxOptions_To_core_SELinuxOptions is an autogenerated conversion function. -func Convert_v1_SELinuxOptions_To_core_SELinuxOptions(in *corev1.SELinuxOptions, out *core.SELinuxOptions, s conversion.Scope) error { - return autoConvert_v1_SELinuxOptions_To_core_SELinuxOptions(in, out, s) -} - -func autoConvert_core_SELinuxOptions_To_v1_SELinuxOptions(in *core.SELinuxOptions, out *corev1.SELinuxOptions, s conversion.Scope) error { - out.User = in.User - out.Role = in.Role - out.Type = in.Type - out.Level = in.Level - return nil -} - -// Convert_core_SELinuxOptions_To_v1_SELinuxOptions is an autogenerated conversion function. -func Convert_core_SELinuxOptions_To_v1_SELinuxOptions(in *core.SELinuxOptions, out *corev1.SELinuxOptions, s conversion.Scope) error { - return autoConvert_core_SELinuxOptions_To_v1_SELinuxOptions(in, out, s) -} - -func autoConvert_v1_ScaleIOPersistentVolumeSource_To_core_ScaleIOPersistentVolumeSource(in *corev1.ScaleIOPersistentVolumeSource, out *core.ScaleIOPersistentVolumeSource, s conversion.Scope) error { - out.Gateway = in.Gateway - out.System = in.System - out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.SSLEnabled = in.SSLEnabled - out.ProtectionDomain = in.ProtectionDomain - out.StoragePool = in.StoragePool - out.StorageMode = in.StorageMode - out.VolumeName = in.VolumeName - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_ScaleIOPersistentVolumeSource_To_core_ScaleIOPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_ScaleIOPersistentVolumeSource_To_core_ScaleIOPersistentVolumeSource(in *corev1.ScaleIOPersistentVolumeSource, out *core.ScaleIOPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ScaleIOPersistentVolumeSource_To_core_ScaleIOPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_ScaleIOPersistentVolumeSource_To_v1_ScaleIOPersistentVolumeSource(in *core.ScaleIOPersistentVolumeSource, out *corev1.ScaleIOPersistentVolumeSource, s conversion.Scope) error { - out.Gateway = in.Gateway - out.System = in.System - out.SecretRef = (*corev1.SecretReference)(unsafe.Pointer(in.SecretRef)) - out.SSLEnabled = in.SSLEnabled - out.ProtectionDomain = in.ProtectionDomain - out.StoragePool = in.StoragePool - out.StorageMode = in.StorageMode - out.VolumeName = in.VolumeName - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_ScaleIOPersistentVolumeSource_To_v1_ScaleIOPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_ScaleIOPersistentVolumeSource_To_v1_ScaleIOPersistentVolumeSource(in *core.ScaleIOPersistentVolumeSource, out *corev1.ScaleIOPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_ScaleIOPersistentVolumeSource_To_v1_ScaleIOPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_ScaleIOVolumeSource_To_core_ScaleIOVolumeSource(in *corev1.ScaleIOVolumeSource, out *core.ScaleIOVolumeSource, s conversion.Scope) error { - out.Gateway = in.Gateway - out.System = in.System - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.SSLEnabled = in.SSLEnabled - out.ProtectionDomain = in.ProtectionDomain - out.StoragePool = in.StoragePool - out.StorageMode = in.StorageMode - out.VolumeName = in.VolumeName - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_v1_ScaleIOVolumeSource_To_core_ScaleIOVolumeSource is an autogenerated conversion function. -func Convert_v1_ScaleIOVolumeSource_To_core_ScaleIOVolumeSource(in *corev1.ScaleIOVolumeSource, out *core.ScaleIOVolumeSource, s conversion.Scope) error { - return autoConvert_v1_ScaleIOVolumeSource_To_core_ScaleIOVolumeSource(in, out, s) -} - -func autoConvert_core_ScaleIOVolumeSource_To_v1_ScaleIOVolumeSource(in *core.ScaleIOVolumeSource, out *corev1.ScaleIOVolumeSource, s conversion.Scope) error { - out.Gateway = in.Gateway - out.System = in.System - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - out.SSLEnabled = in.SSLEnabled - out.ProtectionDomain = in.ProtectionDomain - out.StoragePool = in.StoragePool - out.StorageMode = in.StorageMode - out.VolumeName = in.VolumeName - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - return nil -} - -// Convert_core_ScaleIOVolumeSource_To_v1_ScaleIOVolumeSource is an autogenerated conversion function. -func Convert_core_ScaleIOVolumeSource_To_v1_ScaleIOVolumeSource(in *core.ScaleIOVolumeSource, out *corev1.ScaleIOVolumeSource, s conversion.Scope) error { - return autoConvert_core_ScaleIOVolumeSource_To_v1_ScaleIOVolumeSource(in, out, s) -} - -func autoConvert_v1_ScopeSelector_To_core_ScopeSelector(in *corev1.ScopeSelector, out *core.ScopeSelector, s conversion.Scope) error { - out.MatchExpressions = *(*[]core.ScopedResourceSelectorRequirement)(unsafe.Pointer(&in.MatchExpressions)) - return nil -} - -// Convert_v1_ScopeSelector_To_core_ScopeSelector is an autogenerated conversion function. -func Convert_v1_ScopeSelector_To_core_ScopeSelector(in *corev1.ScopeSelector, out *core.ScopeSelector, s conversion.Scope) error { - return autoConvert_v1_ScopeSelector_To_core_ScopeSelector(in, out, s) -} - -func autoConvert_core_ScopeSelector_To_v1_ScopeSelector(in *core.ScopeSelector, out *corev1.ScopeSelector, s conversion.Scope) error { - out.MatchExpressions = *(*[]corev1.ScopedResourceSelectorRequirement)(unsafe.Pointer(&in.MatchExpressions)) - return nil -} - -// Convert_core_ScopeSelector_To_v1_ScopeSelector is an autogenerated conversion function. -func Convert_core_ScopeSelector_To_v1_ScopeSelector(in *core.ScopeSelector, out *corev1.ScopeSelector, s conversion.Scope) error { - return autoConvert_core_ScopeSelector_To_v1_ScopeSelector(in, out, s) -} - -func autoConvert_v1_ScopedResourceSelectorRequirement_To_core_ScopedResourceSelectorRequirement(in *corev1.ScopedResourceSelectorRequirement, out *core.ScopedResourceSelectorRequirement, s conversion.Scope) error { - out.ScopeName = core.ResourceQuotaScope(in.ScopeName) - out.Operator = core.ScopeSelectorOperator(in.Operator) - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_v1_ScopedResourceSelectorRequirement_To_core_ScopedResourceSelectorRequirement is an autogenerated conversion function. -func Convert_v1_ScopedResourceSelectorRequirement_To_core_ScopedResourceSelectorRequirement(in *corev1.ScopedResourceSelectorRequirement, out *core.ScopedResourceSelectorRequirement, s conversion.Scope) error { - return autoConvert_v1_ScopedResourceSelectorRequirement_To_core_ScopedResourceSelectorRequirement(in, out, s) -} - -func autoConvert_core_ScopedResourceSelectorRequirement_To_v1_ScopedResourceSelectorRequirement(in *core.ScopedResourceSelectorRequirement, out *corev1.ScopedResourceSelectorRequirement, s conversion.Scope) error { - out.ScopeName = corev1.ResourceQuotaScope(in.ScopeName) - out.Operator = corev1.ScopeSelectorOperator(in.Operator) - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_core_ScopedResourceSelectorRequirement_To_v1_ScopedResourceSelectorRequirement is an autogenerated conversion function. -func Convert_core_ScopedResourceSelectorRequirement_To_v1_ScopedResourceSelectorRequirement(in *core.ScopedResourceSelectorRequirement, out *corev1.ScopedResourceSelectorRequirement, s conversion.Scope) error { - return autoConvert_core_ScopedResourceSelectorRequirement_To_v1_ScopedResourceSelectorRequirement(in, out, s) -} - -func autoConvert_v1_SeccompProfile_To_core_SeccompProfile(in *corev1.SeccompProfile, out *core.SeccompProfile, s conversion.Scope) error { - out.Type = core.SeccompProfileType(in.Type) - out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile)) - return nil -} - -// Convert_v1_SeccompProfile_To_core_SeccompProfile is an autogenerated conversion function. -func Convert_v1_SeccompProfile_To_core_SeccompProfile(in *corev1.SeccompProfile, out *core.SeccompProfile, s conversion.Scope) error { - return autoConvert_v1_SeccompProfile_To_core_SeccompProfile(in, out, s) -} - -func autoConvert_core_SeccompProfile_To_v1_SeccompProfile(in *core.SeccompProfile, out *corev1.SeccompProfile, s conversion.Scope) error { - out.Type = corev1.SeccompProfileType(in.Type) - out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile)) - return nil -} - -// Convert_core_SeccompProfile_To_v1_SeccompProfile is an autogenerated conversion function. -func Convert_core_SeccompProfile_To_v1_SeccompProfile(in *core.SeccompProfile, out *corev1.SeccompProfile, s conversion.Scope) error { - return autoConvert_core_SeccompProfile_To_v1_SeccompProfile(in, out, s) -} - -func autoConvert_v1_Secret_To_core_Secret(in *corev1.Secret, out *core.Secret, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Immutable = (*bool)(unsafe.Pointer(in.Immutable)) - out.Data = *(*map[string][]byte)(unsafe.Pointer(&in.Data)) - // INFO: in.StringData opted out of conversion generation - out.Type = core.SecretType(in.Type) - return nil -} - -func autoConvert_core_Secret_To_v1_Secret(in *core.Secret, out *corev1.Secret, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Immutable = (*bool)(unsafe.Pointer(in.Immutable)) - out.Data = *(*map[string][]byte)(unsafe.Pointer(&in.Data)) - out.Type = corev1.SecretType(in.Type) - return nil -} - -// Convert_core_Secret_To_v1_Secret is an autogenerated conversion function. -func Convert_core_Secret_To_v1_Secret(in *core.Secret, out *corev1.Secret, s conversion.Scope) error { - return autoConvert_core_Secret_To_v1_Secret(in, out, s) -} - -func autoConvert_v1_SecretEnvSource_To_core_SecretEnvSource(in *corev1.SecretEnvSource, out *core.SecretEnvSource, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_SecretEnvSource_To_core_SecretEnvSource is an autogenerated conversion function. -func Convert_v1_SecretEnvSource_To_core_SecretEnvSource(in *corev1.SecretEnvSource, out *core.SecretEnvSource, s conversion.Scope) error { - return autoConvert_v1_SecretEnvSource_To_core_SecretEnvSource(in, out, s) -} - -func autoConvert_core_SecretEnvSource_To_v1_SecretEnvSource(in *core.SecretEnvSource, out *corev1.SecretEnvSource, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_SecretEnvSource_To_v1_SecretEnvSource is an autogenerated conversion function. -func Convert_core_SecretEnvSource_To_v1_SecretEnvSource(in *core.SecretEnvSource, out *corev1.SecretEnvSource, s conversion.Scope) error { - return autoConvert_core_SecretEnvSource_To_v1_SecretEnvSource(in, out, s) -} - -func autoConvert_v1_SecretKeySelector_To_core_SecretKeySelector(in *corev1.SecretKeySelector, out *core.SecretKeySelector, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_SecretKeySelector_To_core_SecretKeySelector is an autogenerated conversion function. -func Convert_v1_SecretKeySelector_To_core_SecretKeySelector(in *corev1.SecretKeySelector, out *core.SecretKeySelector, s conversion.Scope) error { - return autoConvert_v1_SecretKeySelector_To_core_SecretKeySelector(in, out, s) -} - -func autoConvert_core_SecretKeySelector_To_v1_SecretKeySelector(in *core.SecretKeySelector, out *corev1.SecretKeySelector, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Key = in.Key - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_SecretKeySelector_To_v1_SecretKeySelector is an autogenerated conversion function. -func Convert_core_SecretKeySelector_To_v1_SecretKeySelector(in *core.SecretKeySelector, out *corev1.SecretKeySelector, s conversion.Scope) error { - return autoConvert_core_SecretKeySelector_To_v1_SecretKeySelector(in, out, s) -} - -func autoConvert_v1_SecretList_To_core_SecretList(in *corev1.SecretList, out *core.SecretList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.Secret, len(*in)) - for i := range *in { - if err := Convert_v1_Secret_To_core_Secret(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_SecretList_To_core_SecretList is an autogenerated conversion function. -func Convert_v1_SecretList_To_core_SecretList(in *corev1.SecretList, out *core.SecretList, s conversion.Scope) error { - return autoConvert_v1_SecretList_To_core_SecretList(in, out, s) -} - -func autoConvert_core_SecretList_To_v1_SecretList(in *core.SecretList, out *corev1.SecretList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.Secret, len(*in)) - for i := range *in { - if err := Convert_core_Secret_To_v1_Secret(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_SecretList_To_v1_SecretList is an autogenerated conversion function. -func Convert_core_SecretList_To_v1_SecretList(in *core.SecretList, out *corev1.SecretList, s conversion.Scope) error { - return autoConvert_core_SecretList_To_v1_SecretList(in, out, s) -} - -func autoConvert_v1_SecretProjection_To_core_SecretProjection(in *corev1.SecretProjection, out *core.SecretProjection, s conversion.Scope) error { - if err := Convert_v1_LocalObjectReference_To_core_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]core.KeyToPath)(unsafe.Pointer(&in.Items)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_SecretProjection_To_core_SecretProjection is an autogenerated conversion function. -func Convert_v1_SecretProjection_To_core_SecretProjection(in *corev1.SecretProjection, out *core.SecretProjection, s conversion.Scope) error { - return autoConvert_v1_SecretProjection_To_core_SecretProjection(in, out, s) -} - -func autoConvert_core_SecretProjection_To_v1_SecretProjection(in *core.SecretProjection, out *corev1.SecretProjection, s conversion.Scope) error { - if err := Convert_core_LocalObjectReference_To_v1_LocalObjectReference(&in.LocalObjectReference, &out.LocalObjectReference, s); err != nil { - return err - } - out.Items = *(*[]corev1.KeyToPath)(unsafe.Pointer(&in.Items)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_SecretProjection_To_v1_SecretProjection is an autogenerated conversion function. -func Convert_core_SecretProjection_To_v1_SecretProjection(in *core.SecretProjection, out *corev1.SecretProjection, s conversion.Scope) error { - return autoConvert_core_SecretProjection_To_v1_SecretProjection(in, out, s) -} - -func autoConvert_v1_SecretReference_To_core_SecretReference(in *corev1.SecretReference, out *core.SecretReference, s conversion.Scope) error { - out.Name = in.Name - out.Namespace = in.Namespace - return nil -} - -// Convert_v1_SecretReference_To_core_SecretReference is an autogenerated conversion function. -func Convert_v1_SecretReference_To_core_SecretReference(in *corev1.SecretReference, out *core.SecretReference, s conversion.Scope) error { - return autoConvert_v1_SecretReference_To_core_SecretReference(in, out, s) -} - -func autoConvert_core_SecretReference_To_v1_SecretReference(in *core.SecretReference, out *corev1.SecretReference, s conversion.Scope) error { - out.Name = in.Name - out.Namespace = in.Namespace - return nil -} - -// Convert_core_SecretReference_To_v1_SecretReference is an autogenerated conversion function. -func Convert_core_SecretReference_To_v1_SecretReference(in *core.SecretReference, out *corev1.SecretReference, s conversion.Scope) error { - return autoConvert_core_SecretReference_To_v1_SecretReference(in, out, s) -} - -func autoConvert_v1_SecretVolumeSource_To_core_SecretVolumeSource(in *corev1.SecretVolumeSource, out *core.SecretVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.Items = *(*[]core.KeyToPath)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_v1_SecretVolumeSource_To_core_SecretVolumeSource is an autogenerated conversion function. -func Convert_v1_SecretVolumeSource_To_core_SecretVolumeSource(in *corev1.SecretVolumeSource, out *core.SecretVolumeSource, s conversion.Scope) error { - return autoConvert_v1_SecretVolumeSource_To_core_SecretVolumeSource(in, out, s) -} - -func autoConvert_core_SecretVolumeSource_To_v1_SecretVolumeSource(in *core.SecretVolumeSource, out *corev1.SecretVolumeSource, s conversion.Scope) error { - out.SecretName = in.SecretName - out.Items = *(*[]corev1.KeyToPath)(unsafe.Pointer(&in.Items)) - out.DefaultMode = (*int32)(unsafe.Pointer(in.DefaultMode)) - out.Optional = (*bool)(unsafe.Pointer(in.Optional)) - return nil -} - -// Convert_core_SecretVolumeSource_To_v1_SecretVolumeSource is an autogenerated conversion function. -func Convert_core_SecretVolumeSource_To_v1_SecretVolumeSource(in *core.SecretVolumeSource, out *corev1.SecretVolumeSource, s conversion.Scope) error { - return autoConvert_core_SecretVolumeSource_To_v1_SecretVolumeSource(in, out, s) -} - -func autoConvert_v1_SecurityContext_To_core_SecurityContext(in *corev1.SecurityContext, out *core.SecurityContext, s conversion.Scope) error { - out.Capabilities = (*core.Capabilities)(unsafe.Pointer(in.Capabilities)) - out.Privileged = (*bool)(unsafe.Pointer(in.Privileged)) - out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions)) - out.WindowsOptions = (*core.WindowsSecurityContextOptions)(unsafe.Pointer(in.WindowsOptions)) - out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser)) - out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup)) - out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot)) - out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem)) - out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation)) - out.ProcMount = (*core.ProcMountType)(unsafe.Pointer(in.ProcMount)) - out.SeccompProfile = (*core.SeccompProfile)(unsafe.Pointer(in.SeccompProfile)) - out.AppArmorProfile = (*core.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile)) - return nil -} - -// Convert_v1_SecurityContext_To_core_SecurityContext is an autogenerated conversion function. -func Convert_v1_SecurityContext_To_core_SecurityContext(in *corev1.SecurityContext, out *core.SecurityContext, s conversion.Scope) error { - return autoConvert_v1_SecurityContext_To_core_SecurityContext(in, out, s) -} - -func autoConvert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityContext, out *corev1.SecurityContext, s conversion.Scope) error { - out.Capabilities = (*corev1.Capabilities)(unsafe.Pointer(in.Capabilities)) - out.Privileged = (*bool)(unsafe.Pointer(in.Privileged)) - out.SELinuxOptions = (*corev1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions)) - out.WindowsOptions = (*corev1.WindowsSecurityContextOptions)(unsafe.Pointer(in.WindowsOptions)) - out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser)) - out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup)) - out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot)) - out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem)) - out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation)) - out.ProcMount = (*corev1.ProcMountType)(unsafe.Pointer(in.ProcMount)) - out.SeccompProfile = (*corev1.SeccompProfile)(unsafe.Pointer(in.SeccompProfile)) - out.AppArmorProfile = (*corev1.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile)) - return nil -} - -// Convert_core_SecurityContext_To_v1_SecurityContext is an autogenerated conversion function. -func Convert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityContext, out *corev1.SecurityContext, s conversion.Scope) error { - return autoConvert_core_SecurityContext_To_v1_SecurityContext(in, out, s) -} - -func autoConvert_v1_SerializedReference_To_core_SerializedReference(in *corev1.SerializedReference, out *core.SerializedReference, s conversion.Scope) error { - if err := Convert_v1_ObjectReference_To_core_ObjectReference(&in.Reference, &out.Reference, s); err != nil { - return err - } - return nil -} - -// Convert_v1_SerializedReference_To_core_SerializedReference is an autogenerated conversion function. -func Convert_v1_SerializedReference_To_core_SerializedReference(in *corev1.SerializedReference, out *core.SerializedReference, s conversion.Scope) error { - return autoConvert_v1_SerializedReference_To_core_SerializedReference(in, out, s) -} - -func autoConvert_core_SerializedReference_To_v1_SerializedReference(in *core.SerializedReference, out *corev1.SerializedReference, s conversion.Scope) error { - if err := Convert_core_ObjectReference_To_v1_ObjectReference(&in.Reference, &out.Reference, s); err != nil { - return err - } - return nil -} - -// Convert_core_SerializedReference_To_v1_SerializedReference is an autogenerated conversion function. -func Convert_core_SerializedReference_To_v1_SerializedReference(in *core.SerializedReference, out *corev1.SerializedReference, s conversion.Scope) error { - return autoConvert_core_SerializedReference_To_v1_SerializedReference(in, out, s) -} - -func autoConvert_v1_Service_To_core_Service(in *corev1.Service, out *core.Service, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1_ServiceSpec_To_core_ServiceSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_v1_ServiceStatus_To_core_ServiceStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_v1_Service_To_core_Service is an autogenerated conversion function. -func Convert_v1_Service_To_core_Service(in *corev1.Service, out *core.Service, s conversion.Scope) error { - return autoConvert_v1_Service_To_core_Service(in, out, s) -} - -func autoConvert_core_Service_To_v1_Service(in *core.Service, out *corev1.Service, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_core_ServiceSpec_To_v1_ServiceSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - if err := Convert_core_ServiceStatus_To_v1_ServiceStatus(&in.Status, &out.Status, s); err != nil { - return err - } - return nil -} - -// Convert_core_Service_To_v1_Service is an autogenerated conversion function. -func Convert_core_Service_To_v1_Service(in *core.Service, out *corev1.Service, s conversion.Scope) error { - return autoConvert_core_Service_To_v1_Service(in, out, s) -} - -func autoConvert_v1_ServiceAccount_To_core_ServiceAccount(in *corev1.ServiceAccount, out *core.ServiceAccount, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Secrets = *(*[]core.ObjectReference)(unsafe.Pointer(&in.Secrets)) - out.ImagePullSecrets = *(*[]core.LocalObjectReference)(unsafe.Pointer(&in.ImagePullSecrets)) - out.AutomountServiceAccountToken = (*bool)(unsafe.Pointer(in.AutomountServiceAccountToken)) - return nil -} - -// Convert_v1_ServiceAccount_To_core_ServiceAccount is an autogenerated conversion function. -func Convert_v1_ServiceAccount_To_core_ServiceAccount(in *corev1.ServiceAccount, out *core.ServiceAccount, s conversion.Scope) error { - return autoConvert_v1_ServiceAccount_To_core_ServiceAccount(in, out, s) -} - -func autoConvert_core_ServiceAccount_To_v1_ServiceAccount(in *core.ServiceAccount, out *corev1.ServiceAccount, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - out.Secrets = *(*[]corev1.ObjectReference)(unsafe.Pointer(&in.Secrets)) - out.ImagePullSecrets = *(*[]corev1.LocalObjectReference)(unsafe.Pointer(&in.ImagePullSecrets)) - out.AutomountServiceAccountToken = (*bool)(unsafe.Pointer(in.AutomountServiceAccountToken)) - return nil -} - -// Convert_core_ServiceAccount_To_v1_ServiceAccount is an autogenerated conversion function. -func Convert_core_ServiceAccount_To_v1_ServiceAccount(in *core.ServiceAccount, out *corev1.ServiceAccount, s conversion.Scope) error { - return autoConvert_core_ServiceAccount_To_v1_ServiceAccount(in, out, s) -} - -func autoConvert_v1_ServiceAccountList_To_core_ServiceAccountList(in *corev1.ServiceAccountList, out *core.ServiceAccountList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]core.ServiceAccount)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1_ServiceAccountList_To_core_ServiceAccountList is an autogenerated conversion function. -func Convert_v1_ServiceAccountList_To_core_ServiceAccountList(in *corev1.ServiceAccountList, out *core.ServiceAccountList, s conversion.Scope) error { - return autoConvert_v1_ServiceAccountList_To_core_ServiceAccountList(in, out, s) -} - -func autoConvert_core_ServiceAccountList_To_v1_ServiceAccountList(in *core.ServiceAccountList, out *corev1.ServiceAccountList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]corev1.ServiceAccount)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_core_ServiceAccountList_To_v1_ServiceAccountList is an autogenerated conversion function. -func Convert_core_ServiceAccountList_To_v1_ServiceAccountList(in *core.ServiceAccountList, out *corev1.ServiceAccountList, s conversion.Scope) error { - return autoConvert_core_ServiceAccountList_To_v1_ServiceAccountList(in, out, s) -} - -func autoConvert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection(in *corev1.ServiceAccountTokenProjection, out *core.ServiceAccountTokenProjection, s conversion.Scope) error { - out.Audience = in.Audience - if err := metav1.Convert_Pointer_int64_To_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil { - return err - } - out.Path = in.Path - return nil -} - -// Convert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection is an autogenerated conversion function. -func Convert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection(in *corev1.ServiceAccountTokenProjection, out *core.ServiceAccountTokenProjection, s conversion.Scope) error { - return autoConvert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection(in, out, s) -} - -func autoConvert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection(in *core.ServiceAccountTokenProjection, out *corev1.ServiceAccountTokenProjection, s conversion.Scope) error { - out.Audience = in.Audience - if err := metav1.Convert_int64_To_Pointer_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil { - return err - } - out.Path = in.Path - return nil -} - -// Convert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection is an autogenerated conversion function. -func Convert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection(in *core.ServiceAccountTokenProjection, out *corev1.ServiceAccountTokenProjection, s conversion.Scope) error { - return autoConvert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection(in, out, s) -} - -func autoConvert_v1_ServiceList_To_core_ServiceList(in *corev1.ServiceList, out *core.ServiceList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]core.Service, len(*in)) - for i := range *in { - if err := Convert_v1_Service_To_core_Service(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_v1_ServiceList_To_core_ServiceList is an autogenerated conversion function. -func Convert_v1_ServiceList_To_core_ServiceList(in *corev1.ServiceList, out *core.ServiceList, s conversion.Scope) error { - return autoConvert_v1_ServiceList_To_core_ServiceList(in, out, s) -} - -func autoConvert_core_ServiceList_To_v1_ServiceList(in *core.ServiceList, out *corev1.ServiceList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]corev1.Service, len(*in)) - for i := range *in { - if err := Convert_core_Service_To_v1_Service(&(*in)[i], &(*out)[i], s); err != nil { - return err - } - } - } else { - out.Items = nil - } - return nil -} - -// Convert_core_ServiceList_To_v1_ServiceList is an autogenerated conversion function. -func Convert_core_ServiceList_To_v1_ServiceList(in *core.ServiceList, out *corev1.ServiceList, s conversion.Scope) error { - return autoConvert_core_ServiceList_To_v1_ServiceList(in, out, s) -} - -func autoConvert_v1_ServicePort_To_core_ServicePort(in *corev1.ServicePort, out *core.ServicePort, s conversion.Scope) error { - out.Name = in.Name - out.Protocol = core.Protocol(in.Protocol) - out.AppProtocol = (*string)(unsafe.Pointer(in.AppProtocol)) - out.Port = in.Port - out.TargetPort = in.TargetPort - out.NodePort = in.NodePort - return nil -} - -// Convert_v1_ServicePort_To_core_ServicePort is an autogenerated conversion function. -func Convert_v1_ServicePort_To_core_ServicePort(in *corev1.ServicePort, out *core.ServicePort, s conversion.Scope) error { - return autoConvert_v1_ServicePort_To_core_ServicePort(in, out, s) -} - -func autoConvert_core_ServicePort_To_v1_ServicePort(in *core.ServicePort, out *corev1.ServicePort, s conversion.Scope) error { - out.Name = in.Name - out.Protocol = corev1.Protocol(in.Protocol) - out.AppProtocol = (*string)(unsafe.Pointer(in.AppProtocol)) - out.Port = in.Port - out.TargetPort = in.TargetPort - out.NodePort = in.NodePort - return nil -} - -// Convert_core_ServicePort_To_v1_ServicePort is an autogenerated conversion function. -func Convert_core_ServicePort_To_v1_ServicePort(in *core.ServicePort, out *corev1.ServicePort, s conversion.Scope) error { - return autoConvert_core_ServicePort_To_v1_ServicePort(in, out, s) -} - -func autoConvert_v1_ServiceProxyOptions_To_core_ServiceProxyOptions(in *corev1.ServiceProxyOptions, out *core.ServiceProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_v1_ServiceProxyOptions_To_core_ServiceProxyOptions is an autogenerated conversion function. -func Convert_v1_ServiceProxyOptions_To_core_ServiceProxyOptions(in *corev1.ServiceProxyOptions, out *core.ServiceProxyOptions, s conversion.Scope) error { - return autoConvert_v1_ServiceProxyOptions_To_core_ServiceProxyOptions(in, out, s) -} - -func autoConvert_core_ServiceProxyOptions_To_v1_ServiceProxyOptions(in *core.ServiceProxyOptions, out *corev1.ServiceProxyOptions, s conversion.Scope) error { - out.Path = in.Path - return nil -} - -// Convert_core_ServiceProxyOptions_To_v1_ServiceProxyOptions is an autogenerated conversion function. -func Convert_core_ServiceProxyOptions_To_v1_ServiceProxyOptions(in *core.ServiceProxyOptions, out *corev1.ServiceProxyOptions, s conversion.Scope) error { - return autoConvert_core_ServiceProxyOptions_To_v1_ServiceProxyOptions(in, out, s) -} - -func autoConvert_url_Values_To_v1_ServiceProxyOptions(in *url.Values, out *corev1.ServiceProxyOptions, s conversion.Scope) error { - // WARNING: Field TypeMeta does not have json tag, skipping. - - if values, ok := map[string][]string(*in)["path"]; ok && len(values) > 0 { - if err := runtime.Convert_Slice_string_To_string(&values, &out.Path, s); err != nil { - return err - } - } else { - out.Path = "" - } - return nil -} - -// Convert_url_Values_To_v1_ServiceProxyOptions is an autogenerated conversion function. -func Convert_url_Values_To_v1_ServiceProxyOptions(in *url.Values, out *corev1.ServiceProxyOptions, s conversion.Scope) error { - return autoConvert_url_Values_To_v1_ServiceProxyOptions(in, out, s) -} - -func autoConvert_v1_ServiceSpec_To_core_ServiceSpec(in *corev1.ServiceSpec, out *core.ServiceSpec, s conversion.Scope) error { - out.Ports = *(*[]core.ServicePort)(unsafe.Pointer(&in.Ports)) - out.Selector = *(*map[string]string)(unsafe.Pointer(&in.Selector)) - out.ClusterIP = in.ClusterIP - out.ClusterIPs = *(*[]string)(unsafe.Pointer(&in.ClusterIPs)) - out.Type = core.ServiceType(in.Type) - out.ExternalIPs = *(*[]string)(unsafe.Pointer(&in.ExternalIPs)) - out.SessionAffinity = core.ServiceAffinity(in.SessionAffinity) - out.LoadBalancerIP = in.LoadBalancerIP - out.LoadBalancerSourceRanges = *(*[]string)(unsafe.Pointer(&in.LoadBalancerSourceRanges)) - out.ExternalName = in.ExternalName - out.ExternalTrafficPolicy = core.ServiceExternalTrafficPolicy(in.ExternalTrafficPolicy) - out.HealthCheckNodePort = in.HealthCheckNodePort - out.PublishNotReadyAddresses = in.PublishNotReadyAddresses - out.SessionAffinityConfig = (*core.SessionAffinityConfig)(unsafe.Pointer(in.SessionAffinityConfig)) - out.IPFamilies = *(*[]core.IPFamily)(unsafe.Pointer(&in.IPFamilies)) - out.IPFamilyPolicy = (*core.IPFamilyPolicy)(unsafe.Pointer(in.IPFamilyPolicy)) - out.AllocateLoadBalancerNodePorts = (*bool)(unsafe.Pointer(in.AllocateLoadBalancerNodePorts)) - out.LoadBalancerClass = (*string)(unsafe.Pointer(in.LoadBalancerClass)) - out.InternalTrafficPolicy = (*core.ServiceInternalTrafficPolicy)(unsafe.Pointer(in.InternalTrafficPolicy)) - out.TrafficDistribution = (*string)(unsafe.Pointer(in.TrafficDistribution)) - return nil -} - -// Convert_v1_ServiceSpec_To_core_ServiceSpec is an autogenerated conversion function. -func Convert_v1_ServiceSpec_To_core_ServiceSpec(in *corev1.ServiceSpec, out *core.ServiceSpec, s conversion.Scope) error { - return autoConvert_v1_ServiceSpec_To_core_ServiceSpec(in, out, s) -} - -func autoConvert_core_ServiceSpec_To_v1_ServiceSpec(in *core.ServiceSpec, out *corev1.ServiceSpec, s conversion.Scope) error { - out.Type = corev1.ServiceType(in.Type) - out.Ports = *(*[]corev1.ServicePort)(unsafe.Pointer(&in.Ports)) - out.Selector = *(*map[string]string)(unsafe.Pointer(&in.Selector)) - out.ClusterIP = in.ClusterIP - out.ClusterIPs = *(*[]string)(unsafe.Pointer(&in.ClusterIPs)) - out.IPFamilies = *(*[]corev1.IPFamily)(unsafe.Pointer(&in.IPFamilies)) - out.IPFamilyPolicy = (*corev1.IPFamilyPolicy)(unsafe.Pointer(in.IPFamilyPolicy)) - out.ExternalName = in.ExternalName - out.ExternalIPs = *(*[]string)(unsafe.Pointer(&in.ExternalIPs)) - out.LoadBalancerIP = in.LoadBalancerIP - out.SessionAffinity = corev1.ServiceAffinity(in.SessionAffinity) - out.SessionAffinityConfig = (*corev1.SessionAffinityConfig)(unsafe.Pointer(in.SessionAffinityConfig)) - out.LoadBalancerSourceRanges = *(*[]string)(unsafe.Pointer(&in.LoadBalancerSourceRanges)) - out.ExternalTrafficPolicy = corev1.ServiceExternalTrafficPolicy(in.ExternalTrafficPolicy) - out.HealthCheckNodePort = in.HealthCheckNodePort - out.PublishNotReadyAddresses = in.PublishNotReadyAddresses - out.AllocateLoadBalancerNodePorts = (*bool)(unsafe.Pointer(in.AllocateLoadBalancerNodePorts)) - out.LoadBalancerClass = (*string)(unsafe.Pointer(in.LoadBalancerClass)) - out.InternalTrafficPolicy = (*corev1.ServiceInternalTrafficPolicy)(unsafe.Pointer(in.InternalTrafficPolicy)) - out.TrafficDistribution = (*string)(unsafe.Pointer(in.TrafficDistribution)) - return nil -} - -// Convert_core_ServiceSpec_To_v1_ServiceSpec is an autogenerated conversion function. -func Convert_core_ServiceSpec_To_v1_ServiceSpec(in *core.ServiceSpec, out *corev1.ServiceSpec, s conversion.Scope) error { - return autoConvert_core_ServiceSpec_To_v1_ServiceSpec(in, out, s) -} - -func autoConvert_v1_ServiceStatus_To_core_ServiceStatus(in *corev1.ServiceStatus, out *core.ServiceStatus, s conversion.Scope) error { - if err := Convert_v1_LoadBalancerStatus_To_core_LoadBalancerStatus(&in.LoadBalancer, &out.LoadBalancer, s); err != nil { - return err - } - out.Conditions = *(*[]metav1.Condition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_v1_ServiceStatus_To_core_ServiceStatus is an autogenerated conversion function. -func Convert_v1_ServiceStatus_To_core_ServiceStatus(in *corev1.ServiceStatus, out *core.ServiceStatus, s conversion.Scope) error { - return autoConvert_v1_ServiceStatus_To_core_ServiceStatus(in, out, s) -} - -func autoConvert_core_ServiceStatus_To_v1_ServiceStatus(in *core.ServiceStatus, out *corev1.ServiceStatus, s conversion.Scope) error { - if err := Convert_core_LoadBalancerStatus_To_v1_LoadBalancerStatus(&in.LoadBalancer, &out.LoadBalancer, s); err != nil { - return err - } - out.Conditions = *(*[]metav1.Condition)(unsafe.Pointer(&in.Conditions)) - return nil -} - -// Convert_core_ServiceStatus_To_v1_ServiceStatus is an autogenerated conversion function. -func Convert_core_ServiceStatus_To_v1_ServiceStatus(in *core.ServiceStatus, out *corev1.ServiceStatus, s conversion.Scope) error { - return autoConvert_core_ServiceStatus_To_v1_ServiceStatus(in, out, s) -} - -func autoConvert_v1_SessionAffinityConfig_To_core_SessionAffinityConfig(in *corev1.SessionAffinityConfig, out *core.SessionAffinityConfig, s conversion.Scope) error { - out.ClientIP = (*core.ClientIPConfig)(unsafe.Pointer(in.ClientIP)) - return nil -} - -// Convert_v1_SessionAffinityConfig_To_core_SessionAffinityConfig is an autogenerated conversion function. -func Convert_v1_SessionAffinityConfig_To_core_SessionAffinityConfig(in *corev1.SessionAffinityConfig, out *core.SessionAffinityConfig, s conversion.Scope) error { - return autoConvert_v1_SessionAffinityConfig_To_core_SessionAffinityConfig(in, out, s) -} - -func autoConvert_core_SessionAffinityConfig_To_v1_SessionAffinityConfig(in *core.SessionAffinityConfig, out *corev1.SessionAffinityConfig, s conversion.Scope) error { - out.ClientIP = (*corev1.ClientIPConfig)(unsafe.Pointer(in.ClientIP)) - return nil -} - -// Convert_core_SessionAffinityConfig_To_v1_SessionAffinityConfig is an autogenerated conversion function. -func Convert_core_SessionAffinityConfig_To_v1_SessionAffinityConfig(in *core.SessionAffinityConfig, out *corev1.SessionAffinityConfig, s conversion.Scope) error { - return autoConvert_core_SessionAffinityConfig_To_v1_SessionAffinityConfig(in, out, s) -} - -func autoConvert_v1_SleepAction_To_core_SleepAction(in *corev1.SleepAction, out *core.SleepAction, s conversion.Scope) error { - out.Seconds = in.Seconds - return nil -} - -// Convert_v1_SleepAction_To_core_SleepAction is an autogenerated conversion function. -func Convert_v1_SleepAction_To_core_SleepAction(in *corev1.SleepAction, out *core.SleepAction, s conversion.Scope) error { - return autoConvert_v1_SleepAction_To_core_SleepAction(in, out, s) -} - -func autoConvert_core_SleepAction_To_v1_SleepAction(in *core.SleepAction, out *corev1.SleepAction, s conversion.Scope) error { - out.Seconds = in.Seconds - return nil -} - -// Convert_core_SleepAction_To_v1_SleepAction is an autogenerated conversion function. -func Convert_core_SleepAction_To_v1_SleepAction(in *core.SleepAction, out *corev1.SleepAction, s conversion.Scope) error { - return autoConvert_core_SleepAction_To_v1_SleepAction(in, out, s) -} - -func autoConvert_v1_StorageOSPersistentVolumeSource_To_core_StorageOSPersistentVolumeSource(in *corev1.StorageOSPersistentVolumeSource, out *core.StorageOSPersistentVolumeSource, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.VolumeNamespace = in.VolumeNamespace - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*core.ObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_v1_StorageOSPersistentVolumeSource_To_core_StorageOSPersistentVolumeSource is an autogenerated conversion function. -func Convert_v1_StorageOSPersistentVolumeSource_To_core_StorageOSPersistentVolumeSource(in *corev1.StorageOSPersistentVolumeSource, out *core.StorageOSPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_v1_StorageOSPersistentVolumeSource_To_core_StorageOSPersistentVolumeSource(in, out, s) -} - -func autoConvert_core_StorageOSPersistentVolumeSource_To_v1_StorageOSPersistentVolumeSource(in *core.StorageOSPersistentVolumeSource, out *corev1.StorageOSPersistentVolumeSource, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.VolumeNamespace = in.VolumeNamespace - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*corev1.ObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_core_StorageOSPersistentVolumeSource_To_v1_StorageOSPersistentVolumeSource is an autogenerated conversion function. -func Convert_core_StorageOSPersistentVolumeSource_To_v1_StorageOSPersistentVolumeSource(in *core.StorageOSPersistentVolumeSource, out *corev1.StorageOSPersistentVolumeSource, s conversion.Scope) error { - return autoConvert_core_StorageOSPersistentVolumeSource_To_v1_StorageOSPersistentVolumeSource(in, out, s) -} - -func autoConvert_v1_StorageOSVolumeSource_To_core_StorageOSVolumeSource(in *corev1.StorageOSVolumeSource, out *core.StorageOSVolumeSource, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.VolumeNamespace = in.VolumeNamespace - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*core.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_v1_StorageOSVolumeSource_To_core_StorageOSVolumeSource is an autogenerated conversion function. -func Convert_v1_StorageOSVolumeSource_To_core_StorageOSVolumeSource(in *corev1.StorageOSVolumeSource, out *core.StorageOSVolumeSource, s conversion.Scope) error { - return autoConvert_v1_StorageOSVolumeSource_To_core_StorageOSVolumeSource(in, out, s) -} - -func autoConvert_core_StorageOSVolumeSource_To_v1_StorageOSVolumeSource(in *core.StorageOSVolumeSource, out *corev1.StorageOSVolumeSource, s conversion.Scope) error { - out.VolumeName = in.VolumeName - out.VolumeNamespace = in.VolumeNamespace - out.FSType = in.FSType - out.ReadOnly = in.ReadOnly - out.SecretRef = (*corev1.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) - return nil -} - -// Convert_core_StorageOSVolumeSource_To_v1_StorageOSVolumeSource is an autogenerated conversion function. -func Convert_core_StorageOSVolumeSource_To_v1_StorageOSVolumeSource(in *core.StorageOSVolumeSource, out *corev1.StorageOSVolumeSource, s conversion.Scope) error { - return autoConvert_core_StorageOSVolumeSource_To_v1_StorageOSVolumeSource(in, out, s) -} - -func autoConvert_v1_Sysctl_To_core_Sysctl(in *corev1.Sysctl, out *core.Sysctl, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - return nil -} - -// Convert_v1_Sysctl_To_core_Sysctl is an autogenerated conversion function. -func Convert_v1_Sysctl_To_core_Sysctl(in *corev1.Sysctl, out *core.Sysctl, s conversion.Scope) error { - return autoConvert_v1_Sysctl_To_core_Sysctl(in, out, s) -} - -func autoConvert_core_Sysctl_To_v1_Sysctl(in *core.Sysctl, out *corev1.Sysctl, s conversion.Scope) error { - out.Name = in.Name - out.Value = in.Value - return nil -} - -// Convert_core_Sysctl_To_v1_Sysctl is an autogenerated conversion function. -func Convert_core_Sysctl_To_v1_Sysctl(in *core.Sysctl, out *corev1.Sysctl, s conversion.Scope) error { - return autoConvert_core_Sysctl_To_v1_Sysctl(in, out, s) -} - -func autoConvert_v1_TCPSocketAction_To_core_TCPSocketAction(in *corev1.TCPSocketAction, out *core.TCPSocketAction, s conversion.Scope) error { - out.Port = in.Port - out.Host = in.Host - return nil -} - -// Convert_v1_TCPSocketAction_To_core_TCPSocketAction is an autogenerated conversion function. -func Convert_v1_TCPSocketAction_To_core_TCPSocketAction(in *corev1.TCPSocketAction, out *core.TCPSocketAction, s conversion.Scope) error { - return autoConvert_v1_TCPSocketAction_To_core_TCPSocketAction(in, out, s) -} - -func autoConvert_core_TCPSocketAction_To_v1_TCPSocketAction(in *core.TCPSocketAction, out *corev1.TCPSocketAction, s conversion.Scope) error { - out.Port = in.Port - out.Host = in.Host - return nil -} - -// Convert_core_TCPSocketAction_To_v1_TCPSocketAction is an autogenerated conversion function. -func Convert_core_TCPSocketAction_To_v1_TCPSocketAction(in *core.TCPSocketAction, out *corev1.TCPSocketAction, s conversion.Scope) error { - return autoConvert_core_TCPSocketAction_To_v1_TCPSocketAction(in, out, s) -} - -func autoConvert_v1_Taint_To_core_Taint(in *corev1.Taint, out *core.Taint, s conversion.Scope) error { - out.Key = in.Key - out.Value = in.Value - out.Effect = core.TaintEffect(in.Effect) - out.TimeAdded = (*metav1.Time)(unsafe.Pointer(in.TimeAdded)) - return nil -} - -// Convert_v1_Taint_To_core_Taint is an autogenerated conversion function. -func Convert_v1_Taint_To_core_Taint(in *corev1.Taint, out *core.Taint, s conversion.Scope) error { - return autoConvert_v1_Taint_To_core_Taint(in, out, s) -} - -func autoConvert_core_Taint_To_v1_Taint(in *core.Taint, out *corev1.Taint, s conversion.Scope) error { - out.Key = in.Key - out.Value = in.Value - out.Effect = corev1.TaintEffect(in.Effect) - out.TimeAdded = (*metav1.Time)(unsafe.Pointer(in.TimeAdded)) - return nil -} - -// Convert_core_Taint_To_v1_Taint is an autogenerated conversion function. -func Convert_core_Taint_To_v1_Taint(in *core.Taint, out *corev1.Taint, s conversion.Scope) error { - return autoConvert_core_Taint_To_v1_Taint(in, out, s) -} - -func autoConvert_v1_Toleration_To_core_Toleration(in *corev1.Toleration, out *core.Toleration, s conversion.Scope) error { - out.Key = in.Key - out.Operator = core.TolerationOperator(in.Operator) - out.Value = in.Value - out.Effect = core.TaintEffect(in.Effect) - out.TolerationSeconds = (*int64)(unsafe.Pointer(in.TolerationSeconds)) - return nil -} - -// Convert_v1_Toleration_To_core_Toleration is an autogenerated conversion function. -func Convert_v1_Toleration_To_core_Toleration(in *corev1.Toleration, out *core.Toleration, s conversion.Scope) error { - return autoConvert_v1_Toleration_To_core_Toleration(in, out, s) -} - -func autoConvert_core_Toleration_To_v1_Toleration(in *core.Toleration, out *corev1.Toleration, s conversion.Scope) error { - out.Key = in.Key - out.Operator = corev1.TolerationOperator(in.Operator) - out.Value = in.Value - out.Effect = corev1.TaintEffect(in.Effect) - out.TolerationSeconds = (*int64)(unsafe.Pointer(in.TolerationSeconds)) - return nil -} - -// Convert_core_Toleration_To_v1_Toleration is an autogenerated conversion function. -func Convert_core_Toleration_To_v1_Toleration(in *core.Toleration, out *corev1.Toleration, s conversion.Scope) error { - return autoConvert_core_Toleration_To_v1_Toleration(in, out, s) -} - -func autoConvert_v1_TopologySelectorLabelRequirement_To_core_TopologySelectorLabelRequirement(in *corev1.TopologySelectorLabelRequirement, out *core.TopologySelectorLabelRequirement, s conversion.Scope) error { - out.Key = in.Key - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_v1_TopologySelectorLabelRequirement_To_core_TopologySelectorLabelRequirement is an autogenerated conversion function. -func Convert_v1_TopologySelectorLabelRequirement_To_core_TopologySelectorLabelRequirement(in *corev1.TopologySelectorLabelRequirement, out *core.TopologySelectorLabelRequirement, s conversion.Scope) error { - return autoConvert_v1_TopologySelectorLabelRequirement_To_core_TopologySelectorLabelRequirement(in, out, s) -} - -func autoConvert_core_TopologySelectorLabelRequirement_To_v1_TopologySelectorLabelRequirement(in *core.TopologySelectorLabelRequirement, out *corev1.TopologySelectorLabelRequirement, s conversion.Scope) error { - out.Key = in.Key - out.Values = *(*[]string)(unsafe.Pointer(&in.Values)) - return nil -} - -// Convert_core_TopologySelectorLabelRequirement_To_v1_TopologySelectorLabelRequirement is an autogenerated conversion function. -func Convert_core_TopologySelectorLabelRequirement_To_v1_TopologySelectorLabelRequirement(in *core.TopologySelectorLabelRequirement, out *corev1.TopologySelectorLabelRequirement, s conversion.Scope) error { - return autoConvert_core_TopologySelectorLabelRequirement_To_v1_TopologySelectorLabelRequirement(in, out, s) -} - -func autoConvert_v1_TopologySelectorTerm_To_core_TopologySelectorTerm(in *corev1.TopologySelectorTerm, out *core.TopologySelectorTerm, s conversion.Scope) error { - out.MatchLabelExpressions = *(*[]core.TopologySelectorLabelRequirement)(unsafe.Pointer(&in.MatchLabelExpressions)) - return nil -} - -// Convert_v1_TopologySelectorTerm_To_core_TopologySelectorTerm is an autogenerated conversion function. -func Convert_v1_TopologySelectorTerm_To_core_TopologySelectorTerm(in *corev1.TopologySelectorTerm, out *core.TopologySelectorTerm, s conversion.Scope) error { - return autoConvert_v1_TopologySelectorTerm_To_core_TopologySelectorTerm(in, out, s) -} - -func autoConvert_core_TopologySelectorTerm_To_v1_TopologySelectorTerm(in *core.TopologySelectorTerm, out *corev1.TopologySelectorTerm, s conversion.Scope) error { - out.MatchLabelExpressions = *(*[]corev1.TopologySelectorLabelRequirement)(unsafe.Pointer(&in.MatchLabelExpressions)) - return nil -} - -// Convert_core_TopologySelectorTerm_To_v1_TopologySelectorTerm is an autogenerated conversion function. -func Convert_core_TopologySelectorTerm_To_v1_TopologySelectorTerm(in *core.TopologySelectorTerm, out *corev1.TopologySelectorTerm, s conversion.Scope) error { - return autoConvert_core_TopologySelectorTerm_To_v1_TopologySelectorTerm(in, out, s) -} - -func autoConvert_v1_TopologySpreadConstraint_To_core_TopologySpreadConstraint(in *corev1.TopologySpreadConstraint, out *core.TopologySpreadConstraint, s conversion.Scope) error { - out.MaxSkew = in.MaxSkew - out.TopologyKey = in.TopologyKey - out.WhenUnsatisfiable = core.UnsatisfiableConstraintAction(in.WhenUnsatisfiable) - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.MinDomains = (*int32)(unsafe.Pointer(in.MinDomains)) - out.NodeAffinityPolicy = (*core.NodeInclusionPolicy)(unsafe.Pointer(in.NodeAffinityPolicy)) - out.NodeTaintsPolicy = (*core.NodeInclusionPolicy)(unsafe.Pointer(in.NodeTaintsPolicy)) - out.MatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MatchLabelKeys)) - return nil -} - -// Convert_v1_TopologySpreadConstraint_To_core_TopologySpreadConstraint is an autogenerated conversion function. -func Convert_v1_TopologySpreadConstraint_To_core_TopologySpreadConstraint(in *corev1.TopologySpreadConstraint, out *core.TopologySpreadConstraint, s conversion.Scope) error { - return autoConvert_v1_TopologySpreadConstraint_To_core_TopologySpreadConstraint(in, out, s) -} - -func autoConvert_core_TopologySpreadConstraint_To_v1_TopologySpreadConstraint(in *core.TopologySpreadConstraint, out *corev1.TopologySpreadConstraint, s conversion.Scope) error { - out.MaxSkew = in.MaxSkew - out.TopologyKey = in.TopologyKey - out.WhenUnsatisfiable = corev1.UnsatisfiableConstraintAction(in.WhenUnsatisfiable) - out.LabelSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.LabelSelector)) - out.MinDomains = (*int32)(unsafe.Pointer(in.MinDomains)) - out.NodeAffinityPolicy = (*corev1.NodeInclusionPolicy)(unsafe.Pointer(in.NodeAffinityPolicy)) - out.NodeTaintsPolicy = (*corev1.NodeInclusionPolicy)(unsafe.Pointer(in.NodeTaintsPolicy)) - out.MatchLabelKeys = *(*[]string)(unsafe.Pointer(&in.MatchLabelKeys)) - return nil -} - -// Convert_core_TopologySpreadConstraint_To_v1_TopologySpreadConstraint is an autogenerated conversion function. -func Convert_core_TopologySpreadConstraint_To_v1_TopologySpreadConstraint(in *core.TopologySpreadConstraint, out *corev1.TopologySpreadConstraint, s conversion.Scope) error { - return autoConvert_core_TopologySpreadConstraint_To_v1_TopologySpreadConstraint(in, out, s) -} - -func autoConvert_v1_TypedLocalObjectReference_To_core_TypedLocalObjectReference(in *corev1.TypedLocalObjectReference, out *core.TypedLocalObjectReference, s conversion.Scope) error { - out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) - out.Kind = in.Kind - out.Name = in.Name - return nil -} - -// Convert_v1_TypedLocalObjectReference_To_core_TypedLocalObjectReference is an autogenerated conversion function. -func Convert_v1_TypedLocalObjectReference_To_core_TypedLocalObjectReference(in *corev1.TypedLocalObjectReference, out *core.TypedLocalObjectReference, s conversion.Scope) error { - return autoConvert_v1_TypedLocalObjectReference_To_core_TypedLocalObjectReference(in, out, s) -} - -func autoConvert_core_TypedLocalObjectReference_To_v1_TypedLocalObjectReference(in *core.TypedLocalObjectReference, out *corev1.TypedLocalObjectReference, s conversion.Scope) error { - out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) - out.Kind = in.Kind - out.Name = in.Name - return nil -} - -// Convert_core_TypedLocalObjectReference_To_v1_TypedLocalObjectReference is an autogenerated conversion function. -func Convert_core_TypedLocalObjectReference_To_v1_TypedLocalObjectReference(in *core.TypedLocalObjectReference, out *corev1.TypedLocalObjectReference, s conversion.Scope) error { - return autoConvert_core_TypedLocalObjectReference_To_v1_TypedLocalObjectReference(in, out, s) -} - -func autoConvert_v1_TypedObjectReference_To_core_TypedObjectReference(in *corev1.TypedObjectReference, out *core.TypedObjectReference, s conversion.Scope) error { - out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) - out.Kind = in.Kind - out.Name = in.Name - out.Namespace = (*string)(unsafe.Pointer(in.Namespace)) - return nil -} - -// Convert_v1_TypedObjectReference_To_core_TypedObjectReference is an autogenerated conversion function. -func Convert_v1_TypedObjectReference_To_core_TypedObjectReference(in *corev1.TypedObjectReference, out *core.TypedObjectReference, s conversion.Scope) error { - return autoConvert_v1_TypedObjectReference_To_core_TypedObjectReference(in, out, s) -} - -func autoConvert_core_TypedObjectReference_To_v1_TypedObjectReference(in *core.TypedObjectReference, out *corev1.TypedObjectReference, s conversion.Scope) error { - out.APIGroup = (*string)(unsafe.Pointer(in.APIGroup)) - out.Kind = in.Kind - out.Name = in.Name - out.Namespace = (*string)(unsafe.Pointer(in.Namespace)) - return nil -} - -// Convert_core_TypedObjectReference_To_v1_TypedObjectReference is an autogenerated conversion function. -func Convert_core_TypedObjectReference_To_v1_TypedObjectReference(in *core.TypedObjectReference, out *corev1.TypedObjectReference, s conversion.Scope) error { - return autoConvert_core_TypedObjectReference_To_v1_TypedObjectReference(in, out, s) -} - -func autoConvert_v1_Volume_To_core_Volume(in *corev1.Volume, out *core.Volume, s conversion.Scope) error { - out.Name = in.Name - if err := Convert_v1_VolumeSource_To_core_VolumeSource(&in.VolumeSource, &out.VolumeSource, s); err != nil { - return err - } - return nil -} - -// Convert_v1_Volume_To_core_Volume is an autogenerated conversion function. -func Convert_v1_Volume_To_core_Volume(in *corev1.Volume, out *core.Volume, s conversion.Scope) error { - return autoConvert_v1_Volume_To_core_Volume(in, out, s) -} - -func autoConvert_core_Volume_To_v1_Volume(in *core.Volume, out *corev1.Volume, s conversion.Scope) error { - out.Name = in.Name - if err := Convert_core_VolumeSource_To_v1_VolumeSource(&in.VolumeSource, &out.VolumeSource, s); err != nil { - return err - } - return nil -} - -// Convert_core_Volume_To_v1_Volume is an autogenerated conversion function. -func Convert_core_Volume_To_v1_Volume(in *core.Volume, out *corev1.Volume, s conversion.Scope) error { - return autoConvert_core_Volume_To_v1_Volume(in, out, s) -} - -func autoConvert_v1_VolumeDevice_To_core_VolumeDevice(in *corev1.VolumeDevice, out *core.VolumeDevice, s conversion.Scope) error { - out.Name = in.Name - out.DevicePath = in.DevicePath - return nil -} - -// Convert_v1_VolumeDevice_To_core_VolumeDevice is an autogenerated conversion function. -func Convert_v1_VolumeDevice_To_core_VolumeDevice(in *corev1.VolumeDevice, out *core.VolumeDevice, s conversion.Scope) error { - return autoConvert_v1_VolumeDevice_To_core_VolumeDevice(in, out, s) -} - -func autoConvert_core_VolumeDevice_To_v1_VolumeDevice(in *core.VolumeDevice, out *corev1.VolumeDevice, s conversion.Scope) error { - out.Name = in.Name - out.DevicePath = in.DevicePath - return nil -} - -// Convert_core_VolumeDevice_To_v1_VolumeDevice is an autogenerated conversion function. -func Convert_core_VolumeDevice_To_v1_VolumeDevice(in *core.VolumeDevice, out *corev1.VolumeDevice, s conversion.Scope) error { - return autoConvert_core_VolumeDevice_To_v1_VolumeDevice(in, out, s) -} - -func autoConvert_v1_VolumeMount_To_core_VolumeMount(in *corev1.VolumeMount, out *core.VolumeMount, s conversion.Scope) error { - out.Name = in.Name - out.ReadOnly = in.ReadOnly - out.RecursiveReadOnly = (*core.RecursiveReadOnlyMode)(unsafe.Pointer(in.RecursiveReadOnly)) - out.MountPath = in.MountPath - out.SubPath = in.SubPath - out.MountPropagation = (*core.MountPropagationMode)(unsafe.Pointer(in.MountPropagation)) - out.SubPathExpr = in.SubPathExpr - return nil -} - -// Convert_v1_VolumeMount_To_core_VolumeMount is an autogenerated conversion function. -func Convert_v1_VolumeMount_To_core_VolumeMount(in *corev1.VolumeMount, out *core.VolumeMount, s conversion.Scope) error { - return autoConvert_v1_VolumeMount_To_core_VolumeMount(in, out, s) -} - -func autoConvert_core_VolumeMount_To_v1_VolumeMount(in *core.VolumeMount, out *corev1.VolumeMount, s conversion.Scope) error { - out.Name = in.Name - out.ReadOnly = in.ReadOnly - out.RecursiveReadOnly = (*corev1.RecursiveReadOnlyMode)(unsafe.Pointer(in.RecursiveReadOnly)) - out.MountPath = in.MountPath - out.SubPath = in.SubPath - out.MountPropagation = (*corev1.MountPropagationMode)(unsafe.Pointer(in.MountPropagation)) - out.SubPathExpr = in.SubPathExpr - return nil -} - -// Convert_core_VolumeMount_To_v1_VolumeMount is an autogenerated conversion function. -func Convert_core_VolumeMount_To_v1_VolumeMount(in *core.VolumeMount, out *corev1.VolumeMount, s conversion.Scope) error { - return autoConvert_core_VolumeMount_To_v1_VolumeMount(in, out, s) -} - -func autoConvert_v1_VolumeMountStatus_To_core_VolumeMountStatus(in *corev1.VolumeMountStatus, out *core.VolumeMountStatus, s conversion.Scope) error { - out.Name = in.Name - out.MountPath = in.MountPath - out.ReadOnly = in.ReadOnly - out.RecursiveReadOnly = (*core.RecursiveReadOnlyMode)(unsafe.Pointer(in.RecursiveReadOnly)) - return nil -} - -// Convert_v1_VolumeMountStatus_To_core_VolumeMountStatus is an autogenerated conversion function. -func Convert_v1_VolumeMountStatus_To_core_VolumeMountStatus(in *corev1.VolumeMountStatus, out *core.VolumeMountStatus, s conversion.Scope) error { - return autoConvert_v1_VolumeMountStatus_To_core_VolumeMountStatus(in, out, s) -} - -func autoConvert_core_VolumeMountStatus_To_v1_VolumeMountStatus(in *core.VolumeMountStatus, out *corev1.VolumeMountStatus, s conversion.Scope) error { - out.Name = in.Name - out.MountPath = in.MountPath - out.ReadOnly = in.ReadOnly - out.RecursiveReadOnly = (*corev1.RecursiveReadOnlyMode)(unsafe.Pointer(in.RecursiveReadOnly)) - return nil -} - -// Convert_core_VolumeMountStatus_To_v1_VolumeMountStatus is an autogenerated conversion function. -func Convert_core_VolumeMountStatus_To_v1_VolumeMountStatus(in *core.VolumeMountStatus, out *corev1.VolumeMountStatus, s conversion.Scope) error { - return autoConvert_core_VolumeMountStatus_To_v1_VolumeMountStatus(in, out, s) -} - -func autoConvert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in *corev1.VolumeNodeAffinity, out *core.VolumeNodeAffinity, s conversion.Scope) error { - out.Required = (*core.NodeSelector)(unsafe.Pointer(in.Required)) - return nil -} - -// Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity is an autogenerated conversion function. -func Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in *corev1.VolumeNodeAffinity, out *core.VolumeNodeAffinity, s conversion.Scope) error { - return autoConvert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in, out, s) -} - -func autoConvert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in *core.VolumeNodeAffinity, out *corev1.VolumeNodeAffinity, s conversion.Scope) error { - out.Required = (*corev1.NodeSelector)(unsafe.Pointer(in.Required)) - return nil -} - -// Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity is an autogenerated conversion function. -func Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in *core.VolumeNodeAffinity, out *corev1.VolumeNodeAffinity, s conversion.Scope) error { - return autoConvert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in, out, s) -} - -func autoConvert_v1_VolumeProjection_To_core_VolumeProjection(in *corev1.VolumeProjection, out *core.VolumeProjection, s conversion.Scope) error { - out.Secret = (*core.SecretProjection)(unsafe.Pointer(in.Secret)) - out.DownwardAPI = (*core.DownwardAPIProjection)(unsafe.Pointer(in.DownwardAPI)) - out.ConfigMap = (*core.ConfigMapProjection)(unsafe.Pointer(in.ConfigMap)) - if in.ServiceAccountToken != nil { - in, out := &in.ServiceAccountToken, &out.ServiceAccountToken - *out = new(core.ServiceAccountTokenProjection) - if err := Convert_v1_ServiceAccountTokenProjection_To_core_ServiceAccountTokenProjection(*in, *out, s); err != nil { - return err - } - } else { - out.ServiceAccountToken = nil - } - out.ClusterTrustBundle = (*core.ClusterTrustBundleProjection)(unsafe.Pointer(in.ClusterTrustBundle)) - out.PodCertificate = (*core.PodCertificateProjection)(unsafe.Pointer(in.PodCertificate)) - return nil -} - -// Convert_v1_VolumeProjection_To_core_VolumeProjection is an autogenerated conversion function. -func Convert_v1_VolumeProjection_To_core_VolumeProjection(in *corev1.VolumeProjection, out *core.VolumeProjection, s conversion.Scope) error { - return autoConvert_v1_VolumeProjection_To_core_VolumeProjection(in, out, s) -} - -func autoConvert_core_VolumeProjection_To_v1_VolumeProjection(in *core.VolumeProjection, out *corev1.VolumeProjection, s conversion.Scope) error { - out.Secret = (*corev1.SecretProjection)(unsafe.Pointer(in.Secret)) - out.DownwardAPI = (*corev1.DownwardAPIProjection)(unsafe.Pointer(in.DownwardAPI)) - out.ConfigMap = (*corev1.ConfigMapProjection)(unsafe.Pointer(in.ConfigMap)) - if in.ServiceAccountToken != nil { - in, out := &in.ServiceAccountToken, &out.ServiceAccountToken - *out = new(corev1.ServiceAccountTokenProjection) - if err := Convert_core_ServiceAccountTokenProjection_To_v1_ServiceAccountTokenProjection(*in, *out, s); err != nil { - return err - } - } else { - out.ServiceAccountToken = nil - } - out.ClusterTrustBundle = (*corev1.ClusterTrustBundleProjection)(unsafe.Pointer(in.ClusterTrustBundle)) - out.PodCertificate = (*corev1.PodCertificateProjection)(unsafe.Pointer(in.PodCertificate)) - return nil -} - -// Convert_core_VolumeProjection_To_v1_VolumeProjection is an autogenerated conversion function. -func Convert_core_VolumeProjection_To_v1_VolumeProjection(in *core.VolumeProjection, out *corev1.VolumeProjection, s conversion.Scope) error { - return autoConvert_core_VolumeProjection_To_v1_VolumeProjection(in, out, s) -} - -func autoConvert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements(in *corev1.VolumeResourceRequirements, out *core.VolumeResourceRequirements, s conversion.Scope) error { - out.Limits = *(*core.ResourceList)(unsafe.Pointer(&in.Limits)) - out.Requests = *(*core.ResourceList)(unsafe.Pointer(&in.Requests)) - return nil -} - -// Convert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements is an autogenerated conversion function. -func Convert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements(in *corev1.VolumeResourceRequirements, out *core.VolumeResourceRequirements, s conversion.Scope) error { - return autoConvert_v1_VolumeResourceRequirements_To_core_VolumeResourceRequirements(in, out, s) -} - -func autoConvert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements(in *core.VolumeResourceRequirements, out *corev1.VolumeResourceRequirements, s conversion.Scope) error { - out.Limits = *(*corev1.ResourceList)(unsafe.Pointer(&in.Limits)) - out.Requests = *(*corev1.ResourceList)(unsafe.Pointer(&in.Requests)) - return nil -} - -// Convert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements is an autogenerated conversion function. -func Convert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements(in *core.VolumeResourceRequirements, out *corev1.VolumeResourceRequirements, s conversion.Scope) error { - return autoConvert_core_VolumeResourceRequirements_To_v1_VolumeResourceRequirements(in, out, s) -} - -func autoConvert_v1_VolumeSource_To_core_VolumeSource(in *corev1.VolumeSource, out *core.VolumeSource, s conversion.Scope) error { - out.HostPath = (*core.HostPathVolumeSource)(unsafe.Pointer(in.HostPath)) - out.EmptyDir = (*core.EmptyDirVolumeSource)(unsafe.Pointer(in.EmptyDir)) - out.GCEPersistentDisk = (*core.GCEPersistentDiskVolumeSource)(unsafe.Pointer(in.GCEPersistentDisk)) - out.AWSElasticBlockStore = (*core.AWSElasticBlockStoreVolumeSource)(unsafe.Pointer(in.AWSElasticBlockStore)) - out.GitRepo = (*core.GitRepoVolumeSource)(unsafe.Pointer(in.GitRepo)) - out.Secret = (*core.SecretVolumeSource)(unsafe.Pointer(in.Secret)) - out.NFS = (*core.NFSVolumeSource)(unsafe.Pointer(in.NFS)) - out.ISCSI = (*core.ISCSIVolumeSource)(unsafe.Pointer(in.ISCSI)) - out.Glusterfs = (*core.GlusterfsVolumeSource)(unsafe.Pointer(in.Glusterfs)) - out.PersistentVolumeClaim = (*core.PersistentVolumeClaimVolumeSource)(unsafe.Pointer(in.PersistentVolumeClaim)) - out.RBD = (*core.RBDVolumeSource)(unsafe.Pointer(in.RBD)) - out.FlexVolume = (*core.FlexVolumeSource)(unsafe.Pointer(in.FlexVolume)) - out.Cinder = (*core.CinderVolumeSource)(unsafe.Pointer(in.Cinder)) - out.CephFS = (*core.CephFSVolumeSource)(unsafe.Pointer(in.CephFS)) - out.Flocker = (*core.FlockerVolumeSource)(unsafe.Pointer(in.Flocker)) - out.DownwardAPI = (*core.DownwardAPIVolumeSource)(unsafe.Pointer(in.DownwardAPI)) - out.FC = (*core.FCVolumeSource)(unsafe.Pointer(in.FC)) - out.AzureFile = (*core.AzureFileVolumeSource)(unsafe.Pointer(in.AzureFile)) - out.ConfigMap = (*core.ConfigMapVolumeSource)(unsafe.Pointer(in.ConfigMap)) - out.VsphereVolume = (*core.VsphereVirtualDiskVolumeSource)(unsafe.Pointer(in.VsphereVolume)) - out.Quobyte = (*core.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte)) - out.AzureDisk = (*core.AzureDiskVolumeSource)(unsafe.Pointer(in.AzureDisk)) - out.PhotonPersistentDisk = (*core.PhotonPersistentDiskVolumeSource)(unsafe.Pointer(in.PhotonPersistentDisk)) - if in.Projected != nil { - in, out := &in.Projected, &out.Projected - *out = new(core.ProjectedVolumeSource) - if err := Convert_v1_ProjectedVolumeSource_To_core_ProjectedVolumeSource(*in, *out, s); err != nil { - return err - } - } else { - out.Projected = nil - } - out.PortworxVolume = (*core.PortworxVolumeSource)(unsafe.Pointer(in.PortworxVolume)) - out.ScaleIO = (*core.ScaleIOVolumeSource)(unsafe.Pointer(in.ScaleIO)) - out.StorageOS = (*core.StorageOSVolumeSource)(unsafe.Pointer(in.StorageOS)) - out.CSI = (*core.CSIVolumeSource)(unsafe.Pointer(in.CSI)) - out.Ephemeral = (*core.EphemeralVolumeSource)(unsafe.Pointer(in.Ephemeral)) - out.Image = (*core.ImageVolumeSource)(unsafe.Pointer(in.Image)) - return nil -} - -// Convert_v1_VolumeSource_To_core_VolumeSource is an autogenerated conversion function. -func Convert_v1_VolumeSource_To_core_VolumeSource(in *corev1.VolumeSource, out *core.VolumeSource, s conversion.Scope) error { - return autoConvert_v1_VolumeSource_To_core_VolumeSource(in, out, s) -} - -func autoConvert_core_VolumeSource_To_v1_VolumeSource(in *core.VolumeSource, out *corev1.VolumeSource, s conversion.Scope) error { - out.HostPath = (*corev1.HostPathVolumeSource)(unsafe.Pointer(in.HostPath)) - out.EmptyDir = (*corev1.EmptyDirVolumeSource)(unsafe.Pointer(in.EmptyDir)) - out.GCEPersistentDisk = (*corev1.GCEPersistentDiskVolumeSource)(unsafe.Pointer(in.GCEPersistentDisk)) - out.AWSElasticBlockStore = (*corev1.AWSElasticBlockStoreVolumeSource)(unsafe.Pointer(in.AWSElasticBlockStore)) - out.GitRepo = (*corev1.GitRepoVolumeSource)(unsafe.Pointer(in.GitRepo)) - out.Secret = (*corev1.SecretVolumeSource)(unsafe.Pointer(in.Secret)) - out.NFS = (*corev1.NFSVolumeSource)(unsafe.Pointer(in.NFS)) - out.ISCSI = (*corev1.ISCSIVolumeSource)(unsafe.Pointer(in.ISCSI)) - out.Glusterfs = (*corev1.GlusterfsVolumeSource)(unsafe.Pointer(in.Glusterfs)) - out.PersistentVolumeClaim = (*corev1.PersistentVolumeClaimVolumeSource)(unsafe.Pointer(in.PersistentVolumeClaim)) - out.RBD = (*corev1.RBDVolumeSource)(unsafe.Pointer(in.RBD)) - out.Quobyte = (*corev1.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte)) - out.FlexVolume = (*corev1.FlexVolumeSource)(unsafe.Pointer(in.FlexVolume)) - out.Cinder = (*corev1.CinderVolumeSource)(unsafe.Pointer(in.Cinder)) - out.CephFS = (*corev1.CephFSVolumeSource)(unsafe.Pointer(in.CephFS)) - out.Flocker = (*corev1.FlockerVolumeSource)(unsafe.Pointer(in.Flocker)) - out.DownwardAPI = (*corev1.DownwardAPIVolumeSource)(unsafe.Pointer(in.DownwardAPI)) - out.FC = (*corev1.FCVolumeSource)(unsafe.Pointer(in.FC)) - out.AzureFile = (*corev1.AzureFileVolumeSource)(unsafe.Pointer(in.AzureFile)) - out.ConfigMap = (*corev1.ConfigMapVolumeSource)(unsafe.Pointer(in.ConfigMap)) - out.VsphereVolume = (*corev1.VsphereVirtualDiskVolumeSource)(unsafe.Pointer(in.VsphereVolume)) - out.AzureDisk = (*corev1.AzureDiskVolumeSource)(unsafe.Pointer(in.AzureDisk)) - out.PhotonPersistentDisk = (*corev1.PhotonPersistentDiskVolumeSource)(unsafe.Pointer(in.PhotonPersistentDisk)) - if in.Projected != nil { - in, out := &in.Projected, &out.Projected - *out = new(corev1.ProjectedVolumeSource) - if err := Convert_core_ProjectedVolumeSource_To_v1_ProjectedVolumeSource(*in, *out, s); err != nil { - return err - } - } else { - out.Projected = nil - } - out.PortworxVolume = (*corev1.PortworxVolumeSource)(unsafe.Pointer(in.PortworxVolume)) - out.ScaleIO = (*corev1.ScaleIOVolumeSource)(unsafe.Pointer(in.ScaleIO)) - out.StorageOS = (*corev1.StorageOSVolumeSource)(unsafe.Pointer(in.StorageOS)) - out.CSI = (*corev1.CSIVolumeSource)(unsafe.Pointer(in.CSI)) - out.Ephemeral = (*corev1.EphemeralVolumeSource)(unsafe.Pointer(in.Ephemeral)) - out.Image = (*corev1.ImageVolumeSource)(unsafe.Pointer(in.Image)) - return nil -} - -// Convert_core_VolumeSource_To_v1_VolumeSource is an autogenerated conversion function. -func Convert_core_VolumeSource_To_v1_VolumeSource(in *core.VolumeSource, out *corev1.VolumeSource, s conversion.Scope) error { - return autoConvert_core_VolumeSource_To_v1_VolumeSource(in, out, s) -} - -func autoConvert_v1_VsphereVirtualDiskVolumeSource_To_core_VsphereVirtualDiskVolumeSource(in *corev1.VsphereVirtualDiskVolumeSource, out *core.VsphereVirtualDiskVolumeSource, s conversion.Scope) error { - out.VolumePath = in.VolumePath - out.FSType = in.FSType - out.StoragePolicyName = in.StoragePolicyName - out.StoragePolicyID = in.StoragePolicyID - return nil -} - -// Convert_v1_VsphereVirtualDiskVolumeSource_To_core_VsphereVirtualDiskVolumeSource is an autogenerated conversion function. -func Convert_v1_VsphereVirtualDiskVolumeSource_To_core_VsphereVirtualDiskVolumeSource(in *corev1.VsphereVirtualDiskVolumeSource, out *core.VsphereVirtualDiskVolumeSource, s conversion.Scope) error { - return autoConvert_v1_VsphereVirtualDiskVolumeSource_To_core_VsphereVirtualDiskVolumeSource(in, out, s) -} - -func autoConvert_core_VsphereVirtualDiskVolumeSource_To_v1_VsphereVirtualDiskVolumeSource(in *core.VsphereVirtualDiskVolumeSource, out *corev1.VsphereVirtualDiskVolumeSource, s conversion.Scope) error { - out.VolumePath = in.VolumePath - out.FSType = in.FSType - out.StoragePolicyName = in.StoragePolicyName - out.StoragePolicyID = in.StoragePolicyID - return nil -} - -// Convert_core_VsphereVirtualDiskVolumeSource_To_v1_VsphereVirtualDiskVolumeSource is an autogenerated conversion function. -func Convert_core_VsphereVirtualDiskVolumeSource_To_v1_VsphereVirtualDiskVolumeSource(in *core.VsphereVirtualDiskVolumeSource, out *corev1.VsphereVirtualDiskVolumeSource, s conversion.Scope) error { - return autoConvert_core_VsphereVirtualDiskVolumeSource_To_v1_VsphereVirtualDiskVolumeSource(in, out, s) -} - -func autoConvert_v1_WeightedPodAffinityTerm_To_core_WeightedPodAffinityTerm(in *corev1.WeightedPodAffinityTerm, out *core.WeightedPodAffinityTerm, s conversion.Scope) error { - out.Weight = in.Weight - if err := Convert_v1_PodAffinityTerm_To_core_PodAffinityTerm(&in.PodAffinityTerm, &out.PodAffinityTerm, s); err != nil { - return err - } - return nil -} - -// Convert_v1_WeightedPodAffinityTerm_To_core_WeightedPodAffinityTerm is an autogenerated conversion function. -func Convert_v1_WeightedPodAffinityTerm_To_core_WeightedPodAffinityTerm(in *corev1.WeightedPodAffinityTerm, out *core.WeightedPodAffinityTerm, s conversion.Scope) error { - return autoConvert_v1_WeightedPodAffinityTerm_To_core_WeightedPodAffinityTerm(in, out, s) -} - -func autoConvert_core_WeightedPodAffinityTerm_To_v1_WeightedPodAffinityTerm(in *core.WeightedPodAffinityTerm, out *corev1.WeightedPodAffinityTerm, s conversion.Scope) error { - out.Weight = in.Weight - if err := Convert_core_PodAffinityTerm_To_v1_PodAffinityTerm(&in.PodAffinityTerm, &out.PodAffinityTerm, s); err != nil { - return err - } - return nil -} - -// Convert_core_WeightedPodAffinityTerm_To_v1_WeightedPodAffinityTerm is an autogenerated conversion function. -func Convert_core_WeightedPodAffinityTerm_To_v1_WeightedPodAffinityTerm(in *core.WeightedPodAffinityTerm, out *corev1.WeightedPodAffinityTerm, s conversion.Scope) error { - return autoConvert_core_WeightedPodAffinityTerm_To_v1_WeightedPodAffinityTerm(in, out, s) -} - -func autoConvert_v1_WindowsSecurityContextOptions_To_core_WindowsSecurityContextOptions(in *corev1.WindowsSecurityContextOptions, out *core.WindowsSecurityContextOptions, s conversion.Scope) error { - out.GMSACredentialSpecName = (*string)(unsafe.Pointer(in.GMSACredentialSpecName)) - out.GMSACredentialSpec = (*string)(unsafe.Pointer(in.GMSACredentialSpec)) - out.RunAsUserName = (*string)(unsafe.Pointer(in.RunAsUserName)) - out.HostProcess = (*bool)(unsafe.Pointer(in.HostProcess)) - return nil -} - -// Convert_v1_WindowsSecurityContextOptions_To_core_WindowsSecurityContextOptions is an autogenerated conversion function. -func Convert_v1_WindowsSecurityContextOptions_To_core_WindowsSecurityContextOptions(in *corev1.WindowsSecurityContextOptions, out *core.WindowsSecurityContextOptions, s conversion.Scope) error { - return autoConvert_v1_WindowsSecurityContextOptions_To_core_WindowsSecurityContextOptions(in, out, s) -} - -func autoConvert_core_WindowsSecurityContextOptions_To_v1_WindowsSecurityContextOptions(in *core.WindowsSecurityContextOptions, out *corev1.WindowsSecurityContextOptions, s conversion.Scope) error { - out.GMSACredentialSpecName = (*string)(unsafe.Pointer(in.GMSACredentialSpecName)) - out.GMSACredentialSpec = (*string)(unsafe.Pointer(in.GMSACredentialSpec)) - out.RunAsUserName = (*string)(unsafe.Pointer(in.RunAsUserName)) - out.HostProcess = (*bool)(unsafe.Pointer(in.HostProcess)) - return nil -} - -// Convert_core_WindowsSecurityContextOptions_To_v1_WindowsSecurityContextOptions is an autogenerated conversion function. -func Convert_core_WindowsSecurityContextOptions_To_v1_WindowsSecurityContextOptions(in *core.WindowsSecurityContextOptions, out *corev1.WindowsSecurityContextOptions, s conversion.Scope) error { - return autoConvert_core_WindowsSecurityContextOptions_To_v1_WindowsSecurityContextOptions(in, out, s) -} - -func autoConvert_v1_WorkloadReference_To_core_WorkloadReference(in *corev1.WorkloadReference, out *core.WorkloadReference, s conversion.Scope) error { - out.Name = in.Name - out.PodGroup = in.PodGroup - out.PodGroupReplicaKey = in.PodGroupReplicaKey - return nil -} - -// Convert_v1_WorkloadReference_To_core_WorkloadReference is an autogenerated conversion function. -func Convert_v1_WorkloadReference_To_core_WorkloadReference(in *corev1.WorkloadReference, out *core.WorkloadReference, s conversion.Scope) error { - return autoConvert_v1_WorkloadReference_To_core_WorkloadReference(in, out, s) -} - -func autoConvert_core_WorkloadReference_To_v1_WorkloadReference(in *core.WorkloadReference, out *corev1.WorkloadReference, s conversion.Scope) error { - out.Name = in.Name - out.PodGroup = in.PodGroup - out.PodGroupReplicaKey = in.PodGroupReplicaKey - return nil -} - -// Convert_core_WorkloadReference_To_v1_WorkloadReference is an autogenerated conversion function. -func Convert_core_WorkloadReference_To_v1_WorkloadReference(in *core.WorkloadReference, out *corev1.WorkloadReference, s conversion.Scope) error { - return autoConvert_core_WorkloadReference_To_v1_WorkloadReference(in, out, s) -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go deleted file mode 100644 index 988066254..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go +++ /dev/null @@ -1,1297 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1 - -import ( - corev1 "k8s.io/api/core/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - scheme.AddTypeDefaultingFunc(&corev1.ConfigMap{}, func(obj interface{}) { SetObjectDefaults_ConfigMap(obj.(*corev1.ConfigMap)) }) - scheme.AddTypeDefaultingFunc(&corev1.ConfigMapList{}, func(obj interface{}) { SetObjectDefaults_ConfigMapList(obj.(*corev1.ConfigMapList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Endpoints{}, func(obj interface{}) { SetObjectDefaults_Endpoints(obj.(*corev1.Endpoints)) }) - scheme.AddTypeDefaultingFunc(&corev1.EndpointsList{}, func(obj interface{}) { SetObjectDefaults_EndpointsList(obj.(*corev1.EndpointsList)) }) - scheme.AddTypeDefaultingFunc(&corev1.LimitRange{}, func(obj interface{}) { SetObjectDefaults_LimitRange(obj.(*corev1.LimitRange)) }) - scheme.AddTypeDefaultingFunc(&corev1.LimitRangeList{}, func(obj interface{}) { SetObjectDefaults_LimitRangeList(obj.(*corev1.LimitRangeList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Namespace{}, func(obj interface{}) { SetObjectDefaults_Namespace(obj.(*corev1.Namespace)) }) - scheme.AddTypeDefaultingFunc(&corev1.NamespaceList{}, func(obj interface{}) { SetObjectDefaults_NamespaceList(obj.(*corev1.NamespaceList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Node{}, func(obj interface{}) { SetObjectDefaults_Node(obj.(*corev1.Node)) }) - scheme.AddTypeDefaultingFunc(&corev1.NodeList{}, func(obj interface{}) { SetObjectDefaults_NodeList(obj.(*corev1.NodeList)) }) - scheme.AddTypeDefaultingFunc(&corev1.PersistentVolume{}, func(obj interface{}) { SetObjectDefaults_PersistentVolume(obj.(*corev1.PersistentVolume)) }) - scheme.AddTypeDefaultingFunc(&corev1.PersistentVolumeClaim{}, func(obj interface{}) { SetObjectDefaults_PersistentVolumeClaim(obj.(*corev1.PersistentVolumeClaim)) }) - scheme.AddTypeDefaultingFunc(&corev1.PersistentVolumeClaimList{}, func(obj interface{}) { - SetObjectDefaults_PersistentVolumeClaimList(obj.(*corev1.PersistentVolumeClaimList)) - }) - scheme.AddTypeDefaultingFunc(&corev1.PersistentVolumeList{}, func(obj interface{}) { SetObjectDefaults_PersistentVolumeList(obj.(*corev1.PersistentVolumeList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Pod{}, func(obj interface{}) { SetObjectDefaults_Pod(obj.(*corev1.Pod)) }) - scheme.AddTypeDefaultingFunc(&corev1.PodList{}, func(obj interface{}) { SetObjectDefaults_PodList(obj.(*corev1.PodList)) }) - scheme.AddTypeDefaultingFunc(&corev1.PodLogOptions{}, func(obj interface{}) { SetObjectDefaults_PodLogOptions(obj.(*corev1.PodLogOptions)) }) - scheme.AddTypeDefaultingFunc(&corev1.PodStatusResult{}, func(obj interface{}) { SetObjectDefaults_PodStatusResult(obj.(*corev1.PodStatusResult)) }) - scheme.AddTypeDefaultingFunc(&corev1.PodTemplate{}, func(obj interface{}) { SetObjectDefaults_PodTemplate(obj.(*corev1.PodTemplate)) }) - scheme.AddTypeDefaultingFunc(&corev1.PodTemplateList{}, func(obj interface{}) { SetObjectDefaults_PodTemplateList(obj.(*corev1.PodTemplateList)) }) - scheme.AddTypeDefaultingFunc(&corev1.ReplicationController{}, func(obj interface{}) { SetObjectDefaults_ReplicationController(obj.(*corev1.ReplicationController)) }) - scheme.AddTypeDefaultingFunc(&corev1.ReplicationControllerList{}, func(obj interface{}) { - SetObjectDefaults_ReplicationControllerList(obj.(*corev1.ReplicationControllerList)) - }) - scheme.AddTypeDefaultingFunc(&corev1.ResourceQuota{}, func(obj interface{}) { SetObjectDefaults_ResourceQuota(obj.(*corev1.ResourceQuota)) }) - scheme.AddTypeDefaultingFunc(&corev1.ResourceQuotaList{}, func(obj interface{}) { SetObjectDefaults_ResourceQuotaList(obj.(*corev1.ResourceQuotaList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Secret{}, func(obj interface{}) { SetObjectDefaults_Secret(obj.(*corev1.Secret)) }) - scheme.AddTypeDefaultingFunc(&corev1.SecretList{}, func(obj interface{}) { SetObjectDefaults_SecretList(obj.(*corev1.SecretList)) }) - scheme.AddTypeDefaultingFunc(&corev1.Service{}, func(obj interface{}) { SetObjectDefaults_Service(obj.(*corev1.Service)) }) - scheme.AddTypeDefaultingFunc(&corev1.ServiceList{}, func(obj interface{}) { SetObjectDefaults_ServiceList(obj.(*corev1.ServiceList)) }) - return nil -} - -func SetObjectDefaults_ConfigMap(in *corev1.ConfigMap) { - SetDefaults_ConfigMap(in) -} - -func SetObjectDefaults_ConfigMapList(in *corev1.ConfigMapList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_ConfigMap(a) - } -} - -func SetObjectDefaults_Endpoints(in *corev1.Endpoints) { - SetDefaults_Endpoints(in) -} - -func SetObjectDefaults_EndpointsList(in *corev1.EndpointsList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Endpoints(a) - } -} - -func SetObjectDefaults_LimitRange(in *corev1.LimitRange) { - for i := range in.Spec.Limits { - a := &in.Spec.Limits[i] - SetDefaults_LimitRangeItem(a) - SetDefaults_ResourceList(&a.Max) - SetDefaults_ResourceList(&a.Min) - SetDefaults_ResourceList(&a.Default) - SetDefaults_ResourceList(&a.DefaultRequest) - SetDefaults_ResourceList(&a.MaxLimitRequestRatio) - } -} - -func SetObjectDefaults_LimitRangeList(in *corev1.LimitRangeList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_LimitRange(a) - } -} - -func SetObjectDefaults_Namespace(in *corev1.Namespace) { - SetDefaults_Namespace(in) - SetDefaults_NamespaceStatus(&in.Status) -} - -func SetObjectDefaults_NamespaceList(in *corev1.NamespaceList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Namespace(a) - } -} - -func SetObjectDefaults_Node(in *corev1.Node) { - SetDefaults_NodeStatus(&in.Status) - SetDefaults_ResourceList(&in.Status.Capacity) - SetDefaults_ResourceList(&in.Status.Allocatable) -} - -func SetObjectDefaults_NodeList(in *corev1.NodeList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Node(a) - } -} - -func SetObjectDefaults_PersistentVolume(in *corev1.PersistentVolume) { - SetDefaults_PersistentVolume(in) - SetDefaults_ResourceList(&in.Spec.Capacity) - if in.Spec.PersistentVolumeSource.HostPath != nil { - SetDefaults_HostPathVolumeSource(in.Spec.PersistentVolumeSource.HostPath) - } - if in.Spec.PersistentVolumeSource.RBD != nil { - if in.Spec.PersistentVolumeSource.RBD.RBDPool == "" { - in.Spec.PersistentVolumeSource.RBD.RBDPool = "rbd" - } - if in.Spec.PersistentVolumeSource.RBD.RadosUser == "" { - in.Spec.PersistentVolumeSource.RBD.RadosUser = "admin" - } - if in.Spec.PersistentVolumeSource.RBD.Keyring == "" { - in.Spec.PersistentVolumeSource.RBD.Keyring = "/etc/ceph/keyring" - } - } - if in.Spec.PersistentVolumeSource.ISCSI != nil { - if in.Spec.PersistentVolumeSource.ISCSI.ISCSIInterface == "" { - in.Spec.PersistentVolumeSource.ISCSI.ISCSIInterface = "default" - } - } - if in.Spec.PersistentVolumeSource.AzureDisk != nil { - if in.Spec.PersistentVolumeSource.AzureDisk.CachingMode == nil { - ptrVar1 := corev1.AzureDataDiskCachingMode(corev1.AzureDataDiskCachingReadWrite) - in.Spec.PersistentVolumeSource.AzureDisk.CachingMode = &ptrVar1 - } - if in.Spec.PersistentVolumeSource.AzureDisk.FSType == nil { - var ptrVar1 string = "ext4" - in.Spec.PersistentVolumeSource.AzureDisk.FSType = &ptrVar1 - } - if in.Spec.PersistentVolumeSource.AzureDisk.ReadOnly == nil { - var ptrVar1 bool = false - in.Spec.PersistentVolumeSource.AzureDisk.ReadOnly = &ptrVar1 - } - if in.Spec.PersistentVolumeSource.AzureDisk.Kind == nil { - ptrVar1 := corev1.AzureDataDiskKind(corev1.AzureSharedBlobDisk) - in.Spec.PersistentVolumeSource.AzureDisk.Kind = &ptrVar1 - } - } - if in.Spec.PersistentVolumeSource.ScaleIO != nil { - if in.Spec.PersistentVolumeSource.ScaleIO.StorageMode == "" { - in.Spec.PersistentVolumeSource.ScaleIO.StorageMode = "ThinProvisioned" - } - if in.Spec.PersistentVolumeSource.ScaleIO.FSType == "" { - in.Spec.PersistentVolumeSource.ScaleIO.FSType = "xfs" - } - } -} - -func SetObjectDefaults_PersistentVolumeClaim(in *corev1.PersistentVolumeClaim) { - SetDefaults_PersistentVolumeClaim(in) - SetDefaults_PersistentVolumeClaimSpec(&in.Spec) - SetDefaults_ResourceList(&in.Spec.Resources.Limits) - SetDefaults_ResourceList(&in.Spec.Resources.Requests) - SetDefaults_ResourceList(&in.Status.Capacity) - SetDefaults_ResourceList(&in.Status.AllocatedResources) -} - -func SetObjectDefaults_PersistentVolumeClaimList(in *corev1.PersistentVolumeClaimList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_PersistentVolumeClaim(a) - } -} - -func SetObjectDefaults_PersistentVolumeList(in *corev1.PersistentVolumeList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_PersistentVolume(a) - } -} - -func SetObjectDefaults_Pod(in *corev1.Pod) { - SetDefaults_Pod(in) - SetDefaults_PodSpec(&in.Spec) - for i := range in.Spec.Volumes { - a := &in.Spec.Volumes[i] - SetDefaults_Volume(a) - if a.VolumeSource.HostPath != nil { - SetDefaults_HostPathVolumeSource(a.VolumeSource.HostPath) - } - if a.VolumeSource.Secret != nil { - SetDefaults_SecretVolumeSource(a.VolumeSource.Secret) - } - if a.VolumeSource.ISCSI != nil { - if a.VolumeSource.ISCSI.ISCSIInterface == "" { - a.VolumeSource.ISCSI.ISCSIInterface = "default" - } - } - if a.VolumeSource.RBD != nil { - if a.VolumeSource.RBD.RBDPool == "" { - a.VolumeSource.RBD.RBDPool = "rbd" - } - if a.VolumeSource.RBD.RadosUser == "" { - a.VolumeSource.RBD.RadosUser = "admin" - } - if a.VolumeSource.RBD.Keyring == "" { - a.VolumeSource.RBD.Keyring = "/etc/ceph/keyring" - } - } - if a.VolumeSource.DownwardAPI != nil { - SetDefaults_DownwardAPIVolumeSource(a.VolumeSource.DownwardAPI) - for j := range a.VolumeSource.DownwardAPI.Items { - b := &a.VolumeSource.DownwardAPI.Items[j] - if b.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.FieldRef) - } - } - } - if a.VolumeSource.ConfigMap != nil { - SetDefaults_ConfigMapVolumeSource(a.VolumeSource.ConfigMap) - } - if a.VolumeSource.AzureDisk != nil { - if a.VolumeSource.AzureDisk.CachingMode == nil { - ptrVar1 := corev1.AzureDataDiskCachingMode(corev1.AzureDataDiskCachingReadWrite) - a.VolumeSource.AzureDisk.CachingMode = &ptrVar1 - } - if a.VolumeSource.AzureDisk.FSType == nil { - var ptrVar1 string = "ext4" - a.VolumeSource.AzureDisk.FSType = &ptrVar1 - } - if a.VolumeSource.AzureDisk.ReadOnly == nil { - var ptrVar1 bool = false - a.VolumeSource.AzureDisk.ReadOnly = &ptrVar1 - } - if a.VolumeSource.AzureDisk.Kind == nil { - ptrVar1 := corev1.AzureDataDiskKind(corev1.AzureSharedBlobDisk) - a.VolumeSource.AzureDisk.Kind = &ptrVar1 - } - } - if a.VolumeSource.Projected != nil { - SetDefaults_ProjectedVolumeSource(a.VolumeSource.Projected) - for j := range a.VolumeSource.Projected.Sources { - b := &a.VolumeSource.Projected.Sources[j] - if b.DownwardAPI != nil { - for k := range b.DownwardAPI.Items { - c := &b.DownwardAPI.Items[k] - if c.FieldRef != nil { - SetDefaults_ObjectFieldSelector(c.FieldRef) - } - } - } - if b.ServiceAccountToken != nil { - SetDefaults_ServiceAccountTokenProjection(b.ServiceAccountToken) - } - } - } - if a.VolumeSource.ScaleIO != nil { - if a.VolumeSource.ScaleIO.StorageMode == "" { - a.VolumeSource.ScaleIO.StorageMode = "ThinProvisioned" - } - if a.VolumeSource.ScaleIO.FSType == "" { - a.VolumeSource.ScaleIO.FSType = "xfs" - } - } - if a.VolumeSource.Ephemeral != nil { - if a.VolumeSource.Ephemeral.VolumeClaimTemplate != nil { - SetDefaults_PersistentVolumeClaimSpec(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Limits) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Requests) - } - } - } - for i := range in.Spec.InitContainers { - a := &in.Spec.InitContainers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Spec.Containers { - a := &in.Spec.Containers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Spec.EphemeralContainers { - a := &in.Spec.EphemeralContainers[i] - SetDefaults_EphemeralContainer(a) - for j := range a.EphemeralContainerCommon.Ports { - b := &a.EphemeralContainerCommon.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.EphemeralContainerCommon.Env { - b := &a.EphemeralContainerCommon.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Limits) - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Requests) - if a.EphemeralContainerCommon.LivenessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.LivenessProbe) - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.ReadinessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.ReadinessProbe) - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.StartupProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.StartupProbe) - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.Lifecycle != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet) - } - } - if a.EphemeralContainerCommon.Lifecycle.PreStop != nil { - if a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet) - } - } - } - } - SetDefaults_ResourceList(&in.Spec.Overhead) - if in.Spec.Resources != nil { - SetDefaults_ResourceList(&in.Spec.Resources.Limits) - SetDefaults_ResourceList(&in.Spec.Resources.Requests) - } - for i := range in.Status.InitContainerStatuses { - a := &in.Status.InitContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - for i := range in.Status.ContainerStatuses { - a := &in.Status.ContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - for i := range in.Status.EphemeralContainerStatuses { - a := &in.Status.EphemeralContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - SetDefaults_ResourceList(&in.Status.AllocatedResources) - if in.Status.Resources != nil { - SetDefaults_ResourceList(&in.Status.Resources.Limits) - SetDefaults_ResourceList(&in.Status.Resources.Requests) - } -} - -func SetObjectDefaults_PodList(in *corev1.PodList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Pod(a) - } -} - -func SetObjectDefaults_PodLogOptions(in *corev1.PodLogOptions) { - SetDefaults_PodLogOptions(in) -} - -func SetObjectDefaults_PodStatusResult(in *corev1.PodStatusResult) { - for i := range in.Status.InitContainerStatuses { - a := &in.Status.InitContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - for i := range in.Status.ContainerStatuses { - a := &in.Status.ContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - for i := range in.Status.EphemeralContainerStatuses { - a := &in.Status.EphemeralContainerStatuses[i] - SetDefaults_ResourceList(&a.AllocatedResources) - if a.Resources != nil { - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - } - } - SetDefaults_ResourceList(&in.Status.AllocatedResources) - if in.Status.Resources != nil { - SetDefaults_ResourceList(&in.Status.Resources.Limits) - SetDefaults_ResourceList(&in.Status.Resources.Requests) - } -} - -func SetObjectDefaults_PodTemplate(in *corev1.PodTemplate) { - SetDefaults_PodSpec(&in.Template.Spec) - for i := range in.Template.Spec.Volumes { - a := &in.Template.Spec.Volumes[i] - SetDefaults_Volume(a) - if a.VolumeSource.HostPath != nil { - SetDefaults_HostPathVolumeSource(a.VolumeSource.HostPath) - } - if a.VolumeSource.Secret != nil { - SetDefaults_SecretVolumeSource(a.VolumeSource.Secret) - } - if a.VolumeSource.ISCSI != nil { - if a.VolumeSource.ISCSI.ISCSIInterface == "" { - a.VolumeSource.ISCSI.ISCSIInterface = "default" - } - } - if a.VolumeSource.RBD != nil { - if a.VolumeSource.RBD.RBDPool == "" { - a.VolumeSource.RBD.RBDPool = "rbd" - } - if a.VolumeSource.RBD.RadosUser == "" { - a.VolumeSource.RBD.RadosUser = "admin" - } - if a.VolumeSource.RBD.Keyring == "" { - a.VolumeSource.RBD.Keyring = "/etc/ceph/keyring" - } - } - if a.VolumeSource.DownwardAPI != nil { - SetDefaults_DownwardAPIVolumeSource(a.VolumeSource.DownwardAPI) - for j := range a.VolumeSource.DownwardAPI.Items { - b := &a.VolumeSource.DownwardAPI.Items[j] - if b.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.FieldRef) - } - } - } - if a.VolumeSource.ConfigMap != nil { - SetDefaults_ConfigMapVolumeSource(a.VolumeSource.ConfigMap) - } - if a.VolumeSource.AzureDisk != nil { - if a.VolumeSource.AzureDisk.CachingMode == nil { - ptrVar1 := corev1.AzureDataDiskCachingMode(corev1.AzureDataDiskCachingReadWrite) - a.VolumeSource.AzureDisk.CachingMode = &ptrVar1 - } - if a.VolumeSource.AzureDisk.FSType == nil { - var ptrVar1 string = "ext4" - a.VolumeSource.AzureDisk.FSType = &ptrVar1 - } - if a.VolumeSource.AzureDisk.ReadOnly == nil { - var ptrVar1 bool = false - a.VolumeSource.AzureDisk.ReadOnly = &ptrVar1 - } - if a.VolumeSource.AzureDisk.Kind == nil { - ptrVar1 := corev1.AzureDataDiskKind(corev1.AzureSharedBlobDisk) - a.VolumeSource.AzureDisk.Kind = &ptrVar1 - } - } - if a.VolumeSource.Projected != nil { - SetDefaults_ProjectedVolumeSource(a.VolumeSource.Projected) - for j := range a.VolumeSource.Projected.Sources { - b := &a.VolumeSource.Projected.Sources[j] - if b.DownwardAPI != nil { - for k := range b.DownwardAPI.Items { - c := &b.DownwardAPI.Items[k] - if c.FieldRef != nil { - SetDefaults_ObjectFieldSelector(c.FieldRef) - } - } - } - if b.ServiceAccountToken != nil { - SetDefaults_ServiceAccountTokenProjection(b.ServiceAccountToken) - } - } - } - if a.VolumeSource.ScaleIO != nil { - if a.VolumeSource.ScaleIO.StorageMode == "" { - a.VolumeSource.ScaleIO.StorageMode = "ThinProvisioned" - } - if a.VolumeSource.ScaleIO.FSType == "" { - a.VolumeSource.ScaleIO.FSType = "xfs" - } - } - if a.VolumeSource.Ephemeral != nil { - if a.VolumeSource.Ephemeral.VolumeClaimTemplate != nil { - SetDefaults_PersistentVolumeClaimSpec(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Limits) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Requests) - } - } - } - for i := range in.Template.Spec.InitContainers { - a := &in.Template.Spec.InitContainers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Template.Spec.Containers { - a := &in.Template.Spec.Containers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Template.Spec.EphemeralContainers { - a := &in.Template.Spec.EphemeralContainers[i] - SetDefaults_EphemeralContainer(a) - for j := range a.EphemeralContainerCommon.Ports { - b := &a.EphemeralContainerCommon.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.EphemeralContainerCommon.Env { - b := &a.EphemeralContainerCommon.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Limits) - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Requests) - if a.EphemeralContainerCommon.LivenessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.LivenessProbe) - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.ReadinessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.ReadinessProbe) - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.StartupProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.StartupProbe) - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.Lifecycle != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet) - } - } - if a.EphemeralContainerCommon.Lifecycle.PreStop != nil { - if a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet) - } - } - } - } - SetDefaults_ResourceList(&in.Template.Spec.Overhead) - if in.Template.Spec.Resources != nil { - SetDefaults_ResourceList(&in.Template.Spec.Resources.Limits) - SetDefaults_ResourceList(&in.Template.Spec.Resources.Requests) - } -} - -func SetObjectDefaults_PodTemplateList(in *corev1.PodTemplateList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_PodTemplate(a) - } -} - -func SetObjectDefaults_ReplicationController(in *corev1.ReplicationController) { - SetDefaults_ReplicationController(in) - if in.Spec.Replicas == nil { - var ptrVar1 int32 = 1 - in.Spec.Replicas = &ptrVar1 - } - if in.Spec.Template != nil { - SetDefaults_PodSpec(&in.Spec.Template.Spec) - for i := range in.Spec.Template.Spec.Volumes { - a := &in.Spec.Template.Spec.Volumes[i] - SetDefaults_Volume(a) - if a.VolumeSource.HostPath != nil { - SetDefaults_HostPathVolumeSource(a.VolumeSource.HostPath) - } - if a.VolumeSource.Secret != nil { - SetDefaults_SecretVolumeSource(a.VolumeSource.Secret) - } - if a.VolumeSource.ISCSI != nil { - if a.VolumeSource.ISCSI.ISCSIInterface == "" { - a.VolumeSource.ISCSI.ISCSIInterface = "default" - } - } - if a.VolumeSource.RBD != nil { - if a.VolumeSource.RBD.RBDPool == "" { - a.VolumeSource.RBD.RBDPool = "rbd" - } - if a.VolumeSource.RBD.RadosUser == "" { - a.VolumeSource.RBD.RadosUser = "admin" - } - if a.VolumeSource.RBD.Keyring == "" { - a.VolumeSource.RBD.Keyring = "/etc/ceph/keyring" - } - } - if a.VolumeSource.DownwardAPI != nil { - SetDefaults_DownwardAPIVolumeSource(a.VolumeSource.DownwardAPI) - for j := range a.VolumeSource.DownwardAPI.Items { - b := &a.VolumeSource.DownwardAPI.Items[j] - if b.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.FieldRef) - } - } - } - if a.VolumeSource.ConfigMap != nil { - SetDefaults_ConfigMapVolumeSource(a.VolumeSource.ConfigMap) - } - if a.VolumeSource.AzureDisk != nil { - if a.VolumeSource.AzureDisk.CachingMode == nil { - ptrVar1 := corev1.AzureDataDiskCachingMode(corev1.AzureDataDiskCachingReadWrite) - a.VolumeSource.AzureDisk.CachingMode = &ptrVar1 - } - if a.VolumeSource.AzureDisk.FSType == nil { - var ptrVar1 string = "ext4" - a.VolumeSource.AzureDisk.FSType = &ptrVar1 - } - if a.VolumeSource.AzureDisk.ReadOnly == nil { - var ptrVar1 bool = false - a.VolumeSource.AzureDisk.ReadOnly = &ptrVar1 - } - if a.VolumeSource.AzureDisk.Kind == nil { - ptrVar1 := corev1.AzureDataDiskKind(corev1.AzureSharedBlobDisk) - a.VolumeSource.AzureDisk.Kind = &ptrVar1 - } - } - if a.VolumeSource.Projected != nil { - SetDefaults_ProjectedVolumeSource(a.VolumeSource.Projected) - for j := range a.VolumeSource.Projected.Sources { - b := &a.VolumeSource.Projected.Sources[j] - if b.DownwardAPI != nil { - for k := range b.DownwardAPI.Items { - c := &b.DownwardAPI.Items[k] - if c.FieldRef != nil { - SetDefaults_ObjectFieldSelector(c.FieldRef) - } - } - } - if b.ServiceAccountToken != nil { - SetDefaults_ServiceAccountTokenProjection(b.ServiceAccountToken) - } - } - } - if a.VolumeSource.ScaleIO != nil { - if a.VolumeSource.ScaleIO.StorageMode == "" { - a.VolumeSource.ScaleIO.StorageMode = "ThinProvisioned" - } - if a.VolumeSource.ScaleIO.FSType == "" { - a.VolumeSource.ScaleIO.FSType = "xfs" - } - } - if a.VolumeSource.Ephemeral != nil { - if a.VolumeSource.Ephemeral.VolumeClaimTemplate != nil { - SetDefaults_PersistentVolumeClaimSpec(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Limits) - SetDefaults_ResourceList(&a.VolumeSource.Ephemeral.VolumeClaimTemplate.Spec.Resources.Requests) - } - } - } - for i := range in.Spec.Template.Spec.InitContainers { - a := &in.Spec.Template.Spec.InitContainers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Spec.Template.Spec.Containers { - a := &in.Spec.Template.Spec.Containers[i] - SetDefaults_Container(a) - for j := range a.Ports { - b := &a.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.Env { - b := &a.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.Resources.Limits) - SetDefaults_ResourceList(&a.Resources.Requests) - if a.LivenessProbe != nil { - SetDefaults_Probe(a.LivenessProbe) - if a.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.LivenessProbe.ProbeHandler.GRPC != nil { - if a.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.ReadinessProbe != nil { - SetDefaults_Probe(a.ReadinessProbe) - if a.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.StartupProbe != nil { - SetDefaults_Probe(a.StartupProbe) - if a.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.StartupProbe.ProbeHandler.HTTPGet) - } - if a.StartupProbe.ProbeHandler.GRPC != nil { - if a.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.Lifecycle != nil { - if a.Lifecycle.PostStart != nil { - if a.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PostStart.HTTPGet) - } - } - if a.Lifecycle.PreStop != nil { - if a.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.Lifecycle.PreStop.HTTPGet) - } - } - } - } - for i := range in.Spec.Template.Spec.EphemeralContainers { - a := &in.Spec.Template.Spec.EphemeralContainers[i] - SetDefaults_EphemeralContainer(a) - for j := range a.EphemeralContainerCommon.Ports { - b := &a.EphemeralContainerCommon.Ports[j] - if b.Protocol == "" { - b.Protocol = "TCP" - } - } - for j := range a.EphemeralContainerCommon.Env { - b := &a.EphemeralContainerCommon.Env[j] - if b.ValueFrom != nil { - if b.ValueFrom.FieldRef != nil { - SetDefaults_ObjectFieldSelector(b.ValueFrom.FieldRef) - } - if b.ValueFrom.FileKeyRef != nil { - if b.ValueFrom.FileKeyRef.Optional == nil { - var ptrVar1 bool = false - b.ValueFrom.FileKeyRef.Optional = &ptrVar1 - } - } - } - } - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Limits) - SetDefaults_ResourceList(&a.EphemeralContainerCommon.Resources.Requests) - if a.EphemeralContainerCommon.LivenessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.LivenessProbe) - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.LivenessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.ReadinessProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.ReadinessProbe) - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.ReadinessProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.StartupProbe != nil { - SetDefaults_Probe(a.EphemeralContainerCommon.StartupProbe) - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.StartupProbe.ProbeHandler.HTTPGet) - } - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC != nil { - if a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service == nil { - var ptrVar1 string = "" - a.EphemeralContainerCommon.StartupProbe.ProbeHandler.GRPC.Service = &ptrVar1 - } - } - } - if a.EphemeralContainerCommon.Lifecycle != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart != nil { - if a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PostStart.HTTPGet) - } - } - if a.EphemeralContainerCommon.Lifecycle.PreStop != nil { - if a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet != nil { - SetDefaults_HTTPGetAction(a.EphemeralContainerCommon.Lifecycle.PreStop.HTTPGet) - } - } - } - } - SetDefaults_ResourceList(&in.Spec.Template.Spec.Overhead) - if in.Spec.Template.Spec.Resources != nil { - SetDefaults_ResourceList(&in.Spec.Template.Spec.Resources.Limits) - SetDefaults_ResourceList(&in.Spec.Template.Spec.Resources.Requests) - } - } -} - -func SetObjectDefaults_ReplicationControllerList(in *corev1.ReplicationControllerList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_ReplicationController(a) - } -} - -func SetObjectDefaults_ResourceQuota(in *corev1.ResourceQuota) { - SetDefaults_ResourceList(&in.Spec.Hard) - SetDefaults_ResourceList(&in.Status.Hard) - SetDefaults_ResourceList(&in.Status.Used) -} - -func SetObjectDefaults_ResourceQuotaList(in *corev1.ResourceQuotaList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_ResourceQuota(a) - } -} - -func SetObjectDefaults_Secret(in *corev1.Secret) { - SetDefaults_Secret(in) -} - -func SetObjectDefaults_SecretList(in *corev1.SecretList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Secret(a) - } -} - -func SetObjectDefaults_Service(in *corev1.Service) { - SetDefaults_Service(in) - for i := range in.Spec.Ports { - a := &in.Spec.Ports[i] - if a.Protocol == "" { - a.Protocol = "TCP" - } - } -} - -func SetObjectDefaults_ServiceList(in *corev1.ServiceList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_Service(a) - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.validations.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.validations.go deleted file mode 100644 index 7e39374b6..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.validations.go +++ /dev/null @@ -1,165 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by validation-gen. DO NOT EDIT. - -package v1 - -import ( - context "context" - fmt "fmt" - - corev1 "k8s.io/api/core/v1" - equality "k8s.io/apimachinery/pkg/api/equality" - operation "k8s.io/apimachinery/pkg/api/operation" - safe "k8s.io/apimachinery/pkg/api/safe" - validate "k8s.io/apimachinery/pkg/api/validate" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - field "k8s.io/apimachinery/pkg/util/validation/field" -) - -func init() { localSchemeBuilder.Register(RegisterValidations) } - -// RegisterValidations adds validation functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterValidations(scheme *runtime.Scheme) error { - // type ReplicationController - scheme.AddValidationFunc((*corev1.ReplicationController)(nil), func(ctx context.Context, op operation.Operation, obj, oldObj interface{}) field.ErrorList { - switch op.Request.SubresourcePath() { - case "/", "/scale": - return Validate_ReplicationController(ctx, op, nil /* fldPath */, obj.(*corev1.ReplicationController), safe.Cast[*corev1.ReplicationController](oldObj)) - } - return field.ErrorList{field.InternalError(nil, fmt.Errorf("no validation found for %T, subresource: %v", obj, op.Request.SubresourcePath()))} - }) - // type ReplicationControllerList - scheme.AddValidationFunc((*corev1.ReplicationControllerList)(nil), func(ctx context.Context, op operation.Operation, obj, oldObj interface{}) field.ErrorList { - switch op.Request.SubresourcePath() { - case "/": - return Validate_ReplicationControllerList(ctx, op, nil /* fldPath */, obj.(*corev1.ReplicationControllerList), safe.Cast[*corev1.ReplicationControllerList](oldObj)) - } - return field.ErrorList{field.InternalError(nil, fmt.Errorf("no validation found for %T, subresource: %v", obj, op.Request.SubresourcePath()))} - }) - return nil -} - -// Validate_ReplicationController validates an instance of ReplicationController according -// to declarative validation rules in the API schema. -func Validate_ReplicationController(ctx context.Context, op operation.Operation, fldPath *field.Path, obj, oldObj *corev1.ReplicationController) (errs field.ErrorList) { - // field corev1.ReplicationController.TypeMeta has no validation - - // field corev1.ReplicationController.ObjectMeta - errs = append(errs, - func(fldPath *field.Path, obj, oldObj *metav1.ObjectMeta, oldValueCorrelated bool) (errs field.ErrorList) { - // don't revalidate unchanged data - if oldValueCorrelated && op.Type == operation.Update && equality.Semantic.DeepEqual(obj, oldObj) { - return nil - } - // call field-attached validations - func() { // cohort name - earlyReturn := false - if e := validate.Subfield(ctx, op, fldPath, obj, oldObj, "name", func(o *metav1.ObjectMeta) *string { return &o.Name }, validate.DirectEqualPtr, validate.OptionalValue); len(e) != 0 { - earlyReturn = true - } - if earlyReturn { - return // do not proceed - } - errs = append(errs, validate.Subfield(ctx, op, fldPath, obj, oldObj, "name", func(o *metav1.ObjectMeta) *string { return &o.Name }, validate.DirectEqualPtr, validate.LongName)...) - }() - return - }(fldPath.Child("metadata"), &obj.ObjectMeta, safe.Field(oldObj, func(oldObj *corev1.ReplicationController) *metav1.ObjectMeta { return &oldObj.ObjectMeta }), oldObj != nil)...) - - // field corev1.ReplicationController.Spec - errs = append(errs, - func(fldPath *field.Path, obj, oldObj *corev1.ReplicationControllerSpec, oldValueCorrelated bool) (errs field.ErrorList) { - // don't revalidate unchanged data - if oldValueCorrelated && op.Type == operation.Update && equality.Semantic.DeepEqual(obj, oldObj) { - return nil - } - // call the type's validation function - errs = append(errs, Validate_ReplicationControllerSpec(ctx, op, fldPath, obj, oldObj)...) - return - }(fldPath.Child("spec"), &obj.Spec, safe.Field(oldObj, func(oldObj *corev1.ReplicationController) *corev1.ReplicationControllerSpec { return &oldObj.Spec }), oldObj != nil)...) - - // field corev1.ReplicationController.Status has no validation - return errs -} - -// Validate_ReplicationControllerList validates an instance of ReplicationControllerList according -// to declarative validation rules in the API schema. -func Validate_ReplicationControllerList(ctx context.Context, op operation.Operation, fldPath *field.Path, obj, oldObj *corev1.ReplicationControllerList) (errs field.ErrorList) { - // field corev1.ReplicationControllerList.TypeMeta has no validation - // field corev1.ReplicationControllerList.ListMeta has no validation - - // field corev1.ReplicationControllerList.Items - errs = append(errs, - func(fldPath *field.Path, obj, oldObj []corev1.ReplicationController, oldValueCorrelated bool) (errs field.ErrorList) { - // don't revalidate unchanged data - if oldValueCorrelated && op.Type == operation.Update && equality.Semantic.DeepEqual(obj, oldObj) { - return nil - } - // iterate the list and call the type's validation function - errs = append(errs, validate.EachSliceVal(ctx, op, fldPath, obj, oldObj, nil, nil, Validate_ReplicationController)...) - return - }(fldPath.Child("items"), obj.Items, safe.Field(oldObj, func(oldObj *corev1.ReplicationControllerList) []corev1.ReplicationController { return oldObj.Items }), oldObj != nil)...) - - return errs -} - -// Validate_ReplicationControllerSpec validates an instance of ReplicationControllerSpec according -// to declarative validation rules in the API schema. -func Validate_ReplicationControllerSpec(ctx context.Context, op operation.Operation, fldPath *field.Path, obj, oldObj *corev1.ReplicationControllerSpec) (errs field.ErrorList) { - // field corev1.ReplicationControllerSpec.Replicas - errs = append(errs, - func(fldPath *field.Path, obj, oldObj *int32, oldValueCorrelated bool) (errs field.ErrorList) { - // don't revalidate unchanged data - if oldValueCorrelated && op.Type == operation.Update && (obj == oldObj || (obj != nil && oldObj != nil && *obj == *oldObj)) { - return nil - } - // call field-attached validations - earlyReturn := false - // optional fields with default values are effectively required - if e := validate.RequiredPointer(ctx, op, fldPath, obj, oldObj); len(e) != 0 { - errs = append(errs, e...) - earlyReturn = true - } - if earlyReturn { - return // do not proceed - } - errs = append(errs, validate.Minimum(ctx, op, fldPath, obj, oldObj, 0)...) - return - }(fldPath.Child("replicas"), obj.Replicas, safe.Field(oldObj, func(oldObj *corev1.ReplicationControllerSpec) *int32 { return oldObj.Replicas }), oldObj != nil)...) - - // field corev1.ReplicationControllerSpec.MinReadySeconds - errs = append(errs, - func(fldPath *field.Path, obj, oldObj *int32, oldValueCorrelated bool) (errs field.ErrorList) { - // optional value-type fields with zero-value defaults are purely documentation - // don't revalidate unchanged data - if oldValueCorrelated && op.Type == operation.Update && (obj == oldObj || (obj != nil && oldObj != nil && *obj == *oldObj)) { - return nil - } - // call field-attached validations - errs = append(errs, validate.Minimum(ctx, op, fldPath, obj, oldObj, 0)...) - return - }(fldPath.Child("minReadySeconds"), &obj.MinReadySeconds, safe.Field(oldObj, func(oldObj *corev1.ReplicationControllerSpec) *int32 { return &oldObj.MinReadySeconds }), oldObj != nil)...) - - // field corev1.ReplicationControllerSpec.Selector has no validation - // field corev1.ReplicationControllerSpec.Template has no validation - return errs -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/OWNERS deleted file mode 100644 index 30b589bd6..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/OWNERS +++ /dev/null @@ -1,21 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - thockin - - smarterclayton - - wojtek-t - - deads2k - - yujuhong - - derekwaynecarr - - caesarxuchao - - mikedanese - - liggitt - - sttts - - dchen1107 - - janetkuo - - justinsb - - pwittrock - - tallclair - - soltysh - - jsafrane - - dims diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/doc.go deleted file mode 100644 index f17a15cf9..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package validation has functions for validating the correctness of api -// objects and explaining what is wrong with them when they aren't valid. -package validation diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/events.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/events.go deleted file mode 100644 index d2578f229..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/events.go +++ /dev/null @@ -1,193 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "fmt" - "reflect" - "time" - - v1 "k8s.io/api/core/v1" - eventsv1beta1 "k8s.io/api/events/v1beta1" - apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/validation/field" - "k8s.io/kubernetes/pkg/apis/core" -) - -const ( - ReportingInstanceLengthLimit = 128 - ActionLengthLimit = 128 - ReasonLengthLimit = 128 - NoteLengthLimit = 1024 -) - -func ValidateEventCreate(event *core.Event, requestVersion schema.GroupVersion) field.ErrorList { - // Make sure events always pass legacy validation. - allErrs := legacyValidateEvent(event, requestVersion) - if requestVersion == v1.SchemeGroupVersion || requestVersion == eventsv1beta1.SchemeGroupVersion { - // No further validation for backwards compatibility. - return allErrs - } - - // Strict validation applies to creation via events.k8s.io/v1 API and newer. - allErrs = append(allErrs, ValidateObjectMeta(&event.ObjectMeta, true, apimachineryvalidation.NameIsDNSSubdomain, field.NewPath("metadata"))...) - allErrs = append(allErrs, validateV1EventSeries(event)...) - zeroTime := time.Time{} - if event.EventTime.Time == zeroTime { - allErrs = append(allErrs, field.Required(field.NewPath("eventTime"), "")) - } - if event.Type != v1.EventTypeNormal && event.Type != v1.EventTypeWarning { - allErrs = append(allErrs, field.Invalid(field.NewPath("type"), "", fmt.Sprintf("has invalid value: %v", event.Type))) - } - if event.FirstTimestamp.Time != zeroTime { - allErrs = append(allErrs, field.Invalid(field.NewPath("firstTimestamp"), "", "needs to be unset")) - } - if event.LastTimestamp.Time != zeroTime { - allErrs = append(allErrs, field.Invalid(field.NewPath("lastTimestamp"), "", "needs to be unset")) - } - if event.Count != 0 { - allErrs = append(allErrs, field.Invalid(field.NewPath("count"), "", "needs to be unset")) - } - if event.Source.Component != "" || event.Source.Host != "" { - allErrs = append(allErrs, field.Invalid(field.NewPath("source"), "", "needs to be unset")) - } - return allErrs -} - -func ValidateEventUpdate(newEvent, oldEvent *core.Event, requestVersion schema.GroupVersion) field.ErrorList { - // Make sure the new event always passes legacy validation. - allErrs := legacyValidateEvent(newEvent, requestVersion) - if requestVersion == v1.SchemeGroupVersion || requestVersion == eventsv1beta1.SchemeGroupVersion { - // No further validation for backwards compatibility. - return allErrs - } - - // Strict validation applies to update via events.k8s.io/v1 API and newer. - allErrs = append(allErrs, ValidateObjectMetaUpdate(&newEvent.ObjectMeta, &oldEvent.ObjectMeta, field.NewPath("metadata"))...) - // if the series was modified, validate the new data - if !reflect.DeepEqual(newEvent.Series, oldEvent.Series) { - allErrs = append(allErrs, validateV1EventSeries(newEvent)...) - } - - allErrs = append(allErrs, ValidateImmutableField(newEvent.InvolvedObject, oldEvent.InvolvedObject, field.NewPath("involvedObject"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Reason, oldEvent.Reason, field.NewPath("reason"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Message, oldEvent.Message, field.NewPath("message"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Source, oldEvent.Source, field.NewPath("source"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.FirstTimestamp, oldEvent.FirstTimestamp, field.NewPath("firstTimestamp"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.LastTimestamp, oldEvent.LastTimestamp, field.NewPath("lastTimestamp"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Count, oldEvent.Count, field.NewPath("count"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Reason, oldEvent.Reason, field.NewPath("reason"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Type, oldEvent.Type, field.NewPath("type"))...) - - // Disallow changes to eventTime greater than microsecond-level precision. - // Tolerating sub-microsecond changes is required to tolerate updates - // from clients that correctly truncate to microsecond-precision when serializing, - // or from clients built with incorrect nanosecond-precision protobuf serialization. - // See https://github.com/kubernetes/kubernetes/issues/111928 - newTruncated := newEvent.EventTime.Truncate(time.Microsecond).UTC() - oldTruncated := oldEvent.EventTime.Truncate(time.Microsecond).UTC() - if newTruncated != oldTruncated { - allErrs = append(allErrs, ValidateImmutableField(newEvent.EventTime, oldEvent.EventTime, field.NewPath("eventTime"))...) - } - - allErrs = append(allErrs, ValidateImmutableField(newEvent.Action, oldEvent.Action, field.NewPath("action"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.Related, oldEvent.Related, field.NewPath("related"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.ReportingController, oldEvent.ReportingController, field.NewPath("reportingController"))...) - allErrs = append(allErrs, ValidateImmutableField(newEvent.ReportingInstance, oldEvent.ReportingInstance, field.NewPath("reportingInstance"))...) - - return allErrs -} - -func validateV1EventSeries(event *core.Event) field.ErrorList { - allErrs := field.ErrorList{} - zeroTime := time.Time{} - if event.Series != nil { - if event.Series.Count < 2 { - allErrs = append(allErrs, field.Invalid(field.NewPath("series.count"), "", "should be at least 2")) - } - if event.Series.LastObservedTime.Time == zeroTime { - allErrs = append(allErrs, field.Required(field.NewPath("series.lastObservedTime"), "")) - } - } - return allErrs -} - -// legacyValidateEvent makes sure that the event makes sense. -func legacyValidateEvent(event *core.Event, requestVersion schema.GroupVersion) field.ErrorList { - allErrs := field.ErrorList{} - // Because go - zeroTime := time.Time{} - - reportingControllerFieldName := "reportingController" - if requestVersion == v1.SchemeGroupVersion { - reportingControllerFieldName = "reportingComponent" - } - - // "New" Events need to have EventTime set, so it's validating old object. - if event.EventTime.Time == zeroTime { - // Make sure event.Namespace and the involvedInvolvedObject.Namespace agree - if len(event.InvolvedObject.Namespace) == 0 { - // event.Namespace must also be empty (or "default", for compatibility with old clients) - if event.Namespace != metav1.NamespaceNone && event.Namespace != metav1.NamespaceDefault { - allErrs = append(allErrs, field.Invalid(field.NewPath("involvedObject", "namespace"), event.InvolvedObject.Namespace, "does not match event.namespace")) - } - } else { - // event namespace must match - if event.Namespace != event.InvolvedObject.Namespace { - allErrs = append(allErrs, field.Invalid(field.NewPath("involvedObject", "namespace"), event.InvolvedObject.Namespace, "does not match event.namespace")) - } - } - - } else { - if len(event.InvolvedObject.Namespace) == 0 && event.Namespace != metav1.NamespaceDefault && event.Namespace != metav1.NamespaceSystem { - allErrs = append(allErrs, field.Invalid(field.NewPath("involvedObject", "namespace"), event.InvolvedObject.Namespace, "does not match event.namespace")) - } - if len(event.ReportingController) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath(reportingControllerFieldName), "")) - } - allErrs = append(allErrs, ValidateQualifiedName(event.ReportingController, field.NewPath(reportingControllerFieldName))...) - if len(event.ReportingInstance) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("reportingInstance"), "")) - } - if len(event.ReportingInstance) > ReportingInstanceLengthLimit { - allErrs = append(allErrs, field.Invalid(field.NewPath("reportingInstance"), "", fmt.Sprintf("can have at most %v characters", ReportingInstanceLengthLimit))) - } - if len(event.Action) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("action"), "")) - } - if len(event.Action) > ActionLengthLimit { - allErrs = append(allErrs, field.Invalid(field.NewPath("action"), "", fmt.Sprintf("can have at most %v characters", ActionLengthLimit))) - } - if len(event.Reason) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("reason"), "")) - } - if len(event.Reason) > ReasonLengthLimit { - allErrs = append(allErrs, field.Invalid(field.NewPath("reason"), "", fmt.Sprintf("can have at most %v characters", ReasonLengthLimit))) - } - if len(event.Message) > NoteLengthLimit { - allErrs = append(allErrs, field.Invalid(field.NewPath("message"), "", fmt.Sprintf("can have at most %v characters", NoteLengthLimit))) - } - } - - for _, msg := range validation.IsDNS1123Subdomain(event.Namespace) { - allErrs = append(allErrs, field.Invalid(field.NewPath("namespace"), event.Namespace, msg)) - } - return allErrs -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/names.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/names.go deleted file mode 100644 index f321333c0..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/names.go +++ /dev/null @@ -1,138 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "fmt" - "strings" - - apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/validation/field" -) - -// IsKubernetesSignerName checks if signerName is one reserved by the Kubernetes project. -func IsKubernetesSignerName(signerName string) bool { - hostName, _, _ := strings.Cut(signerName, "/") - return hostName == "kubernetes.io" || strings.HasSuffix(hostName, ".kubernetes.io") -} - -// ValidateSignerName checks that signerName is syntactically valid. -// -// ensure signerName is of the form domain.com/something and up to 571 characters. -// This length and format is specified to accommodate signerNames like: -// /.. -// The max length of a FQDN is 253 characters (DNS1123Subdomain max length) -// The max length of a namespace name is 63 characters (DNS1123Label max length) -// The max length of a resource name is 253 characters (DNS1123Subdomain max length) -// We then add an additional 2 characters to account for the one '.' and one '/'. -func ValidateSignerName(fldPath *field.Path, signerName string) field.ErrorList { - var el field.ErrorList - if len(signerName) == 0 { - el = append(el, field.Required(fldPath, "")) - return el - } - - segments := strings.Split(signerName, "/") - // validate that there is one '/' in the signerName. - // we do this after validating the domain segment to provide more info to the user. - if len(segments) != 2 { - el = append(el, field.Invalid(fldPath, signerName, "must be a fully qualified domain and path of the form 'example.com/signer-name'")) - // return early here as we should not continue attempting to validate a missing or malformed path segment - // (i.e. one containing multiple or zero `/`) - return el - } - - // validate that segments[0] is less than 253 characters altogether - maxDomainSegmentLength := validation.DNS1123SubdomainMaxLength - if len(segments[0]) > maxDomainSegmentLength { - el = append(el, field.TooLong(fldPath, "" /*unused*/, maxDomainSegmentLength)) - } - // validate that segments[0] consists of valid DNS1123 labels separated by '.' - domainLabels := strings.Split(segments[0], ".") - for _, lbl := range domainLabels { - // use IsDNS1123Label as we want to ensure the max length of any single label in the domain - // is 63 characters - if errs := validation.IsDNS1123Label(lbl); len(errs) > 0 { - for _, err := range errs { - el = append(el, field.Invalid(fldPath, segments[0], fmt.Sprintf("validating label %q: %s", lbl, err))) - } - // if we encounter any errors whilst parsing the domain segment, break from - // validation as any further error messages will be duplicates, and non-distinguishable - // from each other, confusing users. - break - } - } - - // validate that there is at least one '.' in segments[0] - if len(domainLabels) < 2 { - el = append(el, field.Invalid(fldPath, segments[0], "should be a domain with at least two segments separated by dots")) - } - - // validate that segments[1] consists of valid DNS1123 subdomains separated by '.'. - pathLabels := strings.Split(segments[1], ".") - for _, lbl := range pathLabels { - // use IsDNS1123Subdomain because it enforces a length restriction of 253 characters - // which is required in order to fit a full resource name into a single 'label' - if errs := validation.IsDNS1123Subdomain(lbl); len(errs) > 0 { - for _, err := range errs { - el = append(el, field.Invalid(fldPath, segments[1], fmt.Sprintf("validating label %q: %s", lbl, err))) - } - // if we encounter any errors whilst parsing the path segment, break from - // validation as any further error messages will be duplicates, and non-distinguishable - // from each other, confusing users. - break - } - } - - // ensure that segments[1] can accommodate a dns label + dns subdomain + '.' - maxPathSegmentLength := validation.DNS1123SubdomainMaxLength + validation.DNS1123LabelMaxLength + 1 - maxSignerNameLength := maxDomainSegmentLength + maxPathSegmentLength + 1 - if len(signerName) > maxSignerNameLength { - el = append(el, field.TooLong(fldPath, "" /*unused*/, maxSignerNameLength)) - } - - return el -} - -// ValidateClusterTrustBundleName checks that a ClusterTrustBundle name conforms -// to the rules documented on the type. -func ValidateClusterTrustBundleName(signerName string) func(name string, prefix bool) []string { - return func(name string, isPrefix bool) []string { - if signerName == "" { - if strings.Contains(name, ":") { - return []string{"ClusterTrustBundle without signer name must not have \":\" in its name"} - } - return apimachineryvalidation.NameIsDNSSubdomain(name, isPrefix) - } - - requiredPrefix := strings.ReplaceAll(signerName, "/", ":") + ":" - if !strings.HasPrefix(name, requiredPrefix) { - return []string{fmt.Sprintf("ClusterTrustBundle for signerName %s must be named with prefix %s", signerName, requiredPrefix)} - } - return apimachineryvalidation.NameIsDNSSubdomain(strings.TrimPrefix(name, requiredPrefix), isPrefix) - } -} - -func extractSignerNameFromClusterTrustBundleName(name string) (string, bool) { - if splitPoint := strings.LastIndex(name, ":"); splitPoint != -1 { - // This looks like it refers to a signerName trustbundle. - return strings.ReplaceAll(name[:splitPoint], ":", "/"), true - } else { - return "", false - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go deleted file mode 100644 index 213f4d7b7..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go +++ /dev/null @@ -1,9600 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "context" - "encoding/json" - "fmt" - "math" - "net" - "path" - "path/filepath" - "reflect" - "regexp" - "slices" - "strconv" - "strings" - "sync" - "unicode" - "unicode/utf8" - - netutils "k8s.io/utils/net" - - v1 "k8s.io/api/core/v1" - apiequality "k8s.io/apimachinery/pkg/api/equality" - "k8s.io/apimachinery/pkg/api/operation" - "k8s.io/apimachinery/pkg/api/resource" - "k8s.io/apimachinery/pkg/api/validate" - "k8s.io/apimachinery/pkg/api/validate/content" - apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - unversionedvalidation "k8s.io/apimachinery/pkg/apis/meta/v1/validation" - "k8s.io/apimachinery/pkg/conversion" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/util/diff" - "k8s.io/apimachinery/pkg/util/intstr" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/validation/field" - utilfeature "k8s.io/apiserver/pkg/util/feature" - utilsysctl "k8s.io/component-helpers/node/util/sysctl" - resourcehelper "k8s.io/component-helpers/resource" - schedulinghelper "k8s.io/component-helpers/scheduling/corev1" - kubeletapis "k8s.io/kubelet/pkg/apis" - "k8s.io/kubernetes/pkg/apis/certificates" - - apiservice "k8s.io/kubernetes/pkg/api/service" - podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/core/helper" - "k8s.io/kubernetes/pkg/apis/core/helper/qos" - podshelper "k8s.io/kubernetes/pkg/apis/core/pods" - corev1 "k8s.io/kubernetes/pkg/apis/core/v1" - "k8s.io/kubernetes/pkg/capabilities" - "k8s.io/kubernetes/pkg/features" - "k8s.io/kubernetes/pkg/fieldpath" -) - -const isNegativeErrorMsg string = apimachineryvalidation.IsNegativeErrorMsg -const isInvalidQuotaResource string = `must be a standard resource for quota` -const fieldImmutableErrorMsg string = apimachineryvalidation.FieldImmutableErrorMsg -const isNotIntegerErrorMsg string = `must be an integer` -const isNotPositiveErrorMsg string = `must be greater than zero` - -var pdPartitionErrorMsg string = validation.InclusiveRangeError(1, 255) -var fileModeErrorMsg = "must be a number between 0 and 0777 (octal), both inclusive" - -// BannedOwners is a black list of object that are not allowed to be owners. -var BannedOwners = apimachineryvalidation.BannedOwners - -// nodeDeclaredFeatureRegexp defines the allowed format for feature names. -// The first segment must be in UpperCamelCase. Subsequent segments (separated by '/') -// can be in either UpperCamelCase or lowerCamelCase. -var nodeDeclaredFeatureRegexp = regexp.MustCompile(`^[A-Z][a-zA-Z0-9]*(\/[a-zA-Z][a-zA-Z0-9]*)*$`) -var iscsiInitiatorIqnRegex = regexp.MustCompile(`iqn\.\d{4}-\d{2}\.([[:alnum:]-.]+)(:[^,;*&$|\s]+)$`) -var iscsiInitiatorEuiRegex = regexp.MustCompile(`^eui.[[:alnum:]]{16}$`) -var iscsiInitiatorNaaRegex = regexp.MustCompile(`^naa.[[:alnum:]]{32}$`) - -var allowedEphemeralContainerFields = map[string]bool{ - "Name": true, - "Image": true, - "Command": true, - "Args": true, - "WorkingDir": true, - "Ports": false, - "EnvFrom": true, - "Env": true, - "Resources": false, - "VolumeMounts": true, - "VolumeDevices": true, - "LivenessProbe": false, - "ReadinessProbe": false, - "StartupProbe": false, - "Lifecycle": false, - "TerminationMessagePath": true, - "TerminationMessagePolicy": true, - "ImagePullPolicy": true, - "SecurityContext": true, - "Stdin": true, - "StdinOnce": true, - "TTY": true, -} - -// validOS stores the set of valid OSes within pod spec. -// The valid values currently are linux, windows. -// In future, they can be expanded to values from -// https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration -var validOS = sets.New(core.Linux, core.Windows) - -// ValidateHasLabel requires that metav1.ObjectMeta has a Label with key and expectedValue -func ValidateHasLabel(meta metav1.ObjectMeta, fldPath *field.Path, key, expectedValue string) field.ErrorList { - allErrs := field.ErrorList{} - actualValue, found := meta.Labels[key] - if !found { - allErrs = append(allErrs, field.Required(fldPath.Child("labels").Key(key), - fmt.Sprintf("must be '%s'", expectedValue))) - return allErrs - } - if actualValue != expectedValue { - allErrs = append(allErrs, field.Invalid(fldPath.Child("labels").Key(key), meta.Labels, - fmt.Sprintf("must be '%s'", expectedValue))) - } - return allErrs -} - -// ValidateAnnotations validates that a set of annotations are correctly defined. -func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - return apimachineryvalidation.ValidateAnnotations(annotations, fldPath) -} - -// ValidateUserAnnotations validates that the UserAnnotations are correctly defined. -func ValidateUserAnnotations(userAnnotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for k := range userAnnotations { - // The case doesn't matter, so convert to lowercase before checking. - allErrs = append(allErrs, validation.IsDomainPrefixedKey(fldPath, strings.ToLower(k))...) - } - if err := apimachineryvalidation.ValidateAnnotationsSize(userAnnotations); err != nil { - allErrs = append(allErrs, field.TooLong(fldPath, "" /*unused*/, apimachineryvalidation.TotalAnnotationSizeLimitB)) - } - return allErrs -} - -func ValidateDNS1123Label(value string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsDNS1123Label(value) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg).WithOrigin("format=k8s-short-name")) - } - return allErrs -} - -// ValidateQualifiedName validates if name is what Kubernetes calls a "qualified name". -func ValidateQualifiedName(value string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsQualifiedName(value) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg).WithOrigin("format=qualified-name")) - } - return allErrs -} - -// ValidateDNS1123SubdomainWithUnderScore validates that a name is a proper DNS subdomain but allows for an underscore in the string -func ValidateDNS1123SubdomainWithUnderScore(value string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsDNS1123SubdomainWithUnderscore(value) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg)).WithOrigin("format=k8s-dns-subdomain-with-underscore") - } - return allErrs -} - -// ValidateDNS1123Subdomain validates that a name is a proper DNS subdomain. -func ValidateDNS1123Subdomain(value string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsDNS1123Subdomain(value) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg)).WithOrigin("format=k8s-long-name") - } - return allErrs -} - -func ValidatePodSpecificAnnotations(annotations map[string]string, spec *core.PodSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if value, isMirror := annotations[core.MirrorPodAnnotationKey]; isMirror { - if len(spec.NodeName) == 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Key(core.MirrorPodAnnotationKey), value, "must set spec.nodeName if mirror pod annotation is set")) - } - } - - if annotations[core.TolerationsAnnotationKey] != "" { - allErrs = append(allErrs, ValidateTolerationsInPodAnnotations(annotations, fldPath, opts)...) - } - - if !opts.AllowInvalidPodDeletionCost { - if _, err := helper.GetDeletionCostFromPodAnnotations(annotations); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Key(core.PodDeletionCost), annotations[core.PodDeletionCost], "must be a 32bit integer")) - } - } - - allErrs = append(allErrs, ValidateSeccompPodAnnotations(annotations, fldPath)...) - allErrs = append(allErrs, ValidateAppArmorPodAnnotations(annotations, spec, fldPath)...) - - return allErrs -} - -// ValidateTolerationsInPodAnnotations tests that the serialized tolerations in Pod.Annotations has valid data -func ValidateTolerationsInPodAnnotations(annotations map[string]string, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - tolerations, err := helper.GetTolerationsFromPodAnnotations(annotations) - if err != nil { - allErrs = append(allErrs, field.Invalid(fldPath, core.TolerationsAnnotationKey, err.Error())) - return allErrs - } - - if len(tolerations) > 0 { - allErrs = append(allErrs, ValidateTolerations(tolerations, fldPath.Child(core.TolerationsAnnotationKey), opts)...) - } - - return allErrs -} - -func ValidatePodSpecificAnnotationUpdates(newPod, oldPod *core.Pod, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - newAnnotations := newPod.Annotations - oldAnnotations := oldPod.Annotations - for k, oldVal := range oldAnnotations { - if newVal, exists := newAnnotations[k]; exists && newVal == oldVal { - continue // No change. - } - if strings.HasPrefix(k, v1.DeprecatedAppArmorBetaContainerAnnotationKeyPrefix) { - allErrs = append(allErrs, field.Forbidden(fldPath.Key(k), "may not remove or update AppArmor annotations")) - } - if k == core.MirrorPodAnnotationKey { - allErrs = append(allErrs, field.Forbidden(fldPath.Key(k), "may not remove or update mirror pod annotation")) - } - } - // Check for additions - for k := range newAnnotations { - if _, ok := oldAnnotations[k]; ok { - continue // No change. - } - if strings.HasPrefix(k, v1.DeprecatedAppArmorBetaContainerAnnotationKeyPrefix) { - allErrs = append(allErrs, field.Forbidden(fldPath.Key(k), "may not add AppArmor annotations")) - } - if k == core.MirrorPodAnnotationKey { - allErrs = append(allErrs, field.Forbidden(fldPath.Key(k), "may not add mirror pod annotation")) - } - } - allErrs = append(allErrs, ValidatePodSpecificAnnotations(newAnnotations, &newPod.Spec, fldPath, opts)...) - return allErrs -} - -func ValidateEndpointsSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - return allErrs -} - -// ValidateNameFunc validates that the provided name is valid for a given resource type. -// Not all resources have the same validation rules for names. Prefix is true -// if the name will have a value appended to it. If the name is not valid, -// this returns a list of descriptions of individual characteristics of the -// value that were not valid. Otherwise this returns an empty list or nil. -type ValidateNameFunc apimachineryvalidation.ValidateNameFunc - -// ValidateNameFuncWithErrors validates that the provided name is valid for a -// given resource type. -type ValidateNameFuncWithErrors = apimachineryvalidation.ValidateNameFuncWithErrors - -// ValidatePodName can be used to check whether the given pod name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidatePodName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateServiceName can be used to check whether the given service name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateServiceName = apimachineryvalidation.NameIsDNS1035Label - -// ValidateNodeName can be used to check whether the given node name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateNodeName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateNamespaceName can be used to check whether the given namespace name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateNamespaceName = apimachineryvalidation.ValidateNamespaceName - -// ValidateLimitRangeName can be used to check whether the given limit range name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateLimitRangeName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateResourceQuotaName can be used to check whether the given -// resource quota name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateResourceQuotaName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateSecretName can be used to check whether the given secret name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateSecretName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateServiceAccountName can be used to check whether the given service account name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateServiceAccountName = apimachineryvalidation.ValidateServiceAccountName - -// ValidateEndpointsName can be used to check whether the given endpoints name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateEndpointsName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateClassName can be used to check whether the given class name is valid. -// It is defined here to avoid import cycle between pkg/apis/storage/validation -// (where it should be) and this file. -var ValidateClassName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidatePriorityClassName can be used to check whether the given priority -// class name is valid. -var ValidatePriorityClassName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateResourceClaimName can be used to check whether the given -// name for a ResourceClaim is valid. -var ValidateResourceClaimName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateResourceClaimTemplateName can be used to check whether the given -// name for a ResourceClaimTemplate is valid. -var ValidateResourceClaimTemplateName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateWorkloadName can be used to check whether the given -// name for a Workload is valid. -var ValidateWorkloadName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidatePodGroupName can be used to check whether the given -// name for a PodGroup is valid. -var ValidatePodGroupName = apimachineryvalidation.NameIsDNSLabel - -// ValidatePodGroupReplicaKey can be used to check whether the given -// PodGroupReplicaKey is valid. -var ValidatePodGroupReplicaKey = apimachineryvalidation.NameIsDNSLabel - -// ValidateRuntimeClassName can be used to check whether the given RuntimeClass name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -func ValidateRuntimeClassName(name string, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - for _, msg := range apimachineryvalidation.NameIsDNSSubdomain(name, false) { - allErrs = append(allErrs, field.Invalid(fldPath, name, msg)) - } - return allErrs -} - -// validateOverhead can be used to check whether the given Overhead is valid. -func validateOverhead(overhead core.ResourceList, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - // reuse the ResourceRequirements validation logic - return ValidateContainerResourceRequirements(&core.ResourceRequirements{Limits: overhead}, nil, fldPath, opts) -} - -// Validates that given value is not negative. -func ValidateNonnegativeField(value int64, fldPath *field.Path) field.ErrorList { - return apimachineryvalidation.ValidateNonnegativeField(value, fldPath) -} - -// Validates that a Quantity is not negative -func ValidateNonnegativeQuantity(value resource.Quantity, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if value.Cmp(resource.Quantity{}) < 0 { - allErrs = append(allErrs, field.Invalid(fldPath, value.String(), isNegativeErrorMsg)) - } - return allErrs -} - -// Validates that given value is positive. -func ValidatePositiveField(value int64, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if value <= 0 { - allErrs = append(allErrs, field.Invalid(fldPath, value, isNotPositiveErrorMsg).WithOrigin("minimum")) - } - return allErrs -} - -// Validates that a Quantity is positive -func ValidatePositiveQuantityValue(value resource.Quantity, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if value.Cmp(resource.Quantity{}) <= 0 { - allErrs = append(allErrs, field.Invalid(fldPath, value.String(), isNotPositiveErrorMsg)) - } - return allErrs -} - -func ValidateImmutableField(newVal, oldVal interface{}, fldPath *field.Path) field.ErrorList { - return apimachineryvalidation.ValidateImmutableField(newVal, oldVal, fldPath) -} - -func ValidateImmutableAnnotation(newVal string, oldVal string, annotation string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if oldVal != newVal { - allErrs = append(allErrs, field.Invalid(fldPath.Child("annotations", annotation), newVal, fieldImmutableErrorMsg)) - } - return allErrs -} - -// ValidateObjectMetaWithOpts validates an object's metadata on creation. It expects that name generation has already -// been performed. -func ValidateObjectMetaWithOpts(meta *metav1.ObjectMeta, isNamespaced bool, nameFn ValidateNameFuncWithErrors, fldPath *field.Path) field.ErrorList { - allErrs := apimachineryvalidation.ValidateObjectMetaWithOpts(meta, isNamespaced, nameFn, fldPath) - // run additional checks for the finalizer name - for i := range meta.Finalizers { - allErrs = append(allErrs, validateKubeFinalizerName(string(meta.Finalizers[i]), fldPath.Child("finalizers").Index(i))...) - } - return allErrs -} - -// ValidateObjectMeta validates an object's metadata on creation. It expects that name generation has already -// been performed. -// TODO: Remove calls to this method scattered in validations of specific resources, e.g., ValidatePodUpdate. -func ValidateObjectMeta(meta *metav1.ObjectMeta, requiresNamespace bool, nameFn ValidateNameFunc, fldPath *field.Path) field.ErrorList { - allErrs := apimachineryvalidation.ValidateObjectMeta(meta, requiresNamespace, apimachineryvalidation.ValidateNameFunc(nameFn), fldPath) - // run additional checks for the finalizer name - for i := range meta.Finalizers { - allErrs = append(allErrs, validateKubeFinalizerName(string(meta.Finalizers[i]), fldPath.Child("finalizers").Index(i))...) - } - return allErrs -} - -// ValidateObjectMetaUpdate validates an object's metadata when updated -func ValidateObjectMetaUpdate(newMeta, oldMeta *metav1.ObjectMeta, fldPath *field.Path) field.ErrorList { - allErrs := apimachineryvalidation.ValidateObjectMetaUpdate(newMeta, oldMeta, fldPath) - // run additional checks for the finalizer name - for i := range newMeta.Finalizers { - allErrs = append(allErrs, validateKubeFinalizerName(string(newMeta.Finalizers[i]), fldPath.Child("finalizers").Index(i))...) - } - - return allErrs -} - -func ValidateVolumes(volumes []core.Volume, podMeta *metav1.ObjectMeta, fldPath *field.Path, opts PodValidationOptions) (map[string]core.VolumeSource, field.ErrorList) { - allErrs := field.ErrorList{} - - allNames := sets.Set[string]{} - allCreatedPVCs := sets.Set[string]{} - // Determine which PVCs will be created for this pod. We need - // the exact name of the pod for this. Without it, this sanity - // check has to be skipped. - if podMeta != nil && podMeta.Name != "" { - for _, vol := range volumes { - if vol.VolumeSource.Ephemeral != nil { - allCreatedPVCs.Insert(podMeta.Name + "-" + vol.Name) - } - } - } - vols := make(map[string]core.VolumeSource) - for i, vol := range volumes { - idxPath := fldPath.Index(i) - namePath := idxPath.Child("name") - el := validateVolumeSource(&vol.VolumeSource, idxPath, vol.Name, podMeta, opts) - if len(vol.Name) == 0 { - el = append(el, field.Required(namePath, "")) - } else { - el = append(el, ValidateDNS1123Label(vol.Name, namePath)...) - } - if allNames.Has(vol.Name) { - el = append(el, field.Duplicate(namePath, vol.Name)) - } - if len(el) == 0 { - allNames.Insert(vol.Name) - vols[vol.Name] = vol.VolumeSource - } else { - allErrs = append(allErrs, el...) - } - // A PersistentVolumeClaimSource should not reference a created PVC. That doesn't - // make sense. - if vol.PersistentVolumeClaim != nil && allCreatedPVCs.Has(vol.PersistentVolumeClaim.ClaimName) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("persistentVolumeClaim").Child("claimName"), vol.PersistentVolumeClaim.ClaimName, - "must not reference a PVC that gets created for an ephemeral volume")) - } - } - - return vols, allErrs -} - -func IsMatchedVolume(name string, volumes map[string]core.VolumeSource) bool { - if _, ok := volumes[name]; ok { - return true - } - return false -} - -// isMatched checks whether the volume with the given name is used by a -// container and if so, if it involves a PVC. -func isMatchedDevice(name string, volumes map[string]core.VolumeSource) (isMatched bool, isPVC bool) { - if source, ok := volumes[name]; ok { - if source.PersistentVolumeClaim != nil || - source.Ephemeral != nil { - return true, true - } - return true, false - } - return false, false -} - -func mountNameAlreadyExists(name string, devices map[string]string) bool { - if _, ok := devices[name]; ok { - return true - } - return false -} - -func mountPathAlreadyExists(mountPath string, devices map[string]string) bool { - for _, devPath := range devices { - if mountPath == devPath { - return true - } - } - - return false -} - -func deviceNameAlreadyExists(name string, mounts map[string]string) bool { - if _, ok := mounts[name]; ok { - return true - } - return false -} - -func devicePathAlreadyExists(devicePath string, mounts map[string]string) bool { - for _, mountPath := range mounts { - if mountPath == devicePath { - return true - } - } - - return false -} - -func validateVolumeSource(source *core.VolumeSource, fldPath *field.Path, volName string, podMeta *metav1.ObjectMeta, opts PodValidationOptions) field.ErrorList { - numVolumes := 0 - allErrs := field.ErrorList{} - if source.EmptyDir != nil { - numVolumes++ - if source.EmptyDir.SizeLimit != nil && source.EmptyDir.SizeLimit.Cmp(resource.Quantity{}) < 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("emptyDir").Child("sizeLimit"), "SizeLimit field must be a valid resource quantity")) - } - } - if source.HostPath != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostPath"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateHostPathVolumeSource(source.HostPath, fldPath.Child("hostPath"))...) - } - } - if source.GitRepo != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("gitRepo"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateGitRepoVolumeSource(source.GitRepo, fldPath.Child("gitRepo"))...) - } - } - if source.GCEPersistentDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("gcePersistentDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateGCEPersistentDiskVolumeSource(source.GCEPersistentDisk, fldPath.Child("persistentDisk"))...) - } - } - if source.AWSElasticBlockStore != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("awsElasticBlockStore"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateAWSElasticBlockStoreVolumeSource(source.AWSElasticBlockStore, fldPath.Child("awsElasticBlockStore"))...) - } - } - if source.Secret != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("secret"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateSecretVolumeSource(source.Secret, fldPath.Child("secret"))...) - } - } - if source.NFS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nfs"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateNFSVolumeSource(source.NFS, fldPath.Child("nfs"))...) - } - } - if source.ISCSI != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("iscsi"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateISCSIVolumeSource(source.ISCSI, fldPath.Child("iscsi"))...) - } - if source.ISCSI.InitiatorName != nil && len(volName+":"+source.ISCSI.TargetPortal) > 64 { - tooLongErr := "Total length of : must be under 64 characters if iscsi.initiatorName is specified." - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), volName, tooLongErr)) - } - } - if source.Glusterfs != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("glusterfs"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateGlusterfsVolumeSource(source.Glusterfs, fldPath.Child("glusterfs"))...) - } - } - if source.Flocker != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("flocker"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateFlockerVolumeSource(source.Flocker, fldPath.Child("flocker"))...) - } - } - if source.PersistentVolumeClaim != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("persistentVolumeClaim"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validatePersistentClaimVolumeSource(source.PersistentVolumeClaim, fldPath.Child("persistentVolumeClaim"))...) - } - } - if source.RBD != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("rbd"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateRBDVolumeSource(source.RBD, fldPath.Child("rbd"))...) - } - } - if source.Cinder != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("cinder"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCinderVolumeSource(source.Cinder, fldPath.Child("cinder"))...) - } - } - if source.CephFS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("cephFS"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCephFSVolumeSource(source.CephFS, fldPath.Child("cephfs"))...) - } - } - if source.Quobyte != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("quobyte"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateQuobyteVolumeSource(source.Quobyte, fldPath.Child("quobyte"))...) - } - } - if source.DownwardAPI != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("downwarAPI"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateDownwardAPIVolumeSource(source.DownwardAPI, fldPath.Child("downwardAPI"), opts)...) - } - } - if source.FC != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("fc"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateFCVolumeSource(source.FC, fldPath.Child("fc"))...) - } - } - if source.FlexVolume != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("flexVolume"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateFlexVolumeSource(source.FlexVolume, fldPath.Child("flexVolume"))...) - } - } - if source.ConfigMap != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("configMap"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateConfigMapVolumeSource(source.ConfigMap, fldPath.Child("configMap"))...) - } - } - - if source.AzureFile != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("azureFile"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateAzureFile(source.AzureFile, fldPath.Child("azureFile"))...) - } - } - - if source.VsphereVolume != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("vsphereVolume"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateVsphereVolumeSource(source.VsphereVolume, fldPath.Child("vsphereVolume"))...) - } - } - if source.PhotonPersistentDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("photonPersistentDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validatePhotonPersistentDiskVolumeSource(source.PhotonPersistentDisk, fldPath.Child("photonPersistentDisk"))...) - } - } - if source.PortworxVolume != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("portworxVolume"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validatePortworxVolumeSource(source.PortworxVolume, fldPath.Child("portworxVolume"))...) - } - } - if source.AzureDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("azureDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateAzureDisk(source.AzureDisk, fldPath.Child("azureDisk"))...) - } - } - if source.StorageOS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("storageos"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateStorageOSVolumeSource(source.StorageOS, fldPath.Child("storageos"))...) - } - } - if source.Projected != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("projected"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateProjectedVolumeSource(source.Projected, fldPath.Child("projected"), opts)...) - } - } - if source.ScaleIO != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("scaleIO"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateScaleIOVolumeSource(source.ScaleIO, fldPath.Child("scaleIO"))...) - } - } - if source.CSI != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("csi"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCSIVolumeSource(source.CSI, fldPath.Child("csi"))...) - } - } - if source.Ephemeral != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("ephemeral"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateEphemeralVolumeSource(source.Ephemeral, fldPath.Child("ephemeral"))...) - // Check the expected name for the PVC. This gets skipped if information is missing, - // because that already gets flagged as a problem elsewhere. For example, - // ValidateObjectMeta as called by validatePodMetadataAndSpec checks that the name is set. - if podMeta != nil && podMeta.Name != "" && volName != "" { - pvcName := podMeta.Name + "-" + volName - for _, msg := range ValidatePersistentVolumeName(pvcName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), volName, fmt.Sprintf("PVC name %q: %v", pvcName, msg))) - } - } - } - } - if source.Image != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("image"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateImageVolumeSource(source.Image, fldPath.Child("image"), opts)...) - } - } - - if numVolumes == 0 { - allErrs = append(allErrs, field.Required(fldPath, "must specify a volume type")) - } - - return allErrs -} - -func validateHostPathVolumeSource(hostPath *core.HostPathVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(hostPath.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - return allErrs - } - - allErrs = append(allErrs, validatePathNoBacksteps(hostPath.Path, fldPath.Child("path"))...) - allErrs = append(allErrs, validateHostPathType(hostPath.Type, fldPath.Child("type"))...) - return allErrs -} - -func validateGitRepoVolumeSource(gitRepo *core.GitRepoVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(gitRepo.Repository) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("repository"), "")) - } - - pathErrs := validateLocalDescendingPath(gitRepo.Directory, fldPath.Child("directory")) - allErrs = append(allErrs, pathErrs...) - return allErrs -} - -func validateISCSIVolumeSource(iscsi *core.ISCSIVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(iscsi.TargetPortal) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("targetPortal"), "")) - } - if len(iscsi.IQN) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("iqn"), "")) - } else { - if !strings.HasPrefix(iscsi.IQN, "iqn") && !strings.HasPrefix(iscsi.IQN, "eui") && !strings.HasPrefix(iscsi.IQN, "naa") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format starting with iqn, eui, or naa")) - } else if strings.HasPrefix(iscsi.IQN, "iqn") && !iscsiInitiatorIqnRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } else if strings.HasPrefix(iscsi.IQN, "eui") && !iscsiInitiatorEuiRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } else if strings.HasPrefix(iscsi.IQN, "naa") && !iscsiInitiatorNaaRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } - } - if iscsi.Lun < 0 || iscsi.Lun > 255 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), iscsi.Lun, validation.InclusiveRangeError(0, 255))) - } - if (iscsi.DiscoveryCHAPAuth || iscsi.SessionCHAPAuth) && iscsi.SecretRef == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef"), "")) - } - if iscsi.InitiatorName != nil { - initiator := *iscsi.InitiatorName - if !strings.HasPrefix(initiator, "iqn") && !strings.HasPrefix(initiator, "eui") && !strings.HasPrefix(initiator, "naa") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format starting with iqn, eui, or naa")) - } - if strings.HasPrefix(initiator, "iqn") && !iscsiInitiatorIqnRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } else if strings.HasPrefix(initiator, "eui") && !iscsiInitiatorEuiRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } else if strings.HasPrefix(initiator, "naa") && !iscsiInitiatorNaaRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } - } - return allErrs -} - -func validateISCSIPersistentVolumeSource(iscsi *core.ISCSIPersistentVolumeSource, pvName string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(iscsi.TargetPortal) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("targetPortal"), "")) - } - if iscsi.InitiatorName != nil && len(pvName+":"+iscsi.TargetPortal) > 64 { - tooLongErr := "Total length of : must be under 64 characters if iscsi.initiatorName is specified." - allErrs = append(allErrs, field.Invalid(fldPath.Child("targetportal"), iscsi.TargetPortal, tooLongErr)) - } - if len(iscsi.IQN) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("iqn"), "")) - } else { - if !strings.HasPrefix(iscsi.IQN, "iqn") && !strings.HasPrefix(iscsi.IQN, "eui") && !strings.HasPrefix(iscsi.IQN, "naa") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } else if strings.HasPrefix(iscsi.IQN, "iqn") && !iscsiInitiatorIqnRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } else if strings.HasPrefix(iscsi.IQN, "eui") && !iscsiInitiatorEuiRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } else if strings.HasPrefix(iscsi.IQN, "naa") && !iscsiInitiatorNaaRegex.MatchString(iscsi.IQN) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("iqn"), iscsi.IQN, "must be valid format")) - } - } - if iscsi.Lun < 0 || iscsi.Lun > 255 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), iscsi.Lun, validation.InclusiveRangeError(0, 255))) - } - if (iscsi.DiscoveryCHAPAuth || iscsi.SessionCHAPAuth) && iscsi.SecretRef == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef"), "")) - } - if iscsi.SecretRef != nil { - if len(iscsi.SecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "name"), "")) - } - } - if iscsi.InitiatorName != nil { - initiator := *iscsi.InitiatorName - if !strings.HasPrefix(initiator, "iqn") && !strings.HasPrefix(initiator, "eui") && !strings.HasPrefix(initiator, "naa") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } - if strings.HasPrefix(initiator, "iqn") && !iscsiInitiatorIqnRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } else if strings.HasPrefix(initiator, "eui") && !iscsiInitiatorEuiRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } else if strings.HasPrefix(initiator, "naa") && !iscsiInitiatorNaaRegex.MatchString(initiator) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("initiatorname"), initiator, "must be valid format")) - } - } - return allErrs -} - -func validateFCVolumeSource(fc *core.FCVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(fc.TargetWWNs) < 1 && len(fc.WWIDs) < 1 { - allErrs = append(allErrs, field.Required(fldPath.Child("targetWWNs"), "must specify either targetWWNs or wwids, but not both")) - } - - if len(fc.TargetWWNs) != 0 && len(fc.WWIDs) != 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("targetWWNs"), fc.TargetWWNs, "targetWWNs and wwids can not be specified simultaneously")) - } - - if len(fc.TargetWWNs) != 0 { - if fc.Lun == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("lun"), "lun is required if targetWWNs is specified")) - } else { - if *fc.Lun < 0 || *fc.Lun > 255 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), fc.Lun, validation.InclusiveRangeError(0, 255))) - } - } - } - return allErrs -} - -func validateGCEPersistentDiskVolumeSource(pd *core.GCEPersistentDiskVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(pd.PDName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("pdName"), "")) - } - if pd.Partition < 0 || pd.Partition > 255 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("partition"), pd.Partition, pdPartitionErrorMsg)) - } - return allErrs -} - -func validateAWSElasticBlockStoreVolumeSource(PD *core.AWSElasticBlockStoreVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(PD.VolumeID) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeID"), "")) - } - if PD.Partition < 0 || PD.Partition > 255 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("partition"), PD.Partition, pdPartitionErrorMsg)) - } - return allErrs -} - -func validateSecretVolumeSource(secretSource *core.SecretVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(secretSource.SecretName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretName"), "")) - } - - secretMode := secretSource.DefaultMode - if secretMode != nil && (*secretMode > 0777 || *secretMode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("defaultMode"), *secretMode, fileModeErrorMsg)) - } - - itemsPath := fldPath.Child("items") - for i, kp := range secretSource.Items { - itemPath := itemsPath.Index(i) - allErrs = append(allErrs, validateKeyToPath(&kp, itemPath)...) - } - return allErrs -} - -func validateConfigMapVolumeSource(configMapSource *core.ConfigMapVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(configMapSource.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } - - configMapMode := configMapSource.DefaultMode - if configMapMode != nil && (*configMapMode > 0777 || *configMapMode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("defaultMode"), *configMapMode, fileModeErrorMsg)) - } - - itemsPath := fldPath.Child("items") - for i, kp := range configMapSource.Items { - itemPath := itemsPath.Index(i) - allErrs = append(allErrs, validateKeyToPath(&kp, itemPath)...) - } - return allErrs -} - -func validateKeyToPath(kp *core.KeyToPath, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(kp.Key) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("key"), "")) - } - if len(kp.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } - allErrs = append(allErrs, ValidateLocalNonReservedPath(kp.Path, fldPath.Child("path"))...) - if kp.Mode != nil && (*kp.Mode > 0777 || *kp.Mode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("mode"), *kp.Mode, fileModeErrorMsg)) - } - - return allErrs -} - -func validatePersistentClaimVolumeSource(claim *core.PersistentVolumeClaimVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(claim.ClaimName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("claimName"), "")) - } - return allErrs -} - -func validateNFSVolumeSource(nfs *core.NFSVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(nfs.Server) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("server"), "")) - } - if len(nfs.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } - if !path.IsAbs(nfs.Path) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("path"), nfs.Path, "must be an absolute path")) - } - return allErrs -} - -func validateQuobyteVolumeSource(quobyte *core.QuobyteVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(quobyte.Registry) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("registry"), "must be a host:port pair or multiple pairs separated by commas")) - } else if len(quobyte.Tenant) >= 65 { - allErrs = append(allErrs, field.Required(fldPath.Child("tenant"), "must be a UUID and may not exceed a length of 64 characters")) - } else { - for _, hostPortPair := range strings.Split(quobyte.Registry, ",") { - if _, _, err := net.SplitHostPort(hostPortPair); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("registry"), quobyte.Registry, "must be a host:port pair or multiple pairs separated by commas")) - } - } - } - - if len(quobyte.Volume) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volume"), "")) - } - return allErrs -} - -func validateGlusterfsVolumeSource(glusterfs *core.GlusterfsVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(glusterfs.EndpointsName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("endpoints"), "")) - } - if len(glusterfs.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } - return allErrs -} -func validateGlusterfsPersistentVolumeSource(glusterfs *core.GlusterfsPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(glusterfs.EndpointsName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("endpoints"), "")) - } - if len(glusterfs.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } - if glusterfs.EndpointsNamespace != nil { - endpointNs := glusterfs.EndpointsNamespace - if *endpointNs == "" { - allErrs = append(allErrs, field.Invalid(fldPath.Child("endpointsNamespace"), *endpointNs, "if the endpointnamespace is set, it must be a valid namespace name")) - } else { - for _, msg := range ValidateNamespaceName(*endpointNs, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("endpointsNamespace"), *endpointNs, msg)) - } - } - } - return allErrs -} - -func validateFlockerVolumeSource(flocker *core.FlockerVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(flocker.DatasetName) == 0 && len(flocker.DatasetUUID) == 0 { - // TODO: consider adding a RequiredOneOf() error for this and similar cases - allErrs = append(allErrs, field.Required(fldPath, "one of datasetName and datasetUUID is required")) - } - if len(flocker.DatasetName) != 0 && len(flocker.DatasetUUID) != 0 { - allErrs = append(allErrs, field.Invalid(fldPath, "resource", "datasetName and datasetUUID can not be specified simultaneously")) - } - if strings.Contains(flocker.DatasetName, "/") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("datasetName"), flocker.DatasetName, "must not contain '/'")) - } - return allErrs -} - -var validVolumeDownwardAPIFieldPathExpressions = sets.New( - "metadata.name", - "metadata.namespace", - "metadata.labels", - "metadata.annotations", - "metadata.uid") - -func validateDownwardAPIVolumeFile(file *core.DownwardAPIVolumeFile, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if len(file.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } - allErrs = append(allErrs, ValidateLocalNonReservedPath(file.Path, fldPath.Child("path"))...) - if file.FieldRef != nil { - allErrs = append(allErrs, validateObjectFieldSelector(file.FieldRef, &validVolumeDownwardAPIFieldPathExpressions, fldPath.Child("fieldRef"))...) - if file.ResourceFieldRef != nil { - allErrs = append(allErrs, field.Invalid(fldPath, "resource", "fieldRef and resourceFieldRef can not be specified simultaneously")) - } - } else if file.ResourceFieldRef != nil { - localValidContainerResourceFieldPathPrefixes := validContainerResourceFieldPathPrefixesWithDownwardAPIHugePages - allErrs = append(allErrs, validateContainerResourceFieldSelector(file.ResourceFieldRef, &validContainerResourceFieldPathExpressions, &localValidContainerResourceFieldPathPrefixes, fldPath.Child("resourceFieldRef"), true)...) - } else { - allErrs = append(allErrs, field.Required(fldPath, "one of fieldRef and resourceFieldRef is required")) - } - if file.Mode != nil && (*file.Mode > 0777 || *file.Mode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("mode"), *file.Mode, fileModeErrorMsg)) - } - - return allErrs -} - -func validateDownwardAPIVolumeSource(downwardAPIVolume *core.DownwardAPIVolumeSource, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - downwardAPIMode := downwardAPIVolume.DefaultMode - if downwardAPIMode != nil && (*downwardAPIMode > 0777 || *downwardAPIMode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("defaultMode"), *downwardAPIMode, fileModeErrorMsg)) - } - - for _, file := range downwardAPIVolume.Items { - allErrs = append(allErrs, validateDownwardAPIVolumeFile(&file, fldPath, opts)...) - } - return allErrs -} - -func validateProjectionSources(projection *core.ProjectedVolumeSource, projectionMode *int32, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - allPaths := sets.Set[string]{} - - for i, source := range projection.Sources { - numSources := 0 - srcPath := fldPath.Child("sources").Index(i) - if projPath := srcPath.Child("secret"); source.Secret != nil { - numSources++ - if len(source.Secret.Name) == 0 { - allErrs = append(allErrs, field.Required(projPath.Child("name"), "")) - } - itemsPath := projPath.Child("items") - for i, kp := range source.Secret.Items { - itemPath := itemsPath.Index(i) - allErrs = append(allErrs, validateKeyToPath(&kp, itemPath)...) - if len(kp.Path) > 0 { - curPath := kp.Path - if !allPaths.Has(curPath) { - allPaths.Insert(curPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, source.Secret.Name, "conflicting duplicate paths")) - } - } - } - } - if projPath := srcPath.Child("configMap"); source.ConfigMap != nil { - numSources++ - if len(source.ConfigMap.Name) == 0 { - allErrs = append(allErrs, field.Required(projPath.Child("name"), "")) - } - itemsPath := projPath.Child("items") - for i, kp := range source.ConfigMap.Items { - itemPath := itemsPath.Index(i) - allErrs = append(allErrs, validateKeyToPath(&kp, itemPath)...) - if len(kp.Path) > 0 { - curPath := kp.Path - if !allPaths.Has(curPath) { - allPaths.Insert(curPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, source.ConfigMap.Name, "conflicting duplicate paths")) - } - } - } - } - if projPath := srcPath.Child("downwardAPI"); source.DownwardAPI != nil { - numSources++ - for _, file := range source.DownwardAPI.Items { - allErrs = append(allErrs, validateDownwardAPIVolumeFile(&file, projPath, opts)...) - if len(file.Path) > 0 { - curPath := file.Path - if !allPaths.Has(curPath) { - allPaths.Insert(curPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, curPath, "conflicting duplicate paths")) - } - } - } - } - if projPath := srcPath.Child("serviceAccountToken"); source.ServiceAccountToken != nil { - numSources++ - if source.ServiceAccountToken.ExpirationSeconds < 10*60 { - allErrs = append(allErrs, field.Invalid(projPath.Child("expirationSeconds"), source.ServiceAccountToken.ExpirationSeconds, "may not specify a duration less than 10 minutes")) - } - if source.ServiceAccountToken.ExpirationSeconds > 1<<32 { - allErrs = append(allErrs, field.Invalid(projPath.Child("expirationSeconds"), source.ServiceAccountToken.ExpirationSeconds, "may not specify a duration larger than 2^32 seconds")) - } - if source.ServiceAccountToken.Path == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } else if !opts.AllowNonLocalProjectedTokenPath { - allErrs = append(allErrs, ValidateLocalNonReservedPath(source.ServiceAccountToken.Path, fldPath.Child("path"))...) - } - } - if projPath := srcPath.Child("clusterTrustBundle"); source.ClusterTrustBundle != nil { - numSources++ - - usingName := source.ClusterTrustBundle.Name != nil - usingSignerName := source.ClusterTrustBundle.SignerName != nil - - switch { - case usingName && usingSignerName: - allErrs = append(allErrs, field.Invalid(projPath, source.ClusterTrustBundle, "only one of name and signerName may be used")) - case usingName: - if *source.ClusterTrustBundle.Name == "" { - allErrs = append(allErrs, field.Required(projPath.Child("name"), "must be a valid object name")) - } - - name := *source.ClusterTrustBundle.Name - if signerName, ok := extractSignerNameFromClusterTrustBundleName(name); ok { - validationFunc := ValidateClusterTrustBundleName(signerName) - errMsgs := validationFunc(name, false) - for _, msg := range errMsgs { - allErrs = append(allErrs, field.Invalid(projPath.Child("name"), name, fmt.Sprintf("not a valid clustertrustbundlename: %v", msg))) - } - } else { - validationFunc := ValidateClusterTrustBundleName("") - errMsgs := validationFunc(name, false) - for _, msg := range errMsgs { - allErrs = append(allErrs, field.Invalid(projPath.Child("name"), name, fmt.Sprintf("not a valid clustertrustbundlename: %v", msg))) - } - } - - if source.ClusterTrustBundle.LabelSelector != nil { - allErrs = append(allErrs, field.Invalid(projPath.Child("labelSelector"), source.ClusterTrustBundle.LabelSelector, "labelSelector must be unset if name is specified")) - } - case usingSignerName: - if *source.ClusterTrustBundle.SignerName == "" { - allErrs = append(allErrs, field.Required(projPath.Child("signerName"), "must be a valid signer name")) - } - - allErrs = append(allErrs, ValidateSignerName(projPath.Child("signerName"), *source.ClusterTrustBundle.SignerName)...) - - labelSelectorErrs := unversionedvalidation.ValidateLabelSelector( - source.ClusterTrustBundle.LabelSelector, - unversionedvalidation.LabelSelectorValidationOptions{AllowInvalidLabelValueInSelector: false}, - projPath.Child("labelSelector"), - ) - allErrs = append(allErrs, labelSelectorErrs...) - - default: - allErrs = append(allErrs, field.Required(projPath, "either name or signerName must be specified")) - } - - if source.ClusterTrustBundle.Path == "" { - allErrs = append(allErrs, field.Required(projPath.Child("path"), "")) - } - - allErrs = append(allErrs, ValidateLocalNonReservedPath(source.ClusterTrustBundle.Path, projPath.Child("path"))...) - - curPath := source.ClusterTrustBundle.Path - if !allPaths.Has(curPath) { - allPaths.Insert(curPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, curPath, "conflicting duplicate paths")) - } - } - if projPath := srcPath.Child("podCertificate"); source.PodCertificate != nil { - numSources++ - - allErrs = append(allErrs, ValidateSignerName(projPath.Child("signerName"), source.PodCertificate.SignerName)...) - - if source.PodCertificate.UserAnnotations != nil { - userAnnotationsErrors := ValidateUserAnnotations(source.PodCertificate.UserAnnotations, projPath.Child("userAnnotations")) - allErrs = append(allErrs, userAnnotationsErrors...) - } - - switch source.PodCertificate.KeyType { - case "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", "ECDSAP521", "ED25519": - // ok - default: - allErrs = append(allErrs, field.NotSupported(projPath.Child("keyType"), source.PodCertificate.KeyType, []string{"RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", "ECDSAP521", "ED25519"})) - } - - if source.PodCertificate.MaxExpirationSeconds != nil { - if *source.PodCertificate.MaxExpirationSeconds < 3600 { - allErrs = append(allErrs, field.Invalid(projPath.Child("maxExpirationSeconds"), *source.PodCertificate.MaxExpirationSeconds, "if provided, maxExpirationSeconds must be >= 3600")) - } - maxMaxExpirationSeconds := certificates.MaxMaxExpirationSeconds - if IsKubernetesSignerName(source.PodCertificate.SignerName) { - maxMaxExpirationSeconds = certificates.KubernetesMaxMaxExpirationSeconds - } - if *source.PodCertificate.MaxExpirationSeconds > int32(maxMaxExpirationSeconds) { - allErrs = append(allErrs, field.Invalid(projPath.Child("maxExpirationSeconds"), *source.PodCertificate.MaxExpirationSeconds, fmt.Sprintf("if provided, maxExpirationSeconds must be <= %d", maxMaxExpirationSeconds))) - } - } - - numPaths := 0 - if len(source.PodCertificate.CredentialBundlePath) != 0 { - numPaths++ - // Credential bundle path must not be weird. - allErrs = append(allErrs, ValidateLocalNonReservedPath(source.PodCertificate.CredentialBundlePath, projPath.Child("credentialBundlePath"))...) - // Credential bundle path must not collide with a path from another source. - if !allPaths.Has(source.PodCertificate.CredentialBundlePath) { - allPaths.Insert(source.PodCertificate.CredentialBundlePath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, source.PodCertificate.CredentialBundlePath, "conflicting duplicate paths")) - } - } - - if len(source.PodCertificate.KeyPath) != 0 { - numPaths++ - allErrs = append(allErrs, ValidateLocalNonReservedPath(source.PodCertificate.KeyPath, projPath.Child("keyPath"))...) - if !allPaths.Has(source.PodCertificate.KeyPath) { - allPaths.Insert(source.PodCertificate.KeyPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, source.PodCertificate.KeyPath, "conflicting duplicate paths")) - } - - } - - if len(source.PodCertificate.CertificateChainPath) != 0 { - numPaths++ - allErrs = append(allErrs, ValidateLocalNonReservedPath(source.PodCertificate.CertificateChainPath, projPath.Child("certificateChainPath"))...) - if !allPaths.Has(source.PodCertificate.CertificateChainPath) { - allPaths.Insert(source.PodCertificate.CertificateChainPath) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, source.PodCertificate.CertificateChainPath, "conflicting duplicate paths")) - } - } - - if numPaths == 0 { - allErrs = append(allErrs, field.Required(projPath, "specify at least one of credentialBundlePath, keyPath, and certificateChainPath")) - } - } - if numSources > 1 { - allErrs = append(allErrs, field.Forbidden(srcPath, "may not specify more than 1 volume type per source")) - } - } - return allErrs -} - -func validateProjectedVolumeSource(projection *core.ProjectedVolumeSource, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - projectionMode := projection.DefaultMode - if projectionMode != nil && (*projectionMode > 0777 || *projectionMode < 0) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("defaultMode"), *projectionMode, fileModeErrorMsg)) - } - - allErrs = append(allErrs, validateProjectionSources(projection, projectionMode, fldPath, opts)...) - return allErrs -} - -var supportedHostPathTypes = sets.New( - core.HostPathUnset, - core.HostPathDirectoryOrCreate, - core.HostPathDirectory, - core.HostPathFileOrCreate, - core.HostPathFile, - core.HostPathSocket, - core.HostPathCharDev, - core.HostPathBlockDev) - -func validateHostPathType(hostPathType *core.HostPathType, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if hostPathType != nil && !supportedHostPathTypes.Has(*hostPathType) { - allErrs = append(allErrs, field.NotSupported(fldPath, hostPathType, sets.List(supportedHostPathTypes))) - } - - return allErrs -} - -// This validate will make sure targetPath: -// 1. is not abs path -// 2. does not have any element which is ".." -func validateLocalDescendingPath(targetPath string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if path.IsAbs(targetPath) { - allErrs = append(allErrs, field.Invalid(fldPath, targetPath, "must be a relative path")) - } - - allErrs = append(allErrs, validatePathNoBacksteps(targetPath, fldPath)...) - - return allErrs -} - -// validatePathNoBacksteps makes sure the targetPath does not have any `..` path elements when split -// -// This assumes the OS of the apiserver and the nodes are the same. The same check should be done -// on the node to ensure there are no backsteps. -func validatePathNoBacksteps(targetPath string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - parts := strings.Split(filepath.ToSlash(targetPath), "/") - for _, item := range parts { - if item == ".." { - allErrs = append(allErrs, field.Invalid(fldPath, targetPath, "must not contain '..'")) - break // even for `../../..`, one error is sufficient to make the point - } - } - return allErrs -} - -// validateMountPropagation verifies that MountPropagation field is valid and -// allowed for given container. -func validateMountPropagation(mountPropagation *core.MountPropagationMode, container *core.Container, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if mountPropagation == nil { - return allErrs - } - - supportedMountPropagations := sets.New( - core.MountPropagationBidirectional, - core.MountPropagationHostToContainer, - core.MountPropagationNone) - - if !supportedMountPropagations.Has(*mountPropagation) { - allErrs = append(allErrs, field.NotSupported(fldPath, *mountPropagation, sets.List(supportedMountPropagations))) - } - - if container == nil { - // The container is not available yet. - // Stop validation now, Pod validation will refuse final - // Pods with Bidirectional propagation in non-privileged containers. - return allErrs - } - - privileged := container.SecurityContext != nil && container.SecurityContext.Privileged != nil && *container.SecurityContext.Privileged - if *mountPropagation == core.MountPropagationBidirectional && !privileged { - allErrs = append(allErrs, field.Forbidden(fldPath, "Bidirectional mount propagation is available only to privileged containers")) - } - return allErrs -} - -// validateMountRecursiveReadOnly validates RecursiveReadOnly mounts. -func validateMountRecursiveReadOnly(mount core.VolumeMount, fldPath *field.Path) field.ErrorList { - if mount.RecursiveReadOnly == nil { - return nil - } - allErrs := field.ErrorList{} - switch *mount.RecursiveReadOnly { - case core.RecursiveReadOnlyDisabled: - // NOP - case core.RecursiveReadOnlyEnabled, core.RecursiveReadOnlyIfPossible: - if !mount.ReadOnly { - allErrs = append(allErrs, field.Forbidden(fldPath, "may only be specified when readOnly is true")) - } - if mount.MountPropagation != nil && *mount.MountPropagation != core.MountPropagationNone { - allErrs = append(allErrs, field.Forbidden(fldPath, "may only be specified when mountPropagation is None or not specified")) - } - default: - supportedRRO := sets.New( - core.RecursiveReadOnlyDisabled, - core.RecursiveReadOnlyIfPossible, - core.RecursiveReadOnlyEnabled) - allErrs = append(allErrs, field.NotSupported(fldPath, *mount.RecursiveReadOnly, sets.List(supportedRRO))) - } - return allErrs -} - -// ValidateLocalNonReservedPath makes sure targetPath: -// 1. is not abs path -// 2. does not contain any '..' elements -// 3. does not start with '..' -func ValidateLocalNonReservedPath(targetPath string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, validateLocalDescendingPath(targetPath, fldPath)...) - // Don't report this error if the check for .. elements already caught it. - if strings.HasPrefix(targetPath, "..") && !strings.HasPrefix(targetPath, "../") { - allErrs = append(allErrs, field.Invalid(fldPath, targetPath, "must not start with '..'")) - } - return allErrs -} - -func validateRBDVolumeSource(rbd *core.RBDVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(rbd.CephMonitors) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("monitors"), "")) - } - if len(rbd.RBDImage) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("image"), "")) - } - return allErrs -} - -func validateRBDPersistentVolumeSource(rbd *core.RBDPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(rbd.CephMonitors) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("monitors"), "")) - } - if len(rbd.RBDImage) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("image"), "")) - } - return allErrs -} - -func validateCinderVolumeSource(cd *core.CinderVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cd.VolumeID) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeID"), "")) - } - if cd.SecretRef != nil { - if len(cd.SecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "name"), "")) - } - } - return allErrs -} - -func validateCinderPersistentVolumeSource(cd *core.CinderPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cd.VolumeID) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeID"), "")) - } - if cd.SecretRef != nil { - if len(cd.SecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "name"), "")) - } - if len(cd.SecretRef.Namespace) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "namespace"), "")) - } - } - return allErrs -} - -func validateCephFSVolumeSource(cephfs *core.CephFSVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cephfs.Monitors) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("monitors"), "")) - } - return allErrs -} - -func validateCephFSPersistentVolumeSource(cephfs *core.CephFSPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cephfs.Monitors) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("monitors"), "")) - } - return allErrs -} - -func validateFlexVolumeSource(fv *core.FlexVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(fv.Driver) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("driver"), "")) - } - - // Make sure user-specified options don't use kubernetes namespaces - for k := range fv.Options { - namespace := k - if parts := strings.SplitN(k, "/", 2); len(parts) == 2 { - namespace = parts[0] - } - normalized := "." + strings.ToLower(namespace) - if strings.HasSuffix(normalized, ".kubernetes.io") || strings.HasSuffix(normalized, ".k8s.io") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("options").Key(k), k, "kubernetes.io and k8s.io namespaces are reserved")) - } - } - - return allErrs -} - -func validateFlexPersistentVolumeSource(fv *core.FlexPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(fv.Driver) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("driver"), "")) - } - - // Make sure user-specified options don't use kubernetes namespaces - for k := range fv.Options { - namespace := k - if parts := strings.SplitN(k, "/", 2); len(parts) == 2 { - namespace = parts[0] - } - normalized := "." + strings.ToLower(namespace) - if strings.HasSuffix(normalized, ".kubernetes.io") || strings.HasSuffix(normalized, ".k8s.io") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("options").Key(k), k, "kubernetes.io and k8s.io namespaces are reserved")) - } - } - - return allErrs -} - -func validateAzureFile(azure *core.AzureFileVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if azure.SecretName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("secretName"), "")) - } - if azure.ShareName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("shareName"), "")) - } - return allErrs -} - -func validateAzureFilePV(azure *core.AzureFilePersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if azure.SecretName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("secretName"), "")) - } - if azure.ShareName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("shareName"), "")) - } - if azure.SecretNamespace != nil { - if len(*azure.SecretNamespace) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretNamespace"), "")) - } - } - return allErrs -} - -func validateAzureDisk(azure *core.AzureDiskVolumeSource, fldPath *field.Path) field.ErrorList { - var supportedCachingModes = sets.New( - core.AzureDataDiskCachingNone, - core.AzureDataDiskCachingReadOnly, - core.AzureDataDiskCachingReadWrite) - - var supportedDiskKinds = sets.New( - core.AzureSharedBlobDisk, - core.AzureDedicatedBlobDisk, - core.AzureManagedDisk) - - diskURISupportedManaged := []string{"/subscriptions/{sub-id}/resourcegroups/{group-name}/providers/microsoft.compute/disks/{disk-id}"} - diskURISupportedblob := []string{"https://{account-name}.blob.core.windows.net/{container-name}/{disk-name}.vhd"} - - allErrs := field.ErrorList{} - if azure.DiskName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("diskName"), "")) - } - - if azure.DataDiskURI == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("diskURI"), "")) - } - - if azure.CachingMode != nil && !supportedCachingModes.Has(*azure.CachingMode) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("cachingMode"), *azure.CachingMode, sets.List(supportedCachingModes))) - } - - if azure.Kind != nil && !supportedDiskKinds.Has(*azure.Kind) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("kind"), *azure.Kind, sets.List(supportedDiskKinds))) - } - - // validate that DiskUri is the correct format - if azure.Kind != nil && *azure.Kind == core.AzureManagedDisk && strings.Index(azure.DataDiskURI, "/subscriptions/") != 0 { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("diskURI"), azure.DataDiskURI, diskURISupportedManaged)) - } - - if azure.Kind != nil && *azure.Kind != core.AzureManagedDisk && strings.Index(azure.DataDiskURI, "https://") != 0 { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("diskURI"), azure.DataDiskURI, diskURISupportedblob)) - } - - return allErrs -} - -func validateVsphereVolumeSource(cd *core.VsphereVirtualDiskVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cd.VolumePath) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumePath"), "")) - } - return allErrs -} - -func validatePhotonPersistentDiskVolumeSource(cd *core.PhotonPersistentDiskVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(cd.PdID) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("pdID"), "")) - } - return allErrs -} - -func validatePortworxVolumeSource(pwx *core.PortworxVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(pwx.VolumeID) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeID"), "")) - } - return allErrs -} - -func validateScaleIOVolumeSource(sio *core.ScaleIOVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if sio.Gateway == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("gateway"), "")) - } - if sio.System == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("system"), "")) - } - if sio.VolumeName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeName"), "")) - } - return allErrs -} - -func validateScaleIOPersistentVolumeSource(sio *core.ScaleIOPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if sio.Gateway == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("gateway"), "")) - } - if sio.System == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("system"), "")) - } - if sio.VolumeName == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeName"), "")) - } - return allErrs -} - -func validateLocalVolumeSource(ls *core.LocalVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if ls.Path == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - return allErrs - } - - allErrs = append(allErrs, validatePathNoBacksteps(ls.Path, fldPath.Child("path"))...) - return allErrs -} - -func validateStorageOSVolumeSource(storageos *core.StorageOSVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(storageos.VolumeName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeName"), "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(storageos.VolumeName, fldPath.Child("volumeName"))...) - } - if len(storageos.VolumeNamespace) > 0 { - allErrs = append(allErrs, ValidateDNS1123Label(storageos.VolumeNamespace, fldPath.Child("volumeNamespace"))...) - } - if storageos.SecretRef != nil { - if len(storageos.SecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "name"), "")) - } - } - return allErrs -} - -func validateStorageOSPersistentVolumeSource(storageos *core.StorageOSPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(storageos.VolumeName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeName"), "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(storageos.VolumeName, fldPath.Child("volumeName"))...) - } - if len(storageos.VolumeNamespace) > 0 { - allErrs = append(allErrs, ValidateDNS1123Label(storageos.VolumeNamespace, fldPath.Child("volumeNamespace"))...) - } - if storageos.SecretRef != nil { - if len(storageos.SecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "name"), "")) - } - if len(storageos.SecretRef.Namespace) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("secretRef", "namespace"), "")) - } - } - return allErrs -} - -// validatePVSecretReference check whether provided SecretReference object is valid in terms of secret name and namespace. - -func validatePVSecretReference(secretRef *core.SecretReference, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - if len(secretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Subdomain(secretRef.Name, fldPath.Child("name"))...) - } - - if len(secretRef.Namespace) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("namespace"), "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(secretRef.Namespace, fldPath.Child("namespace"))...) - } - return allErrs -} - -// ValidateCSIDriverNameOption is an option for ValidateCSIDriverName. -// These options are for marking if a validation error message is covered -// by declarative validation -type ValidateCSIDriverNameOption int - -const ( - // The required check is covered by declarative validation - RequiredCovered ValidateCSIDriverNameOption = iota - // The list size check is covered by declarative validation. - SizeCovered - // The format check is covered by declarative validation. - FormatCovered -) - -func ValidateCSIDriverName(driverName string, fldPath *field.Path, opts ...ValidateCSIDriverNameOption) field.ErrorList { - allErrs := field.ErrorList{} - - if len(driverName) == 0 { - err := field.Required(fldPath, "") - if slices.Contains(opts, RequiredCovered) { - err = err.MarkCoveredByDeclarative() - } - allErrs = append(allErrs, err) - return allErrs - } - - if len(driverName) > 63 { - err := field.TooLong(fldPath, "" /*unused*/, 63) - if slices.Contains(opts, SizeCovered) { - err = err.MarkCoveredByDeclarative() - } - allErrs = append(allErrs, err) - } - - for _, msg := range validation.IsDNS1123Subdomain(strings.ToLower(driverName)) { - err := field.Invalid(fldPath, driverName, msg) - if slices.Contains(opts, FormatCovered) { - err = err.WithOrigin("format=k8s-long-name-caseless").MarkCoveredByDeclarative() - } - allErrs = append(allErrs, err) - } - - return allErrs -} - -func validateCSIPersistentVolumeSource(csi *core.CSIPersistentVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - allErrs = append(allErrs, ValidateCSIDriverName(csi.Driver, fldPath.Child("driver"))...) - - if len(csi.VolumeHandle) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeHandle"), "")) - } - if csi.ControllerPublishSecretRef != nil { - allErrs = append(allErrs, validatePVSecretReference(csi.ControllerPublishSecretRef, fldPath.Child("controllerPublishSecretRef"))...) - } - if csi.ControllerExpandSecretRef != nil { - allErrs = append(allErrs, validatePVSecretReference(csi.ControllerExpandSecretRef, fldPath.Child("controllerExpandSecretRef"))...) - } - if csi.NodePublishSecretRef != nil { - allErrs = append(allErrs, validatePVSecretReference(csi.NodePublishSecretRef, fldPath.Child("nodePublishSecretRef"))...) - } - if csi.NodeExpandSecretRef != nil { - allErrs = append(allErrs, validatePVSecretReference(csi.NodeExpandSecretRef, fldPath.Child("nodeExpandSecretRef"))...) - } - return allErrs -} - -func validateCSIVolumeSource(csi *core.CSIVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateCSIDriverName(csi.Driver, fldPath.Child("driver"))...) - - if csi.NodePublishSecretRef != nil { - if len(csi.NodePublishSecretRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("nodePublishSecretRef", "name"), "")) - } else { - for _, msg := range ValidateSecretName(csi.NodePublishSecretRef.Name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), csi.NodePublishSecretRef.Name, msg)) - } - } - } - - return allErrs -} - -func validateEphemeralVolumeSource(ephemeral *core.EphemeralVolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if ephemeral.VolumeClaimTemplate == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeClaimTemplate"), "")) - } else { - opts := ValidationOptionsForPersistentVolumeClaimTemplate(ephemeral.VolumeClaimTemplate, nil) - allErrs = append(allErrs, ValidatePersistentVolumeClaimTemplate(ephemeral.VolumeClaimTemplate, fldPath.Child("volumeClaimTemplate"), opts)...) - } - return allErrs -} - -// ValidatePersistentVolumeClaimTemplate verifies that the embedded object meta and spec are valid. -// Checking of the object data is very minimal because only labels and annotations are used. -func ValidatePersistentVolumeClaimTemplate(claimTemplate *core.PersistentVolumeClaimTemplate, fldPath *field.Path, opts PersistentVolumeClaimSpecValidationOptions) field.ErrorList { - allErrs := ValidateTemplateObjectMeta(&claimTemplate.ObjectMeta, fldPath.Child("metadata")) - allErrs = append(allErrs, ValidatePersistentVolumeClaimSpec(&claimTemplate.Spec, fldPath.Child("spec"), opts)...) - return allErrs -} - -func ValidateTemplateObjectMeta(objMeta *metav1.ObjectMeta, fldPath *field.Path) field.ErrorList { - allErrs := apimachineryvalidation.ValidateAnnotations(objMeta.Annotations, fldPath.Child("annotations")) - allErrs = append(allErrs, unversionedvalidation.ValidateLabels(objMeta.Labels, fldPath.Child("labels"))...) - // All other fields are not supported and thus must not be set - // to avoid confusion. We could reject individual fields, - // but then adding a new one to ObjectMeta wouldn't be checked - // unless this code gets updated. Instead, we ensure that - // only allowed fields are set via reflection. - allErrs = append(allErrs, validateFieldAllowList(*objMeta, allowedTemplateObjectMetaFields, "cannot be set", fldPath)...) - return allErrs -} - -var allowedTemplateObjectMetaFields = map[string]bool{ - "Annotations": true, - "Labels": true, -} - -// PersistentVolumeSpecValidationOptions contains the different settings for PeristentVolume validation -type PersistentVolumeSpecValidationOptions struct { - // Allow users to modify the class of volume attributes - EnableVolumeAttributesClass bool - // Allow invalid label-value in RequiredNodeSelector - AllowInvalidLabelValueInRequiredNodeAffinity bool -} - -// ValidatePersistentVolumeName checks that a name is appropriate for a -// PersistentVolumeName object. -var ValidatePersistentVolumeName = apimachineryvalidation.NameIsDNSSubdomain - -var supportedAccessModes = sets.New( - core.ReadWriteOnce, - core.ReadOnlyMany, - core.ReadWriteMany, - core.ReadWriteOncePod) - -var supportedReclaimPolicy = sets.New( - core.PersistentVolumeReclaimDelete, - core.PersistentVolumeReclaimRecycle, - core.PersistentVolumeReclaimRetain) - -var supportedVolumeModes = sets.New(core.PersistentVolumeBlock, core.PersistentVolumeFilesystem) - -func ValidationOptionsForPersistentVolume(pv, oldPv *core.PersistentVolume) PersistentVolumeSpecValidationOptions { - opts := PersistentVolumeSpecValidationOptions{ - EnableVolumeAttributesClass: utilfeature.DefaultMutableFeatureGate.Enabled(features.VolumeAttributesClass), - AllowInvalidLabelValueInRequiredNodeAffinity: false, - } - if oldPv != nil && oldPv.Spec.VolumeAttributesClassName != nil { - opts.EnableVolumeAttributesClass = true - } - if oldPv != nil && oldPv.Spec.NodeAffinity != nil && - oldPv.Spec.NodeAffinity.Required != nil { - terms := oldPv.Spec.NodeAffinity.Required.NodeSelectorTerms - opts.AllowInvalidLabelValueInRequiredNodeAffinity = helper.HasInvalidLabelValueInNodeSelectorTerms(terms) - } - return opts -} - -func ValidatePersistentVolumeSpec(pvSpec *core.PersistentVolumeSpec, pvName string, validateInlinePersistentVolumeSpec bool, fldPath *field.Path, opts PersistentVolumeSpecValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if validateInlinePersistentVolumeSpec { - if pvSpec.ClaimRef != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("claimRef"), "may not be specified in the context of inline volumes")) - } - if len(pvSpec.Capacity) != 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("capacity"), "may not be specified in the context of inline volumes")) - } - if pvSpec.CSI == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("csi"), "has to be specified in the context of inline volumes")) - } - } - - if len(pvSpec.AccessModes) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("accessModes"), "")) - } - - foundReadWriteOncePod, foundNonReadWriteOncePod := false, false - for _, mode := range pvSpec.AccessModes { - if !supportedAccessModes.Has(mode) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("accessModes"), mode, sets.List(supportedAccessModes))) - } - - if mode == core.ReadWriteOncePod { - foundReadWriteOncePod = true - } else if supportedAccessModes.Has(mode) { - foundNonReadWriteOncePod = true - } - } - if foundReadWriteOncePod && foundNonReadWriteOncePod { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("accessModes"), "may not use ReadWriteOncePod with other access modes")) - } - - if !validateInlinePersistentVolumeSpec { - if len(pvSpec.Capacity) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("capacity"), "")) - } - - if _, ok := pvSpec.Capacity[core.ResourceStorage]; !ok || len(pvSpec.Capacity) > 1 { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("capacity"), pvSpec.Capacity, []core.ResourceName{core.ResourceStorage})) - } - capPath := fldPath.Child("capacity") - for r, qty := range pvSpec.Capacity { - allErrs = append(allErrs, validateBasicResource(qty, capPath.Key(string(r)))...) - allErrs = append(allErrs, ValidatePositiveQuantityValue(qty, capPath.Key(string(r)))...) - } - } - - if len(pvSpec.PersistentVolumeReclaimPolicy) > 0 { - if validateInlinePersistentVolumeSpec { - if pvSpec.PersistentVolumeReclaimPolicy != core.PersistentVolumeReclaimRetain { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("persistentVolumeReclaimPolicy"), "may only be "+string(core.PersistentVolumeReclaimRetain)+" in the context of inline volumes")) - } - } else { - if !supportedReclaimPolicy.Has(pvSpec.PersistentVolumeReclaimPolicy) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("persistentVolumeReclaimPolicy"), pvSpec.PersistentVolumeReclaimPolicy, sets.List(supportedReclaimPolicy))) - } - } - } - - var nodeAffinitySpecified bool - var errs field.ErrorList - if pvSpec.NodeAffinity != nil { - if validateInlinePersistentVolumeSpec { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nodeAffinity"), "may not be specified in the context of inline volumes")) - } else { - nodeAffinitySpecified, errs = validateVolumeNodeAffinity(pvSpec.NodeAffinity, opts, fldPath.Child("nodeAffinity")) - allErrs = append(allErrs, errs...) - } - } - numVolumes := 0 - if pvSpec.HostPath != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostPath"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateHostPathVolumeSource(pvSpec.HostPath, fldPath.Child("hostPath"))...) - } - } - if pvSpec.GCEPersistentDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("gcePersistentDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateGCEPersistentDiskVolumeSource(pvSpec.GCEPersistentDisk, fldPath.Child("persistentDisk"))...) - } - } - if pvSpec.AWSElasticBlockStore != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("awsElasticBlockStore"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateAWSElasticBlockStoreVolumeSource(pvSpec.AWSElasticBlockStore, fldPath.Child("awsElasticBlockStore"))...) - } - } - if pvSpec.Glusterfs != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("glusterfs"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateGlusterfsPersistentVolumeSource(pvSpec.Glusterfs, fldPath.Child("glusterfs"))...) - } - } - if pvSpec.Flocker != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("flocker"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateFlockerVolumeSource(pvSpec.Flocker, fldPath.Child("flocker"))...) - } - } - if pvSpec.NFS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nfs"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateNFSVolumeSource(pvSpec.NFS, fldPath.Child("nfs"))...) - } - } - if pvSpec.RBD != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("rbd"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateRBDPersistentVolumeSource(pvSpec.RBD, fldPath.Child("rbd"))...) - } - } - if pvSpec.Quobyte != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("quobyte"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateQuobyteVolumeSource(pvSpec.Quobyte, fldPath.Child("quobyte"))...) - } - } - if pvSpec.CephFS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("cephFS"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCephFSPersistentVolumeSource(pvSpec.CephFS, fldPath.Child("cephfs"))...) - } - } - if pvSpec.ISCSI != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("iscsi"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateISCSIPersistentVolumeSource(pvSpec.ISCSI, pvName, fldPath.Child("iscsi"))...) - } - } - if pvSpec.Cinder != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("cinder"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCinderPersistentVolumeSource(pvSpec.Cinder, fldPath.Child("cinder"))...) - } - } - if pvSpec.FC != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("fc"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateFCVolumeSource(pvSpec.FC, fldPath.Child("fc"))...) - } - } - if pvSpec.FlexVolume != nil { - numVolumes++ - allErrs = append(allErrs, validateFlexPersistentVolumeSource(pvSpec.FlexVolume, fldPath.Child("flexVolume"))...) - } - if pvSpec.AzureFile != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("azureFile"), "may not specify more than 1 volume type")) - - } else { - numVolumes++ - allErrs = append(allErrs, validateAzureFilePV(pvSpec.AzureFile, fldPath.Child("azureFile"))...) - } - } - - if pvSpec.VsphereVolume != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("vsphereVolume"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateVsphereVolumeSource(pvSpec.VsphereVolume, fldPath.Child("vsphereVolume"))...) - } - } - if pvSpec.PhotonPersistentDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("photonPersistentDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validatePhotonPersistentDiskVolumeSource(pvSpec.PhotonPersistentDisk, fldPath.Child("photonPersistentDisk"))...) - } - } - if pvSpec.PortworxVolume != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("portworxVolume"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validatePortworxVolumeSource(pvSpec.PortworxVolume, fldPath.Child("portworxVolume"))...) - } - } - if pvSpec.AzureDisk != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("azureDisk"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateAzureDisk(pvSpec.AzureDisk, fldPath.Child("azureDisk"))...) - } - } - if pvSpec.ScaleIO != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("scaleIO"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateScaleIOPersistentVolumeSource(pvSpec.ScaleIO, fldPath.Child("scaleIO"))...) - } - } - if pvSpec.Local != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("local"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateLocalVolumeSource(pvSpec.Local, fldPath.Child("local"))...) - // NodeAffinity is required - if !nodeAffinitySpecified { - allErrs = append(allErrs, field.Required(fldPath.Child("nodeAffinity"), "Local volume requires node affinity")) - } - } - } - if pvSpec.StorageOS != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("storageos"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateStorageOSPersistentVolumeSource(pvSpec.StorageOS, fldPath.Child("storageos"))...) - } - } - - if pvSpec.CSI != nil { - if numVolumes > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("csi"), "may not specify more than 1 volume type")) - } else { - numVolumes++ - allErrs = append(allErrs, validateCSIPersistentVolumeSource(pvSpec.CSI, fldPath.Child("csi"))...) - } - } - - if numVolumes == 0 { - allErrs = append(allErrs, field.Required(fldPath, "must specify a volume type")) - } - - // do not allow hostPath mounts of '/' to have a 'recycle' reclaim policy - if pvSpec.HostPath != nil && path.Clean(pvSpec.HostPath.Path) == "/" && pvSpec.PersistentVolumeReclaimPolicy == core.PersistentVolumeReclaimRecycle { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("persistentVolumeReclaimPolicy"), "may not be 'recycle' for a hostPath mount of '/'")) - } - - if len(pvSpec.StorageClassName) > 0 { - if validateInlinePersistentVolumeSpec { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("storageClassName"), "may not be specified in the context of inline volumes")) - } else { - for _, msg := range ValidateClassName(pvSpec.StorageClassName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("storageClassName"), pvSpec.StorageClassName, msg)) - } - } - } - if pvSpec.VolumeMode != nil { - if validateInlinePersistentVolumeSpec { - if *pvSpec.VolumeMode != core.PersistentVolumeFilesystem { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("volumeMode"), "may not specify volumeMode other than "+string(core.PersistentVolumeFilesystem)+" in the context of inline volumes")) - } - } else { - if !supportedVolumeModes.Has(*pvSpec.VolumeMode) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("volumeMode"), *pvSpec.VolumeMode, sets.List(supportedVolumeModes))) - } - } - } - if pvSpec.VolumeAttributesClassName != nil && opts.EnableVolumeAttributesClass { - if len(*pvSpec.VolumeAttributesClassName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeAttributesClassName"), "an empty string is disallowed")) - } else { - for _, msg := range ValidateClassName(*pvSpec.VolumeAttributesClassName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("volumeAttributesClassName"), *pvSpec.VolumeAttributesClassName, msg)) - } - } - if pvSpec.CSI == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("csi"), "has to be specified when using volumeAttributesClassName")) - } - } - return allErrs -} - -func ValidatePersistentVolume(pv *core.PersistentVolume, opts PersistentVolumeSpecValidationOptions) field.ErrorList { - metaPath := field.NewPath("metadata") - allErrs := ValidateObjectMeta(&pv.ObjectMeta, false, ValidatePersistentVolumeName, metaPath) - allErrs = append(allErrs, ValidatePersistentVolumeSpec(&pv.Spec, pv.ObjectMeta.Name, false, field.NewPath("spec"), opts)...) - return allErrs -} - -// ValidatePersistentVolumeUpdate tests to see if the update is legal for an end user to make. -// newPv is updated with fields that cannot be changed. -func ValidatePersistentVolumeUpdate(newPv, oldPv *core.PersistentVolume, opts PersistentVolumeSpecValidationOptions) field.ErrorList { - allErrs := ValidatePersistentVolume(newPv, opts) - - // if oldPV does not have ControllerExpandSecretRef then allow it to be set - if (oldPv.Spec.CSI != nil && oldPv.Spec.CSI.ControllerExpandSecretRef == nil) && - (newPv.Spec.CSI != nil && newPv.Spec.CSI.ControllerExpandSecretRef != nil) { - newPv = newPv.DeepCopy() - newPv.Spec.CSI.ControllerExpandSecretRef = nil - } - - // PersistentVolumeSource should be immutable after creation. - if !apiequality.Semantic.DeepEqual(newPv.Spec.PersistentVolumeSource, oldPv.Spec.PersistentVolumeSource) { - pvcSourceDiff := diff.Diff(oldPv.Spec.PersistentVolumeSource, newPv.Spec.PersistentVolumeSource) - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "persistentvolumesource"), fmt.Sprintf("spec.persistentvolumesource is immutable after creation\n%v", pvcSourceDiff))) - } - allErrs = append(allErrs, ValidateImmutableField(newPv.Spec.VolumeMode, oldPv.Spec.VolumeMode, field.NewPath("volumeMode"))...) - - // Allow setting NodeAffinity if oldPv NodeAffinity was not set - if !utilfeature.DefaultFeatureGate.Enabled(features.MutablePVNodeAffinity) && - oldPv.Spec.NodeAffinity != nil { - allErrs = append(allErrs, validatePvNodeAffinity(newPv.Spec.NodeAffinity, oldPv.Spec.NodeAffinity, field.NewPath("nodeAffinity"))...) - } - - if !apiequality.Semantic.DeepEqual(oldPv.Spec.VolumeAttributesClassName, newPv.Spec.VolumeAttributesClassName) { - if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "volumeAttributesClassName"), "update is forbidden when the VolumeAttributesClass feature gate is disabled")) - } - if opts.EnableVolumeAttributesClass { - if oldPv.Spec.VolumeAttributesClassName != nil && newPv.Spec.VolumeAttributesClassName == nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "volumeAttributesClassName"), "update from non-nil value to nil is forbidden")) - } - } - } - - return allErrs -} - -// ValidatePersistentVolumeStatusUpdate tests to see if the status update is legal for an end user to make. -func ValidatePersistentVolumeStatusUpdate(newPv, oldPv *core.PersistentVolume) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newPv.ObjectMeta, &oldPv.ObjectMeta, field.NewPath("metadata")) - if len(newPv.ResourceVersion) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("resourceVersion"), "")) - } - return allErrs -} - -type PersistentVolumeClaimSpecValidationOptions struct { - // Allow users to recover from previously failing expansion operation - EnableRecoverFromExpansionFailure bool - // Allow to validate the label value of the label selector - AllowInvalidLabelValueInSelector bool - // Allow to validate the API group of the data source and data source reference - AllowInvalidAPIGroupInDataSourceOrRef bool - // Allow users to modify the class of volume attributes - EnableVolumeAttributesClass bool -} - -func ValidationOptionsForPersistentVolumeClaimCreate() PersistentVolumeClaimSpecValidationOptions { - return PersistentVolumeClaimSpecValidationOptions{ - EnableRecoverFromExpansionFailure: utilfeature.DefaultFeatureGate.Enabled(features.RecoverVolumeExpansionFailure), - AllowInvalidLabelValueInSelector: false, - EnableVolumeAttributesClass: utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass), - } -} - -func ValidationOptionsForPersistentVolumeClaim(pvc, oldPvc *core.PersistentVolumeClaim) PersistentVolumeClaimSpecValidationOptions { - opts := ValidationOptionsForPersistentVolumeClaimCreate() - if oldPvc == nil { - // If there's no old PVC, use the options based solely on feature enablement - return opts - } - - // If the old object had an invalid API group in the data source or data source reference, continue to allow it in the new object - opts.AllowInvalidAPIGroupInDataSourceOrRef = allowInvalidAPIGroupInDataSourceOrRef(&oldPvc.Spec) - - if oldPvc.Spec.VolumeAttributesClassName != nil { - // If the old object had a volume attributes class, continue to validate it in the new object. - opts.EnableVolumeAttributesClass = true - } - - labelSelectorValidationOpts := unversionedvalidation.LabelSelectorValidationOptions{ - AllowInvalidLabelValueInSelector: opts.AllowInvalidLabelValueInSelector, - } - if len(unversionedvalidation.ValidateLabelSelector(oldPvc.Spec.Selector, labelSelectorValidationOpts, nil)) > 0 { - // If the old object had an invalid label selector, continue to allow it in the new object - opts.AllowInvalidLabelValueInSelector = true - } - - if helper.ClaimContainsAllocatedResources(oldPvc) || - helper.ClaimContainsAllocatedResourceStatus(oldPvc) { - opts.EnableRecoverFromExpansionFailure = true - } - return opts -} - -func ValidationOptionsForPersistentVolumeClaimTemplate(claimTemplate, oldClaimTemplate *core.PersistentVolumeClaimTemplate) PersistentVolumeClaimSpecValidationOptions { - opts := PersistentVolumeClaimSpecValidationOptions{ - AllowInvalidLabelValueInSelector: false, - EnableVolumeAttributesClass: utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass), - } - if oldClaimTemplate == nil { - // If there's no old PVC template, use the options based solely on feature enablement - return opts - } - labelSelectorValidationOpts := unversionedvalidation.LabelSelectorValidationOptions{ - AllowInvalidLabelValueInSelector: opts.AllowInvalidLabelValueInSelector, - } - if len(unversionedvalidation.ValidateLabelSelector(oldClaimTemplate.Spec.Selector, labelSelectorValidationOpts, nil)) > 0 { - // If the old object had an invalid label selector, continue to allow it in the new object - opts.AllowInvalidLabelValueInSelector = true - } - return opts -} - -// allowInvalidAPIGroupInDataSourceOrRef returns true if the spec contains a data source or data source reference with an API group -func allowInvalidAPIGroupInDataSourceOrRef(spec *core.PersistentVolumeClaimSpec) bool { - if spec.DataSource != nil && spec.DataSource.APIGroup != nil { - return true - } - if spec.DataSourceRef != nil && spec.DataSourceRef.APIGroup != nil { - return true - } - return false -} - -// ValidatePersistentVolumeClaim validates a PersistentVolumeClaim -func ValidatePersistentVolumeClaim(pvc *core.PersistentVolumeClaim, opts PersistentVolumeClaimSpecValidationOptions) field.ErrorList { - allErrs := ValidateObjectMeta(&pvc.ObjectMeta, true, ValidatePersistentVolumeName, field.NewPath("metadata")) - allErrs = append(allErrs, ValidatePersistentVolumeClaimSpec(&pvc.Spec, field.NewPath("spec"), opts)...) - return allErrs -} - -// validateDataSource validates a DataSource/DataSourceRef in a PersistentVolumeClaimSpec -func validateDataSource(dataSource *core.TypedLocalObjectReference, fldPath *field.Path, allowInvalidAPIGroupInDataSourceOrRef bool) field.ErrorList { - allErrs := field.ErrorList{} - - if len(dataSource.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } - if len(dataSource.Kind) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("kind"), "")) - } - apiGroup := "" - if dataSource.APIGroup != nil { - apiGroup = *dataSource.APIGroup - } - if len(apiGroup) == 0 && dataSource.Kind != "PersistentVolumeClaim" { - allErrs = append(allErrs, field.Invalid(fldPath, dataSource.Kind, "must be 'PersistentVolumeClaim' when referencing the default apiGroup")) - } - if len(apiGroup) > 0 && !allowInvalidAPIGroupInDataSourceOrRef { - for _, errString := range validation.IsDNS1123Subdomain(apiGroup) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("apiGroup"), apiGroup, errString)) - } - } - - return allErrs -} - -// validateDataSourceRef validates a DataSourceRef in a PersistentVolumeClaimSpec -func validateDataSourceRef(dataSourceRef *core.TypedObjectReference, fldPath *field.Path, allowInvalidAPIGroupInDataSourceOrRef bool) field.ErrorList { - allErrs := field.ErrorList{} - - if len(dataSourceRef.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } - if len(dataSourceRef.Kind) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("kind"), "")) - } - apiGroup := "" - if dataSourceRef.APIGroup != nil { - apiGroup = *dataSourceRef.APIGroup - } - if len(apiGroup) == 0 && dataSourceRef.Kind != "PersistentVolumeClaim" { - allErrs = append(allErrs, field.Invalid(fldPath, dataSourceRef.Kind, "must be 'PersistentVolumeClaim' when referencing the default apiGroup")) - } - if len(apiGroup) > 0 && !allowInvalidAPIGroupInDataSourceOrRef { - for _, errString := range validation.IsDNS1123Subdomain(apiGroup) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("apiGroup"), apiGroup, errString)) - } - } - - if dataSourceRef.Namespace != nil && len(*dataSourceRef.Namespace) > 0 { - for _, msg := range ValidateNameFunc(ValidateNamespaceName)(*dataSourceRef.Namespace, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("namespace"), *dataSourceRef.Namespace, msg)) - } - } - - return allErrs -} - -// ValidatePersistentVolumeClaimSpec validates a PersistentVolumeClaimSpec -func ValidatePersistentVolumeClaimSpec(spec *core.PersistentVolumeClaimSpec, fldPath *field.Path, opts PersistentVolumeClaimSpecValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if len(spec.AccessModes) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("accessModes"), "at least 1 access mode is required")) - } - if spec.Selector != nil { - labelSelectorValidationOpts := unversionedvalidation.LabelSelectorValidationOptions{ - AllowInvalidLabelValueInSelector: opts.AllowInvalidLabelValueInSelector, - } - allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(spec.Selector, labelSelectorValidationOpts, fldPath.Child("selector"))...) - } - - foundReadWriteOncePod, foundNonReadWriteOncePod := false, false - for _, mode := range spec.AccessModes { - if !supportedAccessModes.Has(mode) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("accessModes"), mode, sets.List(supportedAccessModes))) - } - - if mode == core.ReadWriteOncePod { - foundReadWriteOncePod = true - } else if supportedAccessModes.Has(mode) { - foundNonReadWriteOncePod = true - } - } - if foundReadWriteOncePod && foundNonReadWriteOncePod { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("accessModes"), "may not use ReadWriteOncePod with other access modes")) - } - - storageValue, ok := spec.Resources.Requests[core.ResourceStorage] - if !ok { - allErrs = append(allErrs, field.Required(fldPath.Child("resources").Key(string(core.ResourceStorage)), "")) - } else if errs := ValidatePositiveQuantityValue(storageValue, fldPath.Child("resources").Key(string(core.ResourceStorage))); len(errs) > 0 { - allErrs = append(allErrs, errs...) - } else { - allErrs = append(allErrs, ValidateResourceQuantityValue(core.ResourceStorage, storageValue, fldPath.Child("resources").Key(string(core.ResourceStorage)))...) - } - - if spec.StorageClassName != nil && len(*spec.StorageClassName) > 0 { - for _, msg := range ValidateClassName(*spec.StorageClassName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("storageClassName"), *spec.StorageClassName, msg)) - } - } - if spec.VolumeMode != nil && !supportedVolumeModes.Has(*spec.VolumeMode) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("volumeMode"), *spec.VolumeMode, sets.List(supportedVolumeModes))) - } - - if spec.DataSource != nil { - allErrs = append(allErrs, validateDataSource(spec.DataSource, fldPath.Child("dataSource"), opts.AllowInvalidAPIGroupInDataSourceOrRef)...) - } - if spec.DataSourceRef != nil { - allErrs = append(allErrs, validateDataSourceRef(spec.DataSourceRef, fldPath.Child("dataSourceRef"), opts.AllowInvalidAPIGroupInDataSourceOrRef)...) - } - if spec.DataSourceRef != nil && spec.DataSourceRef.Namespace != nil && len(*spec.DataSourceRef.Namespace) > 0 { - if spec.DataSource != nil { - allErrs = append(allErrs, field.Invalid(fldPath, fldPath.Child("dataSource"), - "may not be specified when dataSourceRef.namespace is specified")) - } - } else if spec.DataSource != nil && spec.DataSourceRef != nil { - if !isDataSourceEqualDataSourceRef(spec.DataSource, spec.DataSourceRef) { - allErrs = append(allErrs, field.Invalid(fldPath, fldPath.Child("dataSource"), - "must match dataSourceRef")) - } - } - if spec.VolumeAttributesClassName != nil && len(*spec.VolumeAttributesClassName) > 0 && opts.EnableVolumeAttributesClass { - for _, msg := range ValidateClassName(*spec.VolumeAttributesClassName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("volumeAttributesClassName"), *spec.VolumeAttributesClassName, msg)) - } - } - - return allErrs -} - -func isDataSourceEqualDataSourceRef(dataSource *core.TypedLocalObjectReference, dataSourceRef *core.TypedObjectReference) bool { - return reflect.DeepEqual(dataSource.APIGroup, dataSourceRef.APIGroup) && dataSource.Kind == dataSourceRef.Kind && dataSource.Name == dataSourceRef.Name -} - -// ValidatePersistentVolumeClaimUpdate validates an update to a PersistentVolumeClaim -func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *core.PersistentVolumeClaim, opts PersistentVolumeClaimSpecValidationOptions) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newPvc.ObjectMeta, &oldPvc.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidatePersistentVolumeClaim(newPvc, opts)...) - newPvcClone := newPvc.DeepCopy() - oldPvcClone := oldPvc.DeepCopy() - - // PVController needs to update PVC.Spec w/ VolumeName. - // Claims are immutable in order to enforce quota, range limits, etc. without gaming the system. - if len(oldPvc.Spec.VolumeName) == 0 { - // volumeName changes are allowed once. - oldPvcClone.Spec.VolumeName = newPvcClone.Spec.VolumeName // +k8s:verify-mutation:reason=clone - } - - if validateStorageClassUpgradeFromAnnotation(oldPvcClone.Annotations, newPvcClone.Annotations, - oldPvcClone.Spec.StorageClassName, newPvcClone.Spec.StorageClassName) { - newPvcClone.Spec.StorageClassName = nil - metav1.SetMetaDataAnnotation(&newPvcClone.ObjectMeta, core.BetaStorageClassAnnotation, oldPvcClone.Annotations[core.BetaStorageClassAnnotation]) - } else { - // storageclass annotation should be immutable after creation - // TODO: remove Beta when no longer needed - allErrs = append(allErrs, ValidateImmutableAnnotation(newPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], oldPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], v1.BetaStorageClassAnnotation, field.NewPath("metadata"))...) - - // If update from annotation to attribute failed we can attempt try to validate update from nil value. - if validateStorageClassUpgradeFromNil(oldPvc.Annotations, oldPvc.Spec.StorageClassName, newPvc.Spec.StorageClassName, opts) { - newPvcClone.Spec.StorageClassName = oldPvcClone.Spec.StorageClassName // +k8s:verify-mutation:reason=clone - } - // TODO: add a specific error with a hint that storage class name can not be changed - // (instead of letting spec comparison below return generic field forbidden error) - } - - // lets make sure storage values are same. - if newPvc.Status.Phase == core.ClaimBound && newPvcClone.Spec.Resources.Requests != nil { - newPvcClone.Spec.Resources.Requests["storage"] = oldPvc.Spec.Resources.Requests["storage"] // +k8s:verify-mutation:reason=clone - } - // lets make sure volume attributes class name is same. - if newPvc.Status.Phase == core.ClaimBound { - newPvcClone.Spec.VolumeAttributesClassName = oldPvcClone.Spec.VolumeAttributesClassName // +k8s:verify-mutation:reason=clone - } - - oldSize := oldPvc.Spec.Resources.Requests["storage"] - newSize := newPvc.Spec.Resources.Requests["storage"] - statusSize := oldPvc.Status.Capacity["storage"] - - if !apiequality.Semantic.DeepEqual(newPvcClone.Spec, oldPvcClone.Spec) { - specDiff := diff.Diff(oldPvcClone.Spec, newPvcClone.Spec) - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec"), fmt.Sprintf("spec is immutable after creation except resources.requests and volumeAttributesClassName for bound claims\n%v", specDiff))) - } - if newSize.Cmp(oldSize) < 0 { - if !opts.EnableRecoverFromExpansionFailure { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "resources", "requests", "storage"), "field can not be less than previous value")) - } else { - // This validation permits reducing pvc requested size up to capacity recorded in pvc.status - // so that users can recover from volume expansion failure, but Kubernetes does not actually - // support volume shrinking - if newSize.Cmp(statusSize) <= 0 { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "resources", "requests", "storage"), "field can not be less than status.capacity")) - } - } - } - - allErrs = append(allErrs, ValidateImmutableField(newPvc.Spec.VolumeMode, oldPvc.Spec.VolumeMode, field.NewPath("volumeMode"))...) - - if !apiequality.Semantic.DeepEqual(oldPvc.Spec.VolumeAttributesClassName, newPvc.Spec.VolumeAttributesClassName) { - if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "volumeAttributesClassName"), "update is forbidden when the VolumeAttributesClass feature gate is disabled")) - } - if opts.EnableVolumeAttributesClass { - // Forbid removing VAC once one is successfully applied. - if oldPvc.Status.CurrentVolumeAttributesClassName != nil { - if newPvc.Spec.VolumeAttributesClassName == nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "volumeAttributesClassName"), "update to nil is forbidden when status.currentVolumeAttributesClassName is not nil")) - } else if len(*newPvc.Spec.VolumeAttributesClassName) == 0 { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "volumeAttributesClassName"), "update to empty string is forbidden when status.currentVolumeAttributesClassName is not nil")) - } - } - } - } - - return allErrs -} - -// Provide an upgrade path from PVC with storage class specified in beta -// annotation to storage class specified in attribute. We allow update of -// StorageClassName only if following four conditions are met at the same time: -// 1. The old pvc's StorageClassAnnotation is set -// 2. The old pvc's StorageClassName is not set -// 3. The new pvc's StorageClassName is set and equal to the old value in annotation -// 4. If the new pvc's StorageClassAnnotation is set,it must be equal to the old pv/pvc's StorageClassAnnotation -func validateStorageClassUpgradeFromAnnotation(oldAnnotations, newAnnotations map[string]string, oldScName, newScName *string) bool { - oldSc, oldAnnotationExist := oldAnnotations[core.BetaStorageClassAnnotation] - newScInAnnotation, newAnnotationExist := newAnnotations[core.BetaStorageClassAnnotation] - return oldAnnotationExist /* condition 1 */ && - oldScName == nil /* condition 2*/ && - (newScName != nil && *newScName == oldSc) /* condition 3 */ && - (!newAnnotationExist || newScInAnnotation == oldSc) /* condition 4 */ -} - -// Provide an upgrade path from PVC with nil storage class. We allow update of -// StorageClassName only if following four conditions are met at the same time: -// 1. The new pvc's StorageClassName is not nil -// 2. The old pvc's StorageClassName is nil -// 3. The old pvc either does not have beta annotation set, or the beta annotation matches new pvc's StorageClassName -func validateStorageClassUpgradeFromNil(oldAnnotations map[string]string, oldScName, newScName *string, opts PersistentVolumeClaimSpecValidationOptions) bool { - oldAnnotation, oldAnnotationExist := oldAnnotations[core.BetaStorageClassAnnotation] - return newScName != nil /* condition 1 */ && - oldScName == nil /* condition 2 */ && - (!oldAnnotationExist || *newScName == oldAnnotation) /* condition 3 */ -} - -func validatePersistentVolumeClaimResourceKey(value string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsQualifiedName(value) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg)) - } - if len(allErrs) != 0 { - return allErrs - } - // For native resource names such as - either unprefixed names or with kubernetes.io prefix, - // only allowed value is storage - if helper.IsNativeResource(core.ResourceName(value)) { - if core.ResourceName(value) != core.ResourceStorage { - return append(allErrs, field.NotSupported(fldPath, value, []core.ResourceName{core.ResourceStorage})) - } - } - return allErrs -} - -var resizeStatusSet = sets.New(core.PersistentVolumeClaimControllerResizeInProgress, - core.PersistentVolumeClaimControllerResizeInfeasible, - core.PersistentVolumeClaimNodeResizePending, - core.PersistentVolumeClaimNodeResizeInProgress, - core.PersistentVolumeClaimNodeResizeInfeasible) - -// ValidatePersistentVolumeClaimStatusUpdate validates an update to status of a PersistentVolumeClaim -func ValidatePersistentVolumeClaimStatusUpdate(newPvc, oldPvc *core.PersistentVolumeClaim, validationOpts PersistentVolumeClaimSpecValidationOptions) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newPvc.ObjectMeta, &oldPvc.ObjectMeta, field.NewPath("metadata")) - if len(newPvc.ResourceVersion) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("resourceVersion"), "")) - } - if len(newPvc.Spec.AccessModes) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("Spec", "accessModes"), "")) - } - - capPath := field.NewPath("status", "capacity") - for r, qty := range newPvc.Status.Capacity { - allErrs = append(allErrs, validateBasicResource(qty, capPath.Key(string(r)))...) - } - if validationOpts.EnableRecoverFromExpansionFailure { - resizeStatusPath := field.NewPath("status", "allocatedResourceStatuses") - if newPvc.Status.AllocatedResourceStatuses != nil { - resizeStatus := newPvc.Status.AllocatedResourceStatuses - for k, v := range resizeStatus { - if errs := validatePersistentVolumeClaimResourceKey(k.String(), resizeStatusPath); len(errs) > 0 { - allErrs = append(allErrs, errs...) - } - if !resizeStatusSet.Has(v) { - allErrs = append(allErrs, field.NotSupported(resizeStatusPath, k, sets.List(resizeStatusSet))) - continue - } - } - } - allocPath := field.NewPath("status", "allocatedResources") - for r, qty := range newPvc.Status.AllocatedResources { - if errs := validatePersistentVolumeClaimResourceKey(r.String(), allocPath); len(errs) > 0 { - allErrs = append(allErrs, errs...) - continue - } - - if errs := validateBasicResource(qty, allocPath.Key(string(r))); len(errs) > 0 { - allErrs = append(allErrs, errs...) - } else { - allErrs = append(allErrs, ValidateResourceQuantityValue(core.ResourceStorage, qty, allocPath.Key(string(r)))...) - } - } - } - return allErrs -} - -var supportedPortProtocols = sets.New( - core.ProtocolTCP, - core.ProtocolUDP, - core.ProtocolSCTP) - -func validateContainerPorts(ports []core.ContainerPort, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - allNames := sets.Set[string]{} - for i, port := range ports { - idxPath := fldPath.Index(i) - if len(port.Name) > 0 { - if msgs := validation.IsValidPortName(port.Name); len(msgs) != 0 { - for i = range msgs { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), port.Name, msgs[i])) - } - } else if allNames.Has(port.Name) { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("name"), port.Name)) - } else { - allNames.Insert(port.Name) - } - } - if port.ContainerPort == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("containerPort"), "")) - } else { - for _, msg := range validation.IsValidPortNum(int(port.ContainerPort)) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("containerPort"), port.ContainerPort, msg)) - } - } - if port.HostPort != 0 { - for _, msg := range validation.IsValidPortNum(int(port.HostPort)) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("hostPort"), port.HostPort, msg)) - } - } - if len(port.Protocol) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("protocol"), "")) - } else if !supportedPortProtocols.Has(port.Protocol) { - allErrs = append(allErrs, field.NotSupported(idxPath.Child("protocol"), port.Protocol, sets.List(supportedPortProtocols))) - } - } - return allErrs -} - -// ValidateEnv validates env vars -func ValidateEnv(vars []core.EnvVar, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - for i, ev := range vars { - idxPath := fldPath.Index(i) - if len(ev.Name) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("name"), "")) - } else { - if opts.AllowRelaxedEnvironmentVariableValidation { - for _, msg := range validation.IsRelaxedEnvVarName(ev.Name) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), ev.Name, msg)) - } - } else { - for _, msg := range validation.IsEnvVarName(ev.Name) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), ev.Name, msg)) - } - } - } - allErrs = append(allErrs, validateEnvVarValueFrom(ev, idxPath.Child("valueFrom"), opts)...) - } - return allErrs -} - -var validEnvDownwardAPIFieldPathExpressions = sets.New( - "metadata.name", - "metadata.namespace", - "metadata.uid", - "spec.nodeName", - "spec.serviceAccountName", - "status.hostIP", - "status.hostIPs", - "status.podIP", - "status.podIPs", -) - -var validContainerResourceFieldPathExpressions = sets.New( - "limits.cpu", - "limits.memory", - "limits.ephemeral-storage", - "requests.cpu", - "requests.memory", - "requests.ephemeral-storage", -) - -var validContainerResourceFieldPathPrefixesWithDownwardAPIHugePages = sets.New(hugepagesRequestsPrefixDownwardAPI, hugepagesLimitsPrefixDownwardAPI) - -const hugepagesRequestsPrefixDownwardAPI string = `requests.hugepages-` -const hugepagesLimitsPrefixDownwardAPI string = `limits.hugepages-` - -func validateEnvVarValueFrom(ev core.EnvVar, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if ev.ValueFrom == nil { - return allErrs - } - - numSources := 0 - - if ev.ValueFrom.FieldRef != nil { - numSources++ - allErrs = append(allErrs, validateObjectFieldSelector(ev.ValueFrom.FieldRef, &validEnvDownwardAPIFieldPathExpressions, fldPath.Child("fieldRef"))...) - } - if ev.ValueFrom.ResourceFieldRef != nil { - numSources++ - localValidContainerResourceFieldPathPrefixes := validContainerResourceFieldPathPrefixesWithDownwardAPIHugePages - allErrs = append(allErrs, validateContainerResourceFieldSelector(ev.ValueFrom.ResourceFieldRef, &validContainerResourceFieldPathExpressions, &localValidContainerResourceFieldPathPrefixes, fldPath.Child("resourceFieldRef"), false)...) - } - if ev.ValueFrom.ConfigMapKeyRef != nil { - numSources++ - allErrs = append(allErrs, validateConfigMapKeySelector(ev.ValueFrom.ConfigMapKeyRef, fldPath.Child("configMapKeyRef"))...) - } - if ev.ValueFrom.SecretKeyRef != nil { - numSources++ - allErrs = append(allErrs, validateSecretKeySelector(ev.ValueFrom.SecretKeyRef, fldPath.Child("secretKeyRef"))...) - } - - if ev.ValueFrom.FileKeyRef != nil { - numSources++ - allErrs = append(allErrs, validateFileKeySelector(ev.ValueFrom.FileKeyRef, fldPath.Child("fileKeyRef"))...) - } - - if numSources == 0 { - if opts.AllowEnvFilesValidation { - allErrs = append(allErrs, field.Invalid(fldPath, "", "must specify one of: `fieldRef`, `resourceFieldRef`, `configMapKeyRef`, `secretKeyRef` or `fileKeyRef`")) - } else { - allErrs = append(allErrs, field.Invalid(fldPath, "", "must specify one of: `fieldRef`, `resourceFieldRef`, `configMapKeyRef` or `secretKeyRef`")) - } - } else if len(ev.Value) != 0 { - if numSources != 0 { - allErrs = append(allErrs, field.Invalid(fldPath, "", "may not be specified when `value` is not empty")) - } - } else if numSources > 1 { - allErrs = append(allErrs, field.Invalid(fldPath, "", "may not have more than one field specified at a time")) - } - - return allErrs -} - -func validateObjectFieldSelector(fs *core.ObjectFieldSelector, expressions *sets.Set[string], fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if len(fs.APIVersion) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("apiVersion"), "")) - return allErrs - } - if len(fs.FieldPath) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("fieldPath"), "")) - return allErrs - } - - internalFieldPath, _, err := podshelper.ConvertDownwardAPIFieldLabel(fs.APIVersion, fs.FieldPath, "") - if err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("fieldPath"), fs.FieldPath, fmt.Sprintf("error converting fieldPath: %v", err))) - return allErrs - } - - if path, subscript, ok := fieldpath.SplitMaybeSubscriptedPath(internalFieldPath); ok { - switch path { - case "metadata.annotations": - allErrs = append(allErrs, ValidateQualifiedName(strings.ToLower(subscript), fldPath)...) - case "metadata.labels": - allErrs = append(allErrs, ValidateQualifiedName(subscript, fldPath)...) - default: - allErrs = append(allErrs, field.Invalid(fldPath, path, "does not support subscript")) - } - } else if !expressions.Has(path) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("fieldPath"), path, sets.List(*expressions))) - return allErrs - } - - return allErrs -} - -func validateContainerResourceFieldSelector(fs *core.ResourceFieldSelector, expressions *sets.Set[string], prefixes *sets.Set[string], fldPath *field.Path, volume bool) field.ErrorList { - allErrs := field.ErrorList{} - - if volume && len(fs.ContainerName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("containerName"), "")) - } else if len(fs.Resource) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("resource"), "")) - } else if !expressions.Has(fs.Resource) { - // check if the prefix is present - foundPrefix := false - if prefixes != nil { - for _, prefix := range sets.List(*prefixes) { - if strings.HasPrefix(fs.Resource, prefix) { - foundPrefix = true - } - } - } - if !foundPrefix { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("resource"), fs.Resource, sets.List(*expressions))) - } - } - allErrs = append(allErrs, validateContainerResourceDivisor(fs.Resource, fs.Divisor, fldPath)...) - return allErrs -} - -func ValidateEnvFrom(vars []core.EnvFromSource, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - for i, ev := range vars { - idxPath := fldPath.Index(i) - if len(ev.Prefix) > 0 { - if opts.AllowRelaxedEnvironmentVariableValidation { - for _, msg := range validation.IsRelaxedEnvVarName(ev.Prefix) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("prefix"), ev.Prefix, msg)) - } - } else { - for _, msg := range validation.IsEnvVarName(ev.Prefix) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("prefix"), ev.Prefix, msg)) - } - } - } - - numSources := 0 - if ev.ConfigMapRef != nil { - numSources++ - allErrs = append(allErrs, validateConfigMapEnvSource(ev.ConfigMapRef, idxPath.Child("configMapRef"))...) - } - if ev.SecretRef != nil { - numSources++ - allErrs = append(allErrs, validateSecretEnvSource(ev.SecretRef, idxPath.Child("secretRef"))...) - } - - if numSources == 0 { - allErrs = append(allErrs, field.Invalid(fldPath, "", "must specify one of: `configMapRef` or `secretRef`")) - } else if numSources > 1 { - allErrs = append(allErrs, field.Invalid(fldPath, "", "may not have more than one field specified at a time")) - } - } - return allErrs -} - -func validateConfigMapEnvSource(configMapSource *core.ConfigMapEnvSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(configMapSource.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else { - for _, msg := range ValidateConfigMapName(configMapSource.Name, true) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), configMapSource.Name, msg)) - } - } - return allErrs -} - -func validateSecretEnvSource(secretSource *core.SecretEnvSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(secretSource.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else { - for _, msg := range ValidateSecretName(secretSource.Name, true) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), secretSource.Name, msg)) - } - } - return allErrs -} - -var validContainerResourceDivisorForCPU = sets.New("1m", "1") -var validContainerResourceDivisorForMemory = sets.New( - "1", - "1k", "1M", "1G", "1T", "1P", "1E", - "1Ki", "1Mi", "1Gi", "1Ti", "1Pi", "1Ei") -var validContainerResourceDivisorForHugePages = sets.New( - "1", - "1k", "1M", "1G", "1T", "1P", "1E", - "1Ki", "1Mi", "1Gi", "1Ti", "1Pi", "1Ei") -var validContainerResourceDivisorForEphemeralStorage = sets.New( - "1", - "1k", "1M", "1G", "1T", "1P", "1E", - "1Ki", "1Mi", "1Gi", "1Ti", "1Pi", "1Ei") - -func validateContainerResourceDivisor(rName string, divisor resource.Quantity, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - unsetDivisor := resource.Quantity{} - if unsetDivisor.Cmp(divisor) == 0 { - return allErrs - } - switch rName { - case "limits.cpu", "requests.cpu": - if !validContainerResourceDivisorForCPU.Has(divisor.String()) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("divisor"), rName, "only divisor's values 1m and 1 are supported with the cpu resource")) - } - case "limits.memory", "requests.memory": - if !validContainerResourceDivisorForMemory.Has(divisor.String()) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("divisor"), rName, "only divisor's values 1, 1k, 1M, 1G, 1T, 1P, 1E, 1Ki, 1Mi, 1Gi, 1Ti, 1Pi, 1Ei are supported with the memory resource")) - } - case "limits.ephemeral-storage", "requests.ephemeral-storage": - if !validContainerResourceDivisorForEphemeralStorage.Has(divisor.String()) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("divisor"), rName, "only divisor's values 1, 1k, 1M, 1G, 1T, 1P, 1E, 1Ki, 1Mi, 1Gi, 1Ti, 1Pi, 1Ei are supported with the local ephemeral storage resource")) - } - } - if strings.HasPrefix(rName, hugepagesRequestsPrefixDownwardAPI) || strings.HasPrefix(rName, hugepagesLimitsPrefixDownwardAPI) { - if !validContainerResourceDivisorForHugePages.Has(divisor.String()) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("divisor"), rName, "only divisor's values 1, 1k, 1M, 1G, 1T, 1P, 1E, 1Ki, 1Mi, 1Gi, 1Ti, 1Pi, 1Ei are supported with the hugepages resource")) - } - } - return allErrs -} - -func validateConfigMapKeySelector(s *core.ConfigMapKeySelector, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - nameFn := ValidateNameFunc(ValidateSecretName) - for _, msg := range nameFn(s.Name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), s.Name, msg)) - } - if len(s.Key) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("key"), "")) - } else { - for _, msg := range validation.IsConfigMapKey(s.Key) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("key"), s.Key, msg)) - } - } - - return allErrs -} - -func validateSecretKeySelector(s *core.SecretKeySelector, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - nameFn := ValidateNameFunc(ValidateSecretName) - for _, msg := range nameFn(s.Name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), s.Name, msg)) - } - if len(s.Key) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("key"), "")) - } else { - for _, msg := range validation.IsConfigMapKey(s.Key) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("key"), s.Key, msg)) - } - } - - return allErrs -} - -func validateFileKeySelector(s *core.FileKeySelector, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - // The Key field must be non-empty and must be a valid environment variable name. - if len(s.Key) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("key"), "")) - } else { - for _, msg := range validation.IsRelaxedEnvVarName(s.Key) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("key"), s.Key, msg)) - } - } - - // The VolumeName field must be non-empty and must be a valid DNS1123 label. - if len(s.VolumeName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("volumeName"), "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(s.VolumeName, fldPath.Child("volumeName"))...) - } - - // The Path field must be non-empty and must not contain backsteps (".."). - if len(s.Path) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("path"), "")) - } else { - allErrs = append(allErrs, validatePathNoBacksteps(s.Path, fldPath.Child("path"))...) - } - - return allErrs -} - -func GetVolumeMountMap(mounts []core.VolumeMount) map[string]string { - volmounts := make(map[string]string) - - for _, mnt := range mounts { - volmounts[mnt.Name] = mnt.MountPath - } - - return volmounts -} - -func GetVolumeDeviceMap(devices []core.VolumeDevice) map[string]string { - volDevices := make(map[string]string) - - for _, dev := range devices { - volDevices[dev.Name] = dev.DevicePath - } - - return volDevices -} - -func ValidateVolumeMounts(mounts []core.VolumeMount, voldevices map[string]string, volumes map[string]core.VolumeSource, container *core.Container, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - mountpoints := sets.New[string]() - - for i, mnt := range mounts { - idxPath := fldPath.Index(i) - if len(mnt.Name) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("name"), "")) - } - if !IsMatchedVolume(mnt.Name, volumes) { - allErrs = append(allErrs, field.NotFound(idxPath.Child("name"), mnt.Name)) - } - if len(mnt.MountPath) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("mountPath"), "")) - } - if mountpoints.Has(mnt.MountPath) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("mountPath"), mnt.MountPath, "must be unique")) - } - mountpoints.Insert(mnt.MountPath) - - // check for overlap with VolumeDevice - if mountNameAlreadyExists(mnt.Name, voldevices) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), mnt.Name, "must not already exist in volumeDevices")) - } - if mountPathAlreadyExists(mnt.MountPath, voldevices) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("mountPath"), mnt.MountPath, "must not already exist as a path in volumeDevices")) - } - - if len(mnt.SubPath) > 0 { - allErrs = append(allErrs, validateLocalDescendingPath(mnt.SubPath, fldPath.Child("subPath"))...) - } - - if len(mnt.SubPathExpr) > 0 { - if len(mnt.SubPath) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("subPathExpr"), mnt.SubPathExpr, "subPathExpr and subPath are mutually exclusive")) - } - - allErrs = append(allErrs, validateLocalDescendingPath(mnt.SubPathExpr, fldPath.Child("subPathExpr"))...) - } - - if mnt.MountPropagation != nil { - allErrs = append(allErrs, validateMountPropagation(mnt.MountPropagation, container, fldPath.Child("mountPropagation"))...) - } - allErrs = append(allErrs, validateMountRecursiveReadOnly(mnt, fldPath.Child("recursiveReadOnly"))...) - } - return allErrs -} - -func ValidateVolumeDevices(devices []core.VolumeDevice, volmounts map[string]string, volumes map[string]core.VolumeSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - devicepath := sets.New[string]() - devicename := sets.New[string]() - - for i, dev := range devices { - idxPath := fldPath.Index(i) - devName := dev.Name - devPath := dev.DevicePath - didMatch, isPVC := isMatchedDevice(devName, volumes) - if len(devName) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("name"), "")) - } - if devicename.Has(devName) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), devName, "must be unique")) - } - // Must be based on PersistentVolumeClaim (PVC reference or generic ephemeral inline volume) - if didMatch && !isPVC { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), devName, "can only use volume source type of PersistentVolumeClaim or Ephemeral for block mode")) - } - if !didMatch { - allErrs = append(allErrs, field.NotFound(idxPath.Child("name"), devName)) - } - if len(devPath) == 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("devicePath"), "")) - } - if devicepath.Has(devPath) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("devicePath"), devPath, "must be unique")) - } - if len(devPath) > 0 && len(validatePathNoBacksteps(devPath, fldPath.Child("devicePath"))) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("devicePath"), devPath, "can not contain backsteps ('..')")) - } else { - devicepath.Insert(devPath) - } - // check for overlap with VolumeMount - if deviceNameAlreadyExists(devName, volmounts) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), devName, "must not already exist in volumeMounts")) - } - if devicePathAlreadyExists(devPath, volmounts) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("devicePath"), devPath, "must not already exist as a path in volumeMounts")) - } - if len(devName) > 0 { - devicename.Insert(devName) - } - } - return allErrs -} - -func validatePodResourceClaims(podMeta *metav1.ObjectMeta, claims []core.PodResourceClaim, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - podClaimNames := sets.New[string]() - for i, claim := range claims { - allErrs = append(allErrs, validatePodResourceClaim(podMeta, claim, &podClaimNames, fldPath.Index(i))...) - } - return allErrs -} - -// gatherPodResourceClaimNames returns a set of all non-empty -// PodResourceClaim.Name values. Validation that those names are valid is -// handled by validatePodResourceClaims. -func gatherPodResourceClaimNames(claims []core.PodResourceClaim) sets.Set[string] { - podClaimNames := sets.Set[string]{} - for _, claim := range claims { - if claim.Name != "" { - podClaimNames.Insert(claim.Name) - } - } - return podClaimNames -} - -func validatePodResourceClaim(podMeta *metav1.ObjectMeta, claim core.PodResourceClaim, podClaimNames *sets.Set[string], fldPath *field.Path) field.ErrorList { - // static pods don't support resource claims - if podMeta != nil { - if _, ok := podMeta.Annotations[core.MirrorPodAnnotationKey]; ok { - return field.ErrorList{field.Forbidden(field.NewPath(""), "static pods do not support resource claims")} - } - } - - var allErrs field.ErrorList - if claim.Name == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else if podClaimNames.Has(claim.Name) { - allErrs = append(allErrs, field.Duplicate(fldPath.Child("name"), claim.Name)) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(claim.Name, fldPath.Child("name"))...) - podClaimNames.Insert(claim.Name) - } - if claim.ResourceClaimName != nil && claim.ResourceClaimTemplateName != nil { - allErrs = append(allErrs, field.Invalid(fldPath, claim, "at most one of `resourceClaimName` or `resourceClaimTemplateName` may be specified")) - } - if claim.ResourceClaimName == nil && claim.ResourceClaimTemplateName == nil { - allErrs = append(allErrs, field.Invalid(fldPath, claim, "must specify one of: `resourceClaimName`, `resourceClaimTemplateName`")) - } - if claim.ResourceClaimName != nil { - for _, detail := range ValidateResourceClaimName(*claim.ResourceClaimName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("resourceClaimName"), *claim.ResourceClaimName, detail)) - } - } - if claim.ResourceClaimTemplateName != nil { - for _, detail := range ValidateResourceClaimTemplateName(*claim.ResourceClaimTemplateName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("resourceClaimTemplateName"), *claim.ResourceClaimTemplateName, detail)) - } - } - return allErrs -} - -func validateLivenessProbe(probe *core.Probe, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if probe == nil { - return allErrs - } - allErrs = append(allErrs, validateProbe(probe, gracePeriod, fldPath, opts)...) - if probe.SuccessThreshold != 1 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("successThreshold"), probe.SuccessThreshold, "must be 1")) - } - return allErrs -} - -func validateReadinessProbe(probe *core.Probe, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if probe == nil { - return allErrs - } - allErrs = append(allErrs, validateProbe(probe, gracePeriod, fldPath, opts)...) - if probe.TerminationGracePeriodSeconds != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("terminationGracePeriodSeconds"), probe.TerminationGracePeriodSeconds, "must not be set for readinessProbes")) - } - return allErrs -} - -func validateStartupProbe(probe *core.Probe, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if probe == nil { - return allErrs - } - allErrs = append(allErrs, validateProbe(probe, gracePeriod, fldPath, opts)...) - if probe.SuccessThreshold != 1 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("successThreshold"), probe.SuccessThreshold, "must be 1")) - } - return allErrs -} - -func validateProbe(probe *core.Probe, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if probe == nil { - return allErrs - } - allErrs = append(allErrs, validateHandler(handlerFromProbe(&probe.ProbeHandler), gracePeriod, fldPath, opts)...) - - allErrs = append(allErrs, ValidateNonnegativeField(int64(probe.InitialDelaySeconds), fldPath.Child("initialDelaySeconds"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(probe.TimeoutSeconds), fldPath.Child("timeoutSeconds"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(probe.PeriodSeconds), fldPath.Child("periodSeconds"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(probe.SuccessThreshold), fldPath.Child("successThreshold"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(probe.FailureThreshold), fldPath.Child("failureThreshold"))...) - if probe.TerminationGracePeriodSeconds != nil && *probe.TerminationGracePeriodSeconds <= 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("terminationGracePeriodSeconds"), *probe.TerminationGracePeriodSeconds, "must be greater than 0")) - } - return allErrs -} - -func validateInitContainerRestartPolicy(restartPolicy *core.ContainerRestartPolicy, restartRules []core.ContainerRestartRule, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - var allErrors field.ErrorList - - if restartPolicy == nil { - if len(restartRules) > 0 { - allErrors = append(allErrors, field.Required(fldPath.Child("restartPolicy"), "must specify restartPolicy when restart rules are used")) - } - return allErrors - } - if opts.AllowContainerRestartPolicyRules { - switch *restartPolicy { - case core.ContainerRestartPolicyAlways: - if opts.AllowRestartAllContainers { - allErrors = append(allErrors, validateContainerRestartPolicy(restartPolicy, restartRules, fldPath, opts)...) - } else if len(restartRules) > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("restartPolicyRules"), "restartPolicyRules are not allowed for init containers with restart policy Always")) - } - default: - allErrors = append(allErrors, validateContainerRestartPolicy(restartPolicy, restartRules, fldPath, opts)...) - } - } else { - switch *restartPolicy { - case core.ContainerRestartPolicyAlways: - break - default: - validValues := []core.ContainerRestartPolicy{core.ContainerRestartPolicyAlways} - allErrors = append(allErrors, field.NotSupported(fldPath.Child("restartPolicy"), *restartPolicy, validValues)) - } - } - - return allErrors -} - -type commonHandler struct { - Exec *core.ExecAction - HTTPGet *core.HTTPGetAction - TCPSocket *core.TCPSocketAction - GRPC *core.GRPCAction - Sleep *core.SleepAction -} - -func handlerFromProbe(ph *core.ProbeHandler) commonHandler { - return commonHandler{ - Exec: ph.Exec, - HTTPGet: ph.HTTPGet, - TCPSocket: ph.TCPSocket, - GRPC: ph.GRPC, - } -} - -func handlerFromLifecycle(lh *core.LifecycleHandler) commonHandler { - return commonHandler{ - Exec: lh.Exec, - HTTPGet: lh.HTTPGet, - TCPSocket: lh.TCPSocket, - Sleep: lh.Sleep, - } -} - -func validateSleepAction(sleep *core.SleepAction, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrors := field.ErrorList{} - // We allow gracePeriod to be nil here because the pod in which this SleepAction - // is defined might have an invalid grace period defined, and we don't want to - // flag another error here when the real problem will already be flagged. - if opts.AllowPodLifecycleSleepActionZeroValue { - if gracePeriod != nil && (sleep.Seconds < 0 || sleep.Seconds > *gracePeriod) { - invalidStr := fmt.Sprintf("must be non-negative and less than terminationGracePeriodSeconds (%d)", *gracePeriod) - allErrors = append(allErrors, field.Invalid(fldPath, sleep.Seconds, invalidStr)) - } - } else { - if gracePeriod != nil && (sleep.Seconds <= 0 || sleep.Seconds > *gracePeriod) { - invalidStr := fmt.Sprintf("must be greater than 0 and less than terminationGracePeriodSeconds (%d). Enable AllowPodLifecycleSleepActionZeroValue feature gate for zero sleep.", *gracePeriod) - allErrors = append(allErrors, field.Invalid(fldPath, sleep.Seconds, invalidStr)) - } - } - return allErrors -} - -func validateClientIPAffinityConfig(config *core.SessionAffinityConfig, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if config == nil { - allErrs = append(allErrs, field.Required(fldPath, fmt.Sprintf("when session affinity type is %s", core.ServiceAffinityClientIP))) - return allErrs - } - if config.ClientIP == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("clientIP"), fmt.Sprintf("when session affinity type is %s", core.ServiceAffinityClientIP))) - return allErrs - } - if config.ClientIP.TimeoutSeconds == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("clientIP").Child("timeoutSeconds"), fmt.Sprintf("when session affinity type is %s", core.ServiceAffinityClientIP))) - return allErrs - } - allErrs = append(allErrs, validateAffinityTimeout(config.ClientIP.TimeoutSeconds, fldPath.Child("clientIP").Child("timeoutSeconds"))...) - - return allErrs -} - -func validateAffinityTimeout(timeout *int32, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if *timeout <= 0 || *timeout > core.MaxClientIPServiceAffinitySeconds { - allErrs = append(allErrs, field.Invalid(fldPath, timeout, fmt.Sprintf("must be greater than 0 and less than %d", core.MaxClientIPServiceAffinitySeconds))) - } - return allErrs -} - -// AccumulateUniqueHostPorts extracts each HostPort of each Container, -// accumulating the results and returning an error if any ports conflict. -func AccumulateUniqueHostPorts(containers []core.Container, accumulator *sets.Set[string], fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - for ci, ctr := range containers { - idxPath := fldPath.Index(ci) - portsPath := idxPath.Child("ports") - for pi := range ctr.Ports { - idxPath := portsPath.Index(pi) - port := ctr.Ports[pi].HostPort - if port == 0 { - continue - } - str := fmt.Sprintf("%s/%s/%d", ctr.Ports[pi].Protocol, ctr.Ports[pi].HostIP, port) - if accumulator.Has(str) { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("hostPort"), str)) - } else { - accumulator.Insert(str) - } - } - } - return allErrs -} - -// checkHostPortConflicts checks for colliding Port.HostPort values across -// a slice of containers. -func checkHostPortConflicts(containers []core.Container, fldPath *field.Path) field.ErrorList { - allPorts := sets.Set[string]{} - return AccumulateUniqueHostPorts(containers, &allPorts, fldPath) -} - -func validateExecAction(exec *core.ExecAction, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if len(exec.Command) == 0 { - allErrors = append(allErrors, field.Required(fldPath.Child("command"), "")) - } - return allErrors -} - -var supportedHTTPSchemes = sets.New(core.URISchemeHTTP, core.URISchemeHTTPS) - -func validateHTTPGetAction(http *core.HTTPGetAction, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if len(http.Path) == 0 { - allErrors = append(allErrors, field.Required(fldPath.Child("path"), "")) - } - allErrors = append(allErrors, ValidatePortNumOrName(http.Port, fldPath.Child("port"))...) - if !supportedHTTPSchemes.Has(http.Scheme) { - allErrors = append(allErrors, field.NotSupported(fldPath.Child("scheme"), http.Scheme, sets.List(supportedHTTPSchemes))) - } - for _, header := range http.HTTPHeaders { - for _, msg := range validation.IsHTTPHeaderName(header.Name) { - allErrors = append(allErrors, field.Invalid(fldPath.Child("httpHeaders"), header.Name, msg)) - } - } - return allErrors -} - -func ValidatePortNumOrName(port intstr.IntOrString, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if port.Type == intstr.Int { - for _, msg := range validation.IsValidPortNum(port.IntValue()) { - allErrs = append(allErrs, field.Invalid(fldPath, port.IntValue(), msg)) - } - } else if port.Type == intstr.String { - for _, msg := range validation.IsValidPortName(port.StrVal) { - allErrs = append(allErrs, field.Invalid(fldPath, port.StrVal, msg)) - } - } else { - allErrs = append(allErrs, field.InternalError(fldPath, fmt.Errorf("unknown type: %v", port.Type))) - } - return allErrs -} - -func validateTCPSocketAction(tcp *core.TCPSocketAction, fldPath *field.Path) field.ErrorList { - return ValidatePortNumOrName(tcp.Port, fldPath.Child("port")) -} -func validateGRPCAction(grpc *core.GRPCAction, fldPath *field.Path) field.ErrorList { - return ValidatePortNumOrName(intstr.FromInt32(grpc.Port), fldPath.Child("port")) -} -func validateHandler(handler commonHandler, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - numHandlers := 0 - allErrors := field.ErrorList{} - if handler.Exec != nil { - if numHandlers > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("exec"), "may not specify more than 1 handler type")) - } else { - numHandlers++ - allErrors = append(allErrors, validateExecAction(handler.Exec, fldPath.Child("exec"))...) - } - } - if handler.HTTPGet != nil { - if numHandlers > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("httpGet"), "may not specify more than 1 handler type")) - } else { - numHandlers++ - allErrors = append(allErrors, validateHTTPGetAction(handler.HTTPGet, fldPath.Child("httpGet"))...) - } - } - if handler.TCPSocket != nil { - if numHandlers > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("tcpSocket"), "may not specify more than 1 handler type")) - } else { - numHandlers++ - allErrors = append(allErrors, validateTCPSocketAction(handler.TCPSocket, fldPath.Child("tcpSocket"))...) - } - } - if handler.GRPC != nil { - if numHandlers > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("grpc"), "may not specify more than 1 handler type")) - } else { - numHandlers++ - allErrors = append(allErrors, validateGRPCAction(handler.GRPC, fldPath.Child("grpc"))...) - } - } - if handler.Sleep != nil { - if numHandlers > 0 { - allErrors = append(allErrors, field.Forbidden(fldPath.Child("sleep"), "may not specify more than 1 handler type")) - } else { - numHandlers++ - allErrors = append(allErrors, validateSleepAction(handler.Sleep, gracePeriod, fldPath.Child("sleep"), opts)...) - } - } - if numHandlers == 0 { - allErrors = append(allErrors, field.Required(fldPath, "must specify a handler type")) - } - return allErrors -} - -var supportedStopSignalsLinux = sets.New( - core.SIGABRT, core.SIGALRM, core.SIGBUS, core.SIGCHLD, - core.SIGCLD, core.SIGCONT, core.SIGFPE, core.SIGHUP, - core.SIGILL, core.SIGINT, core.SIGIO, core.SIGIOT, - core.SIGKILL, core.SIGPIPE, core.SIGPOLL, core.SIGPROF, - core.SIGPWR, core.SIGQUIT, core.SIGSEGV, core.SIGSTKFLT, - core.SIGSTOP, core.SIGSYS, core.SIGTERM, core.SIGTRAP, - core.SIGTSTP, core.SIGTTIN, core.SIGTTOU, core.SIGURG, - core.SIGUSR1, core.SIGUSR2, core.SIGVTALRM, core.SIGWINCH, - core.SIGXCPU, core.SIGXFSZ, core.SIGRTMIN, core.SIGRTMINPLUS1, - core.SIGRTMINPLUS2, core.SIGRTMINPLUS3, core.SIGRTMINPLUS4, - core.SIGRTMINPLUS5, core.SIGRTMINPLUS6, core.SIGRTMINPLUS7, - core.SIGRTMINPLUS8, core.SIGRTMINPLUS9, core.SIGRTMINPLUS10, - core.SIGRTMINPLUS11, core.SIGRTMINPLUS12, core.SIGRTMINPLUS13, - core.SIGRTMINPLUS14, core.SIGRTMINPLUS15, core.SIGRTMAXMINUS14, - core.SIGRTMAXMINUS13, core.SIGRTMAXMINUS12, core.SIGRTMAXMINUS11, - core.SIGRTMAXMINUS10, core.SIGRTMAXMINUS9, core.SIGRTMAXMINUS8, - core.SIGRTMAXMINUS7, core.SIGRTMAXMINUS6, core.SIGRTMAXMINUS5, - core.SIGRTMAXMINUS4, core.SIGRTMAXMINUS3, core.SIGRTMAXMINUS2, - core.SIGRTMAXMINUS1, core.SIGRTMAX) - -var supportedStopSignalsWindows = sets.New(core.SIGKILL, core.SIGTERM) - -func validateStopSignal(stopSignal *core.Signal, fldPath *field.Path, os *core.PodOS) field.ErrorList { - allErrors := field.ErrorList{} - - if os == nil { - allErrors = append(allErrors, field.Forbidden(fldPath, "may not be set for containers with empty `spec.os.name`")) - } else if os.Name == core.Windows { - if !supportedStopSignalsWindows.Has(*stopSignal) { - allErrors = append(allErrors, field.NotSupported(fldPath, stopSignal, sets.List(supportedStopSignalsWindows))) - } - } else if os.Name == core.Linux { - if !supportedStopSignalsLinux.Has(*stopSignal) { - allErrors = append(allErrors, field.NotSupported(fldPath, stopSignal, sets.List(supportedStopSignalsLinux))) - } - } - - return allErrors -} - -func validateLifecycle(lifecycle *core.Lifecycle, gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions, os *core.PodOS) field.ErrorList { - allErrs := field.ErrorList{} - if lifecycle.PostStart != nil { - allErrs = append(allErrs, validateHandler(handlerFromLifecycle(lifecycle.PostStart), gracePeriod, fldPath.Child("postStart"), opts)...) - } - if lifecycle.PreStop != nil { - allErrs = append(allErrs, validateHandler(handlerFromLifecycle(lifecycle.PreStop), gracePeriod, fldPath.Child("preStop"), opts)...) - } - if lifecycle.StopSignal != nil { - allErrs = append(allErrs, validateStopSignal(lifecycle.StopSignal, fldPath.Child("stopSignal"), os)...) - } - return allErrs -} - -var supportedPullPolicies = sets.New( - core.PullAlways, - core.PullIfNotPresent, - core.PullNever) - -func validatePullPolicy(policy core.PullPolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - - switch policy { - case core.PullAlways, core.PullIfNotPresent, core.PullNever: - break - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - allErrors = append(allErrors, field.NotSupported(fldPath, policy, sets.List(supportedPullPolicies))) - } - - return allErrors -} - -var supportedResizeResources = sets.New(core.ResourceCPU, core.ResourceMemory) -var supportedResizePolicies = sets.New(core.NotRequired, core.RestartContainer) - -func validateResizePolicy(policyList []core.ContainerResizePolicy, fldPath *field.Path, podRestartPolicy *core.RestartPolicy) field.ErrorList { - allErrors := field.ErrorList{} - - // validate that resource name is not repeated, supported resource names and policy values are specified - resources := make(map[core.ResourceName]bool) - for i, p := range policyList { - if _, found := resources[p.ResourceName]; found { - allErrors = append(allErrors, field.Duplicate(fldPath.Index(i), p.ResourceName)) - } - resources[p.ResourceName] = true - switch p.ResourceName { - case core.ResourceCPU, core.ResourceMemory: - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - allErrors = append(allErrors, field.NotSupported(fldPath, p.ResourceName, sets.List(supportedResizeResources))) - } - switch p.RestartPolicy { - case core.NotRequired, core.RestartContainer: - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - allErrors = append(allErrors, field.NotSupported(fldPath, p.RestartPolicy, sets.List(supportedResizePolicies))) - } - - if *podRestartPolicy == core.RestartPolicyNever && p.RestartPolicy != core.NotRequired { - allErrors = append(allErrors, field.Invalid(fldPath, p.RestartPolicy, "must be 'NotRequired' when `restartPolicy` is 'Never'")) - } - } - return allErrors -} - -var supportedContainerRestartPolicies = sets.New( - core.ContainerRestartPolicyAlways, - core.ContainerRestartPolicyNever, - core.ContainerRestartPolicyOnFailure, -) - -var supportedContainerRestartPolicyOperators = sets.New( - core.ContainerRestartRuleOnExitCodesOpIn, - core.ContainerRestartRuleOnExitCodesOpNotIn, -) - -// Supported actions depend on whether corresponding feature gates are enabled. -var ( - // Without AllowRestartAllContainers - supportedContainerRestartRuleActions = sets.New(core.ContainerRestartRuleActionRestart) - // With AllowRestartAllContainers - supportedContainerRestartRuleActionsWithRestartAllContainers = sets.New(core.ContainerRestartRuleActionRestart, core.ContainerRestartRuleActionRestartAllContainers) -) - -// validateContainerRestartPolicy checks the container-level restartPolicy and restartPolicyRules are valid for -// regular containers, init containers, and sidecar containers. -func validateContainerRestartPolicy(policy *core.ContainerRestartPolicy, rules []core.ContainerRestartRule, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - var allErrs field.ErrorList - restartPolicyFld := fldPath.Child("restartPolicy") - if policy == nil { - if len(rules) == 0 { - return allErrs - } else { - allErrs = append(allErrs, field.Required(restartPolicyFld, "must specify restartPolicy when restart rules are used")) - } - } else if !supportedContainerRestartPolicies.Has(*policy) { - allErrs = append(allErrs, field.NotSupported(restartPolicyFld, *policy, sets.List(supportedContainerRestartPolicies))) - } - - if len(rules) > 20 { - allErrs = append(allErrs, field.TooLong(fldPath.Child("restartPolicyRules"), rules, 20)) - } - for i, rule := range rules { - policyRulesFld := fldPath.Child("restartPolicyRules").Index(i) - allowedActions := supportedContainerRestartRuleActions - if opts.AllowRestartAllContainers { - allowedActions = supportedContainerRestartRuleActionsWithRestartAllContainers - } - if !allowedActions.Has(rule.Action) { - allErrs = append(allErrs, field.NotSupported(policyRulesFld.Child("action"), rule.Action, sets.List(supportedContainerRestartRuleActions))) - } - - if rule.ExitCodes != nil { - exitCodesFld := policyRulesFld.Child("exitCodes") - if !supportedContainerRestartPolicyOperators.Has(rule.ExitCodes.Operator) { - allErrs = append(allErrs, field.NotSupported(exitCodesFld.Child("operator"), rule.ExitCodes.Operator, sets.List(supportedContainerRestartPolicyOperators))) - } - - if len(rule.ExitCodes.Values) > 255 { - allErrs = append(allErrs, field.TooLong(exitCodesFld.Child("values"), rule.ExitCodes.Values, 255)) - } - } else { - allErrs = append(allErrs, field.Required(policyRulesFld.Child("exitCodes"), "must be specified")) - } - } - return allErrs -} - -// validateEphemeralContainers is called by pod spec and template validation to validate the list of ephemeral containers. -// Note that this is called for pod template even though ephemeral containers aren't allowed in pod templates. -func validateEphemeralContainers(ephemeralContainers []core.EphemeralContainer, containers, initContainers []core.Container, volumes map[string]core.VolumeSource, podClaimNames sets.Set[string], fldPath *field.Path, opts PodValidationOptions, podRestartPolicy *core.RestartPolicy, hostUsers bool) field.ErrorList { - var allErrs field.ErrorList - - if len(ephemeralContainers) == 0 { - return allErrs - } - - otherNames, allNames := sets.Set[string]{}, sets.Set[string]{} - for _, c := range containers { - otherNames.Insert(c.Name) - allNames.Insert(c.Name) - } - for _, c := range initContainers { - otherNames.Insert(c.Name) - allNames.Insert(c.Name) - } - - for i, ec := range ephemeralContainers { - idxPath := fldPath.Index(i) - - c := (*core.Container)(&ec.EphemeralContainerCommon) - allErrs = append(allErrs, validateContainerCommon(c, volumes, podClaimNames, idxPath, opts, podRestartPolicy, hostUsers)...) - // Ephemeral containers don't need looser constraints for pod templates, so it's convenient to apply both validations - // here where we've already converted EphemeralContainerCommon to Container. - allErrs = append(allErrs, validateContainerOnlyForPod(c, idxPath)...) - - // Ephemeral containers must have a name unique across all container types. - if allNames.Has(ec.Name) { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("name"), ec.Name)) - } else { - allNames.Insert(ec.Name) - } - - // The target container name must exist and be non-ephemeral. - if ec.TargetContainerName != "" && !otherNames.Has(ec.TargetContainerName) { - allErrs = append(allErrs, field.NotFound(idxPath.Child("targetContainerName"), ec.TargetContainerName)) - } - - // Ephemeral containers should not be relied upon for fundamental pod services, so fields such as - // Lifecycle, probes, resources and ports should be disallowed. This is implemented as a list - // of allowed fields so that new fields will be given consideration prior to inclusion in ephemeral containers. - allErrs = append(allErrs, validateFieldAllowList(ec.EphemeralContainerCommon, allowedEphemeralContainerFields, "cannot be set for an Ephemeral Container", idxPath)...) - - // VolumeMount subpaths have the potential to leak resources since they're implemented with bind mounts - // that aren't cleaned up until the pod exits. Since they also imply that the container is being used - // as part of the workload, they're disallowed entirely. - for i, vm := range ec.VolumeMounts { - if vm.SubPath != "" { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("volumeMounts").Index(i).Child("subPath"), "cannot be set for an Ephemeral Container")) - } - if vm.SubPathExpr != "" { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("volumeMounts").Index(i).Child("subPathExpr"), "cannot be set for an Ephemeral Container")) - } - } - } - - return allErrs -} - -// ValidateFieldAcceptList checks that only allowed fields are set. -// The value must be a struct (not a pointer to a struct!). -func validateFieldAllowList(value interface{}, allowedFields map[string]bool, errorText string, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - - reflectType, reflectValue := reflect.TypeOf(value), reflect.ValueOf(value) - for i := 0; i < reflectType.NumField(); i++ { - f := reflectType.Field(i) - if allowedFields[f.Name] { - continue - } - - // Compare the value of this field to its zero value to determine if it has been set - if !reflect.DeepEqual(reflectValue.Field(i).Interface(), reflect.Zero(f.Type).Interface()) { - r, n := utf8.DecodeRuneInString(f.Name) - lcName := string(unicode.ToLower(r)) + f.Name[n:] - allErrs = append(allErrs, field.Forbidden(fldPath.Child(lcName), errorText)) - } - } - - return allErrs -} - -// validateInitContainers is called by pod spec and template validation to validate the list of init containers -func validateInitContainers(containers []core.Container, os *core.PodOS, regularContainers []core.Container, volumes map[string]core.VolumeSource, podClaimNames sets.Set[string], gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions, podRestartPolicy *core.RestartPolicy, hostUsers bool) field.ErrorList { - var allErrs field.ErrorList - - allNames := sets.Set[string]{} - for _, ctr := range regularContainers { - allNames.Insert(ctr.Name) - } - for i, ctr := range containers { - idxPath := fldPath.Index(i) - - // Apply the validation common to all container types - allErrs = append(allErrs, validateContainerCommon(&ctr, volumes, podClaimNames, idxPath, opts, podRestartPolicy, hostUsers)...) - - restartAlways := false - // Apply the validation specific to init containers - allErrs = append(allErrs, validateInitContainerRestartPolicy(ctr.RestartPolicy, ctr.RestartPolicyRules, idxPath, opts)...) - if ctr.RestartPolicy != nil { - restartAlways = *ctr.RestartPolicy == core.ContainerRestartPolicyAlways - } - - // Names must be unique within regular and init containers. Collisions with ephemeral containers - // will be detected by validateEphemeralContainers(). - if allNames.Has(ctr.Name) { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("name"), ctr.Name)) - } else if len(ctr.Name) > 0 { - allNames.Insert(ctr.Name) - } - - // Check for port conflicts in init containers individually since init containers run one-by-one. - allErrs = append(allErrs, checkHostPortConflicts([]core.Container{ctr}, fldPath)...) - - switch { - case restartAlways: - if ctr.Lifecycle != nil { - allErrs = append(allErrs, validateLifecycle(ctr.Lifecycle, gracePeriod, idxPath.Child("lifecycle"), opts, os)...) - } - allErrs = append(allErrs, validateLivenessProbe(ctr.LivenessProbe, gracePeriod, idxPath.Child("livenessProbe"), opts)...) - allErrs = append(allErrs, validateReadinessProbe(ctr.ReadinessProbe, gracePeriod, idxPath.Child("readinessProbe"), opts)...) - allErrs = append(allErrs, validateStartupProbe(ctr.StartupProbe, gracePeriod, idxPath.Child("startupProbe"), opts)...) - - default: - // These fields are disallowed for init containers. - if ctr.Lifecycle != nil { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("lifecycle"), "may not be set for init containers without restartPolicy=Always")) - } - if ctr.LivenessProbe != nil { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("livenessProbe"), "may not be set for init containers without restartPolicy=Always")) - } - if ctr.ReadinessProbe != nil { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("readinessProbe"), "may not be set for init containers without restartPolicy=Always")) - } - if ctr.StartupProbe != nil { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("startupProbe"), "may not be set for init containers without restartPolicy=Always")) - } - } - - if !opts.AllowSidecarResizePolicy && len(ctr.ResizePolicy) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("resizePolicy"), ctr.ResizePolicy, "must not be set for init containers")) - } - } - - return allErrs -} - -// validateContainerCommon applies validation common to all container types. It's called by regular, init, and ephemeral -// container list validation to require a properly formatted name, image, etc. -func validateContainerCommon(ctr *core.Container, volumes map[string]core.VolumeSource, podClaimNames sets.Set[string], path *field.Path, opts PodValidationOptions, podRestartPolicy *core.RestartPolicy, hostUsers bool) field.ErrorList { - var allErrs field.ErrorList - - namePath := path.Child("name") - if len(ctr.Name) == 0 { - allErrs = append(allErrs, field.Required(namePath, "")) - } else { - allErrs = append(allErrs, ValidateDNS1123Label(ctr.Name, namePath)...) - } - - // TODO: do not validate leading and trailing whitespace to preserve backward compatibility. - // for example: https://github.com/openshift/origin/issues/14659 image = " " is special token in pod template - // others may have done similar - if len(ctr.Image) == 0 { - allErrs = append(allErrs, field.Required(path.Child("image"), "")) - } - - switch ctr.TerminationMessagePolicy { - case core.TerminationMessageReadFile, core.TerminationMessageFallbackToLogsOnError: - case "": - allErrs = append(allErrs, field.Required(path.Child("terminationMessagePolicy"), "")) - default: - supported := []core.TerminationMessagePolicy{ - core.TerminationMessageReadFile, - core.TerminationMessageFallbackToLogsOnError, - } - allErrs = append(allErrs, field.NotSupported(path.Child("terminationMessagePolicy"), ctr.TerminationMessagePolicy, supported)) - } - - volMounts := GetVolumeMountMap(ctr.VolumeMounts) - volDevices := GetVolumeDeviceMap(ctr.VolumeDevices) - allErrs = append(allErrs, validateContainerPorts(ctr.Ports, path.Child("ports"))...) - allErrs = append(allErrs, ValidateEnv(ctr.Env, path.Child("env"), opts)...) - allErrs = append(allErrs, ValidateEnvFrom(ctr.EnvFrom, path.Child("envFrom"), opts)...) - allErrs = append(allErrs, ValidateVolumeMounts(ctr.VolumeMounts, volDevices, volumes, ctr, path.Child("volumeMounts"), opts)...) - allErrs = append(allErrs, ValidateVolumeDevices(ctr.VolumeDevices, volMounts, volumes, path.Child("volumeDevices"))...) - allErrs = append(allErrs, validatePullPolicy(ctr.ImagePullPolicy, path.Child("imagePullPolicy"))...) - allErrs = append(allErrs, ValidateContainerResourceRequirements(&ctr.Resources, podClaimNames, path.Child("resources"), opts)...) - allErrs = append(allErrs, validateResizePolicy(ctr.ResizePolicy, path.Child("resizePolicy"), podRestartPolicy)...) - allErrs = append(allErrs, ValidateSecurityContext(ctr.SecurityContext, path.Child("securityContext"), hostUsers)...) - return allErrs -} - -func validateHostUsers(spec *core.PodSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - // Only make the following checks if hostUsers is false (otherwise, the container uses the - // same userns as the host, and so there isn't anything to check). - if spec.SecurityContext == nil || spec.SecurityContext.HostUsers == nil || *spec.SecurityContext.HostUsers { - return allErrs - } - - // We decided to restrict the usage of userns with other host namespaces: - // https://github.com/kubernetes/kubernetes/pull/111090#discussion_r935994282 - // The tl;dr is: you can easily run into permission issues that seem unexpected, we don't - // know of any good use case and we can always enable them later. - - // Note we already validated above spec.SecurityContext is not nil. - if !opts.AllowUserNamespacesHostNetworkSupport { - if spec.SecurityContext.HostNetwork { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostNetwork"), "when `hostUsers` is false")) - } - } - - if spec.SecurityContext.HostPID { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("HostPID"), "when `hostUsers` is false")) - } - if spec.SecurityContext.HostIPC { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("HostIPC"), "when `hostUsers` is false")) - } - if !opts.AllowUserNamespacesWithVolumeDevices { - // volumeDevices won't work, as they don't support idmap mounts nor we are chown-ing them. - // Let's return a clear error in this case. - podshelper.VisitContainersWithPath(spec, fldPath, func(c *core.Container, containerPath *field.Path) bool { - if len(c.VolumeDevices) > 0 { - allErrs = append(allErrs, field.Forbidden(containerPath.Child("volumeDevices"), "when `hostUsers` is false")) - } - return true // Always visit all containers. - }) - } - - return allErrs -} - -// validateFileKeyRefVolumes validates that volumes referenced by FileKeyRef environment variables -// are of type emptyDir. FileKeyRef requires emptyDir volumes to ensure proper file access. -func validateFileKeyRefVolumes(spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - volumeSources := make(map[string]*core.VolumeSource) - for i := range spec.Volumes { - volume := &spec.Volumes[i] - volumeSources[volume.Name] = &volume.VolumeSource - } - - podshelper.VisitContainersWithPath(spec, fldPath, func(c *core.Container, cFldPath *field.Path) bool { - envPath := cFldPath.Child("env") - for j, env := range c.Env { - // Only care about environment variables that use FileKeyRef. - if env.ValueFrom == nil || env.ValueFrom.FileKeyRef == nil { - continue - } - - volumeName := env.ValueFrom.FileKeyRef.VolumeName - fileKeyRefPath := envPath.Index(j).Child("valueFrom").Child("fileKeyRef") - volumeNamePath := fileKeyRefPath.Child("volumeName") - - source, found := volumeSources[volumeName] - if !found { - // The referenced volume does not exist in the pod spec. - allErrs = append(allErrs, field.NotFound(volumeNamePath, volumeName)) - } else if source.EmptyDir == nil { - // The volume exists, but it is not of type emptyDir, which is required. - allErrs = append(allErrs, field.Invalid(volumeNamePath, volumeName, "referenced volume must be of type emptyDir")) - } - } - - return true - }) - - return allErrs -} - -func validatePodHostName(spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if spec.HostnameOverride == nil { - return allErrs - } - - // If SetHostnameAsFQDN is true, HostnameOverride must not be set. - if spec.SetHostnameAsFQDN != nil && *spec.SetHostnameAsFQDN { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostnameOverride"), "may not be specified when setHostnameAsFQDN is true")) - } - // If HostNetwork is true, HostnameOverride must not be set. - if spec.SecurityContext != nil && spec.SecurityContext.HostNetwork { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostnameOverride"), "may not be specified when hostNetwork is true")) - } - if len(*spec.HostnameOverride) > 64 { - allErrs = append(allErrs, field.TooLong(fldPath.Child("hostnameOverride"), "" /*unused*/, 64)) - } - - // Not allow to set a string that is not an RFC 1123 DNS subdomain as a hostname. - allErrs = append(allErrs, ValidateDNS1123Subdomain(*spec.HostnameOverride, fldPath.Child("hostnameOverride"))...) - - return allErrs -} - -// validateContainers is called by pod spec and template validation to validate the list of regular containers. -func validateContainers(containers []core.Container, os *core.PodOS, volumes map[string]core.VolumeSource, podClaimNames sets.Set[string], gracePeriod *int64, fldPath *field.Path, opts PodValidationOptions, podRestartPolicy *core.RestartPolicy, hostUsers bool) field.ErrorList { - allErrs := field.ErrorList{} - - if len(containers) == 0 { - return append(allErrs, field.Required(fldPath, "")) - } - - allNames := sets.Set[string]{} - for i, ctr := range containers { - path := fldPath.Index(i) - - // Apply validation common to all containers - allErrs = append(allErrs, validateContainerCommon(&ctr, volumes, podClaimNames, path, opts, podRestartPolicy, hostUsers)...) - - // Container names must be unique within the list of regular containers. - // Collisions with init or ephemeral container names will be detected by the init or ephemeral - // container validation to prevent duplicate error messages. - if allNames.Has(ctr.Name) { - allErrs = append(allErrs, field.Duplicate(path.Child("name"), ctr.Name)) - } else { - allNames.Insert(ctr.Name) - } - - // These fields are allowed for regular containers and restartable init - // containers. - // Regular init container and ephemeral container validation will return - // field.Forbidden() for these paths. - if ctr.Lifecycle != nil { - allErrs = append(allErrs, validateLifecycle(ctr.Lifecycle, gracePeriod, path.Child("lifecycle"), opts, os)...) - } - allErrs = append(allErrs, validateLivenessProbe(ctr.LivenessProbe, gracePeriod, path.Child("livenessProbe"), opts)...) - allErrs = append(allErrs, validateReadinessProbe(ctr.ReadinessProbe, gracePeriod, path.Child("readinessProbe"), opts)...) - allErrs = append(allErrs, validateStartupProbe(ctr.StartupProbe, gracePeriod, path.Child("startupProbe"), opts)...) - - if opts.AllowContainerRestartPolicyRules { - allErrs = append(allErrs, validateContainerRestartPolicy(ctr.RestartPolicy, ctr.RestartPolicyRules, path, opts)...) - } else if ctr.RestartPolicy != nil { - allErrs = append(allErrs, field.Forbidden(path.Child("restartPolicy"), "may not be set for non-init containers")) - } - } - - // Port conflicts are checked across all containers - allErrs = append(allErrs, checkHostPortConflicts(containers, fldPath)...) - - return allErrs -} - -func validateRestartPolicy(restartPolicy *core.RestartPolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - switch *restartPolicy { - case core.RestartPolicyAlways, core.RestartPolicyOnFailure, core.RestartPolicyNever: - break - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - validValues := []core.RestartPolicy{core.RestartPolicyAlways, core.RestartPolicyOnFailure, core.RestartPolicyNever} - allErrors = append(allErrors, field.NotSupported(fldPath, *restartPolicy, validValues)) - } - - return allErrors -} - -func ValidatePreemptionPolicy(preemptionPolicy *core.PreemptionPolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - switch *preemptionPolicy { - case core.PreemptLowerPriority, core.PreemptNever: - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - validValues := []core.PreemptionPolicy{core.PreemptLowerPriority, core.PreemptNever} - allErrors = append(allErrors, field.NotSupported(fldPath, preemptionPolicy, validValues)) - } - return allErrors -} - -func validateDNSPolicy(dnsPolicy *core.DNSPolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - switch *dnsPolicy { - case core.DNSClusterFirstWithHostNet, core.DNSClusterFirst, core.DNSDefault, core.DNSNone: - case "": - allErrors = append(allErrors, field.Required(fldPath, "")) - default: - validValues := []core.DNSPolicy{core.DNSClusterFirstWithHostNet, core.DNSClusterFirst, core.DNSDefault, core.DNSNone} - allErrors = append(allErrors, field.NotSupported(fldPath, dnsPolicy, validValues)) - } - return allErrors -} - -var validFSGroupChangePolicies = sets.New(core.FSGroupChangeOnRootMismatch, core.FSGroupChangeAlways) - -func validateFSGroupChangePolicy(fsGroupPolicy *core.PodFSGroupChangePolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if !validFSGroupChangePolicies.Has(*fsGroupPolicy) { - allErrors = append(allErrors, field.NotSupported(fldPath, fsGroupPolicy, sets.List(validFSGroupChangePolicies))) - } - return allErrors -} - -const ( - // Limits on various DNS parameters. These are derived from - // restrictions in Linux libc name resolution handling. - // Max number of DNS name servers. - MaxDNSNameservers = 3 - // Max number of domains in the search path list. - MaxDNSSearchPaths = 32 - // Max number of characters in the search path. - MaxDNSSearchListChars = 2048 -) - -func validateReadinessGates(readinessGates []core.PodReadinessGate, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i, value := range readinessGates { - allErrs = append(allErrs, ValidateQualifiedName(string(value.ConditionType), fldPath.Index(i).Child("conditionType"))...) - } - return allErrs -} - -func validateSchedulingGates(schedulingGates []core.PodSchedulingGate, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // There should be no duplicates in the list of scheduling gates. - seen := sets.Set[string]{} - for i, schedulingGate := range schedulingGates { - allErrs = append(allErrs, ValidateQualifiedName(schedulingGate.Name, fldPath.Index(i))...) - if seen.Has(schedulingGate.Name) { - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i), schedulingGate.Name)) - } - seen.Insert(schedulingGate.Name) - } - return allErrs -} - -func validatePodDNSConfig(dnsConfig *core.PodDNSConfig, dnsPolicy *core.DNSPolicy, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - // Validate DNSNone case. Must provide at least one DNS name server. - if dnsPolicy != nil && *dnsPolicy == core.DNSNone { - if dnsConfig == nil { - return append(allErrs, field.Required(fldPath, fmt.Sprintf("must provide `dnsConfig` when `dnsPolicy` is %s", core.DNSNone))) - } - if len(dnsConfig.Nameservers) == 0 { - return append(allErrs, field.Required(fldPath.Child("nameservers"), fmt.Sprintf("must provide at least one DNS nameserver when `dnsPolicy` is %s", core.DNSNone))) - } - } - - if dnsConfig != nil { - // Validate nameservers. - if len(dnsConfig.Nameservers) > MaxDNSNameservers { - allErrs = append(allErrs, field.Invalid(fldPath.Child("nameservers"), dnsConfig.Nameservers, fmt.Sprintf("must not have more than %v nameservers", MaxDNSNameservers))) - } - for i, ns := range dnsConfig.Nameservers { - allErrs = append(allErrs, IsValidIPForLegacyField(fldPath.Child("nameservers").Index(i), ns, nil)...) - } - // Validate searches. - if len(dnsConfig.Searches) > MaxDNSSearchPaths { - allErrs = append(allErrs, field.Invalid(fldPath.Child("searches"), dnsConfig.Searches, fmt.Sprintf("must not have more than %v search paths", MaxDNSSearchPaths))) - } - // Include the space between search paths. - if len(strings.Join(dnsConfig.Searches, " ")) > MaxDNSSearchListChars { - allErrs = append(allErrs, field.Invalid(fldPath.Child("searches"), dnsConfig.Searches, fmt.Sprintf("must not have more than %v characters (including spaces) in the search list", MaxDNSSearchListChars))) - } - - for i, search := range dnsConfig.Searches { - if opts.AllowRelaxedDNSSearchValidation { - if search != "." { - search = strings.TrimSuffix(search, ".") - allErrs = append(allErrs, ValidateDNS1123SubdomainWithUnderScore(search, fldPath.Child("searches").Index(i))...) - } - } else { - search = strings.TrimSuffix(search, ".") - allErrs = append(allErrs, ValidateDNS1123Subdomain(search, fldPath.Child("searches").Index(i))...) - } - - } - // Validate options. - for i, option := range dnsConfig.Options { - if len(option.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("options").Index(i), "must not be empty")) - } - } - } - return allErrs -} - -// validatePodHostNetworkDeps checks fields which depend on whether HostNetwork is -// true or not. It should be called on all PodSpecs, but opts can change what -// is enforce. E.g. opts.ResourceIsPod should only be set when called in the -// context of a Pod, and not on PodSpecs which are embedded in other resources -// (e.g. Deployments). -func validatePodHostNetworkDeps(spec *core.PodSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - // For we keep `.HostNetwork` in .SecurityContext on the internal - // version of Pod. - hostNetwork := false - if spec.SecurityContext != nil { - hostNetwork = spec.SecurityContext.HostNetwork - } - - allErrors := field.ErrorList{} - - if hostNetwork { - fldPath := fldPath.Child("containers") - for i, container := range spec.Containers { - portsPath := fldPath.Index(i).Child("ports") - for i, port := range container.Ports { - idxPath := portsPath.Index(i) - // At this point, we know that HostNetwork is true. If this - // PodSpec is in a Pod (opts.ResourceIsPod), then HostPort must - // be the same value as ContainerPort. If this PodSpec is in - // some other resource (e.g. Deployment) we allow 0 (i.e. - // unspecified) because it will be defaulted when the Pod is - // ultimately created, but we do not allow any other values. - if hp, cp := port.HostPort, port.ContainerPort; (opts.ResourceIsPod || hp != 0) && hp != cp { - allErrors = append(allErrors, field.Invalid(idxPath.Child("hostPort"), port.HostPort, "must match `containerPort` when `hostNetwork` is true")) - } - } - } - } - return allErrors -} - -// validateImagePullSecrets checks to make sure the pull secrets are well -// formed. Right now, we only expect name to be set (it's the only field). If -// this ever changes and someone decides to set those fields, we'd like to -// know. -func validateImagePullSecrets(imagePullSecrets []core.LocalObjectReference, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - for i, currPullSecret := range imagePullSecrets { - idxPath := fldPath.Index(i) - strippedRef := core.LocalObjectReference{Name: currPullSecret.Name} - if !reflect.DeepEqual(strippedRef, currPullSecret) { - allErrors = append(allErrors, field.Invalid(idxPath, currPullSecret, "only name may be set")) - } - } - return allErrors -} - -// validateAffinity checks if given affinities are valid -func validateAffinity(affinity *core.Affinity, opts PodValidationOptions, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if affinity != nil { - if affinity.NodeAffinity != nil { - allErrs = append(allErrs, validateNodeAffinity(affinity.NodeAffinity, opts, fldPath.Child("nodeAffinity"))...) - } - if affinity.PodAffinity != nil { - allErrs = append(allErrs, validatePodAffinity(affinity.PodAffinity, opts.AllowInvalidLabelValueInSelector, fldPath.Child("podAffinity"))...) - } - if affinity.PodAntiAffinity != nil { - allErrs = append(allErrs, validatePodAntiAffinity(affinity.PodAntiAffinity, opts.AllowInvalidLabelValueInSelector, fldPath.Child("podAntiAffinity"))...) - } - } - - return allErrs -} - -func validateTaintEffect(effect *core.TaintEffect, allowEmpty bool, fldPath *field.Path) field.ErrorList { - if !allowEmpty && len(*effect) == 0 { - return field.ErrorList{field.Required(fldPath, "")} - } - - allErrors := field.ErrorList{} - switch *effect { - // TODO: Replace next line with subsequent commented-out line when implement TaintEffectNoScheduleNoAdmit. - case core.TaintEffectNoSchedule, core.TaintEffectPreferNoSchedule, core.TaintEffectNoExecute: - // case core.TaintEffectNoSchedule, core.TaintEffectPreferNoSchedule, core.TaintEffectNoScheduleNoAdmit, core.TaintEffectNoExecute: - default: - validValues := []core.TaintEffect{ - core.TaintEffectNoSchedule, - core.TaintEffectPreferNoSchedule, - core.TaintEffectNoExecute, - // TODO: Uncomment this block when implement TaintEffectNoScheduleNoAdmit. - // core.TaintEffectNoScheduleNoAdmit, - } - allErrors = append(allErrors, field.NotSupported(fldPath, *effect, validValues)) - } - return allErrors -} - -// validateOnlyAddedTolerations validates updated pod tolerations. -func validateOnlyAddedTolerations(newTolerations []core.Toleration, oldTolerations []core.Toleration, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - for _, old := range oldTolerations { - found := false - oldTolerationClone := old.DeepCopy() - for _, newToleration := range newTolerations { - // assign to our clone before doing a deep equal so we can allow tolerationseconds to change. - oldTolerationClone.TolerationSeconds = newToleration.TolerationSeconds // +k8s:verify-mutation:reason=clone - if reflect.DeepEqual(*oldTolerationClone, newToleration) { - found = true - break - } - } - if !found { - allErrs = append(allErrs, field.Forbidden(fldPath, "existing toleration can not be modified except its tolerationSeconds")) - return allErrs - } - } - - allErrs = append(allErrs, ValidateTolerations(newTolerations, fldPath, opts)...) - return allErrs -} - -func validateOnlyDeletedSchedulingGates(newGates, oldGates []core.PodSchedulingGate, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(newGates) == 0 { - return allErrs - } - - additionalGates := make(map[string]int) - for i, newGate := range newGates { - additionalGates[newGate.Name] = i - } - - for _, oldGate := range oldGates { - delete(additionalGates, oldGate.Name) - } - - for gate, i := range additionalGates { - allErrs = append(allErrs, field.Forbidden(fldPath.Index(i).Child("name"), fmt.Sprintf("only deletion is allowed, but found new scheduling gate '%s'", gate))) - } - - return allErrs -} - -func ValidateHostAliases(hostAliases []core.HostAlias, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i, hostAlias := range hostAliases { - allErrs = append(allErrs, IsValidIPForLegacyField(fldPath.Index(i).Child("ip"), hostAlias.IP, nil)...) - for j, hostname := range hostAlias.Hostnames { - allErrs = append(allErrs, ValidateDNS1123Subdomain(hostname, fldPath.Index(i).Child("hostnames").Index(j))...) - } - } - return allErrs -} - -// ValidateTolerations tests if given tolerations have valid data. -func ValidateTolerations(tolerations []core.Toleration, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrors := field.ErrorList{} - for i, toleration := range tolerations { - idxPath := fldPath.Index(i) - // validate the toleration key - if len(toleration.Key) > 0 { - allErrors = append(allErrors, unversionedvalidation.ValidateLabelName(toleration.Key, idxPath.Child("key"))...) - } - - // empty toleration key with Exists operator and empty value means match all taints - if len(toleration.Key) == 0 && toleration.Operator != core.TolerationOpExists { - allErrors = append(allErrors, field.Invalid(idxPath.Child("operator"), toleration.Operator, - "operator must be Exists when `key` is empty, which means \"match all values and all keys\"")) - } - - if toleration.TolerationSeconds != nil && toleration.Effect != core.TaintEffectNoExecute { - allErrors = append(allErrors, field.Invalid(idxPath.Child("effect"), toleration.Effect, - "effect must be 'NoExecute' when `tolerationSeconds` is set")) - } - - // validate toleration operator and value - switch toleration.Operator { - // empty operator means Equal - case core.TolerationOpEqual, "": - if errs := validation.IsValidLabelValue(toleration.Value); len(errs) != 0 { - allErrors = append(allErrors, field.Invalid(idxPath.Child("operator"), toleration.Value, strings.Join(errs, ";"))) - } - case core.TolerationOpExists: - if len(toleration.Value) > 0 { - allErrors = append(allErrors, field.Invalid(idxPath.Child("operator"), toleration.Value, "value must be empty when `operator` is 'Exists'")) - } - case core.TolerationOpLt, core.TolerationOpGt: - // Numeric comparison operators require validation option - if !opts.AllowTaintTolerationComparisonOperators { - validValues := []core.TolerationOperator{core.TolerationOpEqual, core.TolerationOpExists, core.TolerationOpLt, core.TolerationOpGt} - allErrors = append(allErrors, field.NotSupported(idxPath.Child("operator"), toleration.Operator, validValues)) - break - } - - // validate value is decimal integer - for _, msg := range content.IsDecimalInteger(toleration.Value) { - allErrors = append(allErrors, field.Invalid(idxPath.Child("value"), toleration.Value, msg)) - } - - // validate value is within int64 range - if _, err := strconv.ParseInt(toleration.Value, 10, 64); err != nil { - allErrors = append(allErrors, field.Invalid(idxPath.Child("value"), toleration.Value, err.Error())) - } - default: - validValues := []core.TolerationOperator{core.TolerationOpEqual, core.TolerationOpExists} - allErrors = append(allErrors, field.NotSupported(idxPath.Child("operator"), toleration.Operator, validValues)) - } - - // validate toleration effect, empty toleration effect means match all taint effects - if len(toleration.Effect) > 0 { - allErrors = append(allErrors, validateTaintEffect(&toleration.Effect, true, idxPath.Child("effect"))...) - } - } - return allErrors -} - -// validateContainersOnlyForPod does additional validation for containers on a pod versus a pod template -// it only does additive validation of fields not covered in validateContainers and is not called for -// ephemeral containers which require a conversion to core.Container. -func validateContainersOnlyForPod(containers []core.Container, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i, ctr := range containers { - allErrs = append(allErrs, validateContainerOnlyForPod(&ctr, fldPath.Index(i))...) - } - return allErrs -} - -// validateContainerOnlyForPod does pod-only (i.e. not pod template) validation for a single container. -// This is called by validateContainersOnlyForPod and validateEphemeralContainers directly. -func validateContainerOnlyForPod(ctr *core.Container, path *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(ctr.Image) != len(strings.TrimSpace(ctr.Image)) { - allErrs = append(allErrs, field.Invalid(path.Child("image"), ctr.Image, "must not have leading or trailing whitespace")) - } - return allErrs -} - -// PodValidationOptions contains the different settings for pod validation -type PodValidationOptions struct { - // Allow invalid pod-deletion-cost annotation value for backward compatibility. - AllowInvalidPodDeletionCost bool - // Allow invalid label-value in LabelSelector - AllowInvalidLabelValueInSelector bool - // Allow pod spec to use non-integer multiple of huge page unit size - AllowIndivisibleHugePagesValues bool - // Allow invalid topologySpreadConstraint labelSelector for backward compatibility - AllowInvalidTopologySpreadConstraintLabelSelector bool - // Allow projected token volumes with non-local paths - AllowNonLocalProjectedTokenPath bool - // Allow namespaced sysctls in hostNet and hostIPC pods - AllowNamespacedSysctlsForHostNetAndHostIPC bool - // The top-level resource being validated is a Pod, not just a PodSpec - // embedded in some other resource. - ResourceIsPod bool - // Allow relaxed validation of environment variable names - AllowRelaxedEnvironmentVariableValidation bool - // Allow the use of a relaxed DNS search - AllowRelaxedDNSSearchValidation bool - // Allows zero value for Pod Lifecycle Sleep Action - AllowPodLifecycleSleepActionZeroValue bool - // Allow only Recursive value of SELinuxChangePolicy. - AllowOnlyRecursiveSELinuxChangePolicy bool - // Indicates whether PodLevelResources feature is enabled or disabled. - PodLevelResourcesEnabled bool - // Indicates whether InPlacePodLevelResourcesVerticalScaling feature is enabled - // or disabled. - InPlacePodLevelResourcesVerticalScalingEnabled bool - // Allow sidecar containers resize policy for backward compatibility - AllowSidecarResizePolicy bool - // Allow invalid label-value in RequiredNodeSelector - AllowInvalidLabelValueInRequiredNodeAffinity bool - // Allow feature of MatchLabelKeys in TopologySpreadConstraints - AllowMatchLabelKeysInPodTopologySpread bool - // Allow merging selectors built from MatchLabelKeys into LabelSelector of TopologySpreadConstraints - AllowMatchLabelKeysInPodTopologySpreadSelectorMerge bool - // OldPod has invalid MatchLabelKeys in TopologySpreadConstraints against current(>=v1.34) validation - OldPodViolatesMatchLabelKeysValidation bool - // OldPod has invalid MatchLabelKeys in TopologySpreadConstraints against legacy( 1 { - podIPs := make([]string, 0, len(pod.Status.PodIPs)) - for _, podIP := range pod.Status.PodIPs { - podIPs = append(podIPs, podIP.IP) - } - - dualStack, err := netutils.IsDualStackIPStrings(podIPs) - if err != nil { - allErrs = append(allErrs, field.InternalError(podIPsField, fmt.Errorf("failed to check for dual stack with error:%v", err))) - } - - // We only support one from each IP family (i.e. max two IPs in this list). - if !dualStack || len(podIPs) > 2 { - allErrs = append(allErrs, field.Invalid(podIPsField, pod.Status.PodIPs, "may specify no more than one IP for each IP family")) - } - } - - return allErrs -} - -// validateHostIPs validates IPs in pod status -func validateHostIPs(pod, oldPod *core.Pod) field.ErrorList { - allErrs := field.ErrorList{} - - if len(pod.Status.HostIPs) == 0 { - return allErrs - } - - hostIPsField := field.NewPath("status", "hostIPs") - - // hostIP must be equal to hostIPs[0].IP - if pod.Status.HostIP != pod.Status.HostIPs[0].IP { - allErrs = append(allErrs, field.Invalid(hostIPsField.Index(0).Child("ip"), pod.Status.HostIPs[0].IP, "must be equal to `hostIP`")) - } - - // all new HostIPs must be valid IPs, but existing invalid ones can be kept. - var existingHostIPs []string - if oldPod != nil { - existingHostIPs = make([]string, len(oldPod.Status.HostIPs)) - for i, hostIP := range oldPod.Status.HostIPs { - existingHostIPs[i] = hostIP.IP - } - } - for i, hostIP := range pod.Status.HostIPs { - allErrs = append(allErrs, IsValidIPForLegacyField(hostIPsField.Index(i), hostIP.IP, existingHostIPs)...) - } - - // if we have more than one Pod.HostIP then we must have a dual-stack pair - if len(pod.Status.HostIPs) > 1 { - hostIPs := make([]string, 0, len(pod.Status.HostIPs)) - for _, hostIP := range pod.Status.HostIPs { - hostIPs = append(hostIPs, hostIP.IP) - } - - dualStack, err := netutils.IsDualStackIPStrings(hostIPs) - if err != nil { - allErrs = append(allErrs, field.InternalError(hostIPsField, fmt.Errorf("failed to check for dual stack with error:%v", err))) - } - - // We only support one from each IP family (i.e. max two IPs in this list). - if !dualStack || len(hostIPs) > 2 { - allErrs = append(allErrs, field.Invalid(hostIPsField, pod.Status.HostIPs, "may specify no more than one IP for each IP family")) - } - } - - return allErrs -} - -// ValidatePodSpec tests that the specified PodSpec has valid data. -// This includes checking formatting and uniqueness. It also canonicalizes the -// structure by setting default values and implementing any backwards-compatibility -// tricks. -// The pod metadata is needed to validate generic ephemeral volumes. It is optional -// and should be left empty unless the spec is from a real pod object. -func ValidatePodSpec(spec *core.PodSpec, podMeta *metav1.ObjectMeta, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if spec.TerminationGracePeriodSeconds == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("terminationGracePeriodSeconds"), "")) - } - gracePeriod := spec.TerminationGracePeriodSeconds - - // The default for hostUsers is true, so a spec with no SecurityContext or no HostUsers field will be true. - // If the default ever changes, this condition will need to be changed. - hostUsers := spec.SecurityContext == nil || spec.SecurityContext.HostUsers == nil || *spec.SecurityContext.HostUsers - - vols, vErrs := ValidateVolumes(spec.Volumes, podMeta, fldPath.Child("volumes"), opts) - allErrs = append(allErrs, vErrs...) - podClaimNames := gatherPodResourceClaimNames(spec.ResourceClaims) - allErrs = append(allErrs, validatePodResourceClaims(podMeta, spec.ResourceClaims, fldPath.Child("resourceClaims"))...) - allErrs = append(allErrs, validateContainers(spec.Containers, spec.OS, vols, podClaimNames, gracePeriod, fldPath.Child("containers"), opts, &spec.RestartPolicy, hostUsers)...) - allErrs = append(allErrs, validateInitContainers(spec.InitContainers, spec.OS, spec.Containers, vols, podClaimNames, gracePeriod, fldPath.Child("initContainers"), opts, &spec.RestartPolicy, hostUsers)...) - allErrs = append(allErrs, validateEphemeralContainers(spec.EphemeralContainers, spec.Containers, spec.InitContainers, vols, podClaimNames, fldPath.Child("ephemeralContainers"), opts, &spec.RestartPolicy, hostUsers)...) - - if opts.PodLevelResourcesEnabled { - allErrs = append(allErrs, validatePodResources(spec, podClaimNames, fldPath, opts)...) - } - - allErrs = append(allErrs, validatePodHostNetworkDeps(spec, fldPath, opts)...) - allErrs = append(allErrs, validateRestartPolicy(&spec.RestartPolicy, fldPath.Child("restartPolicy"))...) - allErrs = append(allErrs, validateDNSPolicy(&spec.DNSPolicy, fldPath.Child("dnsPolicy"))...) - allErrs = append(allErrs, unversionedvalidation.ValidateLabels(spec.NodeSelector, fldPath.Child("nodeSelector"))...) - allErrs = append(allErrs, validatePodSpecSecurityContext(spec.SecurityContext, spec, fldPath, fldPath.Child("securityContext"), opts)...) - allErrs = append(allErrs, validateImagePullSecrets(spec.ImagePullSecrets, fldPath.Child("imagePullSecrets"))...) - allErrs = append(allErrs, validateAffinity(spec.Affinity, opts, fldPath.Child("affinity"))...) - allErrs = append(allErrs, validatePodDNSConfig(spec.DNSConfig, &spec.DNSPolicy, fldPath.Child("dnsConfig"), opts)...) - allErrs = append(allErrs, validateReadinessGates(spec.ReadinessGates, fldPath.Child("readinessGates"))...) - allErrs = append(allErrs, validateSchedulingGates(spec.SchedulingGates, fldPath.Child("schedulingGates"))...) - allErrs = append(allErrs, validateTopologySpreadConstraints(spec.TopologySpreadConstraints, fldPath.Child("topologySpreadConstraints"), opts)...) - allErrs = append(allErrs, validateWindowsHostProcessPod(spec, fldPath)...) - allErrs = append(allErrs, validateHostUsers(spec, fldPath, opts)...) - allErrs = append(allErrs, validatePodHostName(spec, fldPath)...) - if len(spec.ServiceAccountName) > 0 { - for _, msg := range ValidateServiceAccountName(spec.ServiceAccountName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("serviceAccountName"), spec.ServiceAccountName, msg)) - } - } - - if len(spec.NodeName) > 0 { - for _, msg := range ValidateNodeName(spec.NodeName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("nodeName"), spec.NodeName, msg)) - } - } - - if spec.ActiveDeadlineSeconds != nil { - value := *spec.ActiveDeadlineSeconds - if value < 1 || value > math.MaxInt32 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("activeDeadlineSeconds"), value, validation.InclusiveRangeError(1, math.MaxInt32))) - } - } - - if len(spec.Hostname) > 0 { - allErrs = append(allErrs, ValidateDNS1123Label(spec.Hostname, fldPath.Child("hostname"))...) - } - - if len(spec.Subdomain) > 0 { - allErrs = append(allErrs, ValidateDNS1123Label(spec.Subdomain, fldPath.Child("subdomain"))...) - } - - if len(spec.Tolerations) > 0 { - allErrs = append(allErrs, ValidateTolerations(spec.Tolerations, fldPath.Child("tolerations"), opts)...) - } - - if len(spec.HostAliases) > 0 { - allErrs = append(allErrs, ValidateHostAliases(spec.HostAliases, fldPath.Child("hostAliases"))...) - } - - if len(spec.PriorityClassName) > 0 { - for _, msg := range ValidatePriorityClassName(spec.PriorityClassName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("priorityClassName"), spec.PriorityClassName, msg)) - } - } - - if spec.RuntimeClassName != nil { - allErrs = append(allErrs, ValidateRuntimeClassName(*spec.RuntimeClassName, fldPath.Child("runtimeClassName"))...) - } - - if spec.PreemptionPolicy != nil { - allErrs = append(allErrs, ValidatePreemptionPolicy(spec.PreemptionPolicy, fldPath.Child("preemptionPolicy"))...) - } - - if spec.Overhead != nil { - allErrs = append(allErrs, validateOverhead(spec.Overhead, fldPath.Child("overhead"), opts)...) - } - - if spec.OS != nil { - osErrs := validateOS(spec, fldPath.Child("os"), opts) - switch { - case len(osErrs) > 0: - allErrs = append(allErrs, osErrs...) - case spec.OS.Name == core.Linux: - allErrs = append(allErrs, validateLinux(spec, fldPath)...) - case spec.OS.Name == core.Windows: - allErrs = append(allErrs, validateWindows(spec, fldPath)...) - } - } - - if spec.WorkloadRef != nil { - allErrs = append(allErrs, validateWorkloadReference(spec.WorkloadRef, fldPath.Child("workloadRef"))...) - } - - allErrs = append(allErrs, validateFileKeyRefVolumes(spec, fldPath)...) - return allErrs -} - -func validatePodResources(spec *core.PodSpec, podClaimNames sets.Set[string], fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - if spec.Resources == nil { - return nil - } - resourcesFldPath := fldPath.Child("resources") - if spec.OS != nil && spec.OS.Name == core.Windows { - // Do not include more detailed errors on the resources field value - // if the resources field may not be set on the target OS. - return field.ErrorList{ - field.Forbidden(resourcesFldPath, "may not be set for a windows pod"), - } - } - - allErrs := field.ErrorList{} - - if spec.Resources.Claims != nil { - allErrs = append(allErrs, field.Forbidden(resourcesFldPath.Child("claims"), "claims may not be set for Resources at pod-level")) - } - - // validatePodResourceRequirements checks if resource names and quantities are - // valid, and requests are less than limits. - allErrs = append(allErrs, validatePodResourceRequirements(spec.Resources, podClaimNames, resourcesFldPath, opts)...) - allErrs = append(allErrs, validatePodResourceConsistency(spec, resourcesFldPath)...) - return allErrs -} - -// validatePodResourceConsistency checks if aggregate container-level requests are -// less than or equal to pod-level requests, and individual container-level limits -// are less than or equal to pod-level limits. -func validatePodResourceConsistency(spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - // Convert the *core.PodSpec to *v1.PodSpec to satisfy the call to - // resourcehelper.PodRequests method, in the subsequent lines, - // which requires a *v1.Pod object (containing a *v1.PodSpec). - v1PodSpec := &v1.PodSpec{} - // TODO(ndixita): Convert_core_PodSpec_To_v1_PodSpec is risky. Add a copy of - // AggregateContainerRequests against internal core.Pod type for beta release of - // PodLevelResources feature. - if err := corev1.Convert_core_PodSpec_To_v1_PodSpec(spec, v1PodSpec, nil); err != nil { - allErrs = append(allErrs, field.InternalError(fldPath, fmt.Errorf("invalid %q: %v", fldPath, err.Error()))) - } - - reqPath := fldPath.Child("requests") - // resourcehelper.AggregateContainerRequests method requires a Pod object to - // calculate the total requests requirements of a pod. Hence a Pod object using - // v1PodSpec i.e. (&v1.Pod{Spec: *v1PodSpec}, is created on the fly, and passed - // to the AggregateContainerRequests method to facilitate proper resource - // calculation without modifying AggregateContainerRequests method. - aggrContainerReqs := resourcehelper.AggregateContainerRequests(&v1.Pod{Spec: *v1PodSpec}, resourcehelper.PodResourcesOptions{}) - - // Pod-level requests must be >= aggregate requests of all containers in a pod. - for resourceName, ctrReqs := range aggrContainerReqs { - // Skip if the pod-level request of the resource is not set. - podSpecRequests, exists := spec.Resources.Requests[core.ResourceName(resourceName.String())] - if !exists { - continue - } - - fldPath := reqPath.Key(resourceName.String()) - if ctrReqs.Cmp(podSpecRequests) > 0 { - allErrs = append(allErrs, field.Invalid(fldPath, podSpecRequests.String(), fmt.Sprintf("must be greater than or equal to aggregate container requests of %s", ctrReqs.String()))) - } - } - - // Pod level hugepage limits must be always equal or greater than the aggregated - // container level hugepage limits, this is due to the hugepage resources being - // treated as a non overcommitable resource (request and limit must be equal) - // for the current container level hugepage behavior. - // This is also why hugepages overcommitment is not allowed in pod level resources, - // the pod cgroup values must reflect the request/limit set at pod level, and the - // container level cgroup values must be within that limit. - aggrContainerLims := resourcehelper.AggregateContainerLimits(&v1.Pod{Spec: *v1PodSpec}, resourcehelper.PodResourcesOptions{}) - for resourceName, ctrLims := range aggrContainerLims { - if !helper.IsHugePageResourceName(core.ResourceName(resourceName)) { - continue - } - - podSpecLimits, hasLimit := spec.Resources.Limits[core.ResourceName(resourceName)] - if !hasLimit { - continue - } - - if ctrLims.Cmp(podSpecLimits) > 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("limits").Key(string(resourceName)), podSpecLimits.String(), fmt.Sprintf("must be greater than or equal to aggregate container limits of %s", ctrLims.String()))) - } - } - - // Individual Container limits must be <= Pod-level limits. - for i, ctr := range spec.Containers { - for resourceName, ctrLimit := range ctr.Resources.Limits { - // Skip if the pod-level limit of the resource is not set. - podSpecLimits, exists := spec.Resources.Limits[core.ResourceName(resourceName.String())] - if !exists { - continue - } - - if ctrLimit.Cmp(podSpecLimits) > 0 { - fldPath := fldPath.Child("containers").Index(i).Key(resourceName.String()).Child("limits") - allErrs = append(allErrs, field.Invalid(fldPath, ctrLimit.String(), fmt.Sprintf("must be less than or equal to pod limits of %s", podSpecLimits.String()))) - } - } - } - return allErrs -} - -func validateLinux(spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - securityContext := spec.SecurityContext - if securityContext != nil && securityContext.WindowsOptions != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("windowsOptions"), "windows options cannot be set for a linux pod")) - } - podshelper.VisitContainersWithPath(spec, fldPath, func(c *core.Container, cFldPath *field.Path) bool { - sc := c.SecurityContext - if sc != nil && sc.WindowsOptions != nil { - fldPath := cFldPath.Child("securityContext") - allErrs = append(allErrs, field.Forbidden(fldPath.Child("windowsOptions"), "windows options cannot be set for a linux pod")) - } - return true - }) - return allErrs -} - -func validateWindows(spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - securityContext := spec.SecurityContext - // validate Pod SecurityContext - if securityContext != nil { - if securityContext.AppArmorProfile != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("appArmorProfile"), "cannot be set for a windows pod")) - } - if securityContext.SELinuxOptions != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("seLinuxOptions"), "cannot be set for a windows pod")) - } - if securityContext.HostUsers != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostUsers"), "cannot be set for a windows pod")) - } - if securityContext.HostPID { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostPID"), "cannot be set for a windows pod")) - } - if securityContext.HostIPC { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("hostIPC"), "cannot be set for a windows pod")) - } - if securityContext.SeccompProfile != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("seccompProfile"), "cannot be set for a windows pod")) - } - if securityContext.FSGroup != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("fsGroup"), "cannot be set for a windows pod")) - } - if securityContext.FSGroupChangePolicy != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("fsGroupChangePolicy"), "cannot be set for a windows pod")) - } - if len(securityContext.Sysctls) > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("sysctls"), "cannot be set for a windows pod")) - } - if securityContext.ShareProcessNamespace != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("shareProcessNamespace"), "cannot be set for a windows pod")) - } - if securityContext.RunAsUser != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("runAsUser"), "cannot be set for a windows pod")) - } - if securityContext.RunAsGroup != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("runAsGroup"), "cannot be set for a windows pod")) - } - if securityContext.SupplementalGroups != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("supplementalGroups"), "cannot be set for a windows pod")) - } - if securityContext.SupplementalGroupsPolicy != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("supplementalGroupsPolicy"), "cannot be set for a windows pod")) - } - if securityContext.SELinuxChangePolicy != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("securityContext").Child("seLinuxChangePolicy"), "cannot be set for a windows pod")) - } - } - podshelper.VisitContainersWithPath(spec, fldPath, func(c *core.Container, cFldPath *field.Path) bool { - // validate container security context - sc := c.SecurityContext - // OS based podSecurityContext validation - // There is some naming overlap between Windows and Linux Security Contexts but all the Windows Specific options - // are set via securityContext.WindowsOptions which we validate below - // TODO: Think if we need to relax this restriction or some of the restrictions - if sc != nil { - fldPath := cFldPath.Child("securityContext") - if sc.AppArmorProfile != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("appArmorProfile"), "cannot be set for a windows pod")) - } - if sc.SELinuxOptions != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("seLinuxOptions"), "cannot be set for a windows pod")) - } - if sc.SeccompProfile != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("seccompProfile"), "cannot be set for a windows pod")) - } - if sc.Capabilities != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("capabilities"), "cannot be set for a windows pod")) - } - if sc.ReadOnlyRootFilesystem != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("readOnlyRootFilesystem"), "cannot be set for a windows pod")) - } - if sc.Privileged != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("privileged"), "cannot be set for a windows pod")) - } - if sc.AllowPrivilegeEscalation != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("allowPrivilegeEscalation"), "cannot be set for a windows pod")) - } - if sc.ProcMount != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("procMount"), "cannot be set for a windows pod")) - } - if sc.RunAsUser != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("runAsUser"), "cannot be set for a windows pod")) - } - if sc.RunAsGroup != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("runAsGroup"), "cannot be set for a windows pod")) - } - } - return true - }) - return allErrs -} - -// ValidateNodeSelectorRequirement tests that the specified NodeSelectorRequirement fields has valid data -func ValidateNodeSelectorRequirement(rq core.NodeSelectorRequirement, allowInvalidLabelValueInRequiredNodeAffinity bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - switch rq.Operator { - case core.NodeSelectorOpIn, core.NodeSelectorOpNotIn: - if len(rq.Values) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("values"), "must be specified when `operator` is 'In' or 'NotIn'")) - } - case core.NodeSelectorOpExists, core.NodeSelectorOpDoesNotExist: - if len(rq.Values) > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("values"), "may not be specified when `operator` is 'Exists' or 'DoesNotExist'")) - } - - case core.NodeSelectorOpGt, core.NodeSelectorOpLt: - if len(rq.Values) != 1 { - allErrs = append(allErrs, field.Required(fldPath.Child("values"), "must be specified single value when `operator` is 'Lt' or 'Gt'")) - } - default: - allErrs = append(allErrs, field.Invalid(fldPath.Child("operator"), rq.Operator, "not a valid selector operator")) - } - allErrs = append(allErrs, unversionedvalidation.ValidateLabelName(rq.Key, fldPath.Child("key"))...) - if !allowInvalidLabelValueInRequiredNodeAffinity { - path := fldPath.Child("values") - for valueIndex, value := range rq.Values { - for _, msg := range validation.IsValidLabelValue(value) { - allErrs = append(allErrs, field.Invalid(path.Index(valueIndex), value, msg)).WithOrigin("format=k8s-label-value") - } - } - } - return allErrs -} - -var nodeFieldSelectorValidators = map[string]func(string, bool) []string{ - metav1.ObjectNameField: ValidateNodeName, -} - -// ValidateNodeFieldSelectorRequirement tests that the specified NodeSelectorRequirement fields has valid data -func ValidateNodeFieldSelectorRequirement(req core.NodeSelectorRequirement, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - switch req.Operator { - case core.NodeSelectorOpIn, core.NodeSelectorOpNotIn: - if len(req.Values) != 1 { - allErrs = append(allErrs, field.Required(fldPath.Child("values"), - "must be only one value when `operator` is 'In' or 'NotIn' for node field selector")) - } - default: - allErrs = append(allErrs, field.Invalid(fldPath.Child("operator"), req.Operator, "not a valid selector operator")) - } - - if vf, found := nodeFieldSelectorValidators[req.Key]; !found { - allErrs = append(allErrs, field.Invalid(fldPath.Child("key"), req.Key, "not a valid field selector key")) - } else { - for i, v := range req.Values { - for _, msg := range vf(v, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("values").Index(i), v, msg)) - } - } - } - - return allErrs -} - -// ValidateNodeSelectorTerm tests that the specified node selector term has valid data -func ValidateNodeSelectorTerm(term core.NodeSelectorTerm, allowInvalidLabelValueInRequiredNodeAffinity bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - for j, req := range term.MatchExpressions { - allErrs = append(allErrs, ValidateNodeSelectorRequirement(req, allowInvalidLabelValueInRequiredNodeAffinity, fldPath.Child("matchExpressions").Index(j))...) - } - - for j, req := range term.MatchFields { - allErrs = append(allErrs, ValidateNodeFieldSelectorRequirement(req, fldPath.Child("matchFields").Index(j))...) - } - - return allErrs -} - -// ValidateNodeSelector tests that the specified nodeSelector fields has valid data -func ValidateNodeSelector(nodeSelector *core.NodeSelector, allowInvalidLabelValueInRequiredNodeAffinity bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - termFldPath := fldPath.Child("nodeSelectorTerms") - if len(nodeSelector.NodeSelectorTerms) == 0 { - return append(allErrs, field.Required(termFldPath, "must have at least one node selector term")) - } - - for i, term := range nodeSelector.NodeSelectorTerms { - allErrs = append(allErrs, ValidateNodeSelectorTerm(term, allowInvalidLabelValueInRequiredNodeAffinity, termFldPath.Index(i))...) - } - - return allErrs -} - -// validateTopologySelectorLabelRequirement tests that the specified TopologySelectorLabelRequirement fields has valid data, -// and constructs a set containing all of its Values. -func validateTopologySelectorLabelRequirement(rq core.TopologySelectorLabelRequirement, fldPath *field.Path) (sets.Set[string], field.ErrorList) { - allErrs := field.ErrorList{} - valueSet := make(sets.Set[string]) - valuesPath := fldPath.Child("values") - if len(rq.Values) == 0 { - allErrs = append(allErrs, field.Required(valuesPath, "")) - } - - // Validate set property of Values field - for i, value := range rq.Values { - if valueSet.Has(value) { - allErrs = append(allErrs, field.Duplicate(valuesPath.Index(i), value)) - } - valueSet.Insert(value) - } - - allErrs = append(allErrs, unversionedvalidation.ValidateLabelName(rq.Key, fldPath.Child("key"))...) - - return valueSet, allErrs -} - -// ValidateTopologySelectorTerm tests that the specified topology selector term has valid data, -// and constructs a map representing the term in raw form. -func ValidateTopologySelectorTerm(term core.TopologySelectorTerm, fldPath *field.Path) (map[string]sets.Set[string], field.ErrorList) { - allErrs := field.ErrorList{} - exprMap := make(map[string]sets.Set[string]) - exprPath := fldPath.Child("matchLabelExpressions") - - // Allow empty MatchLabelExpressions, in case this field becomes optional in the future. - for i, req := range term.MatchLabelExpressions { - idxPath := exprPath.Index(i) - valueSet, exprErrs := validateTopologySelectorLabelRequirement(req, idxPath) - allErrs = append(allErrs, exprErrs...) - - // Validate no duplicate keys exist. - if _, exists := exprMap[req.Key]; exists { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("key"), req.Key)) - } - exprMap[req.Key] = valueSet - } - - return exprMap, allErrs -} - -// ValidateAvoidPodsInNodeAnnotations tests that the serialized AvoidPods in Node.Annotations has valid data -func ValidateAvoidPodsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - v1Avoids, err := schedulinghelper.GetAvoidPodsFromNodeAnnotations(annotations) - if err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("AvoidPods"), core.PreferAvoidPodsAnnotationKey, err.Error())) - return allErrs - } - var avoids core.AvoidPods - if err := corev1.Convert_v1_AvoidPods_To_core_AvoidPods(&v1Avoids, &avoids, nil); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("AvoidPods"), core.PreferAvoidPodsAnnotationKey, err.Error())) - return allErrs - } - - if len(avoids.PreferAvoidPods) != 0 { - for i, pa := range avoids.PreferAvoidPods { - idxPath := fldPath.Child(core.PreferAvoidPodsAnnotationKey).Index(i) - allErrs = append(allErrs, validatePreferAvoidPodsEntry(pa, idxPath)...) - } - } - - return allErrs -} - -// validatePreferAvoidPodsEntry tests if given PreferAvoidPodsEntry has valid data. -func validatePreferAvoidPodsEntry(avoidPodEntry core.PreferAvoidPodsEntry, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if avoidPodEntry.PodSignature.PodController == nil { - allErrors = append(allErrors, field.Required(fldPath.Child("PodSignature"), "")) - } else { - if !*(avoidPodEntry.PodSignature.PodController.Controller) { - allErrors = append(allErrors, - field.Invalid(fldPath.Child("PodSignature").Child("PodController").Child("Controller"), - *(avoidPodEntry.PodSignature.PodController.Controller), "must point to a controller")) - } - } - return allErrors -} - -// ValidatePreferredSchedulingTerms tests that the specified SoftNodeAffinity fields has valid data -func ValidatePreferredSchedulingTerms(terms []core.PreferredSchedulingTerm, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - for i, term := range terms { - if term.Weight <= 0 || term.Weight > 100 { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("weight"), term.Weight, "must be in the range 1-100")) - } - - // we always allow invalid label-value for preferred affinity - // as they can success when cluster has only one node - allErrs = append(allErrs, ValidateNodeSelectorTerm(term.Preference, true, fldPath.Index(i).Child("preference"))...) - } - return allErrs -} - -// validatePodAffinityTerm tests that the specified podAffinityTerm fields have valid data -func validatePodAffinityTerm(podAffinityTerm core.PodAffinityTerm, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - allErrs = append(allErrs, ValidatePodAffinityTermSelector(podAffinityTerm, allowInvalidLabelValueInSelector, fldPath)...) - for _, name := range podAffinityTerm.Namespaces { - for _, msg := range ValidateNamespaceName(name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("namespace"), name, msg)) - } - } - allErrs = append(allErrs, ValidateMatchLabelKeysAndMismatchLabelKeys(fldPath, podAffinityTerm.MatchLabelKeys, podAffinityTerm.MismatchLabelKeys, podAffinityTerm.LabelSelector)...) - if len(podAffinityTerm.TopologyKey) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("topologyKey"), "can not be empty")) - } - return append(allErrs, unversionedvalidation.ValidateLabelName(podAffinityTerm.TopologyKey, fldPath.Child("topologyKey"))...) -} - -// validatePodAffinityTerms tests that the specified podAffinityTerms fields have valid data -func validatePodAffinityTerms(podAffinityTerms []core.PodAffinityTerm, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i, podAffinityTerm := range podAffinityTerms { - allErrs = append(allErrs, validatePodAffinityTerm(podAffinityTerm, allowInvalidLabelValueInSelector, fldPath.Index(i))...) - } - return allErrs -} - -// validateWeightedPodAffinityTerms tests that the specified weightedPodAffinityTerms fields have valid data -func validateWeightedPodAffinityTerms(weightedPodAffinityTerms []core.WeightedPodAffinityTerm, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for j, weightedTerm := range weightedPodAffinityTerms { - if weightedTerm.Weight <= 0 || weightedTerm.Weight > 100 { - allErrs = append(allErrs, field.Invalid(fldPath.Index(j).Child("weight"), weightedTerm.Weight, "must be in the range 1-100")) - } - allErrs = append(allErrs, validatePodAffinityTerm(weightedTerm.PodAffinityTerm, allowInvalidLabelValueInSelector, fldPath.Index(j).Child("podAffinityTerm"))...) - } - return allErrs -} - -// validatePodAntiAffinity tests that the specified podAntiAffinity fields have valid data -func validatePodAntiAffinity(podAntiAffinity *core.PodAntiAffinity, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // TODO:Uncomment below code once RequiredDuringSchedulingRequiredDuringExecution is implemented. - // if podAntiAffinity.RequiredDuringSchedulingRequiredDuringExecution != nil { - // allErrs = append(allErrs, validatePodAffinityTerms(podAntiAffinity.RequiredDuringSchedulingRequiredDuringExecution, false, - // fldPath.Child("requiredDuringSchedulingRequiredDuringExecution"))...) - // } - if podAntiAffinity.RequiredDuringSchedulingIgnoredDuringExecution != nil { - allErrs = append(allErrs, validatePodAffinityTerms(podAntiAffinity.RequiredDuringSchedulingIgnoredDuringExecution, allowInvalidLabelValueInSelector, - fldPath.Child("requiredDuringSchedulingIgnoredDuringExecution"))...) - } - if podAntiAffinity.PreferredDuringSchedulingIgnoredDuringExecution != nil { - allErrs = append(allErrs, validateWeightedPodAffinityTerms(podAntiAffinity.PreferredDuringSchedulingIgnoredDuringExecution, allowInvalidLabelValueInSelector, - fldPath.Child("preferredDuringSchedulingIgnoredDuringExecution"))...) - } - return allErrs -} - -// validateNodeAffinity tests that the specified nodeAffinity fields have valid data -func validateNodeAffinity(na *core.NodeAffinity, opts PodValidationOptions, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // TODO: Uncomment the next three lines once RequiredDuringSchedulingRequiredDuringExecution is implemented. - // if na.RequiredDuringSchedulingRequiredDuringExecution != nil { - // allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingRequiredDuringExecution, fldPath.Child("requiredDuringSchedulingRequiredDuringExecution"))...) - // } - if na.RequiredDuringSchedulingIgnoredDuringExecution != nil { - allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingIgnoredDuringExecution, opts.AllowInvalidLabelValueInRequiredNodeAffinity, fldPath.Child("requiredDuringSchedulingIgnoredDuringExecution"))...) - } - if len(na.PreferredDuringSchedulingIgnoredDuringExecution) > 0 { - allErrs = append(allErrs, ValidatePreferredSchedulingTerms(na.PreferredDuringSchedulingIgnoredDuringExecution, fldPath.Child("preferredDuringSchedulingIgnoredDuringExecution"))...) - } - return allErrs -} - -// validatePodAffinity tests that the specified podAffinity fields have valid data -func validatePodAffinity(podAffinity *core.PodAffinity, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // TODO:Uncomment below code once RequiredDuringSchedulingRequiredDuringExecution is implemented. - // if podAffinity.RequiredDuringSchedulingRequiredDuringExecution != nil { - // allErrs = append(allErrs, validatePodAffinityTerms(podAffinity.RequiredDuringSchedulingRequiredDuringExecution, false, - // fldPath.Child("requiredDuringSchedulingRequiredDuringExecution"))...) - // } - if podAffinity.RequiredDuringSchedulingIgnoredDuringExecution != nil { - allErrs = append(allErrs, validatePodAffinityTerms(podAffinity.RequiredDuringSchedulingIgnoredDuringExecution, allowInvalidLabelValueInSelector, - fldPath.Child("requiredDuringSchedulingIgnoredDuringExecution"))...) - } - if podAffinity.PreferredDuringSchedulingIgnoredDuringExecution != nil { - allErrs = append(allErrs, validateWeightedPodAffinityTerms(podAffinity.PreferredDuringSchedulingIgnoredDuringExecution, allowInvalidLabelValueInSelector, - fldPath.Child("preferredDuringSchedulingIgnoredDuringExecution"))...) - } - return allErrs -} - -func validateSeccompProfileField(sp *core.SeccompProfile, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if sp == nil { - return allErrs - } - - if err := validateSeccompProfileType(fldPath.Child("type"), sp.Type); err != nil { - allErrs = append(allErrs, err) - } - - if sp.Type == core.SeccompProfileTypeLocalhost { - if sp.LocalhostProfile == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("localhostProfile"), "must be set when seccomp type is Localhost")) - } else { - allErrs = append(allErrs, validateLocalDescendingPath(*sp.LocalhostProfile, fldPath.Child("localhostProfile"))...) - } - } else { - if sp.LocalhostProfile != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("localhostProfile"), sp, "can only be set when seccomp type is Localhost")) - } - } - - return allErrs -} - -func ValidateSeccompProfile(p string, fldPath *field.Path) field.ErrorList { - if p == core.SeccompProfileRuntimeDefault || p == core.DeprecatedSeccompProfileDockerDefault { - return nil - } - if p == v1.SeccompProfileNameUnconfined { - return nil - } - if strings.HasPrefix(p, v1.SeccompLocalhostProfileNamePrefix) { - return validateLocalDescendingPath(strings.TrimPrefix(p, v1.SeccompLocalhostProfileNamePrefix), fldPath) - } - return field.ErrorList{field.Invalid(fldPath, p, "must be a valid seccomp profile")} -} - -func ValidateSeccompPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if p, exists := annotations[core.SeccompPodAnnotationKey]; exists { - allErrs = append(allErrs, ValidateSeccompProfile(p, fldPath.Child(core.SeccompPodAnnotationKey))...) - } - for k, p := range annotations { - if strings.HasPrefix(k, core.SeccompContainerAnnotationKeyPrefix) { - allErrs = append(allErrs, ValidateSeccompProfile(p, fldPath.Child(k))...) - } - } - - return allErrs -} - -// ValidateSeccompProfileType tests that the argument is a valid SeccompProfileType. -func validateSeccompProfileType(fldPath *field.Path, seccompProfileType core.SeccompProfileType) *field.Error { - switch seccompProfileType { - case core.SeccompProfileTypeLocalhost, core.SeccompProfileTypeRuntimeDefault, core.SeccompProfileTypeUnconfined: - return nil - case "": - return field.Required(fldPath, "type is required when seccompProfile is set") - default: - return field.NotSupported(fldPath, seccompProfileType, []core.SeccompProfileType{core.SeccompProfileTypeLocalhost, core.SeccompProfileTypeRuntimeDefault, core.SeccompProfileTypeUnconfined}) - } -} - -func ValidateAppArmorProfileField(profile *core.AppArmorProfile, fldPath *field.Path) field.ErrorList { - if profile == nil { - return nil - } - - allErrs := field.ErrorList{} - - switch profile.Type { - case core.AppArmorProfileTypeLocalhost: - if profile.LocalhostProfile == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("localhostProfile"), "must be set when AppArmor type is Localhost")) - } else { - localhostProfile := strings.TrimSpace(*profile.LocalhostProfile) - if localhostProfile != *profile.LocalhostProfile { - allErrs = append(allErrs, field.Invalid(fldPath.Child("localhostProfile"), *profile.LocalhostProfile, "must not be padded with whitespace")) - } else if localhostProfile == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("localhostProfile"), "must be set when AppArmor type is Localhost")) - } - - const maxLocalhostProfileLength = 4095 // PATH_MAX - 1 - if len(*profile.LocalhostProfile) > maxLocalhostProfileLength { - allErrs = append(allErrs, field.TooLong(fldPath.Child("localhostProfile"), "" /*unused*/, maxLocalhostProfileLength)) - } - } - - case core.AppArmorProfileTypeRuntimeDefault, core.AppArmorProfileTypeUnconfined: - if profile.LocalhostProfile != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("localhostProfile"), profile.LocalhostProfile, "can only be set when AppArmor type is Localhost")) - } - - case "": - allErrs = append(allErrs, field.Required(fldPath.Child("type"), "type is required when appArmorProfile is set")) - - default: - allErrs = append(allErrs, field.NotSupported(fldPath.Child("type"), profile.Type, - []core.AppArmorProfileType{core.AppArmorProfileTypeLocalhost, core.AppArmorProfileTypeRuntimeDefault, core.AppArmorProfileTypeUnconfined})) - } - - return allErrs - -} - -func ValidateAppArmorPodAnnotations(annotations map[string]string, spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for k, p := range annotations { - if !strings.HasPrefix(k, v1.DeprecatedAppArmorBetaContainerAnnotationKeyPrefix) { - continue - } - containerName := strings.TrimPrefix(k, v1.DeprecatedAppArmorBetaContainerAnnotationKeyPrefix) - if !podSpecHasContainer(spec, containerName) { - allErrs = append(allErrs, field.Invalid(fldPath.Key(k), containerName, "container not found")) - } - - if err := ValidateAppArmorProfileFormat(p); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Key(k), p, err.Error())) - } - } - - return allErrs -} - -func ValidateAppArmorProfileFormat(profile string) error { - if profile == "" || profile == v1.DeprecatedAppArmorBetaProfileRuntimeDefault || profile == v1.DeprecatedAppArmorBetaProfileNameUnconfined { - return nil - } - if !strings.HasPrefix(profile, v1.DeprecatedAppArmorBetaProfileNamePrefix) { - return fmt.Errorf("invalid AppArmor profile name: %q", profile) - } - return nil -} - -// validateAppArmorAnnotationsAndFieldsMatchOnCreate validates that AppArmor fields and annotations are consistent. -func validateAppArmorAnnotationsAndFieldsMatchOnCreate(objectMeta metav1.ObjectMeta, podSpec *core.PodSpec, specPath *field.Path) field.ErrorList { - if podSpec.OS != nil && podSpec.OS.Name == core.Windows { - // Skip consistency check for windows pods. - return nil - } - - allErrs := field.ErrorList{} - - var podProfile *core.AppArmorProfile - if podSpec.SecurityContext != nil { - podProfile = podSpec.SecurityContext.AppArmorProfile - } - podshelper.VisitContainersWithPath(podSpec, specPath, func(c *core.Container, cFldPath *field.Path) bool { - containerProfile := podProfile - if c.SecurityContext != nil && c.SecurityContext.AppArmorProfile != nil { - containerProfile = c.SecurityContext.AppArmorProfile - } - - if containerProfile == nil { - return true - } - - key := core.DeprecatedAppArmorAnnotationKeyPrefix + c.Name - if annotation, found := objectMeta.Annotations[key]; found { - apparmorPath := cFldPath.Child("securityContext").Child("appArmorProfile") - - switch containerProfile.Type { - case core.AppArmorProfileTypeUnconfined: - if annotation != core.DeprecatedAppArmorAnnotationValueUnconfined { - allErrs = append(allErrs, field.Forbidden(apparmorPath.Child("type"), "apparmor type in annotation and field must match")) - } - - case core.AppArmorProfileTypeRuntimeDefault: - if annotation != core.DeprecatedAppArmorAnnotationValueRuntimeDefault { - allErrs = append(allErrs, field.Forbidden(apparmorPath.Child("type"), "apparmor type in annotation and field must match")) - } - - case core.AppArmorProfileTypeLocalhost: - if !strings.HasPrefix(annotation, core.DeprecatedAppArmorAnnotationValueLocalhostPrefix) { - allErrs = append(allErrs, field.Forbidden(apparmorPath.Child("type"), "apparmor type in annotation and field must match")) - } else if containerProfile.LocalhostProfile == nil || strings.TrimPrefix(annotation, core.DeprecatedAppArmorAnnotationValueLocalhostPrefix) != *containerProfile.LocalhostProfile { - allErrs = append(allErrs, field.Forbidden(apparmorPath.Child("localhostProfile"), "apparmor profile in annotation and field must match")) - } - } - } - return true - }) - - return allErrs -} - -func podSpecHasContainer(spec *core.PodSpec, containerName string) bool { - var hasContainer bool - podshelper.VisitContainersWithPath(spec, field.NewPath("spec"), func(c *core.Container, _ *field.Path) bool { - if c.Name == containerName { - hasContainer = true - return false - } - return true - }) - return hasContainer -} - -const ( - // a sysctl segment regex, concatenated with dots to form a sysctl name - SysctlSegmentFmt string = "[a-z0-9]([-_a-z0-9]*[a-z0-9])?" - - // a sysctl name regex with slash allowed - SysctlContainSlashFmt string = "(" + SysctlSegmentFmt + "[\\./])*" + SysctlSegmentFmt - - // the maximal length of a sysctl name - SysctlMaxLength int = 253 -) - -var sysctlContainSlashRegexp = regexp.MustCompile("^" + SysctlContainSlashFmt + "$") - -// IsValidSysctlName checks that the given string is a valid sysctl name, -// i.e. matches SysctlContainSlashFmt. -// More info: -// -// https://man7.org/linux/man-pages/man8/sysctl.8.html -// https://man7.org/linux/man-pages/man5/sysctl.d.5.html -func IsValidSysctlName(name string) bool { - if len(name) > SysctlMaxLength { - return false - } - return sysctlContainSlashRegexp.MatchString(name) -} - -func validateSysctls(securityContext *core.PodSecurityContext, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - names := make(map[string]struct{}) - for i, s := range securityContext.Sysctls { - if len(s.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Index(i).Child("name"), "")) - } else if !IsValidSysctlName(s.Name) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("name"), s.Name, fmt.Sprintf("must have at most %d characters and match regex %s", SysctlMaxLength, sysctlContainSlashRegexp))) - } else if _, ok := names[s.Name]; ok { - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i).Child("name"), s.Name)) - } - if !opts.AllowNamespacedSysctlsForHostNetAndHostIPC { - err := ValidateHostSysctl(s.Name, securityContext, fldPath.Index(i).Child("name")) - if err != nil { - allErrs = append(allErrs, err) - } - } - names[s.Name] = struct{}{} - } - return allErrs -} - -// ValidateHostSysctl will return error if namespaced sysctls is applied to pod sharing the respective namespaces with the host. -func ValidateHostSysctl(sysctl string, securityContext *core.PodSecurityContext, fldPath *field.Path) *field.Error { - ns, _, _ := utilsysctl.GetNamespace(sysctl) - switch { - case securityContext.HostNetwork && ns == utilsysctl.NetNamespace: - return field.Invalid(fldPath, sysctl, "may not be specified when 'hostNetwork' is true") - case securityContext.HostIPC && ns == utilsysctl.IPCNamespace: - return field.Invalid(fldPath, sysctl, "may not be specified when 'hostIPC' is true") - } - return nil -} - -var validSELinuxChangePolicies = sets.New(core.SELinuxChangePolicyRecursive, core.SELinuxChangePolicyMountOption) - -func validateSELinuxChangePolicy(seLinuxChangePolicy *core.PodSELinuxChangePolicy, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - if seLinuxChangePolicy == nil { - return nil - } - - allErrs := field.ErrorList{} - - if opts.AllowOnlyRecursiveSELinuxChangePolicy { - if *seLinuxChangePolicy != core.SELinuxChangePolicyRecursive { - allErrs = append(allErrs, field.NotSupported(fldPath, *seLinuxChangePolicy, []core.PodSELinuxChangePolicy{core.SELinuxChangePolicyRecursive})) - } - } else { - // Allow any valid SELinuxChangePolicy value. - if !validSELinuxChangePolicies.Has(*seLinuxChangePolicy) { - allErrs = append(allErrs, field.NotSupported(fldPath, *seLinuxChangePolicy, sets.List(validSELinuxChangePolicies))) - } - } - return allErrs -} - -// validatePodSpecSecurityContext verifies the SecurityContext of a PodSpec, -// whether that is defined in a Pod or in an embedded PodSpec (e.g. a -// Deployment's pod template). -func validatePodSpecSecurityContext(securityContext *core.PodSecurityContext, spec *core.PodSpec, specPath, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - if securityContext != nil { - if securityContext.FSGroup != nil { - for _, msg := range validation.IsValidGroupID(*securityContext.FSGroup) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("fsGroup"), *(securityContext.FSGroup), msg)) - } - } - if securityContext.RunAsUser != nil { - for _, msg := range validation.IsValidUserID(*securityContext.RunAsUser) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *(securityContext.RunAsUser), msg)) - } - } - if securityContext.RunAsGroup != nil { - for _, msg := range validation.IsValidGroupID(*securityContext.RunAsGroup) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsGroup"), *(securityContext.RunAsGroup), msg)) - } - } - for g, gid := range securityContext.SupplementalGroups { - for _, msg := range validation.IsValidGroupID(gid) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("supplementalGroups").Index(g), gid, msg)) - } - } - if securityContext.ShareProcessNamespace != nil && securityContext.HostPID && *securityContext.ShareProcessNamespace { - allErrs = append(allErrs, field.Invalid(fldPath.Child("shareProcessNamespace"), *securityContext.ShareProcessNamespace, "ShareProcessNamespace and HostPID cannot both be enabled")) - } - - if len(securityContext.Sysctls) != 0 { - allErrs = append(allErrs, validateSysctls(securityContext, fldPath.Child("sysctls"), opts)...) - } - - if securityContext.FSGroupChangePolicy != nil { - allErrs = append(allErrs, validateFSGroupChangePolicy(securityContext.FSGroupChangePolicy, fldPath.Child("fsGroupChangePolicy"))...) - } - - allErrs = append(allErrs, validateSeccompProfileField(securityContext.SeccompProfile, fldPath.Child("seccompProfile"))...) - allErrs = append(allErrs, validateWindowsSecurityContextOptions(securityContext.WindowsOptions, fldPath.Child("windowsOptions"))...) - allErrs = append(allErrs, ValidateAppArmorProfileField(securityContext.AppArmorProfile, fldPath.Child("appArmorProfile"))...) - - if securityContext.SupplementalGroupsPolicy != nil { - allErrs = append(allErrs, validateSupplementalGroupsPolicy(securityContext.SupplementalGroupsPolicy, fldPath.Child("supplementalGroupsPolicy"))...) - } - - if securityContext.SELinuxChangePolicy != nil { - allErrs = append(allErrs, validateSELinuxChangePolicy(securityContext.SELinuxChangePolicy, fldPath.Child("seLinuxChangePolicy"), opts)...) - } - } - - return allErrs -} - -func ValidateContainerUpdates(newContainers, oldContainers []core.Container, fldPath *field.Path) (allErrs field.ErrorList, stop bool) { - allErrs = field.ErrorList{} - if len(newContainers) != len(oldContainers) { - // TODO: Pinpoint the specific container that causes the invalid error after we have strategic merge diff - allErrs = append(allErrs, field.Forbidden(fldPath, "pod updates may not add or remove containers")) - return allErrs, true - } - - // validate updated container images - for i, ctr := range newContainers { - if len(ctr.Image) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Index(i).Child("image"), "")) - } - // this is only called from ValidatePodUpdate so its safe to check leading/trailing whitespace. - if len(strings.TrimSpace(ctr.Image)) != len(ctr.Image) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("image"), ctr.Image, "must not have leading or trailing whitespace")) - } - } - return allErrs, false -} - -// ValidatePodCreate validates a pod in the context of its initial create -func ValidatePodCreate(pod *core.Pod, opts PodValidationOptions) field.ErrorList { - allErrs := validatePodMetadataAndSpec(pod, opts) - - fldPath := field.NewPath("spec") - // EphemeralContainers can only be set on update using the ephemeralcontainers subresource - if len(pod.Spec.EphemeralContainers) > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("ephemeralContainers"), "cannot be set on create")) - } - // A Pod cannot be assigned a Node if there are remaining scheduling gates. - if pod.Spec.NodeName != "" && len(pod.Spec.SchedulingGates) != 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nodeName"), "cannot be set until all schedulingGates have been cleared")) - } - allErrs = append(allErrs, validateSeccompAnnotationsAndFields(pod.ObjectMeta, &pod.Spec, fldPath)...) - allErrs = append(allErrs, validateAppArmorAnnotationsAndFieldsMatchOnCreate(pod.ObjectMeta, &pod.Spec, fldPath)...) - - return allErrs -} - -// validateSeccompAnnotationsAndFields iterates through all containers and ensure that when both seccompProfile and seccomp annotations exist they match. -func validateSeccompAnnotationsAndFields(objectMeta metav1.ObjectMeta, podSpec *core.PodSpec, specPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if podSpec.SecurityContext != nil && podSpec.SecurityContext.SeccompProfile != nil { - // If both seccomp annotations and fields are specified, the values must match. - if annotation, found := objectMeta.Annotations[v1.SeccompPodAnnotationKey]; found { - seccompPath := specPath.Child("securityContext").Child("seccompProfile") - err := validateSeccompAnnotationsAndFieldsMatch(annotation, podSpec.SecurityContext.SeccompProfile, seccompPath) - if err != nil { - allErrs = append(allErrs, err) - } - } - } - - podshelper.VisitContainersWithPath(podSpec, specPath, func(c *core.Container, cFldPath *field.Path) bool { - var field *core.SeccompProfile - if c.SecurityContext != nil { - field = c.SecurityContext.SeccompProfile - } - - if field == nil { - return true - } - - key := v1.SeccompContainerAnnotationKeyPrefix + c.Name - if annotation, found := objectMeta.Annotations[key]; found { - seccompPath := cFldPath.Child("securityContext").Child("seccompProfile") - err := validateSeccompAnnotationsAndFieldsMatch(annotation, field, seccompPath) - if err != nil { - allErrs = append(allErrs, err) - } - } - return true - }) - - return allErrs -} - -func validateSeccompAnnotationsAndFieldsMatch(annotationValue string, seccompField *core.SeccompProfile, fldPath *field.Path) *field.Error { - if seccompField == nil { - return nil - } - - switch seccompField.Type { - case core.SeccompProfileTypeUnconfined: - if annotationValue != v1.SeccompProfileNameUnconfined { - return field.Forbidden(fldPath.Child("type"), "seccomp type in annotation and field must match") - } - - case core.SeccompProfileTypeRuntimeDefault: - if annotationValue != v1.SeccompProfileRuntimeDefault && annotationValue != v1.DeprecatedSeccompProfileDockerDefault { - return field.Forbidden(fldPath.Child("type"), "seccomp type in annotation and field must match") - } - - case core.SeccompProfileTypeLocalhost: - if !strings.HasPrefix(annotationValue, v1.SeccompLocalhostProfileNamePrefix) { - return field.Forbidden(fldPath.Child("type"), "seccomp type in annotation and field must match") - } else if seccompField.LocalhostProfile == nil || strings.TrimPrefix(annotationValue, v1.SeccompLocalhostProfileNamePrefix) != *seccompField.LocalhostProfile { - return field.Forbidden(fldPath.Child("localhostProfile"), "seccomp profile in annotation and field must match") - } - } - - return nil -} - -var updatablePodSpecFields = []string{ - "`spec.containers[*].image`", - "`spec.initContainers[*].image`", - "`spec.activeDeadlineSeconds`", - "`spec.tolerations` (only additions to existing tolerations)", - "`spec.terminationGracePeriodSeconds` (allow it to be set to 1 if it was previously negative)", -} - -// ValidatePodUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields -// that cannot be changed. -func ValidatePodUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions) field.ErrorList { - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, fldPath) - allErrs = append(allErrs, validatePodMetadataAndSpec(newPod, opts)...) - allErrs = append(allErrs, ValidatePodSpecificAnnotationUpdates(newPod, oldPod, fldPath.Child("annotations"), opts)...) - specPath := field.NewPath("spec") - - // validate updateable fields: - // 1. spec.containers[*].image - // 2. spec.initContainers[*].image - // 3. spec.activeDeadlineSeconds - // 4. spec.terminationGracePeriodSeconds - // 5. spec.schedulingGates - - containerErrs, stop := ValidateContainerUpdates(newPod.Spec.Containers, oldPod.Spec.Containers, specPath.Child("containers")) - allErrs = append(allErrs, containerErrs...) - if stop { - return allErrs - } - containerErrs, stop = ValidateContainerUpdates(newPod.Spec.InitContainers, oldPod.Spec.InitContainers, specPath.Child("initContainers")) - allErrs = append(allErrs, containerErrs...) - if stop { - return allErrs - } - - // validate updated spec.activeDeadlineSeconds. two types of updates are allowed: - // 1. from nil to a positive value - // 2. from a positive value to a lesser, non-negative value - if newPod.Spec.ActiveDeadlineSeconds != nil { - newActiveDeadlineSeconds := *newPod.Spec.ActiveDeadlineSeconds - if newActiveDeadlineSeconds < 0 || newActiveDeadlineSeconds > math.MaxInt32 { - allErrs = append(allErrs, field.Invalid(specPath.Child("activeDeadlineSeconds"), newActiveDeadlineSeconds, validation.InclusiveRangeError(0, math.MaxInt32))) - return allErrs - } - if oldPod.Spec.ActiveDeadlineSeconds != nil { - oldActiveDeadlineSeconds := *oldPod.Spec.ActiveDeadlineSeconds - if oldActiveDeadlineSeconds < newActiveDeadlineSeconds { - allErrs = append(allErrs, field.Invalid(specPath.Child("activeDeadlineSeconds"), newActiveDeadlineSeconds, "must be less than or equal to previous value")) - return allErrs - } - } - } else if oldPod.Spec.ActiveDeadlineSeconds != nil { - allErrs = append(allErrs, field.Invalid(specPath.Child("activeDeadlineSeconds"), newPod.Spec.ActiveDeadlineSeconds, "must not update from a positive integer to nil value")) - } - - // Allow only additions to tolerations updates. - allErrs = append(allErrs, validateOnlyAddedTolerations(newPod.Spec.Tolerations, oldPod.Spec.Tolerations, specPath.Child("tolerations"), opts)...) - - // Allow only deletions to schedulingGates updates. - allErrs = append(allErrs, validateOnlyDeletedSchedulingGates(newPod.Spec.SchedulingGates, oldPod.Spec.SchedulingGates, specPath.Child("schedulingGates"))...) - - // the last thing to check is pod spec equality. If the pod specs are equal, then we can simply return the errors we have - // so far and save the cost of a deep copy. - if apiequality.Semantic.DeepEqual(newPod.Spec, oldPod.Spec) { - return allErrs - } - - // handle updateable fields by munging those fields prior to deep equal comparison. - mungedPodSpec := *newPod.Spec.DeepCopy() - // munge spec.containers[*].image - var newContainers []core.Container - for ix, container := range mungedPodSpec.Containers { - container.Image = oldPod.Spec.Containers[ix].Image // +k8s:verify-mutation:reason=clone - newContainers = append(newContainers, container) - } - mungedPodSpec.Containers = newContainers - // munge spec.initContainers[*].image - var newInitContainers []core.Container - for ix, container := range mungedPodSpec.InitContainers { - container.Image = oldPod.Spec.InitContainers[ix].Image // +k8s:verify-mutation:reason=clone - newInitContainers = append(newInitContainers, container) - } - mungedPodSpec.InitContainers = newInitContainers - // munge spec.activeDeadlineSeconds - mungedPodSpec.ActiveDeadlineSeconds = nil - if oldPod.Spec.ActiveDeadlineSeconds != nil { - activeDeadlineSeconds := *oldPod.Spec.ActiveDeadlineSeconds - mungedPodSpec.ActiveDeadlineSeconds = &activeDeadlineSeconds - } - // munge spec.schedulingGates - mungedPodSpec.SchedulingGates = oldPod.Spec.SchedulingGates // +k8s:verify-mutation:reason=clone - // tolerations are checked before the deep copy, so munge those too - mungedPodSpec.Tolerations = oldPod.Spec.Tolerations // +k8s:verify-mutation:reason=clone - - // Relax validation of immutable fields to allow it to be set to 1 if it was previously negative. - if oldPod.Spec.TerminationGracePeriodSeconds != nil && *oldPod.Spec.TerminationGracePeriodSeconds < 0 && - mungedPodSpec.TerminationGracePeriodSeconds != nil && *mungedPodSpec.TerminationGracePeriodSeconds == 1 { - mungedPodSpec.TerminationGracePeriodSeconds = oldPod.Spec.TerminationGracePeriodSeconds // +k8s:verify-mutation:reason=clone - } - - // Handle validations specific to gated pods. - podIsGated := len(oldPod.Spec.SchedulingGates) > 0 - if podIsGated { - // Additions to spec.nodeSelector are allowed (no deletions or mutations) for gated pods. - if !apiequality.Semantic.DeepEqual(mungedPodSpec.NodeSelector, oldPod.Spec.NodeSelector) { - allErrs = append(allErrs, validateNodeSelectorMutation(specPath.Child("nodeSelector"), mungedPodSpec.NodeSelector, oldPod.Spec.NodeSelector)...) - mungedPodSpec.NodeSelector = oldPod.Spec.NodeSelector // +k8s:verify-mutation:reason=clone - } - - // Validate node affinity mutations. - var oldNodeAffinity *core.NodeAffinity - if oldPod.Spec.Affinity != nil { - oldNodeAffinity = oldPod.Spec.Affinity.NodeAffinity // +k8s:verify-mutation:reason=clone - } - - var mungedNodeAffinity *core.NodeAffinity - if mungedPodSpec.Affinity != nil { - mungedNodeAffinity = mungedPodSpec.Affinity.NodeAffinity // +k8s:verify-mutation:reason=clone - } - - if !apiequality.Semantic.DeepEqual(oldNodeAffinity, mungedNodeAffinity) { - allErrs = append(allErrs, validateNodeAffinityMutation(specPath.Child("affinity").Child("nodeAffinity"), mungedNodeAffinity, oldNodeAffinity)...) - switch { - case mungedPodSpec.Affinity == nil && oldNodeAffinity == nil: - // already effectively nil, no change needed - case mungedPodSpec.Affinity == nil && oldNodeAffinity != nil: - mungedPodSpec.Affinity = &core.Affinity{NodeAffinity: oldNodeAffinity} // +k8s:verify-mutation:reason=clone - case mungedPodSpec.Affinity != nil && oldPod.Spec.Affinity == nil && - mungedPodSpec.Affinity.PodAntiAffinity == nil && mungedPodSpec.Affinity.PodAffinity == nil: - // We ensure no other fields are being changed, but the NodeAffinity. If that's the case, and the - // old pod's affinity is nil, we set the mungedPodSpec's affinity to nil. - mungedPodSpec.Affinity = nil // +k8s:verify-mutation:reason=clone - default: - // The node affinity is being updated and the old pod Affinity is not nil. - // We set the mungedPodSpec's node affinity to the old pod's node affinity. - mungedPodSpec.Affinity.NodeAffinity = oldNodeAffinity // +k8s:verify-mutation:reason=clone - } - } - - // Note: Unlike NodeAffinity and NodeSelector, we cannot make PodAffinity/PodAntiAffinity mutable due to the presence of the matchLabelKeys/mismatchLabelKeys feature. - // Those features automatically generate the matchExpressions in labelSelector for PodAffinity/PodAntiAffinity when the Pod is created. - // When we make them mutable, we need to make sure things like how to handle/validate matchLabelKeys, - // and what if the fieldManager/A sets matchexpressions and fieldManager/B sets matchLabelKeys later. (could it lead the understandable conflict, etc) - } - - if !apiequality.Semantic.DeepEqual(mungedPodSpec, oldPod.Spec) { - // This diff isn't perfect, but it's a helluva lot better an "I'm not going to tell you what the difference is". - // TODO: Pinpoint the specific field that causes the invalid error after we have strategic merge diff - specDiff := diff.Diff(oldPod.Spec, mungedPodSpec) - errs := field.Forbidden(specPath, fmt.Sprintf("pod updates may not change fields other than %s\n%v", strings.Join(updatablePodSpecFields, ","), specDiff)) - allErrs = append(allErrs, errs) - } - return allErrs -} - -// ValidateContainerStateTransition test to if any illegal container state transitions are being attempted -func ValidateContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldPath *field.Path, podSpec core.PodSpec, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if opts.AllowContainerRestartPolicyRules { - // Convert the *core.PodSpec to *v1.PodSpec to satisfy the call to AllContainersCouldRestart and - // ContainerShouldRestart methods in the subsequent lines, which requires a *v1.PodSpec object. - v1PodSpec := &v1.PodSpec{} - err := corev1.Convert_core_PodSpec_To_v1_PodSpec(&podSpec, v1PodSpec, nil) - if err != nil { - allErrs = append(allErrs, field.InternalError(fldPath, fmt.Errorf("invalid %q: %v", fldPath, err.Error()))) - } - if opts.AllowRestartAllContainers { - // If any container has a restart rule action of RestartAllContainer, it means all container - // could be restarted, no matter their own restart policy. Therefore, all container could transition - // from terminated to non-terminated states. - if podutil.AllContainersCouldRestart(v1PodSpec) { - return allErrs - } - } - for i, oldStatus := range oldStatuses { - // Skip any container that is not terminated - if oldStatus.State.Terminated == nil { - continue - } - for _, newStatus := range newStatuses { - if newStatus.Name == oldStatus.Name && newStatus.State.Terminated == nil { - allowed := false - for _, c := range v1PodSpec.Containers { - if c.Name == oldStatus.Name { - allowed = podutil.ContainerShouldRestart(c, *v1PodSpec, oldStatus.State.Terminated.ExitCode) - break - } - } - if !allowed { - allErrs = append(allErrs, field.Forbidden(fldPath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) - } - break - } - } - } - return allErrs - } - restartPolicy := podSpec.RestartPolicy - // If we should always restart, containers are allowed to leave the terminated state - if restartPolicy == core.RestartPolicyAlways { - return allErrs - } - for i, oldStatus := range oldStatuses { - // Skip any container that is not terminated - if oldStatus.State.Terminated == nil { - continue - } - // Skip any container that failed but is allowed to restart - if oldStatus.State.Terminated.ExitCode != 0 && restartPolicy == core.RestartPolicyOnFailure { - continue - } - for _, newStatus := range newStatuses { - if oldStatus.Name == newStatus.Name && newStatus.State.Terminated == nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) - } - } - } - return allErrs -} - -// ValidateInitContainerStateTransition test to if any illegal init container state transitions are being attempted -func ValidateInitContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldpath *field.Path, podSpec core.PodSpec, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if opts.AllowContainerRestartPolicyRules { - // Convert the *core.PodSpec to *v1.PodSpec to satisfy the call to AllContainersCouldRestart and - // ContainerShouldRestart methods in the subsequent lines, which requires a *v1.PodSpec object. - v1PodSpec := &v1.PodSpec{} - err := corev1.Convert_core_PodSpec_To_v1_PodSpec(&podSpec, v1PodSpec, nil) - if err != nil { - allErrs = append(allErrs, field.InternalError(fldpath, fmt.Errorf("invalid %q: %v", fldpath, err.Error()))) - } - if opts.AllowRestartAllContainers { - // If any container has a restart rule action of RestartAllContainer, it means all container - // could be restarted, no matter their own restart policy. Therefore, all container could transition - // from terminated to non-terminated states. - if podutil.AllContainersCouldRestart(v1PodSpec) { - return allErrs - } - } - for i, oldStatus := range oldStatuses { - // Skip any container that is not terminated - if oldStatus.State.Terminated == nil { - continue - } - for _, newStatus := range newStatuses { - if newStatus.Name == oldStatus.Name && newStatus.State.Terminated == nil { - allowed := false - for _, c := range v1PodSpec.InitContainers { - if c.Name == oldStatus.Name { - allowed = podutil.ContainerShouldRestart(c, *v1PodSpec, oldStatus.State.Terminated.ExitCode) - break - } - } - if !allowed { - allErrs = append(allErrs, field.Forbidden(fldpath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) - } - break - } - } - } - return allErrs - } - // If we should always restart, containers are allowed to leave the terminated state - if podSpec.RestartPolicy == core.RestartPolicyAlways { - return allErrs - } - for i, oldStatus := range oldStatuses { - // Skip any container that is not terminated - if oldStatus.State.Terminated == nil { - continue - } - // Skip any container that failed but is allowed to restart - if oldStatus.State.Terminated.ExitCode != 0 && podSpec.RestartPolicy == core.RestartPolicyOnFailure { - continue - } - - // Skip any restartable init container that is allowed to restart - isRestartableInitCtr := false - for _, c := range podSpec.InitContainers { - if oldStatus.Name == c.Name { - if isRestartableInitContainer(&c) { - isRestartableInitCtr = true - } - break - } - } - if isRestartableInitCtr { - continue - } - - for _, newStatus := range newStatuses { - if oldStatus.Name == newStatus.Name && newStatus.State.Terminated == nil { - allErrs = append(allErrs, field.Forbidden(fldpath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) - } - } - } - return allErrs -} - -// ValidateEphemeralContainerStateTransition test to if any ephemeral containers are transitioned -// from terminated state to non-terminated state. -func ValidateEphemeralContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldpath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i, oldStatus := range oldStatuses { - // Skip any container that is not terminated - if oldStatus.State.Terminated == nil { - continue - } - for _, newStatus := range newStatuses { - if oldStatus.Name == newStatus.Name && newStatus.State.Terminated == nil { - allErrs = append(allErrs, field.Forbidden(fldpath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) - } - } - } - return allErrs -} - -// ValidatePodStatusUpdate checks for changes to status that shouldn't occur in normal operation. -func ValidatePodStatusUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions) field.ErrorList { - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, fldPath) - allErrs = append(allErrs, ValidatePodSpecificAnnotationUpdates(newPod, oldPod, fldPath.Child("annotations"), opts)...) - - fldPath = field.NewPath("status") - allErrs = append(allErrs, validatePodConditions(newPod.Status.Conditions, fldPath.Child("conditions"))...) - - if newPod.Spec.NodeName != oldPod.Spec.NodeName { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nodeName"), "may not be changed directly")) - } - - if newPod.Status.NominatedNodeName != oldPod.Status.NominatedNodeName && len(newPod.Status.NominatedNodeName) > 0 { - for _, msg := range ValidateNodeName(newPod.Status.NominatedNodeName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("nominatedNodeName"), newPod.Status.NominatedNodeName, msg)) - } - } - - // Prevent setting NominatedNodeName on already bound pods - if utilfeature.DefaultFeatureGate.Enabled(features.ClearingNominatedNodeNameAfterBinding) && - oldPod.Spec.NodeName != "" && - newPod.Status.NominatedNodeName != "" && - newPod.Status.NominatedNodeName != oldPod.Status.NominatedNodeName { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("nominatedNodeName"), - "may not be set on pods that are already bound to a node")) - } - - if newPod.Status.ObservedGeneration < 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("observedGeneration"), newPod.Status.ObservedGeneration, "must be a non-negative integer")) - } - - // Pod QoS is immutable - allErrs = append(allErrs, ValidateImmutableField(newPod.Status.QOSClass, oldPod.Status.QOSClass, fldPath.Child("qosClass"))...) - - // Note: there is no check that ContainerStatuses, InitContainerStatuses, and EphemeralContainerStatuses doesn't have duplicate conatainer names - // or statuses of containers that are not defined in the pod spec. Changing this may lead to a breaking changes. So consumers of those fields - // must account for unexpected data. Kubelet will never report statuses like this. - // - // If pod should not restart, make sure the status update does not transition - // any terminated containers to a non-terminated state. - allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.ContainerStatuses, oldPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), oldPod.Spec, opts)...) - allErrs = append(allErrs, ValidateInitContainerStateTransition(newPod.Status.InitContainerStatuses, oldPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), oldPod.Spec, opts)...) - allErrs = append(allErrs, ValidateEphemeralContainerStateTransition(newPod.Status.EphemeralContainerStatuses, oldPod.Status.EphemeralContainerStatuses, fldPath.Child("ephemeralContainerStatuses"))...) - allErrs = append(allErrs, validatePodResourceClaimStatuses(newPod.Status.ResourceClaimStatuses, newPod.Spec.ResourceClaims, fldPath.Child("resourceClaimStatuses"))...) - allErrs = append(allErrs, validatePodExtendedResourceClaimStatus(newPod.Status.ExtendedResourceClaimStatus, &newPod.Spec, fldPath.Child("extendedResourceClaimStatus"))...) - - if newIPErrs := validatePodIPs(newPod, oldPod); len(newIPErrs) > 0 { - allErrs = append(allErrs, newIPErrs...) - } - - if newIPErrs := validateHostIPs(newPod, oldPod); len(newIPErrs) > 0 { - allErrs = append(allErrs, newIPErrs...) - } - - allErrs = append(allErrs, validateContainerStatusUsers(newPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), newPod.Spec.OS)...) - allErrs = append(allErrs, validateContainerStatusUsers(newPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), newPod.Spec.OS)...) - allErrs = append(allErrs, validateContainerStatusUsers(newPod.Status.EphemeralContainerStatuses, fldPath.Child("ephemeralContainerStatuses"), newPod.Spec.OS)...) - - allErrs = append(allErrs, validateContainerStatusAllocatedResourcesStatus(newPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), newPod.Spec.Containers)...) - allErrs = append(allErrs, validateContainerStatusAllocatedResourcesStatus(newPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), newPod.Spec.InitContainers)...) - // ephemeral containers are not allowed to have resources allocated - allErrs = append(allErrs, validateContainerStatusNoAllocatedResourcesStatus(newPod.Status.EphemeralContainerStatuses, fldPath.Child("ephemeralContainerStatuses"))...) - - return allErrs -} - -// validatePodConditions tests if the custom pod conditions are valid, and that the observedGeneration -// is a non-negative integer. -func validatePodConditions(conditions []core.PodCondition, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - systemConditions := sets.New( - core.PodScheduled, - core.PodReady, - core.PodInitialized) - for i, condition := range conditions { - if condition.ObservedGeneration < 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("observedGeneration"), condition.ObservedGeneration, "must be a non-negative integer")) - } - if systemConditions.Has(condition.Type) { - continue - } - allErrs = append(allErrs, ValidateQualifiedName(string(condition.Type), fldPath.Index(i).Child("Type"))...) - } - return allErrs -} - -// validatePodResourceClaimStatuses validates the ResourceClaimStatuses slice in a pod status. -func validatePodResourceClaimStatuses(statuses []core.PodResourceClaimStatus, podClaims []core.PodResourceClaim, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - - claimNames := sets.New[string]() - for i, status := range statuses { - idxPath := fldPath.Index(i) - // There's no need to check the content of the name. If it matches an entry, - // then it is valid, otherwise we reject it here. - if !havePodClaim(podClaims, status.Name) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), status.Name, "must match the name of an entry in `spec.resourceClaims`")) - } - if claimNames.Has(status.Name) { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("name"), status.Name)) - } else { - claimNames.Insert(status.Name) - } - if status.ResourceClaimName != nil { - for _, detail := range ValidateResourceClaimName(*status.ResourceClaimName, false) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("name"), status.ResourceClaimName, detail)) - } - } - } - - return allErrs -} - -// validatePodExtendedResourceClaimStatus validates the ExtendedResourceClaimStatus in a pod status. -func validatePodExtendedResourceClaimStatus(status *core.PodExtendedResourceClaimStatus, spec *core.PodSpec, fldPath *field.Path) field.ErrorList { - if status == nil { - return nil - } - - containers := make(map[string]*core.Container) - for _, c := range spec.InitContainers { - containers[c.Name] = &c - } - for _, c := range spec.Containers { - containers[c.Name] = &c - } - - var allErrs field.ErrorList - rmFldPath := fldPath.Child("requestMappings") - if len(status.RequestMappings) == 0 { - allErrs = append(allErrs, field.Required(rmFldPath, "at least one request mapping is required")) - } - type key struct { - container string - resource string - request string - } - seen := map[key]struct{}{} - for i, rm := range status.RequestMappings { - idxPath := rmFldPath.Index(i) - c, ok := containers[rm.ContainerName] - if ok { - if _, ok := c.Resources.Requests[core.ResourceName(rm.ResourceName)]; !ok { - allErrs = append(allErrs, field.Invalid(idxPath.Child("resourceName"), rm.ResourceName, "must match the extended resource name of an entry in spec.initContainers.resources.requests or spec.containers.resources.requests")) - } - } else { - allErrs = append(allErrs, field.Invalid(idxPath.Child("containerName"), rm.ContainerName, "must match the name of an entry in spec.initContainers.name or spec.containers.name")) - } - allErrs = append(allErrs, ValidateDNS1123Label(rm.RequestName, fldPath.Child("requestName"))...) - k := key{container: rm.ContainerName, resource: rm.ResourceName, request: rm.RequestName} - if _, ok := seen[k]; ok { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("containerName"), rm.ContainerName)) - allErrs = append(allErrs, field.Duplicate(idxPath.Child("resourceName"), rm.ResourceName)) - allErrs = append(allErrs, field.Duplicate(idxPath.Child("requestName"), rm.RequestName)) - } - seen[k] = struct{}{} - } - if len(status.ResourceClaimName) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("resourceClaimName"), "")) - } else { - for _, detail := range ValidateResourceClaimName(status.ResourceClaimName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("resourceClaimName"), status.ResourceClaimName, detail)) - } - } - return allErrs -} - -func havePodClaim(podClaims []core.PodResourceClaim, name string) bool { - for _, podClaim := range podClaims { - if podClaim.Name == name { - return true - } - } - return false -} - -// ValidatePodEphemeralContainersUpdate tests that a user update to EphemeralContainers is valid. -// newPod and oldPod must only differ in their EphemeralContainers. -func ValidatePodEphemeralContainersUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions) field.ErrorList { - // Part 1: Validate newPod's spec and updates to metadata - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, fldPath) - allErrs = append(allErrs, validatePodMetadataAndSpec(newPod, opts)...) - allErrs = append(allErrs, ValidatePodSpecificAnnotationUpdates(newPod, oldPod, fldPath.Child("annotations"), opts)...) - - // static pods don't support ephemeral containers #113935 - if _, ok := oldPod.Annotations[core.MirrorPodAnnotationKey]; ok { - return field.ErrorList{field.Forbidden(field.NewPath(""), "static pods do not support ephemeral containers")} - } - - // Part 2: Validate that the changes between oldPod.Spec.EphemeralContainers and - // newPod.Spec.EphemeralContainers are allowed. - // - // Existing EphemeralContainers may not be changed. Order isn't preserved by patch, so check each individually. - newContainerIndex := make(map[string]*core.EphemeralContainer) - specPath := field.NewPath("spec").Child("ephemeralContainers") - for i := range newPod.Spec.EphemeralContainers { - newContainerIndex[newPod.Spec.EphemeralContainers[i].Name] = &newPod.Spec.EphemeralContainers[i] - } - for _, old := range oldPod.Spec.EphemeralContainers { - if new, ok := newContainerIndex[old.Name]; !ok { - allErrs = append(allErrs, field.Forbidden(specPath, fmt.Sprintf("existing ephemeral containers %q may not be removed\n", old.Name))) - } else if !apiequality.Semantic.DeepEqual(old, *new) { - specDiff := diff.Diff(old, *new) - allErrs = append(allErrs, field.Forbidden(specPath, fmt.Sprintf("existing ephemeral containers %q may not be changed\n%v", old.Name, specDiff))) - } - } - - return allErrs -} - -// ValidatePodResize tests that an update to pod container resources is valid. -// newPod and oldPod must only differ in their Containers[*].Resources and -// Containers[*].ResizePolicy field. -func ValidatePodResize(newPod, oldPod *core.Pod, opts PodValidationOptions) field.ErrorList { - // Part 1: Validate newPod's spec and updates to metadata - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, fldPath) - allErrs = append(allErrs, validatePodMetadataAndSpec(newPod, opts)...) - - // static pods cannot be resized. - if _, ok := oldPod.Annotations[core.MirrorPodAnnotationKey]; ok { - return field.ErrorList{field.Forbidden(field.NewPath(""), "static pods cannot be resized")} - } - - // windows pods are not supported. - if oldPod.Spec.OS != nil && oldPod.Spec.OS.Name == core.Windows { - return field.ErrorList{field.Forbidden(field.NewPath(""), "windows pods cannot be resized")} - } - - specPath := field.NewPath("spec") - if qos.GetPodQOS(oldPod) != qos.ComputePodQOS(newPod) { - allErrs = append(allErrs, field.Invalid(specPath, newPod.Status.QOSClass, "Pod QOS Class may not change as a result of resizing")) - } - - if !isPodResizeRequestSupported(*oldPod) { - allErrs = append(allErrs, field.Forbidden(specPath, "Pod running on node without support for resize")) - } - - // Part 2: Validate that changes between pod-level resources in oldPod.Spec.Resources and - // newPod.Spec.Resources are allowed. - - isPodLevelResourcesSet := func(pod *core.Pod) bool { - return pod.Spec.Resources != nil && - (len(pod.Spec.Resources.Requests)+len(pod.Spec.Resources.Limits) > 0) - } - - newPodSpecCopy := *newPod.Spec.DeepCopy() - - if isPodLevelResourcesSet(oldPod) || isPodLevelResourcesSet(newPod) { - // pods with pod-level resources cannot be resized without - // InPlacePodLevelResourcesVerticalScaling feature gate being enabled. - if !opts.InPlacePodLevelResourcesVerticalScalingEnabled { - allErrs = append(allErrs, field.Forbidden(field.NewPath(""), "resize of pods with pod-level resources is forbidden when InPlacePodLevelResourcesVerticalScalingEnabled feature gate is disabled")) - return allErrs - } - - // newPodSpecCopy is passed by reference to allow - // newPodSpecCopy.Resources to be mutated which is required for an - // intermediate validation step. - allErrs = append(allErrs, validatePodLevelResourcesResize(newPod, oldPod, &newPodSpecCopy, specPath, opts)...) - } - - // Part 3: Validate that the changes between oldPod.Spec.Containers[].Resources and - // newPod.Spec.Containers[].Resources are allowed. Also validate that the changes between oldPod.Spec.InitContainers[].Resources and - // newPod.Spec.InitContainers[].Resources are allowed. - - // The rest of the validation assumes that the containers are in the same order, - // so we proceed only if that assumption is true. - containerOrderErrs := validatePodResizeContainerOrdering(newPod, oldPod, specPath) - allErrs = append(allErrs, containerOrderErrs...) - if containerOrderErrs != nil { - return allErrs - } - - // Do not allow removing resource requests/limits on resize. - if utilfeature.DefaultFeatureGate.Enabled(features.SidecarContainers) { - for ix, ctr := range oldPod.Spec.InitContainers { - if !isRestartableInitContainer(&ctr) { - continue - } - allErrs = append(allErrs, validateContainerResize( - &newPod.Spec.InitContainers[ix].Resources, - &oldPod.Spec.InitContainers[ix].Resources, - newPod.Spec.InitContainers[ix].ResizePolicy, - specPath.Child("initContainers").Index(ix).Child("resources"))...) - } - } - for ix := range oldPod.Spec.Containers { - allErrs = append(allErrs, validateContainerResize( - &newPod.Spec.Containers[ix].Resources, - &oldPod.Spec.Containers[ix].Resources, - newPod.Spec.Containers[ix].ResizePolicy, - specPath.Child("containers").Index(ix).Child("resources"))...) - } - - // Ensure that only CPU and memory resources are mutable for regular containers. - var newContainers []core.Container - for ix, container := range newPodSpecCopy.Containers { - dropCPUMemoryResourcesFromContainer(&container, &oldPod.Spec.Containers[ix]) - if !apiequality.Semantic.DeepEqual(container, oldPod.Spec.Containers[ix]) { - // This likely means that the user has made changes to resources other than CPU and memory for regular container. - errs := field.Forbidden(specPath, "only cpu and memory resources are mutable") - allErrs = append(allErrs, errs) - } - newContainers = append(newContainers, container) - } - newPodSpecCopy.Containers = newContainers - - // Ensure that only CPU and memory resources are mutable for restartable init containers. - // Also ensure that resources are immutable for non-restartable init containers. - var newInitContainers []core.Container - if utilfeature.DefaultFeatureGate.Enabled(features.SidecarContainers) { - for ix, container := range newPodSpecCopy.InitContainers { - if isRestartableInitContainer(&container) { // restartable init container - dropCPUMemoryResourcesFromContainer(&container, &oldPod.Spec.InitContainers[ix]) - if !apiequality.Semantic.DeepEqual(container, oldPod.Spec.InitContainers[ix]) { - // This likely means that the user has made changes to resources other than CPU and memory for sidecar container. - errs := field.Forbidden(specPath, "only cpu and memory resources for sidecar containers are mutable") - allErrs = append(allErrs, errs) - } - } else if !apiequality.Semantic.DeepEqual(container, oldPod.Spec.InitContainers[ix]) { // non-restartable init container - // This likely means that the user has modified resources of non-sidecar init container. - errs := field.Forbidden(specPath, "resources for non-sidecar init containers are immutable") - allErrs = append(allErrs, errs) - } - newInitContainers = append(newInitContainers, container) - } - newPodSpecCopy.InitContainers = newInitContainers - } - - if len(allErrs) > 0 { - return allErrs - } - - if !apiequality.Semantic.DeepEqual(newPodSpecCopy, oldPod.Spec) { - // This likely means that the user has made changes to resources other than CPU and Memory. - errs := field.Forbidden(specPath, "only cpu and memory resources are mutable") - allErrs = append(allErrs, errs) - } - return allErrs -} - -// validatePodResizeContainerOrdering validates container ordering for a resize request. -// We do not allow adding, removing, re-ordering, or renaming containers on resize. -func validatePodResizeContainerOrdering(newPod, oldPod *core.Pod, specPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - if len(newPod.Spec.Containers) != len(oldPod.Spec.Containers) { - allErrs = append(allErrs, field.Forbidden(specPath.Child("containers"), "containers may not be added or removed on resize")) - } else { - for i, oldCtr := range oldPod.Spec.Containers { - if newPod.Spec.Containers[i].Name != oldCtr.Name { - allErrs = append(allErrs, field.Forbidden(specPath.Child("containers").Index(i).Child("name"), "containers may not be renamed or reordered on resize")) - } - } - } - if len(newPod.Spec.InitContainers) != len(oldPod.Spec.InitContainers) { - allErrs = append(allErrs, field.Forbidden(specPath.Child("initContainers"), "initContainers may not be added or removed on resize")) - } else { - for i, oldCtr := range oldPod.Spec.InitContainers { - if newPod.Spec.InitContainers[i].Name != oldCtr.Name { - allErrs = append(allErrs, field.Forbidden(specPath.Child("initContainers").Index(i).Child("name"), "initContainers may not be renamed or reordered on resize")) - } - } - } - return allErrs -} - -// validatePodLevelResourcesResize validates updates to pod-level resource requests/limits -// for in-place resizing, and is intentionally designed to mutate the -// podSpecToMutate, which is a deep copy of newPod.Spec -// -// The function performs a masking operation on its .Resources field: -// -// 1. Masking/Equalization: It modifies .Resources by dropping CPU/Memory -// resource values in podSpecToMutate, and then copying specific CPU/Memory resource -// values to match oldPod.Spec.Resources. -// 2. Integrity Check: The resulting mutated spec is used to perform an equality -// comparison (DeepEqual) against oldPod.Spec. If the specs match after masking, -// it guarantees that no changes were made other than the allowed resource modifications -// needed for the resize. -func validatePodLevelResourcesResize(newPod, oldPod *core.Pod, podSpecToMutate *core.PodSpec, specPath *field.Path, opts PodValidationOptions) field.ErrorList { - var allErrs field.ErrorList - - if oldPod.Spec.Resources != nil && newPod.Spec.Resources == nil { - return append(allErrs, field.Forbidden(specPath.Child("resources"), "pod-level resources cannot be removed")) - } - - if oldPod.Spec.Resources != nil { - if resourcesRemoved(newPod.Spec.Resources.Requests, oldPod.Spec.Resources.Requests) { - allErrs = append(allErrs, field.Forbidden(specPath.Child("resources").Child("requests"), "pod-level resource requests cannot be removed")) - } - - if resourcesRemoved(newPod.Spec.Resources.Limits, oldPod.Spec.Resources.Limits) { - allErrs = append(allErrs, field.Forbidden(specPath.Child("resources").Child("limits"), "pod-level resource limits cannot be removed")) - } - - } - - podSpecToMutate.Resources = dropCPUMemoryResourceRequirementsUpdates(podSpecToMutate.Resources, oldPod.Spec.Resources) - - if !apiequality.Semantic.DeepEqual(podSpecToMutate.Resources, oldPod.Spec.Resources) { - // This likely means that the user has made changes to pod-level resources other - // than CPU and memory. - errs := field.Forbidden(specPath, "only cpu and memory resources are mutable at pod-level") - allErrs = append(allErrs, errs) - } - - return allErrs -} - -func dropCPUMemoryUpdates(resourceList, oldResourceList core.ResourceList) core.ResourceList { - var mungedResourceList core.ResourceList - if resourceList == nil { - if oldResourceList == nil { - return nil - } - mungedResourceList = make(core.ResourceList) - } else { - mungedResourceList = resourceList.DeepCopy() - } - delete(mungedResourceList, core.ResourceCPU) - delete(mungedResourceList, core.ResourceMemory) - if cpu, found := oldResourceList[core.ResourceCPU]; found { - mungedResourceList[core.ResourceCPU] = cpu - } - if mem, found := oldResourceList[core.ResourceMemory]; found { - mungedResourceList[core.ResourceMemory] = mem - } - return mungedResourceList -} - -// dropCPUMemoryResourcesFromContainer deletes the cpu and memory resources from the -// container, and copies them from the old pod container resources if present. -// TODO(ndixita): refactor to reuse dropCPUMemoryResourceRequirementsUpdates -func dropCPUMemoryResourcesFromContainer(container *core.Container, oldPodSpecContainer *core.Container) { - lim := dropCPUMemoryUpdates(container.Resources.Limits, oldPodSpecContainer.Resources.Limits) - req := dropCPUMemoryUpdates(container.Resources.Requests, oldPodSpecContainer.Resources.Requests) - container.Resources = core.ResourceRequirements{Limits: lim, Requests: req} -} - -// dropCPUMemoryResourceRequirementsUpdates deletes the cpu and memory resources -// from the `resources` field, and copies them from old Pod spec's resources field -// if present. -func dropCPUMemoryResourceRequirementsUpdates(resources *core.ResourceRequirements, oldPodResources *core.ResourceRequirements) *core.ResourceRequirements { - if resources == nil { - return resources - } - - var oldReqs, oldLims core.ResourceList - if oldPodResources != nil && oldPodResources.Requests != nil { - oldReqs = oldPodResources.Requests // +k8s:verify-mutation:reason=clone' - } - - if oldPodResources != nil && oldPodResources.Limits != nil { - oldLims = oldPodResources.Limits // +k8s:verify-mutation:reason=clone' - } - - resources.Requests = dropCPUMemoryUpdates(resources.Requests, oldReqs) - resources.Limits = dropCPUMemoryUpdates(resources.Limits, oldLims) - - // Set the entire Resources block to nil if two conditions are met: - // 1. The old PodSpec Resources lacked any Resources - // 2. The masked resources has only empty Requests/Limits - // (i.e., any prior CPU/Memory defaults have been dropped) AND no immutable Claims are set. - // This ensures that an empty Resources block (which would typically only contain - // empty CPU/Memory after masking) is safely set to nil, unless Claims are present. - if oldPodResources == nil { - if len(resources.Requests) == 0 && len(resources.Limits) == 0 && len(resources.Claims) == 0 { - resources = nil - } - } - return resources -} - -// isPodResizeRequestSupported checks whether the pod is running on a node with InPlacePodVerticalScaling enabled. -func isPodResizeRequestSupported(pod core.Pod) bool { - // TODO: Remove this after GA+3 releases of InPlacePodVerticalScaling - // This code handles the version skew as described in the KEP. - // For handling version skew we're only allowing to update the Pod's Resources - // if the Pod already has Pod.Status.ContainerStatuses[i].Resources. This means - // that the apiserver would only allow updates to Pods running on Nodes with - // the InPlacePodVerticalScaling feature gate enabled. - for _, c := range pod.Status.ContainerStatuses { - if c.State.Running != nil { - return c.Resources != nil - } - } - // No running containers. We cannot tell whether the node supports resize at this point, so we assume it does. - return true -} - -// validateContainerResize validates the changes to the container's resource requirements for a pod resize request. -// newRequriements and oldRequirements must be non-nil. -func validateContainerResize(newRequirements, oldRequirements *core.ResourceRequirements, resizePolicies []core.ContainerResizePolicy, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - - // Removing resource requirements is not supported. - if resourcesRemoved(newRequirements.Requests, oldRequirements.Requests) { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("requests"), "resource requests cannot be removed")) - } - if resourcesRemoved(newRequirements.Limits, oldRequirements.Limits) { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("limits"), "resource limits cannot be removed")) - } - - // TODO(tallclair): Move resizable resource checks here. - - return allErrs -} - -func resourcesRemoved(resourceList, oldResourceList core.ResourceList) bool { - if len(oldResourceList) > len(resourceList) { - return true - } - for name := range oldResourceList { - if _, ok := resourceList[name]; !ok { - return true - } - } - - return false -} - -// ValidatePodBinding tests if required fields in the pod binding are legal. -func ValidatePodBinding(binding *core.Binding) field.ErrorList { - allErrs := field.ErrorList{} - - if len(binding.Target.Kind) != 0 && binding.Target.Kind != "Node" { - // TODO: When validation becomes versioned, this gets more complicated. - allErrs = append(allErrs, field.NotSupported(field.NewPath("target", "kind"), binding.Target.Kind, []string{"Node", ""})) - } - if len(binding.Target.Name) == 0 { - // TODO: When validation becomes versioned, this gets more complicated. - allErrs = append(allErrs, field.Required(field.NewPath("target", "name"), "")) - } - - return allErrs -} - -// ValidatePodTemplate tests if required fields in the pod template are set. -func ValidatePodTemplate(pod *core.PodTemplate, opts PodValidationOptions) field.ErrorList { - allErrs := ValidateObjectMeta(&pod.ObjectMeta, true, ValidatePodName, field.NewPath("metadata")) - allErrs = append(allErrs, ValidatePodTemplateSpec(&pod.Template, field.NewPath("template"), opts)...) - return allErrs -} - -// ValidatePodTemplateUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields -// that cannot be changed. -func ValidatePodTemplateUpdate(newPod, oldPod *core.PodTemplate, opts PodValidationOptions) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidatePodTemplateSpec(&newPod.Template, field.NewPath("template"), opts)...) - return allErrs -} - -var supportedSessionAffinityType = sets.New(core.ServiceAffinityClientIP, core.ServiceAffinityNone) -var supportedServiceType = sets.New(core.ServiceTypeClusterIP, core.ServiceTypeNodePort, - core.ServiceTypeLoadBalancer, core.ServiceTypeExternalName) - -var supportedServiceInternalTrafficPolicy = sets.New(core.ServiceInternalTrafficPolicyCluster, core.ServiceInternalTrafficPolicyLocal) - -var supportedServiceIPFamily = sets.New(core.IPv4Protocol, core.IPv6Protocol) -var supportedServiceIPFamilyPolicy = sets.New( - core.IPFamilyPolicySingleStack, - core.IPFamilyPolicyPreferDualStack, - core.IPFamilyPolicyRequireDualStack) - -// ValidateService tests if required fields/annotations of a Service are valid. -func validateService(service, oldService *core.Service) field.ErrorList { - metaPath := field.NewPath("metadata") - - // Don't validate ObjectMeta here - that is handled in the ValidateServiceCreate/ValidateServiceUpdate - // functions which call ValidateObjectMeta and ValidateObjectMetaUpdate respectively. - var allErrs field.ErrorList - - topologyHintsVal, topologyHintsSet := service.Annotations[core.DeprecatedAnnotationTopologyAwareHints] - topologyModeVal, topologyModeSet := service.Annotations[core.AnnotationTopologyMode] - - if topologyModeSet && topologyHintsSet && topologyModeVal != topologyHintsVal { - message := fmt.Sprintf("must match annotations[%s] when both are specified", core.DeprecatedAnnotationTopologyAwareHints) - allErrs = append(allErrs, field.Invalid(metaPath.Child("annotations").Key(core.AnnotationTopologyMode), topologyModeVal, message)) - } - - specPath := field.NewPath("spec") - - if len(service.Spec.Ports) == 0 && !isHeadlessService(service) && service.Spec.Type != core.ServiceTypeExternalName { - allErrs = append(allErrs, field.Required(specPath.Child("ports"), "")) - } - switch service.Spec.Type { - case core.ServiceTypeLoadBalancer: - if isHeadlessService(service) { - allErrs = append(allErrs, field.Invalid(specPath.Child("clusterIPs").Index(0), service.Spec.ClusterIPs[0], "may not be set to 'None' for LoadBalancer services")) - } - case core.ServiceTypeNodePort: - if isHeadlessService(service) { - allErrs = append(allErrs, field.Invalid(specPath.Child("clusterIPs").Index(0), service.Spec.ClusterIPs[0], "may not be set to 'None' for NodePort services")) - } - case core.ServiceTypeExternalName: - // must have len(.spec.ClusterIPs) == 0 // note: strategy sets ClusterIPs based on ClusterIP - if len(service.Spec.ClusterIPs) > 0 { - allErrs = append(allErrs, field.Forbidden(specPath.Child("clusterIPs"), "may not be set for ExternalName services")) - } - - // must have nil families and nil policy - if len(service.Spec.IPFamilies) > 0 { - allErrs = append(allErrs, field.Forbidden(specPath.Child("ipFamilies"), "may not be set for ExternalName services")) - } - if service.Spec.IPFamilyPolicy != nil { - allErrs = append(allErrs, field.Forbidden(specPath.Child("ipFamilyPolicy"), "may not be set for ExternalName services")) - } - - // The value (a CNAME) may have a trailing dot to denote it as fully qualified - cname := strings.TrimSuffix(service.Spec.ExternalName, ".") - if len(cname) > 0 { - allErrs = append(allErrs, ValidateDNS1123Subdomain(cname, specPath.Child("externalName"))...) - } else { - allErrs = append(allErrs, field.Required(specPath.Child("externalName"), "")) - } - } - - allPortNames := sets.Set[string]{} - portsPath := specPath.Child("ports") - for i := range service.Spec.Ports { - portPath := portsPath.Index(i) - allErrs = append(allErrs, validateServicePort(&service.Spec.Ports[i], len(service.Spec.Ports) > 1, isHeadlessService(service), &allPortNames, portPath)...) - } - - if service.Spec.Selector != nil { - allErrs = append(allErrs, unversionedvalidation.ValidateLabels(service.Spec.Selector, specPath.Child("selector"))...) - } - - if len(service.Spec.SessionAffinity) == 0 { - allErrs = append(allErrs, field.Required(specPath.Child("sessionAffinity"), "")) - } else if !supportedSessionAffinityType.Has(service.Spec.SessionAffinity) { - allErrs = append(allErrs, field.NotSupported(specPath.Child("sessionAffinity"), service.Spec.SessionAffinity, sets.List(supportedSessionAffinityType))) - } - - if service.Spec.SessionAffinity == core.ServiceAffinityClientIP { - allErrs = append(allErrs, validateClientIPAffinityConfig(service.Spec.SessionAffinityConfig, specPath.Child("sessionAffinityConfig"))...) - } else if service.Spec.SessionAffinity == core.ServiceAffinityNone { - if service.Spec.SessionAffinityConfig != nil { - allErrs = append(allErrs, field.Forbidden(specPath.Child("sessionAffinityConfig"), fmt.Sprintf("must not be set when session affinity is %s", core.ServiceAffinityNone))) - } - } - - // dualstack <-> ClusterIPs <-> ipfamilies - allErrs = append(allErrs, ValidateServiceClusterIPsRelatedFields(service, oldService)...) - - // All new ExternalIPs must be valid and "non-special". (Existing ExternalIPs may - // have been validated against older rules, but if we allowed them before we can't - // reject them now.) - ipPath := specPath.Child("externalIPs") - var existingExternalIPs []string - if oldService != nil { - existingExternalIPs = oldService.Spec.ExternalIPs // +k8s:verify-mutation:reason=clone - } - for i, ip := range service.Spec.ExternalIPs { - idxPath := ipPath.Index(i) - if errs := IsValidIPForLegacyField(idxPath, ip, existingExternalIPs); len(errs) != 0 { - allErrs = append(allErrs, errs...) - } else { - // For historical reasons, this uses ValidateEndpointIP even - // though that is not exactly the appropriate set of checks. - allErrs = append(allErrs, ValidateEndpointIP(ip, idxPath)...) - } - } - - if len(service.Spec.Type) == 0 { - allErrs = append(allErrs, field.Required(specPath.Child("type"), "")) - } else if !supportedServiceType.Has(service.Spec.Type) { - allErrs = append(allErrs, field.NotSupported(specPath.Child("type"), service.Spec.Type, sets.List(supportedServiceType))) - } - - if service.Spec.Type == core.ServiceTypeClusterIP { - portsPath := specPath.Child("ports") - for i := range service.Spec.Ports { - portPath := portsPath.Index(i) - if service.Spec.Ports[i].NodePort != 0 { - allErrs = append(allErrs, field.Forbidden(portPath.Child("nodePort"), "may not be used when `type` is 'ClusterIP'")) - } - } - } - - // Check for duplicate NodePorts, considering (protocol,port) pairs - portsPath = specPath.Child("ports") - nodePorts := make(map[core.ServicePort]bool) - for i := range service.Spec.Ports { - port := &service.Spec.Ports[i] - if port.NodePort == 0 { - continue - } - portPath := portsPath.Index(i) - var key core.ServicePort - key.Protocol = port.Protocol - key.NodePort = port.NodePort - _, found := nodePorts[key] - if found { - allErrs = append(allErrs, field.Duplicate(portPath.Child("nodePort"), port.NodePort)) - } - nodePorts[key] = true - } - - // Check for duplicate Ports, considering (protocol,port) pairs - portsPath = specPath.Child("ports") - ports := make(map[core.ServicePort]bool) - for i, port := range service.Spec.Ports { - portPath := portsPath.Index(i) - key := core.ServicePort{Protocol: port.Protocol, Port: port.Port} - _, found := ports[key] - if found { - allErrs = append(allErrs, field.Duplicate(portPath, key)) - } - ports[key] = true - } - - // Validate SourceRanges field or annotation. Existing invalid CIDR values do not - // need to be fixed. Note that even with the tighter CIDR validation we still - // allow excess whitespace, because that is effectively part of the API. - if len(service.Spec.LoadBalancerSourceRanges) > 0 { - fieldPath := specPath.Child("LoadBalancerSourceRanges") - - if service.Spec.Type != core.ServiceTypeLoadBalancer { - allErrs = append(allErrs, field.Forbidden(fieldPath, "may only be used when `type` is 'LoadBalancer'")) - } - var existingSourceRanges []string - if oldService != nil { - existingSourceRanges = make([]string, len(oldService.Spec.LoadBalancerSourceRanges)) - for i, value := range oldService.Spec.LoadBalancerSourceRanges { - existingSourceRanges[i] = strings.TrimSpace(value) - } - } - for idx, value := range service.Spec.LoadBalancerSourceRanges { - // Note: due to a historical accident around transition from the - // annotation value, these values are allowed to be space-padded. - value = strings.TrimSpace(value) - allErrs = append(allErrs, IsValidCIDRForLegacyField(fieldPath.Index(idx), value, existingSourceRanges)...) - } - } else if val, annotationSet := service.Annotations[core.AnnotationLoadBalancerSourceRangesKey]; annotationSet { - fieldPath := field.NewPath("metadata", "annotations").Key(core.AnnotationLoadBalancerSourceRangesKey) - if service.Spec.Type != core.ServiceTypeLoadBalancer { - allErrs = append(allErrs, field.Forbidden(fieldPath, "may only be used when `type` is 'LoadBalancer'")) - } - - if oldService == nil || oldService.Annotations[core.AnnotationLoadBalancerSourceRangesKey] != val { - val = strings.TrimSpace(val) - if val != "" { - cidrs := strings.Split(val, ",") - for _, value := range cidrs { - value = strings.TrimSpace(value) - allErrs = append(allErrs, IsValidCIDRForLegacyField(fieldPath, value, nil)...) - } - } - } - } - - if service.Spec.AllocateLoadBalancerNodePorts != nil && service.Spec.Type != core.ServiceTypeLoadBalancer { - allErrs = append(allErrs, field.Forbidden(specPath.Child("allocateLoadBalancerNodePorts"), "may only be used when `type` is 'LoadBalancer'")) - } - - if service.Spec.Type == core.ServiceTypeLoadBalancer && service.Spec.AllocateLoadBalancerNodePorts == nil { - allErrs = append(allErrs, field.Required(field.NewPath("allocateLoadBalancerNodePorts"), "")) - } - - // validate LoadBalancerClass field - allErrs = append(allErrs, validateLoadBalancerClassField(nil, service)...) - - // external traffic policy fields - allErrs = append(allErrs, validateServiceExternalTrafficPolicy(service)...) - - // internal traffic policy field - allErrs = append(allErrs, validateServiceInternalTrafficFieldsValue(service)...) - - // traffic distribution field - allErrs = append(allErrs, validateServiceTrafficDistribution(service)...) - - return allErrs -} - -func validateServicePort(sp *core.ServicePort, requireName, isHeadlessService bool, allNames *sets.Set[string], fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if requireName && len(sp.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else if len(sp.Name) != 0 { - allErrs = append(allErrs, ValidateDNS1123Label(sp.Name, fldPath.Child("name"))...) - if allNames.Has(sp.Name) { - allErrs = append(allErrs, field.Duplicate(fldPath.Child("name"), sp.Name)) - } else { - allNames.Insert(sp.Name) - } - } - - for _, msg := range validation.IsValidPortNum(int(sp.Port)) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("port"), sp.Port, msg)) - } - - if len(sp.Protocol) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("protocol"), "")) - } else if !supportedPortProtocols.Has(sp.Protocol) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), sp.Protocol, sets.List(supportedPortProtocols))) - } - - allErrs = append(allErrs, ValidatePortNumOrName(sp.TargetPort, fldPath.Child("targetPort"))...) - - if sp.AppProtocol != nil { - allErrs = append(allErrs, ValidateQualifiedName(*sp.AppProtocol, fldPath.Child("appProtocol"))...) - } - - // in the v1 API, targetPorts on headless services were tolerated. - // once we have version-specific validation, we can reject this on newer API versions, but until then, we have to tolerate it for compatibility. - // - // if isHeadlessService { - // if sp.TargetPort.Type == intstr.String || (sp.TargetPort.Type == intstr.Int && sp.Port != sp.TargetPort.IntValue()) { - // allErrs = append(allErrs, field.Invalid(fldPath.Child("targetPort"), sp.TargetPort, "must be equal to the value of 'port' when clusterIP = None")) - // } - // } - - return allErrs -} - -var validExternalTrafficPolicies = sets.New(core.ServiceExternalTrafficPolicyCluster, core.ServiceExternalTrafficPolicyLocal) - -func validateServiceExternalTrafficPolicy(service *core.Service) field.ErrorList { - allErrs := field.ErrorList{} - - fldPath := field.NewPath("spec") - - if !apiservice.ExternallyAccessible(service) { - if service.Spec.ExternalTrafficPolicy != "" { - allErrs = append(allErrs, field.Invalid(fldPath.Child("externalTrafficPolicy"), service.Spec.ExternalTrafficPolicy, - "may only be set for externally-accessible services")) - } - } else { - if service.Spec.ExternalTrafficPolicy == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("externalTrafficPolicy"), "")) - } else if !validExternalTrafficPolicies.Has(service.Spec.ExternalTrafficPolicy) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("externalTrafficPolicy"), - service.Spec.ExternalTrafficPolicy, sets.List(validExternalTrafficPolicies))) - } - } - - if !apiservice.NeedsHealthCheck(service) { - if service.Spec.HealthCheckNodePort != 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("healthCheckNodePort"), service.Spec.HealthCheckNodePort, - "may only be set when `type` is 'LoadBalancer' and `externalTrafficPolicy` is 'Local'")) - } - } else { - if service.Spec.HealthCheckNodePort == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("healthCheckNodePort"), "")) - } else { - for _, msg := range validation.IsValidPortNum(int(service.Spec.HealthCheckNodePort)) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("healthCheckNodePort"), service.Spec.HealthCheckNodePort, msg)) - } - } - } - - return allErrs -} - -func validateServiceExternalTrafficFieldsUpdate(before, after *core.Service) field.ErrorList { - allErrs := field.ErrorList{} - - if apiservice.NeedsHealthCheck(before) && apiservice.NeedsHealthCheck(after) { - if after.Spec.HealthCheckNodePort != before.Spec.HealthCheckNodePort { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "healthCheckNodePort"), "field is immutable")) - } - } - - return allErrs -} - -// validateServiceInternalTrafficFieldsValue validates InternalTraffic related -// spec have legal value. -func validateServiceInternalTrafficFieldsValue(service *core.Service) field.ErrorList { - allErrs := field.ErrorList{} - - if service.Spec.InternalTrafficPolicy == nil { - // We do not forbid internalTrafficPolicy on other Service types because of historical reasons. - // We did not check that before it went beta and we don't want to invalidate existing stored objects. - if service.Spec.Type == core.ServiceTypeNodePort || - service.Spec.Type == core.ServiceTypeLoadBalancer || service.Spec.Type == core.ServiceTypeClusterIP { - allErrs = append(allErrs, field.Required(field.NewPath("spec").Child("internalTrafficPolicy"), "")) - } - } - - if service.Spec.InternalTrafficPolicy != nil && !supportedServiceInternalTrafficPolicy.Has(*service.Spec.InternalTrafficPolicy) { - allErrs = append(allErrs, field.NotSupported(field.NewPath("spec").Child("internalTrafficPolicy"), *service.Spec.InternalTrafficPolicy, sets.List(supportedServiceInternalTrafficPolicy))) - } - - return allErrs -} - -// validateServiceTrafficDistribution validates the values for the -// trafficDistribution field. -func validateServiceTrafficDistribution(service *core.Service) field.ErrorList { - allErrs := field.ErrorList{} - - if service.Spec.TrafficDistribution == nil { - return allErrs - } - - var supportedTrafficDistribution []string - if !utilfeature.DefaultFeatureGate.Enabled(features.PreferSameTrafficDistribution) { - supportedTrafficDistribution = []string{ - v1.ServiceTrafficDistributionPreferClose, - } - } else { - supportedTrafficDistribution = []string{ - v1.ServiceTrafficDistributionPreferClose, - v1.ServiceTrafficDistributionPreferSameZone, - v1.ServiceTrafficDistributionPreferSameNode, - } - } - - if !slices.Contains(supportedTrafficDistribution, *service.Spec.TrafficDistribution) { - allErrs = append(allErrs, field.NotSupported(field.NewPath("spec").Child("trafficDistribution"), *service.Spec.TrafficDistribution, supportedTrafficDistribution)) - } - - return allErrs -} - -// ValidateServiceCreate validates Services as they are created. -func ValidateServiceCreate(service *core.Service) field.ErrorList { - metaPath := field.NewPath("metadata") - - // KEP-5311 Relaxed validation for Services names - validateServiceNameFunc := ValidateServiceName - if utilfeature.DefaultFeatureGate.Enabled(features.RelaxedServiceNameValidation) { - validateServiceNameFunc = apimachineryvalidation.NameIsDNSLabel - } - - allErrs := ValidateObjectMeta(&service.ObjectMeta, true, validateServiceNameFunc, metaPath) - - return append(allErrs, validateService(service, nil)...) -} - -// ValidateServiceUpdate tests if required fields in the service are set during an update -func ValidateServiceUpdate(service, oldService *core.Service) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&service.ObjectMeta, &oldService.ObjectMeta, field.NewPath("metadata")) - - // User can upgrade (add another clusterIP or ipFamily) - // can downgrade (remove secondary clusterIP or ipFamily) - // but *CAN NOT* change primary/secondary clusterIP || ipFamily *UNLESS* - // they are changing from/to/ON ExternalName - - upgradeDowngradeClusterIPsErrs := validateUpgradeDowngradeClusterIPs(oldService, service) - allErrs = append(allErrs, upgradeDowngradeClusterIPsErrs...) - - upgradeDowngradeIPFamiliesErrs := validateUpgradeDowngradeIPFamilies(oldService, service) - allErrs = append(allErrs, upgradeDowngradeIPFamiliesErrs...) - - upgradeDowngradeLoadBalancerClassErrs := validateLoadBalancerClassField(oldService, service) - allErrs = append(allErrs, upgradeDowngradeLoadBalancerClassErrs...) - - allErrs = append(allErrs, validateServiceExternalTrafficFieldsUpdate(oldService, service)...) - - return append(allErrs, validateService(service, oldService)...) -} - -// ValidateServiceStatusUpdate tests if required fields in the Service are set when updating status. -func ValidateServiceStatusUpdate(service, oldService *core.Service) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&service.ObjectMeta, &oldService.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateLoadBalancerStatus(&service.Status.LoadBalancer, &oldService.Status.LoadBalancer, field.NewPath("status", "loadBalancer"), &service.Spec)...) - return allErrs -} - -// ValidateReplicationController tests if required fields in the replication controller are set. -func ValidateReplicationController(controller *core.ReplicationController, opts PodValidationOptions) field.ErrorList { - validateLongName := func(fldPath *field.Path, name string) field.ErrorList { - return validate.LongName(context.Background(), operation.Operation{}, fldPath, &name, nil).MarkCoveredByDeclarative() - } - allErrs := ValidateObjectMetaWithOpts(&controller.ObjectMeta, true, validateLongName, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateReplicationControllerSpec(&controller.Spec, nil, field.NewPath("spec"), opts)...) - return allErrs -} - -// ValidateReplicationControllerUpdate tests if required fields in the replication controller are set. -func ValidateReplicationControllerUpdate(controller, oldController *core.ReplicationController, opts PodValidationOptions) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&controller.ObjectMeta, &oldController.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateReplicationControllerSpec(&controller.Spec, &oldController.Spec, field.NewPath("spec"), opts)...) - return allErrs -} - -// ValidateReplicationControllerStatusUpdate tests if required fields in the replication controller are set. -func ValidateReplicationControllerStatusUpdate(controller, oldController *core.ReplicationController) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&controller.ObjectMeta, &oldController.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateReplicationControllerStatus(controller.Status, field.NewPath("status"))...) - return allErrs -} - -func ValidateReplicationControllerStatus(status core.ReplicationControllerStatus, statusPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateNonnegativeField(int64(status.Replicas), statusPath.Child("replicas"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(status.FullyLabeledReplicas), statusPath.Child("fullyLabeledReplicas"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(status.ReadyReplicas), statusPath.Child("readyReplicas"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(status.AvailableReplicas), statusPath.Child("availableReplicas"))...) - allErrs = append(allErrs, ValidateNonnegativeField(int64(status.ObservedGeneration), statusPath.Child("observedGeneration"))...) - msg := "cannot be greater than status.replicas" - if status.FullyLabeledReplicas > status.Replicas { - allErrs = append(allErrs, field.Invalid(statusPath.Child("fullyLabeledReplicas"), status.FullyLabeledReplicas, msg)) - } - if status.ReadyReplicas > status.Replicas { - allErrs = append(allErrs, field.Invalid(statusPath.Child("readyReplicas"), status.ReadyReplicas, msg)) - } - if status.AvailableReplicas > status.Replicas { - allErrs = append(allErrs, field.Invalid(statusPath.Child("availableReplicas"), status.AvailableReplicas, msg)) - } - if status.AvailableReplicas > status.ReadyReplicas { - allErrs = append(allErrs, field.Invalid(statusPath.Child("availableReplicas"), status.AvailableReplicas, "cannot be greater than readyReplicas")) - } - return allErrs -} - -// Validates that the given selector is non-empty. -func ValidateNonEmptySelector(selectorMap map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - selector := labels.Set(selectorMap).AsSelector() - if selector.Empty() { - allErrs = append(allErrs, field.Required(fldPath, "")) - } - return allErrs -} - -// Validates the given template and ensures that it is in accordance with the desired selector and replicas. -func ValidatePodTemplateSpecForRC(template *core.PodTemplateSpec, selectorMap map[string]string, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if template == nil { - allErrs = append(allErrs, field.Required(fldPath, "")) - } else { - selector := labels.Set(selectorMap).AsSelector() - if !selector.Empty() { - // Verify that the RC selector matches the labels in template. - labels := labels.Set(template.Labels) - if !selector.Matches(labels) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("metadata", "labels"), template.Labels, "`selector` does not match template `labels`")) - } - } - allErrs = append(allErrs, ValidatePodTemplateSpec(template, fldPath, opts)...) - // RestartPolicy has already been first-order validated as per ValidatePodTemplateSpec(). - if template.Spec.RestartPolicy != core.RestartPolicyAlways { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("spec", "restartPolicy"), template.Spec.RestartPolicy, []core.RestartPolicy{core.RestartPolicyAlways})) - } - if template.Spec.ActiveDeadlineSeconds != nil { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("spec", "activeDeadlineSeconds"), "activeDeadlineSeconds in ReplicationController is not Supported")) - } - } - return allErrs -} - -// ValidateReplicationControllerSpec tests if required fields in the replication controller spec are set. -func ValidateReplicationControllerSpec(spec, oldSpec *core.ReplicationControllerSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateNonnegativeField(int64(spec.MinReadySeconds), fldPath.Child("minReadySeconds")).MarkCoveredByDeclarative()...) - allErrs = append(allErrs, ValidateNonEmptySelector(spec.Selector, fldPath.Child("selector"))...) - if spec.Replicas == nil { - allErrs = append(allErrs, field.Required(fldPath.Child("replicas"), "").MarkCoveredByDeclarative()) - } else { - allErrs = append(allErrs, ValidateNonnegativeField(int64(*spec.Replicas), fldPath.Child("replicas")).MarkCoveredByDeclarative()...) - } - allErrs = append(allErrs, ValidatePodTemplateSpecForRC(spec.Template, spec.Selector, fldPath.Child("template"), opts)...) - return allErrs -} - -// ValidatePodTemplateSpec validates the spec of a pod template -func ValidatePodTemplateSpec(spec *core.PodTemplateSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, unversionedvalidation.ValidateLabels(spec.Labels, fldPath.Child("labels"))...) - allErrs = append(allErrs, ValidateAnnotations(spec.Annotations, fldPath.Child("annotations"))...) - allErrs = append(allErrs, ValidatePodSpecificAnnotations(spec.Annotations, &spec.Spec, fldPath.Child("annotations"), opts)...) - allErrs = append(allErrs, ValidatePodSpec(&spec.Spec, nil, fldPath.Child("spec"), opts)...) - allErrs = append(allErrs, validateSeccompAnnotationsAndFields(spec.ObjectMeta, &spec.Spec, fldPath.Child("spec"))...) - allErrs = append(allErrs, validateAppArmorAnnotationsAndFieldsMatchOnCreate(spec.ObjectMeta, &spec.Spec, fldPath.Child("spec"))...) - - if len(spec.Spec.EphemeralContainers) > 0 { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("spec", "ephemeralContainers"), "ephemeral containers not allowed in pod template")) - } - - return allErrs -} - -// ValidateTaintsInNodeAnnotations tests that the serialized taints in Node.Annotations has valid data -func ValidateTaintsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - taints, err := helper.GetTaintsFromNodeAnnotations(annotations) - if err != nil { - allErrs = append(allErrs, field.Invalid(fldPath, core.TaintsAnnotationKey, err.Error())) - return allErrs - } - - if len(taints) > 0 { - allErrs = append(allErrs, validateNodeTaints(taints, fldPath.Child(core.TaintsAnnotationKey))...) - } - - return allErrs -} - -// validateNodeTaints tests if given taints have valid data. -func validateNodeTaints(taints []core.Taint, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - - uniqueTaints := map[core.TaintEffect]sets.Set[string]{} - - for i, currTaint := range taints { - idxPath := fldPath.Index(i) - // validate the taint key - allErrors = append(allErrors, unversionedvalidation.ValidateLabelName(currTaint.Key, idxPath.Child("key"))...) - // validate the taint value - if errs := validation.IsValidLabelValue(currTaint.Value); len(errs) != 0 { - allErrors = append(allErrors, field.Invalid(idxPath.Child("value"), currTaint.Value, strings.Join(errs, ";"))) - } - // validate the taint effect - allErrors = append(allErrors, validateTaintEffect(&currTaint.Effect, false, idxPath.Child("effect"))...) - - // validate if taint is unique by - if len(uniqueTaints[currTaint.Effect]) > 0 && uniqueTaints[currTaint.Effect].Has(currTaint.Key) { - duplicatedError := field.Duplicate(idxPath, currTaint) - duplicatedError.Detail = "taints must be unique by key and effect pair" - allErrors = append(allErrors, duplicatedError) - continue - } - - // add taint to existingTaints for uniqueness check - if len(uniqueTaints[currTaint.Effect]) == 0 { - uniqueTaints[currTaint.Effect] = sets.Set[string]{} - } - uniqueTaints[currTaint.Effect].Insert(currTaint.Key) - } - return allErrors -} - -func ValidateNodeSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if annotations[core.TaintsAnnotationKey] != "" { - allErrs = append(allErrs, ValidateTaintsInNodeAnnotations(annotations, fldPath)...) - } - - if annotations[core.PreferAvoidPodsAnnotationKey] != "" { - allErrs = append(allErrs, ValidateAvoidPodsInNodeAnnotations(annotations, fldPath)...) - } - return allErrs -} - -// validateNodeDeclaredFeatureName checks if a declared feature name is valid. -func validateNodeDeclaredFeatureName(featureName string) error { - if len(featureName) > validation.DNS1123SubdomainMaxLength { - return fmt.Errorf("invalid feature name %q: must be no more than %d characters", featureName, validation.DNS1123SubdomainMaxLength) - } - if !nodeDeclaredFeatureRegexp.MatchString(featureName) { - return fmt.Errorf("invalid feature name %q: must start with an UpperCamelCase segment, with subsequent segments separated by '/' (e.g., MyFeature or MyFeature/mySubFeature), and contain only alphanumeric characters and slashes", featureName) - } - return nil -} - -func validateNodeDeclaredFeatures(nodeFeatures []string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // We do not need to check feature gate again here as we do it in dropDisabledFields() (pkg/registry/core/node/strategy.go) - featureCount := len(nodeFeatures) - for i, feature := range nodeFeatures { - if err := validateNodeDeclaredFeatureName(feature); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i), feature, err.Error())) - } - if i+1 < featureCount { - nextFeature := nodeFeatures[i+1] - if feature == nextFeature { - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i+1), nextFeature)) - } else if feature > nextFeature { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i+1), nextFeature, "list must be sorted alphabetically")) - } - } - } - return allErrs -} - -// ValidateNode tests if required fields in the node are set. -func ValidateNode(node *core.Node) field.ErrorList { - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMeta(&node.ObjectMeta, false, ValidateNodeName, fldPath) - allErrs = append(allErrs, ValidateNodeSpecificAnnotations(node.ObjectMeta.Annotations, fldPath.Child("annotations"))...) - if len(node.Spec.Taints) > 0 { - allErrs = append(allErrs, validateNodeTaints(node.Spec.Taints, fldPath.Child("taints"))...) - } - - // Only validate spec. - // All status fields are optional and can be updated later. - // That said, if specified, we need to ensure they are valid. - allErrs = append(allErrs, ValidateNodeResources(node)...) - allErrs = append(allErrs, validateNodeSwapStatus(node.Status.NodeInfo.Swap, fldPath.Child("nodeSwapStatus"))...) - statusField := field.NewPath("status") - allErrs = append(allErrs, validateNodeDeclaredFeatures(node.Status.DeclaredFeatures, statusField.Child("declaredFeatures"))...) - - // validate PodCIDRS only if we need to - if len(node.Spec.PodCIDRs) > 0 { - podCIDRsField := field.NewPath("spec", "podCIDRs") - - // all PodCIDRs should be valid ones - for idx, value := range node.Spec.PodCIDRs { - allErrs = append(allErrs, IsValidCIDRForLegacyField(podCIDRsField.Index(idx), value, nil)...) - } - - // if more than PodCIDR then it must be a dual-stack pair - if len(node.Spec.PodCIDRs) > 1 { - dualStack, err := netutils.IsDualStackCIDRStrings(node.Spec.PodCIDRs) - if err != nil { - allErrs = append(allErrs, field.InternalError(podCIDRsField, fmt.Errorf("invalid PodCIDRs. failed to check with dual stack with error:%v", err))) - } - if !dualStack || len(node.Spec.PodCIDRs) > 2 { - allErrs = append(allErrs, field.Invalid(podCIDRsField, node.Spec.PodCIDRs, "may specify no more than one CIDR for each IP family")) - } - } - } - - return allErrs -} - -// ValidateNodeResources is used to make sure a node has valid capacity and allocatable values. -func ValidateNodeResources(node *core.Node) field.ErrorList { - allErrs := field.ErrorList{} - - // Validate resource quantities in capacity. - for k, v := range node.Status.Capacity { - resPath := field.NewPath("status", "capacity", string(k)) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - - // Validate resource quantities in allocatable. - for k, v := range node.Status.Allocatable { - resPath := field.NewPath("status", "allocatable", string(k)) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - return allErrs -} - -// ValidateNodeUpdate tests to make sure a node update can be applied. Modifies oldNode. -func ValidateNodeUpdate(node, oldNode *core.Node) field.ErrorList { - fldPath := field.NewPath("metadata") - allErrs := ValidateObjectMetaUpdate(&node.ObjectMeta, &oldNode.ObjectMeta, fldPath) - allErrs = append(allErrs, ValidateNodeSpecificAnnotations(node.ObjectMeta.Annotations, fldPath.Child("annotations"))...) - // TODO: Enable the code once we have better core object.status update model. Currently, - // anyone can update node status. - // if !apiequality.Semantic.DeepEqual(node.Status, core.NodeStatus{}) { - // allErrs = append(allErrs, field.Invalid("status", node.Status, "must be empty")) - // } - allErrs = append(allErrs, ValidateNodeResources(node)...) - - // TODO: dedup the validation checks in ValidateNode() and ValidateNodeUpdate() since both these functions get called during node update. - statusField := field.NewPath("status") - allErrs = append(allErrs, validateNodeDeclaredFeatures(node.Status.DeclaredFeatures, statusField.Child("declaredFeatures"))...) - - // Validate no duplicate addresses in node status. - addresses := make(map[core.NodeAddress]bool) - for i, address := range node.Status.Addresses { - if _, ok := addresses[address]; ok { - allErrs = append(allErrs, field.Duplicate(field.NewPath("status", "addresses").Index(i), address)) - } - addresses[address] = true - } - - // Allow the controller manager to assign a CIDR to a node if it doesn't have one. - if len(oldNode.Spec.PodCIDRs) > 0 { - // compare the entire slice - if len(oldNode.Spec.PodCIDRs) != len(node.Spec.PodCIDRs) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "podCIDRs"), "node updates may not change podCIDR except from \"\" to valid")) - } else { - for idx, value := range oldNode.Spec.PodCIDRs { - if value != node.Spec.PodCIDRs[idx] { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "podCIDRs"), "node updates may not change podCIDR except from \"\" to valid")) - } - } - } - } - - // Allow controller manager updating provider ID when not set - if len(oldNode.Spec.ProviderID) > 0 && oldNode.Spec.ProviderID != node.Spec.ProviderID { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "providerID"), "node updates may not change providerID except from \"\" to valid")) - } - - if node.Spec.ConfigSource != nil { - allErrs = append(allErrs, validateNodeConfigSourceSpec(node.Spec.ConfigSource, field.NewPath("spec", "configSource"))...) - } - if node.Status.Config != nil { - allErrs = append(allErrs, validateNodeConfigStatus(node.Status.Config, field.NewPath("status", "config"))...) - } - - // update taints - if len(node.Spec.Taints) > 0 { - allErrs = append(allErrs, validateNodeTaints(node.Spec.Taints, fldPath.Child("taints"))...) - } - - if node.Spec.DoNotUseExternalID != oldNode.Spec.DoNotUseExternalID { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "externalID"), "may not be updated")) - } - - // status and metadata are allowed change (barring restrictions above), so separately test spec field. - // spec only has a few fields, so check the ones we don't allow changing - // 1. PodCIDRs - immutable after first set - checked above - // 2. ProviderID - immutable after first set - checked above - // 3. Unschedulable - allowed to change - // 4. Taints - allowed to change - // 5. ConfigSource - allowed to change (and checked above) - // 6. DoNotUseExternalID - immutable - checked above - - return allErrs -} - -// validation specific to Node.Spec.ConfigSource -// The field ConfigSource is deprecated and will not be used. The validation is kept in place -// for the backward compatibility -func validateNodeConfigSourceSpec(source *core.NodeConfigSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - count := int(0) - if source.ConfigMap != nil { - count++ - allErrs = append(allErrs, validateConfigMapNodeConfigSourceSpec(source.ConfigMap, fldPath.Child("configMap"))...) - } - // add more subfields here in the future as they are added to NodeConfigSource - - // exactly one reference subfield must be non-nil - if count != 1 { - allErrs = append(allErrs, field.Invalid(fldPath, source, "exactly one reference subfield must be non-nil")) - } - return allErrs -} - -// validation specific to Node.Spec.ConfigSource.ConfigMap -// The field ConfigSource is deprecated and will not be used. The validation is kept in place -// for the backward compatibility -func validateConfigMapNodeConfigSourceSpec(source *core.ConfigMapNodeConfigSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // uid and resourceVersion must not be set in spec - if string(source.UID) != "" { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("uid"), "uid must not be set in spec")) - } - if source.ResourceVersion != "" { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("resourceVersion"), "resourceVersion must not be set in spec")) - } - return append(allErrs, validateConfigMapNodeConfigSource(source, fldPath)...) -} - -// validation specififc to Node.Status.Config -func validateNodeConfigStatus(status *core.NodeConfigStatus, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if status.Assigned != nil { - allErrs = append(allErrs, validateNodeConfigSourceStatus(status.Assigned, fldPath.Child("assigned"))...) - } - if status.Active != nil { - allErrs = append(allErrs, validateNodeConfigSourceStatus(status.Active, fldPath.Child("active"))...) - } - if status.LastKnownGood != nil { - allErrs = append(allErrs, validateNodeConfigSourceStatus(status.LastKnownGood, fldPath.Child("lastKnownGood"))...) - } - return allErrs -} - -// validation specific to Node.Status.Config.(Active|Assigned|LastKnownGood) -func validateNodeConfigSourceStatus(source *core.NodeConfigSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - count := int(0) - if source.ConfigMap != nil { - count++ - allErrs = append(allErrs, validateConfigMapNodeConfigSourceStatus(source.ConfigMap, fldPath.Child("configMap"))...) - } - // add more subfields here in the future as they are added to NodeConfigSource - - // exactly one reference subfield must be non-nil - if count != 1 { - allErrs = append(allErrs, field.Invalid(fldPath, source, "exactly one reference subfield must be non-nil")) - } - return allErrs -} - -// validation specific to Node.Status.Config.(Active|Assigned|LastKnownGood).ConfigMap -func validateConfigMapNodeConfigSourceStatus(source *core.ConfigMapNodeConfigSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // uid and resourceVersion must be set in status - if string(source.UID) == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("uid"), "")) - } - if source.ResourceVersion == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("resourceVersion"), "")) - } - return append(allErrs, validateConfigMapNodeConfigSource(source, fldPath)...) -} - -// common validation -func validateConfigMapNodeConfigSource(source *core.ConfigMapNodeConfigSource, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // validate target configmap namespace - if source.Namespace == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("namespace"), "")) - } else { - for _, msg := range ValidateNameFunc(ValidateNamespaceName)(source.Namespace, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("namespace"), source.Namespace, msg)) - } - } - // validate target configmap name - if source.Name == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else { - for _, msg := range ValidateNameFunc(ValidateConfigMapName)(source.Name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), source.Name, msg)) - } - } - // validate kubeletConfigKey against rules for configMap key names - if source.KubeletConfigKey == "" { - allErrs = append(allErrs, field.Required(fldPath.Child("kubeletConfigKey"), "")) - } else { - for _, msg := range validation.IsConfigMapKey(source.KubeletConfigKey) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("kubeletConfigKey"), source.KubeletConfigKey, msg)) - } - } - return allErrs -} - -// Validate compute resource typename. -// Refer to docs/design/resources.md for more details. -func validateResourceName(value core.ResourceName, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsQualifiedName(string(value)) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg)) - } - if len(allErrs) != 0 { - return allErrs - } - - if len(strings.Split(string(value), "/")) == 1 { - if !helper.IsStandardResourceName(value) { - return append(allErrs, field.Invalid(fldPath, value, "must be a standard resource type or fully qualified")) - } - } - - return allErrs -} - -// Validate container resource name -// Refer to docs/design/resources.md for more details. -func validateContainerResourceName(value core.ResourceName, fldPath *field.Path) field.ErrorList { - allErrs := validateResourceName(value, fldPath) - - if len(strings.Split(string(value), "/")) == 1 { - if !helper.IsStandardContainerResourceName(value) { - return append(allErrs, field.Invalid(fldPath, value, "must be a standard resource for containers")) - } - } else if !helper.IsNativeResource(value) { - if !helper.IsExtendedResourceName(value) { - return append(allErrs, field.Invalid(fldPath, value, "doesn't follow extended resource name standard")) - } - } - return allErrs -} - -// validatePodResourceName verifies that: -// 1. The resource name is a valid compute resource name for pod-level specification. -// 2. The resource is supported by the PodLevelResources feature. -func validatePodResourceName(resourceName core.ResourceName, fldPath *field.Path) field.ErrorList { - allErrs := validateResourceName(resourceName, fldPath) - if len(allErrs) != 0 { - return allErrs - } - - if !resourcehelper.IsSupportedPodLevelResource(v1.ResourceName(resourceName)) { - return append(allErrs, field.NotSupported(fldPath, resourceName, sets.List(resourcehelper.SupportedPodLevelResources()))) - } - - return allErrs -} - -// Validate resource names that can go in a resource quota -// Refer to docs/design/resources.md for more details. -func ValidateResourceQuotaResourceName(value core.ResourceName, fldPath *field.Path) field.ErrorList { - allErrs := validateResourceName(value, fldPath) - - if len(strings.Split(string(value), "/")) == 1 { - if !helper.IsStandardQuotaResourceName(value) { - return append(allErrs, field.Invalid(fldPath, value, isInvalidQuotaResource)) - } - } - return allErrs -} - -// Validate limit range types -func validateLimitRangeTypeName(value core.LimitType, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for _, msg := range validation.IsQualifiedName(string(value)) { - allErrs = append(allErrs, field.Invalid(fldPath, value, msg)) - } - if len(allErrs) != 0 { - return allErrs - } - - if len(strings.Split(string(value), "/")) == 1 { - if !helper.IsStandardLimitRangeType(value) { - return append(allErrs, field.Invalid(fldPath, value, "must be a standard limit type or fully qualified")) - } - } - - return allErrs -} - -// Validate limit range resource name -// limit types (other than Pod/Container) could contain storage not just cpu or memory -func validateLimitRangeResourceName(limitType core.LimitType, value core.ResourceName, fldPath *field.Path) field.ErrorList { - switch limitType { - case core.LimitTypePod, core.LimitTypeContainer: - return validateContainerResourceName(value, fldPath) - default: - return validateResourceName(value, fldPath) - } -} - -// ValidateLimitRange tests if required fields in the LimitRange are set. -func ValidateLimitRange(limitRange *core.LimitRange) field.ErrorList { - allErrs := ValidateObjectMeta(&limitRange.ObjectMeta, true, ValidateLimitRangeName, field.NewPath("metadata")) - - // ensure resource names are properly qualified per docs/design/resources.md - limitTypeSet := map[core.LimitType]bool{} - fldPath := field.NewPath("spec", "limits") - for i := range limitRange.Spec.Limits { - idxPath := fldPath.Index(i) - limit := &limitRange.Spec.Limits[i] - allErrs = append(allErrs, validateLimitRangeTypeName(limit.Type, idxPath.Child("type"))...) - - _, found := limitTypeSet[limit.Type] - if found { - allErrs = append(allErrs, field.Duplicate(idxPath.Child("type"), limit.Type)) - } - limitTypeSet[limit.Type] = true - - keys := sets.Set[string]{} - min := map[string]resource.Quantity{} - max := map[string]resource.Quantity{} - defaults := map[string]resource.Quantity{} - defaultRequests := map[string]resource.Quantity{} - maxLimitRequestRatios := map[string]resource.Quantity{} - - for k, q := range limit.Max { - allErrs = append(allErrs, validateLimitRangeResourceName(limit.Type, k, idxPath.Child("max").Key(string(k)))...) - keys.Insert(string(k)) - max[string(k)] = q - } - for k, q := range limit.Min { - allErrs = append(allErrs, validateLimitRangeResourceName(limit.Type, k, idxPath.Child("min").Key(string(k)))...) - keys.Insert(string(k)) - min[string(k)] = q - } - - if limit.Type == core.LimitTypePod { - if len(limit.Default) > 0 { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("default"), "may not be specified when `type` is 'Pod'")) - } - if len(limit.DefaultRequest) > 0 { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("defaultRequest"), "may not be specified when `type` is 'Pod'")) - } - } else { - for k, q := range limit.Default { - allErrs = append(allErrs, validateLimitRangeResourceName(limit.Type, k, idxPath.Child("default").Key(string(k)))...) - keys.Insert(string(k)) - defaults[string(k)] = q - } - for k, q := range limit.DefaultRequest { - allErrs = append(allErrs, validateLimitRangeResourceName(limit.Type, k, idxPath.Child("defaultRequest").Key(string(k)))...) - keys.Insert(string(k)) - defaultRequests[string(k)] = q - } - } - - if limit.Type == core.LimitTypePersistentVolumeClaim { - _, minQuantityFound := limit.Min[core.ResourceStorage] - _, maxQuantityFound := limit.Max[core.ResourceStorage] - if !minQuantityFound && !maxQuantityFound { - allErrs = append(allErrs, field.Required(idxPath.Child("limits"), "either minimum or maximum storage value is required, but neither was provided")) - } - } - - for k, q := range limit.MaxLimitRequestRatio { - allErrs = append(allErrs, validateLimitRangeResourceName(limit.Type, k, idxPath.Child("maxLimitRequestRatio").Key(string(k)))...) - keys.Insert(string(k)) - maxLimitRequestRatios[string(k)] = q - } - - for k := range keys { - minQuantity, minQuantityFound := min[k] - maxQuantity, maxQuantityFound := max[k] - defaultQuantity, defaultQuantityFound := defaults[k] - defaultRequestQuantity, defaultRequestQuantityFound := defaultRequests[k] - maxRatio, maxRatioFound := maxLimitRequestRatios[k] - - if minQuantityFound && maxQuantityFound && minQuantity.Cmp(maxQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("min").Key(string(k)), minQuantity, fmt.Sprintf("min value %s is greater than max value %s", minQuantity.String(), maxQuantity.String()))) - } - - if defaultRequestQuantityFound && minQuantityFound && minQuantity.Cmp(defaultRequestQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("defaultRequest").Key(string(k)), defaultRequestQuantity, fmt.Sprintf("min value %s is greater than default request value %s", minQuantity.String(), defaultRequestQuantity.String()))) - } - - if defaultRequestQuantityFound && maxQuantityFound && defaultRequestQuantity.Cmp(maxQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("defaultRequest").Key(string(k)), defaultRequestQuantity, fmt.Sprintf("default request value %s is greater than max value %s", defaultRequestQuantity.String(), maxQuantity.String()))) - } - - if defaultRequestQuantityFound && defaultQuantityFound && defaultRequestQuantity.Cmp(defaultQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("defaultRequest").Key(string(k)), defaultRequestQuantity, fmt.Sprintf("default request value %s is greater than default limit value %s", defaultRequestQuantity.String(), defaultQuantity.String()))) - } - - if defaultQuantityFound && minQuantityFound && minQuantity.Cmp(defaultQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("default").Key(string(k)), minQuantity, fmt.Sprintf("min value %s is greater than default value %s", minQuantity.String(), defaultQuantity.String()))) - } - - if defaultQuantityFound && maxQuantityFound && defaultQuantity.Cmp(maxQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("default").Key(string(k)), maxQuantity, fmt.Sprintf("default value %s is greater than max value %s", defaultQuantity.String(), maxQuantity.String()))) - } - if maxRatioFound && maxRatio.Cmp(*resource.NewQuantity(1, resource.DecimalSI)) < 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("maxLimitRequestRatio").Key(string(k)), maxRatio, fmt.Sprintf("ratio %s is less than 1", maxRatio.String()))) - } - if maxRatioFound && minQuantityFound && maxQuantityFound { - maxRatioValue := float64(maxRatio.Value()) - minQuantityValue := minQuantity.Value() - maxQuantityValue := maxQuantity.Value() - if maxRatio.Value() < resource.MaxMilliValue && minQuantityValue < resource.MaxMilliValue && maxQuantityValue < resource.MaxMilliValue { - maxRatioValue = float64(maxRatio.MilliValue()) / 1000 - minQuantityValue = minQuantity.MilliValue() - maxQuantityValue = maxQuantity.MilliValue() - } - maxRatioLimit := float64(maxQuantityValue) / float64(minQuantityValue) - if maxRatioValue > maxRatioLimit { - allErrs = append(allErrs, field.Invalid(idxPath.Child("maxLimitRequestRatio").Key(string(k)), maxRatio, fmt.Sprintf("ratio %s is greater than max/min = %f", maxRatio.String(), maxRatioLimit))) - } - } - - // for GPU, hugepages and other resources that are not allowed to overcommit, - // the default value and defaultRequest value must match if both are specified - if !helper.IsOvercommitAllowed(core.ResourceName(k)) && defaultQuantityFound && defaultRequestQuantityFound && defaultQuantity.Cmp(defaultRequestQuantity) != 0 { - allErrs = append(allErrs, field.Invalid(idxPath.Child("defaultRequest").Key(string(k)), defaultRequestQuantity, fmt.Sprintf("default value %s must equal to defaultRequest value %s in %s", defaultQuantity.String(), defaultRequestQuantity.String(), k))) - } - } - } - - return allErrs -} - -// ValidateServiceAccount tests if required fields in the ServiceAccount are set. -func ValidateServiceAccount(serviceAccount *core.ServiceAccount) field.ErrorList { - allErrs := ValidateObjectMeta(&serviceAccount.ObjectMeta, true, ValidateServiceAccountName, field.NewPath("metadata")) - return allErrs -} - -// ValidateServiceAccountUpdate tests if required fields in the ServiceAccount are set. -func ValidateServiceAccountUpdate(newServiceAccount, oldServiceAccount *core.ServiceAccount) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newServiceAccount.ObjectMeta, &oldServiceAccount.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateServiceAccount(newServiceAccount)...) - return allErrs -} - -// ValidateSecret tests if required fields in the Secret are set. -func ValidateSecret(secret *core.Secret) field.ErrorList { - allErrs := ValidateObjectMeta(&secret.ObjectMeta, true, ValidateSecretName, field.NewPath("metadata")) - - dataPath := field.NewPath("data") - totalSize := 0 - for key, value := range secret.Data { - for _, msg := range validation.IsConfigMapKey(key) { - allErrs = append(allErrs, field.Invalid(dataPath.Key(key), key, msg)) - } - totalSize += len(value) - } - if totalSize > core.MaxSecretSize { - allErrs = append(allErrs, field.TooLong(dataPath, "" /*unused*/, core.MaxSecretSize)) - } - - switch secret.Type { - case core.SecretTypeServiceAccountToken: - // Only require Annotations[kubernetes.io/service-account.name] - // Additional fields (like Annotations[kubernetes.io/service-account.uid] and Data[token]) might be contributed later by a controller loop - if value := secret.Annotations[core.ServiceAccountNameKey]; len(value) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("metadata", "annotations").Key(core.ServiceAccountNameKey), "")) - } - case core.SecretTypeOpaque, "": - // no-op - case core.SecretTypeDockercfg: - dockercfgBytes, exists := secret.Data[core.DockerConfigKey] - if !exists { - allErrs = append(allErrs, field.Required(dataPath.Key(core.DockerConfigKey), "")) - break - } - - // make sure that the content is well-formed json. - if err := json.Unmarshal(dockercfgBytes, &map[string]interface{}{}); err != nil { - allErrs = append(allErrs, field.Invalid(dataPath.Key(core.DockerConfigKey), "", err.Error())) - } - case core.SecretTypeDockerConfigJSON: - dockerConfigJSONBytes, exists := secret.Data[core.DockerConfigJSONKey] - if !exists { - allErrs = append(allErrs, field.Required(dataPath.Key(core.DockerConfigJSONKey), "")) - break - } - - // make sure that the content is well-formed json. - if err := json.Unmarshal(dockerConfigJSONBytes, &map[string]interface{}{}); err != nil { - allErrs = append(allErrs, field.Invalid(dataPath.Key(core.DockerConfigJSONKey), "", err.Error())) - } - case core.SecretTypeBasicAuth: - _, usernameFieldExists := secret.Data[core.BasicAuthUsernameKey] - _, passwordFieldExists := secret.Data[core.BasicAuthPasswordKey] - - // username or password might be empty, but the field must be present - if !usernameFieldExists && !passwordFieldExists { - allErrs = append(allErrs, field.Required(dataPath.Key(core.BasicAuthUsernameKey), "")) - allErrs = append(allErrs, field.Required(dataPath.Key(core.BasicAuthPasswordKey), "")) - break - } - case core.SecretTypeSSHAuth: - if len(secret.Data[core.SSHAuthPrivateKey]) == 0 { - allErrs = append(allErrs, field.Required(dataPath.Key(core.SSHAuthPrivateKey), "")) - break - } - - case core.SecretTypeTLS: - if _, exists := secret.Data[core.TLSCertKey]; !exists { - allErrs = append(allErrs, field.Required(dataPath.Key(core.TLSCertKey), "")) - } - if _, exists := secret.Data[core.TLSPrivateKeyKey]; !exists { - allErrs = append(allErrs, field.Required(dataPath.Key(core.TLSPrivateKeyKey), "")) - } - default: - // no-op - } - - return allErrs -} - -// ValidateSecretUpdate tests if required fields in the Secret are set. -func ValidateSecretUpdate(newSecret, oldSecret *core.Secret) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newSecret.ObjectMeta, &oldSecret.ObjectMeta, field.NewPath("metadata")) - - allErrs = append(allErrs, ValidateImmutableField(newSecret.Type, oldSecret.Type, field.NewPath("type"))...) - if oldSecret.Immutable != nil && *oldSecret.Immutable { - if newSecret.Immutable == nil || !*newSecret.Immutable { - allErrs = append(allErrs, field.Forbidden(field.NewPath("immutable"), "field is immutable when `immutable` is set")) - } - if !reflect.DeepEqual(newSecret.Data, oldSecret.Data) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("data"), "field is immutable when `immutable` is set")) - } - // We don't validate StringData, as it was already converted back to Data - // before validation is happening. - } - - allErrs = append(allErrs, ValidateSecret(newSecret)...) - return allErrs -} - -// ValidateConfigMapName can be used to check whether the given ConfigMap name is valid. -// Prefix indicates this name will be used as part of generation, in which case -// trailing dashes are allowed. -var ValidateConfigMapName = apimachineryvalidation.NameIsDNSSubdomain - -// ValidateConfigMap tests whether required fields in the ConfigMap are set. -func ValidateConfigMap(cfg *core.ConfigMap) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateObjectMeta(&cfg.ObjectMeta, true, ValidateConfigMapName, field.NewPath("metadata"))...) - - totalSize := 0 - - for key, value := range cfg.Data { - for _, msg := range validation.IsConfigMapKey(key) { - allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, msg)) - } - // check if we have a duplicate key in the other bag - if _, isValue := cfg.BinaryData[key]; isValue { - msg := "duplicate of key present in binaryData" - allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, msg)) - } - totalSize += len(value) - } - for key, value := range cfg.BinaryData { - for _, msg := range validation.IsConfigMapKey(key) { - allErrs = append(allErrs, field.Invalid(field.NewPath("binaryData").Key(key), key, msg)) - } - totalSize += len(value) - } - if totalSize > core.MaxSecretSize { - // pass back "" to indicate that the error refers to the whole object. - allErrs = append(allErrs, field.TooLong(field.NewPath(""), "" /*unused*/, core.MaxSecretSize)) - } - - return allErrs -} - -// ValidateConfigMapUpdate tests if required fields in the ConfigMap are set. -func ValidateConfigMapUpdate(newCfg, oldCfg *core.ConfigMap) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateObjectMetaUpdate(&newCfg.ObjectMeta, &oldCfg.ObjectMeta, field.NewPath("metadata"))...) - - if oldCfg.Immutable != nil && *oldCfg.Immutable { - if newCfg.Immutable == nil || !*newCfg.Immutable { - allErrs = append(allErrs, field.Forbidden(field.NewPath("immutable"), "field is immutable when `immutable` is set")) - } - if !reflect.DeepEqual(newCfg.Data, oldCfg.Data) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("data"), "field is immutable when `immutable` is set")) - } - if !reflect.DeepEqual(newCfg.BinaryData, oldCfg.BinaryData) { - allErrs = append(allErrs, field.Forbidden(field.NewPath("binaryData"), "field is immutable when `immutable` is set")) - } - } - - allErrs = append(allErrs, ValidateConfigMap(newCfg)...) - return allErrs -} - -func validateBasicResource(quantity resource.Quantity, fldPath *field.Path) field.ErrorList { - if quantity.Value() < 0 { - return field.ErrorList{field.Invalid(fldPath, quantity.Value(), "must be a valid resource quantity")} - } - return field.ErrorList{} -} - -func validatePodResourceRequirements(requirements *core.ResourceRequirements, podClaimNames sets.Set[string], fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - return validateResourceRequirements(requirements, validatePodResourceName, podClaimNames, fldPath, opts) -} - -func ValidateContainerResourceRequirements(requirements *core.ResourceRequirements, podClaimNames sets.Set[string], fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - return validateResourceRequirements(requirements, validateContainerResourceName, podClaimNames, fldPath, opts) -} - -// Validates resource requirement spec. -func validateResourceRequirements(requirements *core.ResourceRequirements, resourceNameFn func(core.ResourceName, *field.Path) field.ErrorList, podClaimNames sets.Set[string], fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - limPath := fldPath.Child("limits") - reqPath := fldPath.Child("requests") - limContainsCPUOrMemory := false - reqContainsCPUOrMemory := false - limContainsHugePages := false - reqContainsHugePages := false - supportedQoSComputeResources := sets.New(core.ResourceCPU, core.ResourceMemory) - for resourceName, quantity := range requirements.Limits { - - fldPath := limPath.Key(string(resourceName)) - // Validate resource name. - allErrs = append(allErrs, resourceNameFn(resourceName, fldPath)...) - - // Validate resource quantity. - allErrs = append(allErrs, ValidateResourceQuantityValue(resourceName, quantity, fldPath)...) - - if helper.IsHugePageResourceName(resourceName) { - limContainsHugePages = true - if err := validateResourceQuantityHugePageValue(resourceName, quantity, opts); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath, quantity.String(), err.Error())) - } - } - - if supportedQoSComputeResources.Has(resourceName) { - limContainsCPUOrMemory = true - } - } - for resourceName, quantity := range requirements.Requests { - fldPath := reqPath.Key(string(resourceName)) - // Validate resource name. - allErrs = append(allErrs, resourceNameFn(resourceName, fldPath)...) - - // Validate resource quantity. - allErrs = append(allErrs, ValidateResourceQuantityValue(resourceName, quantity, fldPath)...) - - // Check that request <= limit. - limitQuantity, exists := requirements.Limits[resourceName] - if exists { - // For non overcommitable resources, not only requests can't exceed limits, they also can't be lower, i.e. must be equal. - if quantity.Cmp(limitQuantity) != 0 && !helper.IsOvercommitAllowed(resourceName) { - allErrs = append(allErrs, field.Invalid(reqPath, quantity.String(), fmt.Sprintf("must be equal to %s limit of %s", resourceName, limitQuantity.String()))) - } else if quantity.Cmp(limitQuantity) > 0 { - allErrs = append(allErrs, field.Invalid(reqPath, quantity.String(), fmt.Sprintf("must be less than or equal to %s limit of %s", resourceName, limitQuantity.String()))) - } - } else if !helper.IsOvercommitAllowed(resourceName) { - allErrs = append(allErrs, field.Required(limPath, "Limit must be set for non overcommitable resources")) - } - if helper.IsHugePageResourceName(resourceName) { - reqContainsHugePages = true - if err := validateResourceQuantityHugePageValue(resourceName, quantity, opts); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath, quantity.String(), err.Error())) - } - } - if supportedQoSComputeResources.Has(resourceName) { - reqContainsCPUOrMemory = true - } - - } - if !limContainsCPUOrMemory && !reqContainsCPUOrMemory && (reqContainsHugePages || limContainsHugePages) { - allErrs = append(allErrs, field.Forbidden(fldPath, "HugePages require cpu or memory")) - } - - allErrs = append(allErrs, validateResourceClaimNames(requirements.Claims, podClaimNames, fldPath.Child("claims"))...) - - return allErrs -} - -// validateResourceClaimNames checks that the names in -// ResourceRequirements.Claims have a corresponding entry in -// PodSpec.ResourceClaims. -func validateResourceClaimNames(claims []core.ResourceClaim, podClaimNames sets.Set[string], fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - names := sets.Set[string]{} - for i, claim := range claims { - name := claim.Name - if name == "" { - allErrs = append(allErrs, field.Required(fldPath.Index(i), "")) - } else { - if names.Has(name) { - // All requests of that claim already referenced. - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i), name)) - } else { - key := name - if claim.Request != "" { - allErrs = append(allErrs, ValidateDNS1123Label(claim.Request, fldPath.Index(i).Child("request"))...) - key += "/" + claim.Request - } - if names.Has(key) { - // The exact same entry was already referenced. - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i), key)) - } else if claim.Request == "" { - // When referencing a claim, there's an - // overlap when previously some request - // in the claim was referenced. This - // cannot be checked with a map lookup, - // we need to iterate. - for key := range names { - index := strings.Index(key, "/") - if index < 0 { - continue - } - if key[0:index] == name { - allErrs = append(allErrs, field.Duplicate(fldPath.Index(i), name)) - } - } - } - - names.Insert(key) - } - if !podClaimNames.Has(name) { - // field.NotFound doesn't accept an - // explanation. Adding one here is more - // user-friendly. - error := field.NotFound(fldPath.Index(i), name) - error.Detail = "must be one of the names in pod.spec.resourceClaims" - if len(podClaimNames) == 0 { - error.Detail += " which is empty" - } else { - error.Detail += ": " + strings.Join(sets.List(podClaimNames), ", ") - } - allErrs = append(allErrs, error) - } - } - } - return allErrs -} - -func validateResourceQuantityHugePageValue(name core.ResourceName, quantity resource.Quantity, opts PodValidationOptions) error { - if !helper.IsHugePageResourceName(name) { - return nil - } - - if !opts.AllowIndivisibleHugePagesValues && !helper.IsHugePageResourceValueDivisible(name, quantity) { - return fmt.Errorf("%s is not positive integer multiple of %s", quantity.String(), name) - } - - return nil -} - -// validateResourceQuotaScopes ensures that each enumerated hard resource constraint is valid for set of scopes -func validateResourceQuotaScopes(resourceQuotaSpec *core.ResourceQuotaSpec, fld *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(resourceQuotaSpec.Scopes) == 0 { - return allErrs - } - hardLimits := sets.New[core.ResourceName]() - for k := range resourceQuotaSpec.Hard { - hardLimits.Insert(k) - } - fldPath := fld.Child("scopes") - scopeSet := sets.New[core.ResourceQuotaScope]() - for _, scope := range resourceQuotaSpec.Scopes { - if !helper.IsStandardResourceQuotaScope(scope) { - allErrs = append(allErrs, field.Invalid(fldPath, resourceQuotaSpec.Scopes, "unsupported scope")) - } - for _, k := range sets.List(hardLimits) { - if helper.IsStandardQuotaResourceName(k) && !helper.IsResourceQuotaScopeValidForResource(scope, k) { - allErrs = append(allErrs, field.Invalid(fldPath, resourceQuotaSpec.Scopes, "unsupported scope applied to resource")) - } - } - scopeSet.Insert(scope) - } - invalidScopePairs := []sets.Set[core.ResourceQuotaScope]{ - sets.New(core.ResourceQuotaScopeBestEffort, core.ResourceQuotaScopeNotBestEffort), - sets.New(core.ResourceQuotaScopeTerminating, core.ResourceQuotaScopeNotTerminating), - } - for _, invalidScopePair := range invalidScopePairs { - if scopeSet.HasAll(sets.List(invalidScopePair)...) { - allErrs = append(allErrs, field.Invalid(fldPath, resourceQuotaSpec.Scopes, "conflicting scopes")) - } - } - return allErrs -} - -// validateScopedResourceSelectorRequirement tests that the match expressions has valid data -func validateScopedResourceSelectorRequirement(resourceQuotaSpec *core.ResourceQuotaSpec, fld *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - hardLimits := sets.New[core.ResourceName]() - for k := range resourceQuotaSpec.Hard { - hardLimits.Insert(k) - } - fldPath := fld.Child("matchExpressions") - scopeSet := sets.New[core.ResourceQuotaScope]() - for _, req := range resourceQuotaSpec.ScopeSelector.MatchExpressions { - if !helper.IsStandardResourceQuotaScope(req.ScopeName) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("scopeName"), req.ScopeName, "unsupported scope")) - } - for _, k := range sets.List(hardLimits) { - if helper.IsStandardQuotaResourceName(k) && !helper.IsResourceQuotaScopeValidForResource(req.ScopeName, k) { - allErrs = append(allErrs, field.Invalid(fldPath, resourceQuotaSpec.ScopeSelector, "unsupported scope applied to resource")) - } - } - switch req.ScopeName { - case core.ResourceQuotaScopeBestEffort, core.ResourceQuotaScopeNotBestEffort, core.ResourceQuotaScopeTerminating, core.ResourceQuotaScopeNotTerminating, core.ResourceQuotaScopeCrossNamespacePodAffinity: - if req.Operator != core.ScopeSelectorOpExists { - allErrs = append(allErrs, field.Invalid(fldPath.Child("operator"), req.Operator, - "must be 'Exists' when scope is any of ResourceQuotaScopeTerminating, ResourceQuotaScopeNotTerminating, ResourceQuotaScopeBestEffort, ResourceQuotaScopeNotBestEffort or ResourceQuotaScopeCrossNamespacePodAffinity")) - } - } - - switch req.Operator { - case core.ScopeSelectorOpIn, core.ScopeSelectorOpNotIn: - if len(req.Values) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("values"), - "must be at least one value when `operator` is 'In' or 'NotIn' for scope selector")) - } - case core.ScopeSelectorOpExists, core.ScopeSelectorOpDoesNotExist: - if len(req.Values) != 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("values"), req.Values, - "must be no value when `operator` is 'Exist' or 'DoesNotExist' for scope selector")) - } - default: - allErrs = append(allErrs, field.Invalid(fldPath.Child("operator"), req.Operator, "not a valid selector operator")) - } - scopeSet.Insert(req.ScopeName) - } - invalidScopePairs := []sets.Set[core.ResourceQuotaScope]{ - sets.New(core.ResourceQuotaScopeBestEffort, core.ResourceQuotaScopeNotBestEffort), - sets.New(core.ResourceQuotaScopeTerminating, core.ResourceQuotaScopeNotTerminating), - } - for _, invalidScopePair := range invalidScopePairs { - if scopeSet.HasAll(sets.List(invalidScopePair)...) { - allErrs = append(allErrs, field.Invalid(fldPath, resourceQuotaSpec.Scopes, "conflicting scopes")) - } - } - - return allErrs -} - -// validateScopeSelector tests that the specified scope selector has valid data -func validateScopeSelector(resourceQuotaSpec *core.ResourceQuotaSpec, fld *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if resourceQuotaSpec.ScopeSelector == nil { - return allErrs - } - allErrs = append(allErrs, validateScopedResourceSelectorRequirement(resourceQuotaSpec, fld.Child("scopeSelector"))...) - return allErrs -} - -// ValidateResourceQuota tests if required fields in the ResourceQuota are set. -func ValidateResourceQuota(resourceQuota *core.ResourceQuota) field.ErrorList { - allErrs := ValidateObjectMeta(&resourceQuota.ObjectMeta, true, ValidateResourceQuotaName, field.NewPath("metadata")) - - allErrs = append(allErrs, ValidateResourceQuotaSpec(&resourceQuota.Spec, field.NewPath("spec"))...) - allErrs = append(allErrs, ValidateResourceQuotaStatus(&resourceQuota.Status, field.NewPath("status"))...) - - return allErrs -} - -func ValidateResourceQuotaStatus(status *core.ResourceQuotaStatus, fld *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - fldPath := fld.Child("hard") - for k, v := range status.Hard { - resPath := fldPath.Key(string(k)) - allErrs = append(allErrs, ValidateResourceQuotaResourceName(k, resPath)...) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - fldPath = fld.Child("used") - for k, v := range status.Used { - resPath := fldPath.Key(string(k)) - allErrs = append(allErrs, ValidateResourceQuotaResourceName(k, resPath)...) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - - return allErrs -} - -func ValidateResourceQuotaSpec(resourceQuotaSpec *core.ResourceQuotaSpec, fld *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - fldPath := fld.Child("hard") - for k, v := range resourceQuotaSpec.Hard { - resPath := fldPath.Key(string(k)) - allErrs = append(allErrs, ValidateResourceQuotaResourceName(k, resPath)...) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - - allErrs = append(allErrs, validateResourceQuotaScopes(resourceQuotaSpec, fld)...) - allErrs = append(allErrs, validateScopeSelector(resourceQuotaSpec, fld)...) - - return allErrs -} - -// ValidateResourceQuantityValue enforces that specified quantity is valid for specified resource -func ValidateResourceQuantityValue(resource core.ResourceName, value resource.Quantity, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, ValidateNonnegativeQuantity(value, fldPath)...) - if helper.IsIntegerResourceName(resource) { - if value.MilliValue()%int64(1000) != int64(0) { - allErrs = append(allErrs, field.Invalid(fldPath, value, isNotIntegerErrorMsg)) - } - } - return allErrs -} - -// ValidateResourceQuotaUpdate tests to see if the update is legal for an end user to make. -func ValidateResourceQuotaUpdate(newResourceQuota, oldResourceQuota *core.ResourceQuota) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newResourceQuota.ObjectMeta, &oldResourceQuota.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateResourceQuotaSpec(&newResourceQuota.Spec, field.NewPath("spec"))...) - - // ensure scopes cannot change, and that resources are still valid for scope - fldPath := field.NewPath("spec", "scopes") - oldScopes := sets.New[string]() - newScopes := sets.New[string]() - for _, scope := range newResourceQuota.Spec.Scopes { - newScopes.Insert(string(scope)) - } - for _, scope := range oldResourceQuota.Spec.Scopes { - oldScopes.Insert(string(scope)) - } - if !oldScopes.Equal(newScopes) { - allErrs = append(allErrs, field.Invalid(fldPath, newResourceQuota.Spec.Scopes, fieldImmutableErrorMsg)) - } - - return allErrs -} - -// ValidateResourceQuotaStatusUpdate tests to see if the status update is legal for an end user to make. -func ValidateResourceQuotaStatusUpdate(newResourceQuota, oldResourceQuota *core.ResourceQuota) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newResourceQuota.ObjectMeta, &oldResourceQuota.ObjectMeta, field.NewPath("metadata")) - if len(newResourceQuota.ResourceVersion) == 0 { - allErrs = append(allErrs, field.Required(field.NewPath("resourceVersion"), "")) - } - fldPath := field.NewPath("status", "hard") - for k, v := range newResourceQuota.Status.Hard { - resPath := fldPath.Key(string(k)) - allErrs = append(allErrs, ValidateResourceQuotaResourceName(k, resPath)...) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - fldPath = field.NewPath("status", "used") - for k, v := range newResourceQuota.Status.Used { - resPath := fldPath.Key(string(k)) - allErrs = append(allErrs, ValidateResourceQuotaResourceName(k, resPath)...) - allErrs = append(allErrs, ValidateResourceQuantityValue(k, v, resPath)...) - } - return allErrs -} - -// ValidateNamespace tests if required fields are set. -func ValidateNamespace(namespace *core.Namespace) field.ErrorList { - allErrs := ValidateObjectMeta(&namespace.ObjectMeta, false, ValidateNamespaceName, field.NewPath("metadata")) - for i := range namespace.Spec.Finalizers { - allErrs = append(allErrs, validateFinalizerName(string(namespace.Spec.Finalizers[i]), field.NewPath("spec", "finalizers"))...) - } - return allErrs -} - -// Validate finalizer names -func validateFinalizerName(stringValue string, fldPath *field.Path) field.ErrorList { - allErrs := apimachineryvalidation.ValidateFinalizerName(stringValue, fldPath) - allErrs = append(allErrs, validateKubeFinalizerName(stringValue, fldPath)...) - return allErrs -} - -// validateKubeFinalizerName checks for "standard" names of legacy finalizer -func validateKubeFinalizerName(stringValue string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(strings.Split(stringValue, "/")) == 1 { - if !helper.IsStandardFinalizerName(stringValue) { - return append(allErrs, field.Invalid(fldPath, stringValue, "name is neither a standard finalizer name nor is it fully qualified")) - } - } - - return allErrs -} - -// ValidateNamespaceUpdate tests to make sure a namespace update can be applied. -func ValidateNamespaceUpdate(newNamespace *core.Namespace, oldNamespace *core.Namespace) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newNamespace.ObjectMeta, &oldNamespace.ObjectMeta, field.NewPath("metadata")) - return allErrs -} - -// ValidateNamespaceStatusUpdate tests to see if the update is legal for an end user to make. -func ValidateNamespaceStatusUpdate(newNamespace, oldNamespace *core.Namespace) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newNamespace.ObjectMeta, &oldNamespace.ObjectMeta, field.NewPath("metadata")) - if newNamespace.DeletionTimestamp.IsZero() { - if newNamespace.Status.Phase != core.NamespaceActive { - allErrs = append(allErrs, field.Invalid(field.NewPath("status", "Phase"), newNamespace.Status.Phase, "may only be 'Active' if `deletionTimestamp` is empty")) - } - } else { - if newNamespace.Status.Phase != core.NamespaceTerminating { - allErrs = append(allErrs, field.Invalid(field.NewPath("status", "Phase"), newNamespace.Status.Phase, "may only be 'Terminating' if `deletionTimestamp` is not empty")) - } - } - return allErrs -} - -// ValidateNamespaceFinalizeUpdate tests to see if the update is legal for an end user to make. -func ValidateNamespaceFinalizeUpdate(newNamespace, oldNamespace *core.Namespace) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newNamespace.ObjectMeta, &oldNamespace.ObjectMeta, field.NewPath("metadata")) - - fldPath := field.NewPath("spec", "finalizers") - for i := range newNamespace.Spec.Finalizers { - idxPath := fldPath.Index(i) - allErrs = append(allErrs, validateFinalizerName(string(newNamespace.Spec.Finalizers[i]), idxPath)...) - } - return allErrs -} - -// ValidateEndpoints validates Endpoints on create and update. -func ValidateEndpoints(endpoints, oldEndpoints *core.Endpoints) field.ErrorList { - allErrs := ValidateObjectMeta(&endpoints.ObjectMeta, true, ValidateEndpointsName, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateEndpointsSpecificAnnotations(endpoints.Annotations, field.NewPath("annotations"))...) - - subsetErrs := validateEndpointSubsets(endpoints.Subsets, field.NewPath("subsets")) - if len(subsetErrs) != 0 { - // If this is an update, and Subsets was unchanged, then ignore the - // validation errors, since apparently older versions of Kubernetes - // considered the data valid. (We only check this after getting a - // validation error since Endpoints may be large and DeepEqual is slow.) - if oldEndpoints != nil && apiequality.Semantic.DeepEqual(oldEndpoints.Subsets, endpoints.Subsets) { - subsetErrs = nil - } - } - allErrs = append(allErrs, subsetErrs...) - - return allErrs -} - -// ValidateEndpointsCreate validates Endpoints on create. -func ValidateEndpointsCreate(endpoints *core.Endpoints) field.ErrorList { - return ValidateEndpoints(endpoints, nil) -} - -// ValidateEndpointsUpdate validates Endpoints on update. NodeName changes are -// allowed during update to accommodate the case where nodeIP or PodCIDR is -// reused. An existing endpoint ip will have a different nodeName if this -// happens. -func ValidateEndpointsUpdate(newEndpoints, oldEndpoints *core.Endpoints) field.ErrorList { - allErrs := ValidateObjectMetaUpdate(&newEndpoints.ObjectMeta, &oldEndpoints.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateEndpoints(newEndpoints, oldEndpoints)...) - return allErrs -} - -func validateEndpointSubsets(subsets []core.EndpointSubset, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - for i := range subsets { - ss := &subsets[i] - idxPath := fldPath.Index(i) - - // EndpointSubsets must include endpoint address. For headless service, we allow its endpoints not to have ports. - if len(ss.Addresses) == 0 && len(ss.NotReadyAddresses) == 0 { - // TODO: consider adding a RequiredOneOf() error for this and similar cases - allErrs = append(allErrs, field.Required(idxPath, "must specify `addresses` or `notReadyAddresses`")) - } - for addr := range ss.Addresses { - allErrs = append(allErrs, validateEndpointAddress(&ss.Addresses[addr], idxPath.Child("addresses").Index(addr))...) - } - for addr := range ss.NotReadyAddresses { - allErrs = append(allErrs, validateEndpointAddress(&ss.NotReadyAddresses[addr], idxPath.Child("notReadyAddresses").Index(addr))...) - } - for port := range ss.Ports { - allErrs = append(allErrs, validateEndpointPort(&ss.Ports[port], len(ss.Ports) > 1, idxPath.Child("ports").Index(port))...) - } - } - - return allErrs -} - -func validateEndpointAddress(address *core.EndpointAddress, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - allErrs = append(allErrs, IsValidIPForLegacyField(fldPath.Child("ip"), address.IP, nil)...) - if len(address.Hostname) > 0 { - allErrs = append(allErrs, ValidateDNS1123Label(address.Hostname, fldPath.Child("hostname"))...) - } - // During endpoint update, verify that NodeName is a DNS subdomain and transition rules allow the update - if address.NodeName != nil { - for _, msg := range ValidateNodeName(*address.NodeName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("nodeName"), *address.NodeName, msg).WithOrigin("format=dns-label")) - } - } - allErrs = append(allErrs, ValidateEndpointIP(address.IP, fldPath.Child("ip"))...) - return allErrs -} - -// ValidateEndpointIP is used to validate Endpoints and EndpointSlice addresses, and also -// (for historical reasons) external IPs. It disallows certain address types that don't -// make sense in those contexts. Note that this function is _almost_, but not exactly, -// equivalent to net.IP.IsGlobalUnicast(). (Unlike IsGlobalUnicast, it allows global -// multicast IPs, which is probably a bug.) -// -// This function should not be used for new validations; the exact set of IPs that do and -// don't make sense in a particular field is context-dependent (e.g., localhost makes -// sense in some places; unspecified IPs make sense in fields that are used as bind -// addresses rather than destination addresses). -func ValidateEndpointIP(ipAddress string, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - ip := netutils.ParseIPSloppy(ipAddress) - if ip == nil { - allErrs = append(allErrs, field.Invalid(fldPath, ipAddress, "must be a valid IP address").WithOrigin("format=ip-sloppy")) - return allErrs - } - if ip.IsUnspecified() { - allErrs = append(allErrs, field.Invalid(fldPath, ipAddress, fmt.Sprintf("may not be unspecified (%v)", ipAddress))) - } - if ip.IsLoopback() { - allErrs = append(allErrs, field.Invalid(fldPath, ipAddress, "may not be in the loopback range (127.0.0.0/8, ::1/128)")) - } - if ip.IsLinkLocalUnicast() { - allErrs = append(allErrs, field.Invalid(fldPath, ipAddress, "may not be in the link-local range (169.254.0.0/16, fe80::/10)")) - } - if ip.IsLinkLocalMulticast() { - allErrs = append(allErrs, field.Invalid(fldPath, ipAddress, "may not be in the link-local multicast range (224.0.0.0/24, ff02::/10)")) - } - return allErrs.WithOrigin("format=endpoint-ip") -} - -func validateEndpointPort(port *core.EndpointPort, requireName bool, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if requireName && len(port.Name) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) - } else if len(port.Name) != 0 { - allErrs = append(allErrs, ValidateDNS1123Label(port.Name, fldPath.Child("name"))...) - } - for _, msg := range validation.IsValidPortNum(int(port.Port)) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("port"), port.Port, msg).WithOrigin("portNum")) - } - if len(port.Protocol) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("protocol"), "")) - } else if !supportedPortProtocols.Has(port.Protocol) { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), port.Protocol, sets.List(supportedPortProtocols))) - } - if port.AppProtocol != nil { - allErrs = append(allErrs, ValidateQualifiedName(*port.AppProtocol, fldPath.Child("appProtocol"))...) - } - return allErrs -} - -// ValidateSecurityContext ensures the security context contains valid settings -func ValidateSecurityContext(sc *core.SecurityContext, fldPath *field.Path, hostUsers bool) field.ErrorList { - allErrs := field.ErrorList{} - // this should only be true for testing since SecurityContext is defaulted by the core - if sc == nil { - return allErrs - } - - if sc.Privileged != nil { - if *sc.Privileged && !capabilities.Get().AllowPrivileged { - allErrs = append(allErrs, field.Forbidden(fldPath.Child("privileged"), "disallowed by cluster policy")) - } - } - - if sc.RunAsUser != nil { - for _, msg := range validation.IsValidUserID(*sc.RunAsUser) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, msg)) - } - } - - if sc.RunAsGroup != nil { - for _, msg := range validation.IsValidGroupID(*sc.RunAsGroup) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsGroup"), *sc.RunAsGroup, msg)) - } - } - - if sc.ProcMount != nil { - if err := ValidateProcMountType(fldPath.Child("procMount"), *sc.ProcMount); err != nil { - allErrs = append(allErrs, err) - } - if hostUsers && *sc.ProcMount == core.UnmaskedProcMount { - allErrs = append(allErrs, field.Invalid(fldPath.Child("procMount"), sc.ProcMount, "`hostUsers` must be false to use `Unmasked`")) - } - - } - allErrs = append(allErrs, validateSeccompProfileField(sc.SeccompProfile, fldPath.Child("seccompProfile"))...) - if sc.AllowPrivilegeEscalation != nil && !*sc.AllowPrivilegeEscalation { - if sc.Privileged != nil && *sc.Privileged { - allErrs = append(allErrs, field.Invalid(fldPath, sc, "cannot set `allowPrivilegeEscalation` to false and `privileged` to true")) - } - - if sc.Capabilities != nil { - for _, cap := range sc.Capabilities.Add { - if string(cap) == "CAP_SYS_ADMIN" { - allErrs = append(allErrs, field.Invalid(fldPath, sc, "cannot set `allowPrivilegeEscalation` to false and `capabilities.Add` CAP_SYS_ADMIN")) - } - } - } - } - - allErrs = append(allErrs, validateWindowsSecurityContextOptions(sc.WindowsOptions, fldPath.Child("windowsOptions"))...) - allErrs = append(allErrs, ValidateAppArmorProfileField(sc.AppArmorProfile, fldPath.Child("appArmorProfile"))...) - - return allErrs -} - -// maxGMSACredentialSpecLength is the max length, in bytes, for the actual contents -// of a GMSA cred spec. In general, those shouldn't be more than a few hundred bytes, -// so we want to give plenty of room here while still providing an upper bound. -// The runAsUserName field will be used to execute the given container's entrypoint, and -// it can be formatted as "DOMAIN/USER", where the DOMAIN is optional, maxRunAsUserNameDomainLength -// is the max character length for the user's DOMAIN, and maxRunAsUserNameUserLength -// is the max character length for the USER itself. Both the DOMAIN and USER have their -// own restrictions, and more information about them can be found here: -// https://support.microsoft.com/en-us/help/909264/naming-conventions-in-active-directory-for-computers-domains-sites-and -// https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb726984(v=technet.10) -const ( - maxGMSACredentialSpecLengthInKiB = 64 - maxGMSACredentialSpecLength = maxGMSACredentialSpecLengthInKiB * 1024 - maxRunAsUserNameDomainLength = 256 - maxRunAsUserNameUserLength = 104 -) - -var ( - // control characters are not permitted in the runAsUserName field. - ctrlRegex = regexp.MustCompile(`[[:cntrl:]]+`) - - // a valid NetBios Domain name cannot start with a dot, has at least 1 character, - // at most 15 characters, and it cannot the characters: \ / : * ? " < > | - validNetBiosRegex = regexp.MustCompile(`^[^\\/:\*\?"<>|\.][^\\/:\*\?"<>|]{0,14}$`) - - // a valid DNS name contains only alphanumeric characters, dots, and dashes. - dnsLabelFormat = `[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?` - dnsSubdomainFormat = fmt.Sprintf(`^%s(?:\.%s)*$`, dnsLabelFormat, dnsLabelFormat) - validWindowsUserDomainDNSRegex = regexp.MustCompile(dnsSubdomainFormat) - - // a username is invalid if it contains the characters: " / \ [ ] : ; | = , + * ? < > @ - // or it contains only dots or spaces. - invalidUserNameCharsRegex = regexp.MustCompile(`["/\\:;|=,\+\*\?<>@\[\]]`) - invalidUserNameDotsSpacesRegex = regexp.MustCompile(`^[\. ]+$`) -) - -func validateWindowsSecurityContextOptions(windowsOptions *core.WindowsSecurityContextOptions, fieldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - if windowsOptions == nil { - return allErrs - } - - if windowsOptions.GMSACredentialSpecName != nil { - // gmsaCredentialSpecName must be the name of a custom resource - for _, msg := range validation.IsDNS1123Subdomain(*windowsOptions.GMSACredentialSpecName) { - allErrs = append(allErrs, field.Invalid(fieldPath.Child("gmsaCredentialSpecName"), windowsOptions.GMSACredentialSpecName, msg)) - } - } - - if windowsOptions.GMSACredentialSpec != nil { - if l := len(*windowsOptions.GMSACredentialSpec); l == 0 { - allErrs = append(allErrs, field.Invalid(fieldPath.Child("gmsaCredentialSpec"), windowsOptions.GMSACredentialSpec, "gmsaCredentialSpec cannot be an empty string")) - } else if l > maxGMSACredentialSpecLength { - errMsg := fmt.Sprintf("gmsaCredentialSpec size must be under %d KiB", maxGMSACredentialSpecLengthInKiB) - allErrs = append(allErrs, field.Invalid(fieldPath.Child("gmsaCredentialSpec"), windowsOptions.GMSACredentialSpec, errMsg)) - } - } - - if windowsOptions.RunAsUserName != nil { - if l := len(*windowsOptions.RunAsUserName); l == 0 { - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, "runAsUserName cannot be an empty string")) - } else if ctrlRegex.MatchString(*windowsOptions.RunAsUserName) { - errMsg := "runAsUserName cannot contain control characters" - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } else if parts := strings.Split(*windowsOptions.RunAsUserName, "\\"); len(parts) > 2 { - errMsg := "runAsUserName cannot contain more than one backslash" - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } else { - var ( - hasDomain = false - domain = "" - user string - ) - if len(parts) == 1 { - user = parts[0] - } else { - hasDomain = true - domain = parts[0] - user = parts[1] - } - - if len(domain) >= maxRunAsUserNameDomainLength { - errMsg := fmt.Sprintf("runAsUserName's Domain length must be under %d characters", maxRunAsUserNameDomainLength) - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } - - if hasDomain && !(validNetBiosRegex.MatchString(domain) || validWindowsUserDomainDNSRegex.MatchString(domain)) { - errMsg := "runAsUserName's Domain doesn't match the NetBios nor the DNS format" - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } - - if l := len(user); l == 0 { - errMsg := "runAsUserName's User cannot be empty" - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } else if l > maxRunAsUserNameUserLength { - errMsg := fmt.Sprintf("runAsUserName's User length must not be longer than %d characters", maxRunAsUserNameUserLength) - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } - - if invalidUserNameDotsSpacesRegex.MatchString(user) { - errMsg := `runAsUserName's User cannot contain only periods or spaces` - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } - - if invalidUserNameCharsRegex.MatchString(user) { - errMsg := `runAsUserName's User cannot contain the following characters: "/\:;|=,+*?<>@[]` - allErrs = append(allErrs, field.Invalid(fieldPath.Child("runAsUserName"), windowsOptions.RunAsUserName, errMsg)) - } - } - } - - return allErrs -} - -func validateWindowsHostProcessPod(podSpec *core.PodSpec, fieldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - // Keep track of container and hostProcess container count for validate - containerCount := 0 - hostProcessContainerCount := 0 - - var podHostProcess *bool - if podSpec.SecurityContext != nil && podSpec.SecurityContext.WindowsOptions != nil { - podHostProcess = podSpec.SecurityContext.WindowsOptions.HostProcess - } - - hostNetwork := false - if podSpec.SecurityContext != nil { - hostNetwork = podSpec.SecurityContext.HostNetwork - } - - podshelper.VisitContainersWithPath(podSpec, fieldPath, func(c *core.Container, cFieldPath *field.Path) bool { - containerCount++ - - var containerHostProcess *bool = nil - if c.SecurityContext != nil && c.SecurityContext.WindowsOptions != nil { - containerHostProcess = c.SecurityContext.WindowsOptions.HostProcess - } - - if podHostProcess != nil && containerHostProcess != nil && *podHostProcess != *containerHostProcess { - errMsg := fmt.Sprintf("pod hostProcess value must be identical if both are specified, was %v", *podHostProcess) - allErrs = append(allErrs, field.Invalid(cFieldPath.Child("securityContext", "windowsOptions", "hostProcess"), *containerHostProcess, errMsg)) - } - - switch { - case containerHostProcess != nil && *containerHostProcess: - // Container explicitly sets hostProcess=true - hostProcessContainerCount++ - case containerHostProcess == nil && podHostProcess != nil && *podHostProcess: - // Container inherits hostProcess=true from pod settings - hostProcessContainerCount++ - } - - return true - }) - - if hostProcessContainerCount > 0 { - // At present, if a Windows Pods contains any HostProcess containers than all containers must be - // HostProcess containers (explicitly set or inherited). - if hostProcessContainerCount != containerCount { - errMsg := "If pod contains any hostProcess containers then all containers must be HostProcess containers" - allErrs = append(allErrs, field.Invalid(fieldPath, "", errMsg)) - } - - // At present Windows Pods which contain HostProcess containers must also set HostNetwork. - if !hostNetwork { - errMsg := "hostNetwork must be true if pod contains any hostProcess containers" - allErrs = append(allErrs, field.Invalid(fieldPath.Child("hostNetwork"), hostNetwork, errMsg)) - } - - if !capabilities.Get().AllowPrivileged { - errMsg := "hostProcess containers are disallowed by cluster policy" - allErrs = append(allErrs, field.Forbidden(fieldPath, errMsg)) - } - } - - return allErrs -} - -// validateOS validates the OS field within pod spec -func validateOS(podSpec *core.PodSpec, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - os := podSpec.OS - if os == nil { - return allErrs - } - if len(os.Name) == 0 { - return append(allErrs, field.Required(fldPath.Child("name"), "")) - } - if !validOS.Has(os.Name) { - allErrs = append(allErrs, field.NotSupported(fldPath, os.Name, sets.List(validOS))) - } - return allErrs -} - -var validLogStreams = sets.New[string]( - core.LogStreamStdout, - core.LogStreamStderr, - core.LogStreamAll, -) - -func ValidatePodLogOptions(opts *core.PodLogOptions, allowStreamSelection bool) field.ErrorList { - allErrs := field.ErrorList{} - if opts.TailLines != nil && *opts.TailLines < 0 { - allErrs = append(allErrs, field.Invalid(field.NewPath("tailLines"), *opts.TailLines, isNegativeErrorMsg)) - } - if opts.LimitBytes != nil && *opts.LimitBytes < 1 { - allErrs = append(allErrs, field.Invalid(field.NewPath("limitBytes"), *opts.LimitBytes, "must be greater than 0")) - } - switch { - case opts.SinceSeconds != nil && opts.SinceTime != nil: - allErrs = append(allErrs, field.Forbidden(field.NewPath(""), "at most one of `sinceTime` or `sinceSeconds` may be specified")) - case opts.SinceSeconds != nil: - if *opts.SinceSeconds < 1 { - allErrs = append(allErrs, field.Invalid(field.NewPath("sinceSeconds"), *opts.SinceSeconds, "must be greater than 0")) - } - } - if allowStreamSelection { - if opts.Stream == nil { - allErrs = append(allErrs, field.Required(field.NewPath("stream"), "must be specified")) - } else { - if !validLogStreams.Has(*opts.Stream) { - allErrs = append(allErrs, field.NotSupported(field.NewPath("stream"), *opts.Stream, validLogStreams.UnsortedList())) - } - if *opts.Stream != core.LogStreamAll && opts.TailLines != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath(""), "`tailLines` and specific `stream` are mutually exclusive for now")) - } - } - } else if opts.Stream != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("stream"), "may not be specified")) - } - return allErrs -} - -var ( - supportedLoadBalancerIPMode = sets.New(core.LoadBalancerIPModeVIP, core.LoadBalancerIPModeProxy) -) - -// ValidateLoadBalancerStatus validates required fields on a LoadBalancerStatus -func ValidateLoadBalancerStatus(status, oldStatus *core.LoadBalancerStatus, fldPath *field.Path, spec *core.ServiceSpec) field.ErrorList { - allErrs := field.ErrorList{} - ingrPath := fldPath.Child("ingress") - if spec.Type != core.ServiceTypeLoadBalancer && len(status.Ingress) != 0 { - allErrs = append(allErrs, field.Forbidden(ingrPath, "may only be used when `spec.type` is 'LoadBalancer'")) - } else { - var existingIngressIPs []string - if oldStatus != nil { - existingIngressIPs = make([]string, 0, len(oldStatus.Ingress)) - for _, ingress := range oldStatus.Ingress { - if len(ingress.IP) > 0 { - existingIngressIPs = append(existingIngressIPs, ingress.IP) - } - } - } - for i, ingress := range status.Ingress { - idxPath := ingrPath.Index(i) - if len(ingress.IP) > 0 { - allErrs = append(allErrs, IsValidIPForLegacyField(idxPath.Child("ip"), ingress.IP, existingIngressIPs)...) - } - - if ingress.IPMode == nil { - if len(ingress.IP) > 0 { - allErrs = append(allErrs, field.Required(idxPath.Child("ipMode"), "must be specified when `ip` is set")) - } - } else if ingress.IPMode != nil && len(ingress.IP) == 0 { - allErrs = append(allErrs, field.Forbidden(idxPath.Child("ipMode"), "may not be specified when `ip` is not set")) - } else if ingress.IPMode != nil && !supportedLoadBalancerIPMode.Has(*ingress.IPMode) { - allErrs = append(allErrs, field.NotSupported(idxPath.Child("ipMode"), ingress.IPMode, sets.List(supportedLoadBalancerIPMode))) - } - - if len(ingress.Hostname) > 0 { - for _, msg := range validation.IsDNS1123Subdomain(ingress.Hostname) { - allErrs = append(allErrs, field.Invalid(idxPath.Child("hostname"), ingress.Hostname, msg)) - } - if isIP := netutils.ParseIPSloppy(ingress.Hostname) != nil; isIP { - allErrs = append(allErrs, field.Invalid(idxPath.Child("hostname"), ingress.Hostname, "must be a DNS name, not an IP address")) - } - } - } - } - return allErrs -} - -// validateVolumeNodeAffinity tests that the PersistentVolume.NodeAffinity has valid data -// returns: -// - true if volumeNodeAffinity is set -// - errorList if there are validation errors -func validateVolumeNodeAffinity(nodeAffinity *core.VolumeNodeAffinity, opts PersistentVolumeSpecValidationOptions, fldPath *field.Path) (bool, field.ErrorList) { - allErrs := field.ErrorList{} - - if nodeAffinity == nil { - return false, allErrs - } - - if nodeAffinity.Required != nil { - allErrs = append(allErrs, ValidateNodeSelector(nodeAffinity.Required, opts.AllowInvalidLabelValueInRequiredNodeAffinity, fldPath.Child("required"))...) - } else { - allErrs = append(allErrs, field.Required(fldPath.Child("required"), "must specify required node constraints")) - } - - return true, allErrs -} - -func IsDecremented(update, old *int32) bool { - if update == nil && old != nil { - return true - } - if update == nil || old == nil { - return false - } - return *update < *old -} - -// ValidateProcMountType tests that the argument is a valid ProcMountType. -func ValidateProcMountType(fldPath *field.Path, procMountType core.ProcMountType) *field.Error { - switch procMountType { - case core.DefaultProcMount, core.UnmaskedProcMount: - return nil - default: - return field.NotSupported(fldPath, procMountType, []core.ProcMountType{core.DefaultProcMount, core.UnmaskedProcMount}) - } -} - -var ( - supportedScheduleActions = sets.New(core.DoNotSchedule, core.ScheduleAnyway) -) - -// validateTopologySpreadConstraints validates given TopologySpreadConstraints. -func validateTopologySpreadConstraints(constraints []core.TopologySpreadConstraint, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - - for i, constraint := range constraints { - subFldPath := fldPath.Index(i) - if errs := ValidatePositiveField(int64(constraint.MaxSkew), subFldPath.Child("maxSkew")); len(errs) > 0 { - allErrs = append(allErrs, errs...) - } - if err := ValidateTopologyKey(subFldPath.Child("topologyKey"), constraint.TopologyKey); err != nil { - allErrs = append(allErrs, err) - } - if err := ValidateWhenUnsatisfiable(subFldPath.Child("whenUnsatisfiable"), constraint.WhenUnsatisfiable); err != nil { - allErrs = append(allErrs, err) - } - // tuple {topologyKey, whenUnsatisfiable} denotes one kind of spread constraint - if err := ValidateSpreadConstraintNotRepeat(subFldPath.Child("{topologyKey, whenUnsatisfiable}"), constraint, constraints[i+1:]); err != nil { - allErrs = append(allErrs, err) - } - allErrs = append(allErrs, validateMinDomains(subFldPath.Child("minDomains"), constraint.MinDomains, constraint.WhenUnsatisfiable)...) - if err := validateNodeInclusionPolicy(subFldPath.Child("nodeAffinityPolicy"), constraint.NodeAffinityPolicy); err != nil { - allErrs = append(allErrs, err) - } - if err := validateNodeInclusionPolicy(subFldPath.Child("nodeTaintsPolicy"), constraint.NodeTaintsPolicy); err != nil { - allErrs = append(allErrs, err) - } - // legacyValidationFunction is ValidateMatchLabelKeysInTopologySpread - // preferredValidationFunction is ValidateMatchLabelKeysAndMismatchLabelKeys - // OldPodViolatesMatchLabelKeysValidation==true means ValidateMatchLabelKeysAndMismatchLabelKeys failed, which means preferredValidation failed - // OldPodViolatesLegacyMatchLabelKeysValidation==true means ValidateMatchLabelKeysInTopologySpread failed, which means legacyValidation failed - if opts.AllowMatchLabelKeysInPodTopologySpread { - switch { - case opts.AllowMatchLabelKeysInPodTopologySpreadSelectorMerge && opts.OldPodViolatesMatchLabelKeysValidation: - // This case means that we want to use the preferredValidationFunction, but the old pod doesn't pass the preferredValidationFunction, so it must continue using the legacyValidationFunction. - // This is because we don't allow the fields to change. - allErrs = append(allErrs, ValidateMatchLabelKeysInTopologySpread(subFldPath.Child("matchLabelKeys"), constraint.MatchLabelKeys, constraint.LabelSelector)...) - case opts.AllowMatchLabelKeysInPodTopologySpreadSelectorMerge && !opts.OldPodViolatesMatchLabelKeysValidation: - // This case means we want to use the preferredValidationFunction and the old pod passes it, so we will continue requiring the preferredValidationFunction to pass. - allErrs = append(allErrs, ValidateMatchLabelKeysAndMismatchLabelKeys(subFldPath, constraint.MatchLabelKeys, nil, constraint.LabelSelector)...) - case !opts.AllowMatchLabelKeysInPodTopologySpreadSelectorMerge && opts.OldPodViolatesLegacyMatchLabelKeysValidation: - // This case means we want to use the legacyValidationFunction, but the old pod doesn't pass it, so it must continue using the preferredValidationFunction instead so that updates to other fields can happen. - // This allows us to enable the featuregate, then disable the featuregate and still be able to update the pod. - allErrs = append(allErrs, ValidateMatchLabelKeysAndMismatchLabelKeys(subFldPath, constraint.MatchLabelKeys, nil, constraint.LabelSelector)...) - case !opts.AllowMatchLabelKeysInPodTopologySpreadSelectorMerge && !opts.OldPodViolatesLegacyMatchLabelKeysValidation: - // This case means we want to use the legacyValidationFunction and the old pod passes it, so we will continue requiring the legacyValidationFunction to pass. - allErrs = append(allErrs, ValidateMatchLabelKeysInTopologySpread(subFldPath.Child("matchLabelKeys"), constraint.MatchLabelKeys, constraint.LabelSelector)...) - default: - // If we fall through, then we use the legacyValidationFunction because that's what we did prior to the featuregate(MatchLabelKeysInPodTopologySpreadSelectorMerge). - allErrs = append(allErrs, ValidateMatchLabelKeysInTopologySpread(subFldPath.Child("matchLabelKeys"), constraint.MatchLabelKeys, constraint.LabelSelector)...) - } - } else { - allErrs = append(allErrs, ValidateMatchLabelKeysInTopologySpread(subFldPath.Child("matchLabelKeys"), constraint.MatchLabelKeys, constraint.LabelSelector)...) - } - if !opts.AllowInvalidTopologySpreadConstraintLabelSelector { - allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(constraint.LabelSelector, unversionedvalidation.LabelSelectorValidationOptions{AllowInvalidLabelValueInSelector: false}, subFldPath.Child("labelSelector"))...) - } - } - - return allErrs -} - -// validateMinDomains tests that the argument is a valid MinDomains. -func validateMinDomains(fldPath *field.Path, minDomains *int32, action core.UnsatisfiableConstraintAction) field.ErrorList { - if minDomains == nil { - return nil - } - var allErrs field.ErrorList - allErrs = append(allErrs, ValidatePositiveField(int64(*minDomains), fldPath)...) - // When MinDomains is non-nil, whenUnsatisfiable must be DoNotSchedule. - if action != core.DoNotSchedule { - allErrs = append(allErrs, field.Invalid(fldPath, minDomains, fmt.Sprintf("can only use minDomains if whenUnsatisfiable=%s, not %s", core.DoNotSchedule, action)).WithOrigin("dependsOn")) - } - return allErrs -} - -// ValidateTopologyKey tests that the argument is a valid TopologyKey. -func ValidateTopologyKey(fldPath *field.Path, topologyKey string) *field.Error { - if len(topologyKey) == 0 { - return field.Required(fldPath, "can not be empty") - } - return nil -} - -// ValidateWhenUnsatisfiable tests that the argument is a valid UnsatisfiableConstraintAction. -func ValidateWhenUnsatisfiable(fldPath *field.Path, action core.UnsatisfiableConstraintAction) *field.Error { - if !supportedScheduleActions.Has(action) { - return field.NotSupported(fldPath, action, sets.List(supportedScheduleActions)) - } - return nil -} - -// ValidateSpreadConstraintNotRepeat tests that if `constraint` duplicates with `existingConstraintPairs` -// on TopologyKey and WhenUnsatisfiable fields. -func ValidateSpreadConstraintNotRepeat(fldPath *field.Path, constraint core.TopologySpreadConstraint, restingConstraints []core.TopologySpreadConstraint) *field.Error { - for _, restingConstraint := range restingConstraints { - if constraint.TopologyKey == restingConstraint.TopologyKey && - constraint.WhenUnsatisfiable == restingConstraint.WhenUnsatisfiable { - return field.Duplicate(fldPath, fmt.Sprintf("{%v, %v}", constraint.TopologyKey, constraint.WhenUnsatisfiable)) - } - } - return nil -} - -var ( - supportedPodTopologySpreadNodePolicies = sets.New(core.NodeInclusionPolicyIgnore, core.NodeInclusionPolicyHonor) -) - -// validateNodeInclusionPolicy tests that the argument is a valid NodeInclusionPolicy. -func validateNodeInclusionPolicy(fldPath *field.Path, policy *core.NodeInclusionPolicy) *field.Error { - if policy == nil { - return nil - } - - if !supportedPodTopologySpreadNodePolicies.Has(*policy) { - return field.NotSupported(fldPath, policy, sets.List(supportedPodTopologySpreadNodePolicies)) - } - return nil -} - -// ValidateMatchLabelKeysAndMismatchLabelKeys checks if both matchLabelKeys and mismatchLabelKeys are valid. -// - validate that all matchLabelKeys and mismatchLabelKeys are valid label names. -// - validate that the user doens't specify the same key in both matchLabelKeys and labelSelector. -// - validate that any matchLabelKeys are not duplicated with mismatchLabelKeys. -func ValidateMatchLabelKeysAndMismatchLabelKeys(fldPath *field.Path, matchLabelKeys, mismatchLabelKeys []string, labelSelector *metav1.LabelSelector) field.ErrorList { - var allErrs field.ErrorList - // 1. validate that all matchLabelKeys and mismatchLabelKeys are valid label names. - allErrs = append(allErrs, validateLabelKeys(fldPath.Child("matchLabelKeys"), matchLabelKeys, labelSelector)...) - allErrs = append(allErrs, validateLabelKeys(fldPath.Child("mismatchLabelKeys"), mismatchLabelKeys, labelSelector)...) - - // 2. validate that the user doens't specify the same key in both matchLabelKeys and labelSelector. - // It doesn't make sense to have the labelselector with the key specified in matchLabelKeys - // because the matchLabelKeys will be `In` labelSelector which matches with only one value in the key - // and we cannot make any further filtering with that key. - // On the other hand, we may want to have labelSelector with the key specified in mismatchLabelKeys. - // because the mismatchLabelKeys will be `NotIn` labelSelector - // and we may want to filter Pods further with other labelSelector with that key. - - // labelKeysMap is keyed by label key and valued by the index of label key in labelKeys. - if labelSelector != nil { - labelKeysMap := map[string]int{} - for i, key := range matchLabelKeys { - labelKeysMap[key] = i - } - labelSelectorKeys := sets.New[string]() - for key := range labelSelector.MatchLabels { - labelSelectorKeys.Insert(key) - } - for _, matchExpression := range labelSelector.MatchExpressions { - key := matchExpression.Key - if i, ok := labelKeysMap[key]; ok && labelSelectorKeys.Has(key) { - // Before validateLabelKeysWithSelector is called, the labelSelector has already got the selector created from matchLabelKeys. - // Here, we found the duplicate key in labelSelector and the key is specified in labelKeys. - // Meaning that the same key is specified in both labelSelector and matchLabelKeys/mismatchLabelKeys. - allErrs = append(allErrs, field.Invalid(fldPath.Index(i), key, "exists in both matchLabelKeys and labelSelector").WithOrigin("duplicatedLabelKeys")) - } - - labelSelectorKeys.Insert(key) - } - } - - // 3. validate that any matchLabelKeys are not duplicated with mismatchLabelKeys. - mismatchLabelKeysSet := sets.New(mismatchLabelKeys...) - for i, k := range matchLabelKeys { - if mismatchLabelKeysSet.Has(k) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("matchLabelKeys").Index(i), k, "exists in both matchLabelKeys and mismatchLabelKeys").WithOrigin("duplicatedMismatchLabelKeys")) - } - } - - return allErrs -} - -// ValidateMatchLabelKeysInTopologySpread tests that the elements are a valid label name and are not already included in labelSelector. -func ValidateMatchLabelKeysInTopologySpread(fldPath *field.Path, matchLabelKeys []string, labelSelector *metav1.LabelSelector) field.ErrorList { - if len(matchLabelKeys) == 0 { - return nil - } - - var allErrs field.ErrorList - labelSelectorKeys := sets.Set[string]{} - - if labelSelector != nil { - for key := range labelSelector.MatchLabels { - labelSelectorKeys.Insert(key) - } - for _, matchExpression := range labelSelector.MatchExpressions { - labelSelectorKeys.Insert(matchExpression.Key) - } - } else { - allErrs = append(allErrs, field.Forbidden(fldPath, "must not be specified when labelSelector is not set")) - } - - for i, key := range matchLabelKeys { - allErrs = append(allErrs, unversionedvalidation.ValidateLabelName(key, fldPath.Index(i))...) - if labelSelectorKeys.Has(key) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i), key, "exists in both matchLabelKeys and labelSelector").WithOrigin("duplicatedLabelKeys")) - } - } - - return allErrs -} - -// validateLabelKeys tests that the label keys are a valid label name. -// It's intended to be used for matchLabelKeys or mismatchLabelKeys. -func validateLabelKeys(fldPath *field.Path, labelKeys []string, labelSelector *metav1.LabelSelector) field.ErrorList { - if len(labelKeys) == 0 { - return nil - } - - if labelSelector == nil { - return field.ErrorList{field.Forbidden(fldPath, "must not be specified when labelSelector is not set")} - } - - var allErrs field.ErrorList - for i, key := range labelKeys { - allErrs = append(allErrs, unversionedvalidation.ValidateLabelName(key, fldPath.Index(i))...) - } - - return allErrs -} - -// ValidateServiceClusterIPsRelatedFields validates .spec.ClusterIPs,, -// .spec.IPFamilies, .spec.ipFamilyPolicy. This is exported because it is used -// during IP init and allocation. -func ValidateServiceClusterIPsRelatedFields(service, oldService *core.Service) field.ErrorList { - // ClusterIP, ClusterIPs, IPFamilyPolicy and IPFamilies are validated prior (all must be unset) for ExternalName service - if service.Spec.Type == core.ServiceTypeExternalName { - return field.ErrorList{} - } - - allErrs := field.ErrorList{} - hasInvalidIPs := false - - specPath := field.NewPath("spec") - clusterIPsField := specPath.Child("clusterIPs") - ipFamiliesField := specPath.Child("ipFamilies") - ipFamilyPolicyField := specPath.Child("ipFamilyPolicy") - - // Make sure ClusterIP and ClusterIPs are synced. For most cases users can - // just manage one or the other and we'll handle the rest (see PrepareFor* - // in strategy). - if len(service.Spec.ClusterIP) != 0 { - // If ClusterIP is set, ClusterIPs[0] must match. - if len(service.Spec.ClusterIPs) == 0 { - allErrs = append(allErrs, field.Required(clusterIPsField, "")) - } else if service.Spec.ClusterIPs[0] != service.Spec.ClusterIP { - allErrs = append(allErrs, field.Invalid(clusterIPsField, service.Spec.ClusterIPs, "first value must match `clusterIP`")) - } - } else { // ClusterIP == "" - // If ClusterIP is not set, ClusterIPs must also be unset. - if len(service.Spec.ClusterIPs) != 0 { - allErrs = append(allErrs, field.Invalid(clusterIPsField, service.Spec.ClusterIPs, "must be empty when `clusterIP` is not specified")) - } - } - - // ipfamilies stand alone validation - // must be either IPv4 or IPv6 - seen := sets.Set[core.IPFamily]{} - for i, ipFamily := range service.Spec.IPFamilies { - if !supportedServiceIPFamily.Has(ipFamily) { - allErrs = append(allErrs, field.NotSupported(ipFamiliesField.Index(i), ipFamily, sets.List(supportedServiceIPFamily))) - } - // no duplicate check also ensures that ipfamilies is dualstacked, in any order - if seen.Has(ipFamily) { - allErrs = append(allErrs, field.Duplicate(ipFamiliesField.Index(i), ipFamily)) - } - seen.Insert(ipFamily) - } - - // IPFamilyPolicy stand alone validation - // note: nil is ok, defaulted in alloc check registry/core/service/* - if service.Spec.IPFamilyPolicy != nil { - // must have a supported value - if !supportedServiceIPFamilyPolicy.Has(*(service.Spec.IPFamilyPolicy)) { - allErrs = append(allErrs, field.NotSupported(ipFamilyPolicyField, service.Spec.IPFamilyPolicy, sets.List(supportedServiceIPFamilyPolicy))) - } - } - - var existingClusterIPs []string - if oldService != nil { - existingClusterIPs = oldService.Spec.ClusterIPs // +k8s:verify-mutation:reason=clone - } - - // clusterIPs stand alone validation - // valid ips with None and empty string handling - // duplication check is done as part of DualStackvalidation below - for i, clusterIP := range service.Spec.ClusterIPs { - // valid at first location only. if and only if len(clusterIPs) == 1 - if i == 0 && clusterIP == core.ClusterIPNone { - if len(service.Spec.ClusterIPs) > 1 { - hasInvalidIPs = true - allErrs = append(allErrs, field.Invalid(clusterIPsField, service.Spec.ClusterIPs, "'None' must be the first and only value")) - } - continue - } - - // is it a valid ip? (or was it at least previously considered valid?) - errorMessages := IsValidIPForLegacyField(clusterIPsField.Index(i), clusterIP, existingClusterIPs) - hasInvalidIPs = (len(errorMessages) != 0) || hasInvalidIPs - allErrs = append(allErrs, errorMessages...) - } - - // max two - if len(service.Spec.ClusterIPs) > 2 { - allErrs = append(allErrs, field.Invalid(clusterIPsField, service.Spec.ClusterIPs, "may only hold up to 2 values")) - } - - // at this stage if there is an invalid ip or misplaced none/empty string - // it will skew the error messages (bad index || dualstackness of already bad ips). so we - // stop here if there are errors in clusterIPs validation - if hasInvalidIPs { - return allErrs - } - - // must be dual stacked ips if they are more than one ip - if len(service.Spec.ClusterIPs) > 1 /* meaning: it does not have a None or empty string */ { - dualStack, err := netutils.IsDualStackIPStrings(service.Spec.ClusterIPs) - if err != nil { // though we check for that earlier. safe > sorry - allErrs = append(allErrs, field.InternalError(clusterIPsField, fmt.Errorf("failed to check for dual stack with error:%v", err))) - } - - // We only support one from each IP family (i.e. max two IPs in this list). - if !dualStack { - allErrs = append(allErrs, field.Invalid(clusterIPsField, service.Spec.ClusterIPs, "may specify no more than one IP for each IP family")) - } - } - - // match clusterIPs to their families, if they were provided - if !isHeadlessService(service) && len(service.Spec.ClusterIPs) > 0 && len(service.Spec.IPFamilies) > 0 { - for i, ip := range service.Spec.ClusterIPs { - if i > (len(service.Spec.IPFamilies) - 1) { - break // no more families to check - } - - // 4=>6 - if service.Spec.IPFamilies[i] == core.IPv4Protocol && netutils.IsIPv6String(ip) { - allErrs = append(allErrs, field.Invalid(clusterIPsField.Index(i), ip, fmt.Sprintf("expected an IPv4 value as indicated by `ipFamilies[%v]`", i))) - } - // 6=>4 - if service.Spec.IPFamilies[i] == core.IPv6Protocol && !netutils.IsIPv6String(ip) { - allErrs = append(allErrs, field.Invalid(clusterIPsField.Index(i), ip, fmt.Sprintf("expected an IPv6 value as indicated by `ipFamilies[%v]`", i))) - } - } - } - - return allErrs -} - -// specific validation for clusterIPs in cases of user upgrading or downgrading to/from dualstack -func validateUpgradeDowngradeClusterIPs(oldService, service *core.Service) field.ErrorList { - allErrs := make(field.ErrorList, 0) - - // bail out early for ExternalName - if service.Spec.Type == core.ServiceTypeExternalName || oldService.Spec.Type == core.ServiceTypeExternalName { - return allErrs - } - newIsHeadless := isHeadlessService(service) - oldIsHeadless := isHeadlessService(oldService) - - if oldIsHeadless && newIsHeadless { - return allErrs - } - - switch { - // no change in ClusterIP lengths - // compare each - case len(oldService.Spec.ClusterIPs) == len(service.Spec.ClusterIPs): - for i, ip := range oldService.Spec.ClusterIPs { - if ip != service.Spec.ClusterIPs[i] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "clusterIPs").Index(i), service.Spec.ClusterIPs, "may not change once set")) - } - } - - // something has been released (downgraded) - case len(oldService.Spec.ClusterIPs) > len(service.Spec.ClusterIPs): - // primary ClusterIP has been released - if len(service.Spec.ClusterIPs) == 0 { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "clusterIPs").Index(0), service.Spec.ClusterIPs, "primary clusterIP can not be unset")) - } - - // test if primary clusterIP has changed - if len(oldService.Spec.ClusterIPs) > 0 && - len(service.Spec.ClusterIPs) > 0 && - service.Spec.ClusterIPs[0] != oldService.Spec.ClusterIPs[0] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "clusterIPs").Index(0), service.Spec.ClusterIPs, "may not change once set")) - } - - // test if secondary ClusterIP has been released. has this service been downgraded correctly? - // user *must* set IPFamilyPolicy == SingleStack - if len(service.Spec.ClusterIPs) == 1 { - if service.Spec.IPFamilyPolicy == nil || *(service.Spec.IPFamilyPolicy) != core.IPFamilyPolicySingleStack { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilyPolicy"), service.Spec.IPFamilyPolicy, "must be set to 'SingleStack' when releasing the secondary clusterIP")) - } - } - case len(oldService.Spec.ClusterIPs) < len(service.Spec.ClusterIPs): - // something has been added (upgraded) - // test if primary clusterIP has changed - if len(oldService.Spec.ClusterIPs) > 0 && - service.Spec.ClusterIPs[0] != oldService.Spec.ClusterIPs[0] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "clusterIPs").Index(0), service.Spec.ClusterIPs, "may not change once set")) - } - // we don't check for Policy == RequireDualStack here since, Validation/Creation func takes care of it - } - return allErrs -} - -// specific validation for ipFamilies in cases of user upgrading or downgrading to/from dualstack -func validateUpgradeDowngradeIPFamilies(oldService, service *core.Service) field.ErrorList { - allErrs := make(field.ErrorList, 0) - // bail out early for ExternalName - if service.Spec.Type == core.ServiceTypeExternalName || oldService.Spec.Type == core.ServiceTypeExternalName { - return allErrs - } - - oldIsHeadless := isHeadlessService(oldService) - newIsHeadless := isHeadlessService(service) - - // if changed to/from headless, then bail out - if newIsHeadless != oldIsHeadless { - return allErrs - } - // headless can change families - if newIsHeadless { - return allErrs - } - - switch { - case len(oldService.Spec.IPFamilies) == len(service.Spec.IPFamilies): - // no change in ClusterIP lengths - // compare each - - for i, ip := range oldService.Spec.IPFamilies { - if ip != service.Spec.IPFamilies[i] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilies").Index(0), service.Spec.IPFamilies, "may not change once set")) - } - } - - case len(oldService.Spec.IPFamilies) > len(service.Spec.IPFamilies): - // something has been released (downgraded) - - // test if primary ipfamily has been released - if len(service.Spec.ClusterIPs) == 0 { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilies").Index(0), service.Spec.IPFamilies, "primary ipFamily can not be unset")) - } - - // test if primary ipFamily has changed - if len(service.Spec.IPFamilies) > 0 && - service.Spec.IPFamilies[0] != oldService.Spec.IPFamilies[0] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilies").Index(0), service.Spec.ClusterIPs, "may not change once set")) - } - - // test if secondary IPFamily has been released. has this service been downgraded correctly? - // user *must* set IPFamilyPolicy == SingleStack - if len(service.Spec.IPFamilies) == 1 { - if service.Spec.IPFamilyPolicy == nil || *(service.Spec.IPFamilyPolicy) != core.IPFamilyPolicySingleStack { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilyPolicy"), service.Spec.IPFamilyPolicy, "must be set to 'SingleStack' when releasing the secondary ipFamily")) - } - } - case len(oldService.Spec.IPFamilies) < len(service.Spec.IPFamilies): - // something has been added (upgraded) - - // test if primary ipFamily has changed - if len(oldService.Spec.IPFamilies) > 0 && - len(service.Spec.IPFamilies) > 0 && - service.Spec.IPFamilies[0] != oldService.Spec.IPFamilies[0] { - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "ipFamilies").Index(0), service.Spec.ClusterIPs, "may not change once set")) - } - // we don't check for Policy == RequireDualStack here since, Validation/Creation func takes care of it - } - return allErrs -} - -func isHeadlessService(service *core.Service) bool { - return service != nil && - len(service.Spec.ClusterIPs) == 1 && - service.Spec.ClusterIPs[0] == core.ClusterIPNone -} - -// validateLoadBalancerClassField validation for loadBalancerClass -func validateLoadBalancerClassField(oldService, service *core.Service) field.ErrorList { - allErrs := make(field.ErrorList, 0) - if oldService != nil { - // validate update op - if isTypeLoadBalancer(oldService) && isTypeLoadBalancer(service) { - // old and new are both LoadBalancer - if !sameLoadBalancerClass(oldService, service) { - // can't change loadBalancerClass - allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "loadBalancerClass"), service.Spec.LoadBalancerClass, "may not change once set")) - } - } - } - - if isTypeLoadBalancer(service) { - // check LoadBalancerClass format - if service.Spec.LoadBalancerClass != nil { - allErrs = append(allErrs, ValidateQualifiedName(*service.Spec.LoadBalancerClass, field.NewPath("spec", "loadBalancerClass"))...) - } - } else { - // check if LoadBalancerClass set for non LoadBalancer type of service - if service.Spec.LoadBalancerClass != nil { - allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "loadBalancerClass"), "may only be used when `type` is 'LoadBalancer'")) - } - } - return allErrs -} - -// isTypeLoadBalancer tests service type is loadBalancer or not -func isTypeLoadBalancer(service *core.Service) bool { - return service.Spec.Type == core.ServiceTypeLoadBalancer -} - -// sameLoadBalancerClass check two services have the same loadBalancerClass or not -func sameLoadBalancerClass(oldService, service *core.Service) bool { - if oldService.Spec.LoadBalancerClass == nil && service.Spec.LoadBalancerClass == nil { - return true - } - if oldService.Spec.LoadBalancerClass == nil || service.Spec.LoadBalancerClass == nil { - return false - } - return *oldService.Spec.LoadBalancerClass == *service.Spec.LoadBalancerClass -} - -func ValidatePodAffinityTermSelector(podAffinityTerm core.PodAffinityTerm, allowInvalidLabelValueInSelector bool, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - labelSelectorValidationOptions := unversionedvalidation.LabelSelectorValidationOptions{AllowInvalidLabelValueInSelector: allowInvalidLabelValueInSelector} - allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(podAffinityTerm.LabelSelector, labelSelectorValidationOptions, fldPath.Child("labelSelector"))...) - allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(podAffinityTerm.NamespaceSelector, labelSelectorValidationOptions, fldPath.Child("namespaceSelector"))...) - return allErrs -} - -var betaToGALabel = map[string]string{ - v1.LabelFailureDomainBetaZone: v1.LabelTopologyZone, - v1.LabelFailureDomainBetaRegion: v1.LabelTopologyRegion, - kubeletapis.LabelOS: v1.LabelOSStable, - kubeletapis.LabelArch: v1.LabelArchStable, - v1.LabelInstanceType: v1.LabelInstanceTypeStable, -} - -var ( - maskNodeSelectorLabelChangeEqualities conversion.Equalities - initMaskNodeSelectorLabelChangeEqualities sync.Once -) - -func getMaskNodeSelectorLabelChangeEqualities() conversion.Equalities { - initMaskNodeSelectorLabelChangeEqualities.Do(func() { - var eqs = apiequality.Semantic.Copy() - err := eqs.AddFunc( - func(newReq, oldReq core.NodeSelectorRequirement) bool { - // allow newReq to change to a GA key - if oldReq.Key != newReq.Key && betaToGALabel[oldReq.Key] == newReq.Key { - oldReq.Key = newReq.Key // +k8s:verify-mutation:reason=clone - } - return apiequality.Semantic.DeepEqual(newReq, oldReq) - }, - ) - if err != nil { - panic(fmt.Errorf("failed to instantiate semantic equalities: %w", err)) - } - maskNodeSelectorLabelChangeEqualities = eqs - }) - return maskNodeSelectorLabelChangeEqualities -} - -func validatePvNodeAffinity(newPvNodeAffinity, oldPvNodeAffinity *core.VolumeNodeAffinity, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - if !getMaskNodeSelectorLabelChangeEqualities().DeepEqual(newPvNodeAffinity, oldPvNodeAffinity) { - allErrs = append(allErrs, field.Invalid(fldPath, newPvNodeAffinity, fieldImmutableErrorMsg+", except for updating from beta label to GA")) - } - return allErrs -} - -func validateNodeSelectorMutation(fldPath *field.Path, newNodeSelector, oldNodeSelector map[string]string) field.ErrorList { - var allErrs field.ErrorList - - // Validate no existing node selectors were deleted or mutated. - for k, v1 := range oldNodeSelector { - if v2, ok := newNodeSelector[k]; !ok || v1 != v2 { - allErrs = append(allErrs, field.Invalid(fldPath, newNodeSelector, "only additions to spec.nodeSelector are allowed (no mutations or deletions)")) - return allErrs - } - } - return allErrs -} - -func validateNodeAffinityMutation(nodeAffinityPath *field.Path, newNodeAffinity, oldNodeAffinity *core.NodeAffinity) field.ErrorList { - var allErrs field.ErrorList - // If old node affinity was nil, anything can be set. - if oldNodeAffinity == nil || oldNodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution == nil { - return allErrs - } - - oldTerms := oldNodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms - var newTerms []core.NodeSelectorTerm - if newNodeAffinity != nil && newNodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution != nil { - newTerms = newNodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms - } - - // If there are no old terms, we can set the new terms to anything. - // If there are old terms, we cannot add any new ones. - if len(oldTerms) > 0 && len(oldTerms) != len(newTerms) { - return append(allErrs, field.Invalid(nodeAffinityPath.Child("requiredDuringSchedulingIgnoredDuringExecution").Child("nodeSelectorTerms"), newTerms, "no additions/deletions to non-empty NodeSelectorTerms list are allowed")) - } - - // For requiredDuringSchedulingIgnoredDuringExecution, if old NodeSelectorTerms - // was empty, anything can be set. If non-empty, only additions of NodeSelectorRequirements - // to matchExpressions or fieldExpressions are allowed. - for i := range oldTerms { - if !validateNodeSelectorTermHasOnlyAdditions(newTerms[i], oldTerms[i]) { - allErrs = append(allErrs, field.Invalid(nodeAffinityPath.Child("requiredDuringSchedulingIgnoredDuringExecution").Child("nodeSelectorTerms").Index(i), newTerms[i], "only additions are allowed (no mutations or deletions)")) - } - } - return allErrs -} - -func validateNodeSelectorTermHasOnlyAdditions(newTerm, oldTerm core.NodeSelectorTerm) bool { - if len(oldTerm.MatchExpressions) == 0 && len(oldTerm.MatchFields) == 0 { - if len(newTerm.MatchExpressions) > 0 || len(newTerm.MatchFields) > 0 { - return false - } - } - - // Validate MatchExpressions only has additions (no deletions or mutations) - if l := len(oldTerm.MatchExpressions); l > 0 { - if len(newTerm.MatchExpressions) < l { - return false - } - if !apiequality.Semantic.DeepEqual(newTerm.MatchExpressions[:l], oldTerm.MatchExpressions) { - return false - } - } - // Validate MatchFields only has additions (no deletions or mutations) - if l := len(oldTerm.MatchFields); l > 0 { - if len(newTerm.MatchFields) < l { - return false - } - if !apiequality.Semantic.DeepEqual(newTerm.MatchFields[:l], oldTerm.MatchFields) { - return false - } - } - return true -} - -var validSupplementalGroupsPolicies = sets.New(core.SupplementalGroupsPolicyMerge, core.SupplementalGroupsPolicyStrict) - -func validateSupplementalGroupsPolicy(supplementalGroupsPolicy *core.SupplementalGroupsPolicy, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if !validSupplementalGroupsPolicies.Has(*supplementalGroupsPolicy) { - allErrors = append(allErrors, field.NotSupported(fldPath, supplementalGroupsPolicy, sets.List(validSupplementalGroupsPolicies))) - } - return allErrors -} - -func validateContainerStatusUsers(containerStatuses []core.ContainerStatus, fldPath *field.Path, podOS *core.PodOS) field.ErrorList { - allErrors := field.ErrorList{} - osName := core.Linux - if podOS != nil { - osName = podOS.Name - } - for i, containerStatus := range containerStatuses { - if containerStatus.User == nil { - continue - } - containerUser := containerStatus.User - switch osName { - case core.Windows: - if containerUser.Linux != nil { - allErrors = append(allErrors, field.Forbidden(fldPath.Index(i).Child("user").Child("linux"), "cannot be set for a windows pod")) - } - case core.Linux: - allErrors = append(allErrors, validateLinuxContainerUser(containerUser.Linux, fldPath.Index(i).Child("user").Child("linux"))...) - } - } - return allErrors -} - -func validateContainerStatusNoAllocatedResourcesStatus(containerStatuses []core.ContainerStatus, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - - for i, containerStatus := range containerStatuses { - if len(containerStatus.AllocatedResourcesStatus) == 0 { - continue - } - allErrors = append(allErrors, field.Forbidden(fldPath.Index(i).Child("allocatedResourcesStatus"), "must not be specified in container status")) - } - - return allErrors -} - -// validateContainerStatusAllocatedResourcesStatus iterate the allocated resources health and validate: -// - resourceName matches one of resources in container's resource requirements -// - resourceID is not empty and unique -func validateContainerStatusAllocatedResourcesStatus(containerStatuses []core.ContainerStatus, fldPath *field.Path, containers []core.Container) field.ErrorList { - allErrors := field.ErrorList{} - - for i, containerStatus := range containerStatuses { - if containerStatus.AllocatedResourcesStatus == nil { - continue - } - - allocatedResources := containerStatus.AllocatedResourcesStatus - for j, allocatedResource := range allocatedResources { - var container core.Container - containerFound := false - // get container by name - for _, c := range containers { - if c.Name == containerStatus.Name { - containerFound = true - container = c - break - } - } - - // ignore missing container, see https://github.com/kubernetes/kubernetes/issues/124915 - if containerFound { - found := false - var errorStr string - - if strings.HasPrefix(string(allocatedResource.Name), "claim:") { - // assume it is a claim name - - errorStr = "must match one of the container's resource claims in a format 'claim:/' or 'claim:' if request is empty" - - for _, c := range container.Resources.Claims { - name := "claim:" + c.Name - if c.Request != "" { - name += "/" + c.Request - } - - if name == string(allocatedResource.Name) { - found = true - break - } - } - - } else { - // assume it is a resource name - - errorStr = "must match one of the container's resource requests" - - for resourceName := range container.Resources.Requests { - if resourceName == allocatedResource.Name { - found = true - break - } - } - } - if !found { - allErrors = append(allErrors, field.Invalid(fldPath.Index(i).Child("allocatedResourcesStatus").Index(j).Child("name"), allocatedResource.Name, errorStr)) - } - } - - uniqueResources := sets.New[core.ResourceID]() - // check resource IDs are unique - for k, r := range allocatedResource.Resources { - - var supportedResourceHealthValues = sets.New( - core.ResourceHealthStatusHealthy, - core.ResourceHealthStatusUnhealthy, - core.ResourceHealthStatusUnknown) - - if !supportedResourceHealthValues.Has(r.Health) { - allErrors = append(allErrors, field.NotSupported(fldPath.Index(i).Child("allocatedResourcesStatus").Index(j).Child("resources").Index(k).Child("health"), r.Health, sets.List(supportedResourceHealthValues))) - } - - if uniqueResources.Has(r.ResourceID) { - allErrors = append(allErrors, field.Duplicate(fldPath.Index(i).Child("allocatedResourcesStatus").Index(j).Child("resources").Index(k).Child("resourceID"), r.ResourceID)) - } else { - uniqueResources.Insert(r.ResourceID) - } - } - } - } - - return allErrors -} - -func validateLinuxContainerUser(linuxContainerUser *core.LinuxContainerUser, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - if linuxContainerUser == nil { - return allErrors - } - for _, msg := range validation.IsValidUserID(linuxContainerUser.UID) { - allErrors = append(allErrors, field.Invalid(fldPath.Child("uid"), linuxContainerUser.UID, msg)) - } - - for _, msg := range validation.IsValidGroupID(linuxContainerUser.GID) { - allErrors = append(allErrors, field.Invalid(fldPath.Child("gid"), linuxContainerUser.GID, msg)) - } - for g, gid := range linuxContainerUser.SupplementalGroups { - for _, msg := range validation.IsValidGroupID(gid) { - allErrors = append(allErrors, field.Invalid(fldPath.Child("supplementalGroups").Index(g), gid, msg)) - } - } - return allErrors -} - -func validateImageVolumeSource(imageVolume *core.ImageVolumeSource, fldPath *field.Path, opts PodValidationOptions) field.ErrorList { - allErrs := field.ErrorList{} - if opts.ResourceIsPod && len(imageVolume.Reference) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("reference"), "")) - } - allErrs = append(allErrs, validatePullPolicy(imageVolume.PullPolicy, fldPath.Child("pullPolicy"))...) - return allErrs -} - -// isRestartableInitContainer returns true if the container has ContainerRestartPolicyAlways. -func isRestartableInitContainer(initContainer *core.Container) bool { - if initContainer == nil || initContainer.RestartPolicy == nil { - return false - } - return *initContainer.RestartPolicy == core.ContainerRestartPolicyAlways -} - -// IsValidIPForLegacyField is a wrapper around validation.IsValidIPForLegacyField that -// handles setting strictValidation correctly. This is only for fields that use legacy IP -// address validation; use validation.IsValidIP for new fields. -func IsValidIPForLegacyField(fldPath *field.Path, value string, validOldIPs []string) field.ErrorList { - return validation.IsValidIPForLegacyField(fldPath, value, utilfeature.DefaultFeatureGate.Enabled(features.StrictIPCIDRValidation), validOldIPs) -} - -// IsValidCIDRForLegacyField is a wrapper around validation.IsValidCIDRForLegacyField that -// handles setting strictValidation correctly. This is only for fields that use legacy CIDR -// value validation; use validation.IsValidCIDR for new fields. -func IsValidCIDRForLegacyField(fldPath *field.Path, value string, validOldCIDRs []string) field.ErrorList { - return validation.IsValidCIDRForLegacyField(fldPath, value, utilfeature.DefaultFeatureGate.Enabled(features.StrictIPCIDRValidation), validOldCIDRs) -} - -func validateNodeSwapStatus(nodeSwapStatus *core.NodeSwapStatus, fldPath *field.Path) field.ErrorList { - allErrors := field.ErrorList{} - - if nodeSwapStatus == nil { - return allErrors - } - - if nodeSwapStatus.Capacity != nil { - capacityFld := fldPath.Child("capacity") - - errs := ValidatePositiveField(*nodeSwapStatus.Capacity, capacityFld) - if len(errs) > 0 { - allErrors = append(allErrors, errs...) - } - } - - return allErrors -} - -func validateWorkloadReference(workloadRef *core.WorkloadReference, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - for _, detail := range ValidateWorkloadName(workloadRef.Name, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), workloadRef.Name, detail)) - } - for _, detail := range ValidatePodGroupName(workloadRef.PodGroup, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("podGroup"), workloadRef.PodGroup, detail)) - } - if workloadRef.PodGroupReplicaKey != "" { - for _, detail := range ValidatePodGroupReplicaKey(workloadRef.PodGroupReplicaKey, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("podGroupReplicaKey"), workloadRef.PodGroupReplicaKey, detail)) - } - } - return allErrs -} diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go deleted file mode 100644 index 017ac70cd..000000000 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go +++ /dev/null @@ -1,6881 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package core - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - types "k8s.io/apimachinery/pkg/types" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AWSElasticBlockStoreVolumeSource) DeepCopyInto(out *AWSElasticBlockStoreVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSElasticBlockStoreVolumeSource. -func (in *AWSElasticBlockStoreVolumeSource) DeepCopy() *AWSElasticBlockStoreVolumeSource { - if in == nil { - return nil - } - out := new(AWSElasticBlockStoreVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Affinity) DeepCopyInto(out *Affinity) { - *out = *in - if in.NodeAffinity != nil { - in, out := &in.NodeAffinity, &out.NodeAffinity - *out = new(NodeAffinity) - (*in).DeepCopyInto(*out) - } - if in.PodAffinity != nil { - in, out := &in.PodAffinity, &out.PodAffinity - *out = new(PodAffinity) - (*in).DeepCopyInto(*out) - } - if in.PodAntiAffinity != nil { - in, out := &in.PodAntiAffinity, &out.PodAntiAffinity - *out = new(PodAntiAffinity) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Affinity. -func (in *Affinity) DeepCopy() *Affinity { - if in == nil { - return nil - } - out := new(Affinity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AppArmorProfile) DeepCopyInto(out *AppArmorProfile) { - *out = *in - if in.LocalhostProfile != nil { - in, out := &in.LocalhostProfile, &out.LocalhostProfile - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppArmorProfile. -func (in *AppArmorProfile) DeepCopy() *AppArmorProfile { - if in == nil { - return nil - } - out := new(AppArmorProfile) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AttachedVolume) DeepCopyInto(out *AttachedVolume) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AttachedVolume. -func (in *AttachedVolume) DeepCopy() *AttachedVolume { - if in == nil { - return nil - } - out := new(AttachedVolume) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AvoidPods) DeepCopyInto(out *AvoidPods) { - *out = *in - if in.PreferAvoidPods != nil { - in, out := &in.PreferAvoidPods, &out.PreferAvoidPods - *out = make([]PreferAvoidPodsEntry, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AvoidPods. -func (in *AvoidPods) DeepCopy() *AvoidPods { - if in == nil { - return nil - } - out := new(AvoidPods) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureDiskVolumeSource) DeepCopyInto(out *AzureDiskVolumeSource) { - *out = *in - if in.CachingMode != nil { - in, out := &in.CachingMode, &out.CachingMode - *out = new(AzureDataDiskCachingMode) - **out = **in - } - if in.FSType != nil { - in, out := &in.FSType, &out.FSType - *out = new(string) - **out = **in - } - if in.ReadOnly != nil { - in, out := &in.ReadOnly, &out.ReadOnly - *out = new(bool) - **out = **in - } - if in.Kind != nil { - in, out := &in.Kind, &out.Kind - *out = new(AzureDataDiskKind) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureDiskVolumeSource. -func (in *AzureDiskVolumeSource) DeepCopy() *AzureDiskVolumeSource { - if in == nil { - return nil - } - out := new(AzureDiskVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureFilePersistentVolumeSource) DeepCopyInto(out *AzureFilePersistentVolumeSource) { - *out = *in - if in.SecretNamespace != nil { - in, out := &in.SecretNamespace, &out.SecretNamespace - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureFilePersistentVolumeSource. -func (in *AzureFilePersistentVolumeSource) DeepCopy() *AzureFilePersistentVolumeSource { - if in == nil { - return nil - } - out := new(AzureFilePersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureFileVolumeSource) DeepCopyInto(out *AzureFileVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureFileVolumeSource. -func (in *AzureFileVolumeSource) DeepCopy() *AzureFileVolumeSource { - if in == nil { - return nil - } - out := new(AzureFileVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Binding) DeepCopyInto(out *Binding) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Target = in.Target - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Binding. -func (in *Binding) DeepCopy() *Binding { - if in == nil { - return nil - } - out := new(Binding) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Binding) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CSIPersistentVolumeSource) DeepCopyInto(out *CSIPersistentVolumeSource) { - *out = *in - if in.VolumeAttributes != nil { - in, out := &in.VolumeAttributes, &out.VolumeAttributes - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.ControllerPublishSecretRef != nil { - in, out := &in.ControllerPublishSecretRef, &out.ControllerPublishSecretRef - *out = new(SecretReference) - **out = **in - } - if in.NodeStageSecretRef != nil { - in, out := &in.NodeStageSecretRef, &out.NodeStageSecretRef - *out = new(SecretReference) - **out = **in - } - if in.NodePublishSecretRef != nil { - in, out := &in.NodePublishSecretRef, &out.NodePublishSecretRef - *out = new(SecretReference) - **out = **in - } - if in.ControllerExpandSecretRef != nil { - in, out := &in.ControllerExpandSecretRef, &out.ControllerExpandSecretRef - *out = new(SecretReference) - **out = **in - } - if in.NodeExpandSecretRef != nil { - in, out := &in.NodeExpandSecretRef, &out.NodeExpandSecretRef - *out = new(SecretReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSIPersistentVolumeSource. -func (in *CSIPersistentVolumeSource) DeepCopy() *CSIPersistentVolumeSource { - if in == nil { - return nil - } - out := new(CSIPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CSIVolumeSource) DeepCopyInto(out *CSIVolumeSource) { - *out = *in - if in.ReadOnly != nil { - in, out := &in.ReadOnly, &out.ReadOnly - *out = new(bool) - **out = **in - } - if in.FSType != nil { - in, out := &in.FSType, &out.FSType - *out = new(string) - **out = **in - } - if in.VolumeAttributes != nil { - in, out := &in.VolumeAttributes, &out.VolumeAttributes - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.NodePublishSecretRef != nil { - in, out := &in.NodePublishSecretRef, &out.NodePublishSecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CSIVolumeSource. -func (in *CSIVolumeSource) DeepCopy() *CSIVolumeSource { - if in == nil { - return nil - } - out := new(CSIVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Capabilities) DeepCopyInto(out *Capabilities) { - *out = *in - if in.Add != nil { - in, out := &in.Add, &out.Add - *out = make([]Capability, len(*in)) - copy(*out, *in) - } - if in.Drop != nil { - in, out := &in.Drop, &out.Drop - *out = make([]Capability, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capabilities. -func (in *Capabilities) DeepCopy() *Capabilities { - if in == nil { - return nil - } - out := new(Capabilities) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CephFSPersistentVolumeSource) DeepCopyInto(out *CephFSPersistentVolumeSource) { - *out = *in - if in.Monitors != nil { - in, out := &in.Monitors, &out.Monitors - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CephFSPersistentVolumeSource. -func (in *CephFSPersistentVolumeSource) DeepCopy() *CephFSPersistentVolumeSource { - if in == nil { - return nil - } - out := new(CephFSPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CephFSVolumeSource) DeepCopyInto(out *CephFSVolumeSource) { - *out = *in - if in.Monitors != nil { - in, out := &in.Monitors, &out.Monitors - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CephFSVolumeSource. -func (in *CephFSVolumeSource) DeepCopy() *CephFSVolumeSource { - if in == nil { - return nil - } - out := new(CephFSVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CinderPersistentVolumeSource) DeepCopyInto(out *CinderPersistentVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CinderPersistentVolumeSource. -func (in *CinderPersistentVolumeSource) DeepCopy() *CinderPersistentVolumeSource { - if in == nil { - return nil - } - out := new(CinderPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CinderVolumeSource) DeepCopyInto(out *CinderVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CinderVolumeSource. -func (in *CinderVolumeSource) DeepCopy() *CinderVolumeSource { - if in == nil { - return nil - } - out := new(CinderVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClientIPConfig) DeepCopyInto(out *ClientIPConfig) { - *out = *in - if in.TimeoutSeconds != nil { - in, out := &in.TimeoutSeconds, &out.TimeoutSeconds - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientIPConfig. -func (in *ClientIPConfig) DeepCopy() *ClientIPConfig { - if in == nil { - return nil - } - out := new(ClientIPConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterTrustBundleProjection) DeepCopyInto(out *ClusterTrustBundleProjection) { - *out = *in - if in.Name != nil { - in, out := &in.Name, &out.Name - *out = new(string) - **out = **in - } - if in.SignerName != nil { - in, out := &in.SignerName, &out.SignerName - *out = new(string) - **out = **in - } - if in.LabelSelector != nil { - in, out := &in.LabelSelector, &out.LabelSelector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundleProjection. -func (in *ClusterTrustBundleProjection) DeepCopy() *ClusterTrustBundleProjection { - if in == nil { - return nil - } - out := new(ClusterTrustBundleProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ComponentCondition) DeepCopyInto(out *ComponentCondition) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentCondition. -func (in *ComponentCondition) DeepCopy() *ComponentCondition { - if in == nil { - return nil - } - out := new(ComponentCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ComponentStatus) DeepCopyInto(out *ComponentStatus) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]ComponentCondition, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentStatus. -func (in *ComponentStatus) DeepCopy() *ComponentStatus { - if in == nil { - return nil - } - out := new(ComponentStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ComponentStatus) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ComponentStatusList) DeepCopyInto(out *ComponentStatusList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ComponentStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentStatusList. -func (in *ComponentStatusList) DeepCopy() *ComponentStatusList { - if in == nil { - return nil - } - out := new(ComponentStatusList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ComponentStatusList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMap) DeepCopyInto(out *ConfigMap) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Immutable != nil { - in, out := &in.Immutable, &out.Immutable - *out = new(bool) - **out = **in - } - if in.Data != nil { - in, out := &in.Data, &out.Data - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.BinaryData != nil { - in, out := &in.BinaryData, &out.BinaryData - *out = make(map[string][]byte, len(*in)) - for key, val := range *in { - var outVal []byte - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make([]byte, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMap. -func (in *ConfigMap) DeepCopy() *ConfigMap { - if in == nil { - return nil - } - out := new(ConfigMap) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ConfigMap) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapEnvSource) DeepCopyInto(out *ConfigMapEnvSource) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapEnvSource. -func (in *ConfigMapEnvSource) DeepCopy() *ConfigMapEnvSource { - if in == nil { - return nil - } - out := new(ConfigMapEnvSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapKeySelector) DeepCopyInto(out *ConfigMapKeySelector) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapKeySelector. -func (in *ConfigMapKeySelector) DeepCopy() *ConfigMapKeySelector { - if in == nil { - return nil - } - out := new(ConfigMapKeySelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapList) DeepCopyInto(out *ConfigMapList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ConfigMap, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapList. -func (in *ConfigMapList) DeepCopy() *ConfigMapList { - if in == nil { - return nil - } - out := new(ConfigMapList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ConfigMapList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapNodeConfigSource) DeepCopyInto(out *ConfigMapNodeConfigSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapNodeConfigSource. -func (in *ConfigMapNodeConfigSource) DeepCopy() *ConfigMapNodeConfigSource { - if in == nil { - return nil - } - out := new(ConfigMapNodeConfigSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapProjection) DeepCopyInto(out *ConfigMapProjection) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]KeyToPath, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapProjection. -func (in *ConfigMapProjection) DeepCopy() *ConfigMapProjection { - if in == nil { - return nil - } - out := new(ConfigMapProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigMapVolumeSource) DeepCopyInto(out *ConfigMapVolumeSource) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]KeyToPath, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.DefaultMode != nil { - in, out := &in.DefaultMode, &out.DefaultMode - *out = new(int32) - **out = **in - } - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapVolumeSource. -func (in *ConfigMapVolumeSource) DeepCopy() *ConfigMapVolumeSource { - if in == nil { - return nil - } - out := new(ConfigMapVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Container) DeepCopyInto(out *Container) { - *out = *in - if in.Command != nil { - in, out := &in.Command, &out.Command - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Args != nil { - in, out := &in.Args, &out.Args - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]ContainerPort, len(*in)) - copy(*out, *in) - } - if in.EnvFrom != nil { - in, out := &in.EnvFrom, &out.EnvFrom - *out = make([]EnvFromSource, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Env != nil { - in, out := &in.Env, &out.Env - *out = make([]EnvVar, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.Resources.DeepCopyInto(&out.Resources) - if in.ResizePolicy != nil { - in, out := &in.ResizePolicy, &out.ResizePolicy - *out = make([]ContainerResizePolicy, len(*in)) - copy(*out, *in) - } - if in.RestartPolicy != nil { - in, out := &in.RestartPolicy, &out.RestartPolicy - *out = new(ContainerRestartPolicy) - **out = **in - } - if in.RestartPolicyRules != nil { - in, out := &in.RestartPolicyRules, &out.RestartPolicyRules - *out = make([]ContainerRestartRule, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumeMounts != nil { - in, out := &in.VolumeMounts, &out.VolumeMounts - *out = make([]VolumeMount, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumeDevices != nil { - in, out := &in.VolumeDevices, &out.VolumeDevices - *out = make([]VolumeDevice, len(*in)) - copy(*out, *in) - } - if in.LivenessProbe != nil { - in, out := &in.LivenessProbe, &out.LivenessProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.ReadinessProbe != nil { - in, out := &in.ReadinessProbe, &out.ReadinessProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.StartupProbe != nil { - in, out := &in.StartupProbe, &out.StartupProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.Lifecycle != nil { - in, out := &in.Lifecycle, &out.Lifecycle - *out = new(Lifecycle) - (*in).DeepCopyInto(*out) - } - if in.SecurityContext != nil { - in, out := &in.SecurityContext, &out.SecurityContext - *out = new(SecurityContext) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Container. -func (in *Container) DeepCopy() *Container { - if in == nil { - return nil - } - out := new(Container) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerExtendedResourceRequest) DeepCopyInto(out *ContainerExtendedResourceRequest) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerExtendedResourceRequest. -func (in *ContainerExtendedResourceRequest) DeepCopy() *ContainerExtendedResourceRequest { - if in == nil { - return nil - } - out := new(ContainerExtendedResourceRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerImage) DeepCopyInto(out *ContainerImage) { - *out = *in - if in.Names != nil { - in, out := &in.Names, &out.Names - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerImage. -func (in *ContainerImage) DeepCopy() *ContainerImage { - if in == nil { - return nil - } - out := new(ContainerImage) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerPort) DeepCopyInto(out *ContainerPort) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerPort. -func (in *ContainerPort) DeepCopy() *ContainerPort { - if in == nil { - return nil - } - out := new(ContainerPort) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerResizePolicy) DeepCopyInto(out *ContainerResizePolicy) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResizePolicy. -func (in *ContainerResizePolicy) DeepCopy() *ContainerResizePolicy { - if in == nil { - return nil - } - out := new(ContainerResizePolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerRestartRule) DeepCopyInto(out *ContainerRestartRule) { - *out = *in - if in.ExitCodes != nil { - in, out := &in.ExitCodes, &out.ExitCodes - *out = new(ContainerRestartRuleOnExitCodes) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRestartRule. -func (in *ContainerRestartRule) DeepCopy() *ContainerRestartRule { - if in == nil { - return nil - } - out := new(ContainerRestartRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerRestartRuleOnExitCodes) DeepCopyInto(out *ContainerRestartRuleOnExitCodes) { - *out = *in - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make([]int32, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerRestartRuleOnExitCodes. -func (in *ContainerRestartRuleOnExitCodes) DeepCopy() *ContainerRestartRuleOnExitCodes { - if in == nil { - return nil - } - out := new(ContainerRestartRuleOnExitCodes) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerState) DeepCopyInto(out *ContainerState) { - *out = *in - if in.Waiting != nil { - in, out := &in.Waiting, &out.Waiting - *out = new(ContainerStateWaiting) - **out = **in - } - if in.Running != nil { - in, out := &in.Running, &out.Running - *out = new(ContainerStateRunning) - (*in).DeepCopyInto(*out) - } - if in.Terminated != nil { - in, out := &in.Terminated, &out.Terminated - *out = new(ContainerStateTerminated) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerState. -func (in *ContainerState) DeepCopy() *ContainerState { - if in == nil { - return nil - } - out := new(ContainerState) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerStateRunning) DeepCopyInto(out *ContainerStateRunning) { - *out = *in - in.StartedAt.DeepCopyInto(&out.StartedAt) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerStateRunning. -func (in *ContainerStateRunning) DeepCopy() *ContainerStateRunning { - if in == nil { - return nil - } - out := new(ContainerStateRunning) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerStateTerminated) DeepCopyInto(out *ContainerStateTerminated) { - *out = *in - in.StartedAt.DeepCopyInto(&out.StartedAt) - in.FinishedAt.DeepCopyInto(&out.FinishedAt) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerStateTerminated. -func (in *ContainerStateTerminated) DeepCopy() *ContainerStateTerminated { - if in == nil { - return nil - } - out := new(ContainerStateTerminated) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerStateWaiting) DeepCopyInto(out *ContainerStateWaiting) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerStateWaiting. -func (in *ContainerStateWaiting) DeepCopy() *ContainerStateWaiting { - if in == nil { - return nil - } - out := new(ContainerStateWaiting) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerStatus) DeepCopyInto(out *ContainerStatus) { - *out = *in - in.State.DeepCopyInto(&out.State) - in.LastTerminationState.DeepCopyInto(&out.LastTerminationState) - if in.Started != nil { - in, out := &in.Started, &out.Started - *out = new(bool) - **out = **in - } - if in.AllocatedResources != nil { - in, out := &in.AllocatedResources, &out.AllocatedResources - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = new(ResourceRequirements) - (*in).DeepCopyInto(*out) - } - if in.VolumeMounts != nil { - in, out := &in.VolumeMounts, &out.VolumeMounts - *out = make([]VolumeMountStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.User != nil { - in, out := &in.User, &out.User - *out = new(ContainerUser) - (*in).DeepCopyInto(*out) - } - if in.AllocatedResourcesStatus != nil { - in, out := &in.AllocatedResourcesStatus, &out.AllocatedResourcesStatus - *out = make([]ResourceStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.StopSignal != nil { - in, out := &in.StopSignal, &out.StopSignal - *out = new(Signal) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerStatus. -func (in *ContainerStatus) DeepCopy() *ContainerStatus { - if in == nil { - return nil - } - out := new(ContainerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerUser) DeepCopyInto(out *ContainerUser) { - *out = *in - if in.Linux != nil { - in, out := &in.Linux, &out.Linux - *out = new(LinuxContainerUser) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerUser. -func (in *ContainerUser) DeepCopy() *ContainerUser { - if in == nil { - return nil - } - out := new(ContainerUser) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DaemonEndpoint) DeepCopyInto(out *DaemonEndpoint) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonEndpoint. -func (in *DaemonEndpoint) DeepCopy() *DaemonEndpoint { - if in == nil { - return nil - } - out := new(DaemonEndpoint) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DownwardAPIProjection) DeepCopyInto(out *DownwardAPIProjection) { - *out = *in - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DownwardAPIVolumeFile, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardAPIProjection. -func (in *DownwardAPIProjection) DeepCopy() *DownwardAPIProjection { - if in == nil { - return nil - } - out := new(DownwardAPIProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DownwardAPIVolumeFile) DeepCopyInto(out *DownwardAPIVolumeFile) { - *out = *in - if in.FieldRef != nil { - in, out := &in.FieldRef, &out.FieldRef - *out = new(ObjectFieldSelector) - **out = **in - } - if in.ResourceFieldRef != nil { - in, out := &in.ResourceFieldRef, &out.ResourceFieldRef - *out = new(ResourceFieldSelector) - (*in).DeepCopyInto(*out) - } - if in.Mode != nil { - in, out := &in.Mode, &out.Mode - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardAPIVolumeFile. -func (in *DownwardAPIVolumeFile) DeepCopy() *DownwardAPIVolumeFile { - if in == nil { - return nil - } - out := new(DownwardAPIVolumeFile) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DownwardAPIVolumeSource) DeepCopyInto(out *DownwardAPIVolumeSource) { - *out = *in - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DownwardAPIVolumeFile, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.DefaultMode != nil { - in, out := &in.DefaultMode, &out.DefaultMode - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardAPIVolumeSource. -func (in *DownwardAPIVolumeSource) DeepCopy() *DownwardAPIVolumeSource { - if in == nil { - return nil - } - out := new(DownwardAPIVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EmptyDirVolumeSource) DeepCopyInto(out *EmptyDirVolumeSource) { - *out = *in - if in.SizeLimit != nil { - in, out := &in.SizeLimit, &out.SizeLimit - x := (*in).DeepCopy() - *out = &x - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmptyDirVolumeSource. -func (in *EmptyDirVolumeSource) DeepCopy() *EmptyDirVolumeSource { - if in == nil { - return nil - } - out := new(EmptyDirVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EndpointAddress) DeepCopyInto(out *EndpointAddress) { - *out = *in - if in.NodeName != nil { - in, out := &in.NodeName, &out.NodeName - *out = new(string) - **out = **in - } - if in.TargetRef != nil { - in, out := &in.TargetRef, &out.TargetRef - *out = new(ObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointAddress. -func (in *EndpointAddress) DeepCopy() *EndpointAddress { - if in == nil { - return nil - } - out := new(EndpointAddress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EndpointPort) DeepCopyInto(out *EndpointPort) { - *out = *in - if in.AppProtocol != nil { - in, out := &in.AppProtocol, &out.AppProtocol - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointPort. -func (in *EndpointPort) DeepCopy() *EndpointPort { - if in == nil { - return nil - } - out := new(EndpointPort) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EndpointSubset) DeepCopyInto(out *EndpointSubset) { - *out = *in - if in.Addresses != nil { - in, out := &in.Addresses, &out.Addresses - *out = make([]EndpointAddress, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.NotReadyAddresses != nil { - in, out := &in.NotReadyAddresses, &out.NotReadyAddresses - *out = make([]EndpointAddress, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]EndpointPort, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointSubset. -func (in *EndpointSubset) DeepCopy() *EndpointSubset { - if in == nil { - return nil - } - out := new(EndpointSubset) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Endpoints) DeepCopyInto(out *Endpoints) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Subsets != nil { - in, out := &in.Subsets, &out.Subsets - *out = make([]EndpointSubset, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Endpoints. -func (in *Endpoints) DeepCopy() *Endpoints { - if in == nil { - return nil - } - out := new(Endpoints) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Endpoints) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EndpointsList) DeepCopyInto(out *EndpointsList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Endpoints, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointsList. -func (in *EndpointsList) DeepCopy() *EndpointsList { - if in == nil { - return nil - } - out := new(EndpointsList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *EndpointsList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EnvFromSource) DeepCopyInto(out *EnvFromSource) { - *out = *in - if in.ConfigMapRef != nil { - in, out := &in.ConfigMapRef, &out.ConfigMapRef - *out = new(ConfigMapEnvSource) - (*in).DeepCopyInto(*out) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretEnvSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvFromSource. -func (in *EnvFromSource) DeepCopy() *EnvFromSource { - if in == nil { - return nil - } - out := new(EnvFromSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EnvVar) DeepCopyInto(out *EnvVar) { - *out = *in - if in.ValueFrom != nil { - in, out := &in.ValueFrom, &out.ValueFrom - *out = new(EnvVarSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvVar. -func (in *EnvVar) DeepCopy() *EnvVar { - if in == nil { - return nil - } - out := new(EnvVar) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EnvVarSource) DeepCopyInto(out *EnvVarSource) { - *out = *in - if in.FieldRef != nil { - in, out := &in.FieldRef, &out.FieldRef - *out = new(ObjectFieldSelector) - **out = **in - } - if in.ResourceFieldRef != nil { - in, out := &in.ResourceFieldRef, &out.ResourceFieldRef - *out = new(ResourceFieldSelector) - (*in).DeepCopyInto(*out) - } - if in.ConfigMapKeyRef != nil { - in, out := &in.ConfigMapKeyRef, &out.ConfigMapKeyRef - *out = new(ConfigMapKeySelector) - (*in).DeepCopyInto(*out) - } - if in.SecretKeyRef != nil { - in, out := &in.SecretKeyRef, &out.SecretKeyRef - *out = new(SecretKeySelector) - (*in).DeepCopyInto(*out) - } - if in.FileKeyRef != nil { - in, out := &in.FileKeyRef, &out.FileKeyRef - *out = new(FileKeySelector) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvVarSource. -func (in *EnvVarSource) DeepCopy() *EnvVarSource { - if in == nil { - return nil - } - out := new(EnvVarSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EphemeralContainer) DeepCopyInto(out *EphemeralContainer) { - *out = *in - in.EphemeralContainerCommon.DeepCopyInto(&out.EphemeralContainerCommon) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EphemeralContainer. -func (in *EphemeralContainer) DeepCopy() *EphemeralContainer { - if in == nil { - return nil - } - out := new(EphemeralContainer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EphemeralContainerCommon) DeepCopyInto(out *EphemeralContainerCommon) { - *out = *in - if in.Command != nil { - in, out := &in.Command, &out.Command - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Args != nil { - in, out := &in.Args, &out.Args - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]ContainerPort, len(*in)) - copy(*out, *in) - } - if in.EnvFrom != nil { - in, out := &in.EnvFrom, &out.EnvFrom - *out = make([]EnvFromSource, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Env != nil { - in, out := &in.Env, &out.Env - *out = make([]EnvVar, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.Resources.DeepCopyInto(&out.Resources) - if in.ResizePolicy != nil { - in, out := &in.ResizePolicy, &out.ResizePolicy - *out = make([]ContainerResizePolicy, len(*in)) - copy(*out, *in) - } - if in.RestartPolicy != nil { - in, out := &in.RestartPolicy, &out.RestartPolicy - *out = new(ContainerRestartPolicy) - **out = **in - } - if in.RestartPolicyRules != nil { - in, out := &in.RestartPolicyRules, &out.RestartPolicyRules - *out = make([]ContainerRestartRule, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumeMounts != nil { - in, out := &in.VolumeMounts, &out.VolumeMounts - *out = make([]VolumeMount, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumeDevices != nil { - in, out := &in.VolumeDevices, &out.VolumeDevices - *out = make([]VolumeDevice, len(*in)) - copy(*out, *in) - } - if in.LivenessProbe != nil { - in, out := &in.LivenessProbe, &out.LivenessProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.ReadinessProbe != nil { - in, out := &in.ReadinessProbe, &out.ReadinessProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.StartupProbe != nil { - in, out := &in.StartupProbe, &out.StartupProbe - *out = new(Probe) - (*in).DeepCopyInto(*out) - } - if in.Lifecycle != nil { - in, out := &in.Lifecycle, &out.Lifecycle - *out = new(Lifecycle) - (*in).DeepCopyInto(*out) - } - if in.SecurityContext != nil { - in, out := &in.SecurityContext, &out.SecurityContext - *out = new(SecurityContext) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EphemeralContainerCommon. -func (in *EphemeralContainerCommon) DeepCopy() *EphemeralContainerCommon { - if in == nil { - return nil - } - out := new(EphemeralContainerCommon) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EphemeralVolumeSource) DeepCopyInto(out *EphemeralVolumeSource) { - *out = *in - if in.VolumeClaimTemplate != nil { - in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate - *out = new(PersistentVolumeClaimTemplate) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EphemeralVolumeSource. -func (in *EphemeralVolumeSource) DeepCopy() *EphemeralVolumeSource { - if in == nil { - return nil - } - out := new(EphemeralVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Event) DeepCopyInto(out *Event) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.InvolvedObject = in.InvolvedObject - out.Source = in.Source - in.FirstTimestamp.DeepCopyInto(&out.FirstTimestamp) - in.LastTimestamp.DeepCopyInto(&out.LastTimestamp) - in.EventTime.DeepCopyInto(&out.EventTime) - if in.Series != nil { - in, out := &in.Series, &out.Series - *out = new(EventSeries) - (*in).DeepCopyInto(*out) - } - if in.Related != nil { - in, out := &in.Related, &out.Related - *out = new(ObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Event. -func (in *Event) DeepCopy() *Event { - if in == nil { - return nil - } - out := new(Event) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Event) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EventList) DeepCopyInto(out *EventList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Event, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventList. -func (in *EventList) DeepCopy() *EventList { - if in == nil { - return nil - } - out := new(EventList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *EventList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EventSeries) DeepCopyInto(out *EventSeries) { - *out = *in - in.LastObservedTime.DeepCopyInto(&out.LastObservedTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventSeries. -func (in *EventSeries) DeepCopy() *EventSeries { - if in == nil { - return nil - } - out := new(EventSeries) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EventSource) DeepCopyInto(out *EventSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventSource. -func (in *EventSource) DeepCopy() *EventSource { - if in == nil { - return nil - } - out := new(EventSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExecAction) DeepCopyInto(out *ExecAction) { - *out = *in - if in.Command != nil { - in, out := &in.Command, &out.Command - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecAction. -func (in *ExecAction) DeepCopy() *ExecAction { - if in == nil { - return nil - } - out := new(ExecAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FCVolumeSource) DeepCopyInto(out *FCVolumeSource) { - *out = *in - if in.TargetWWNs != nil { - in, out := &in.TargetWWNs, &out.TargetWWNs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Lun != nil { - in, out := &in.Lun, &out.Lun - *out = new(int32) - **out = **in - } - if in.WWIDs != nil { - in, out := &in.WWIDs, &out.WWIDs - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FCVolumeSource. -func (in *FCVolumeSource) DeepCopy() *FCVolumeSource { - if in == nil { - return nil - } - out := new(FCVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FileKeySelector) DeepCopyInto(out *FileKeySelector) { - *out = *in - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileKeySelector. -func (in *FileKeySelector) DeepCopy() *FileKeySelector { - if in == nil { - return nil - } - out := new(FileKeySelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FlexPersistentVolumeSource) DeepCopyInto(out *FlexPersistentVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - if in.Options != nil { - in, out := &in.Options, &out.Options - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlexPersistentVolumeSource. -func (in *FlexPersistentVolumeSource) DeepCopy() *FlexPersistentVolumeSource { - if in == nil { - return nil - } - out := new(FlexPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FlexVolumeSource) DeepCopyInto(out *FlexVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - if in.Options != nil { - in, out := &in.Options, &out.Options - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlexVolumeSource. -func (in *FlexVolumeSource) DeepCopy() *FlexVolumeSource { - if in == nil { - return nil - } - out := new(FlexVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *FlockerVolumeSource) DeepCopyInto(out *FlockerVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlockerVolumeSource. -func (in *FlockerVolumeSource) DeepCopy() *FlockerVolumeSource { - if in == nil { - return nil - } - out := new(FlockerVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GCEPersistentDiskVolumeSource) DeepCopyInto(out *GCEPersistentDiskVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCEPersistentDiskVolumeSource. -func (in *GCEPersistentDiskVolumeSource) DeepCopy() *GCEPersistentDiskVolumeSource { - if in == nil { - return nil - } - out := new(GCEPersistentDiskVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GRPCAction) DeepCopyInto(out *GRPCAction) { - *out = *in - if in.Service != nil { - in, out := &in.Service, &out.Service - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GRPCAction. -func (in *GRPCAction) DeepCopy() *GRPCAction { - if in == nil { - return nil - } - out := new(GRPCAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GitRepoVolumeSource) DeepCopyInto(out *GitRepoVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepoVolumeSource. -func (in *GitRepoVolumeSource) DeepCopy() *GitRepoVolumeSource { - if in == nil { - return nil - } - out := new(GitRepoVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GlusterfsPersistentVolumeSource) DeepCopyInto(out *GlusterfsPersistentVolumeSource) { - *out = *in - if in.EndpointsNamespace != nil { - in, out := &in.EndpointsNamespace, &out.EndpointsNamespace - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlusterfsPersistentVolumeSource. -func (in *GlusterfsPersistentVolumeSource) DeepCopy() *GlusterfsPersistentVolumeSource { - if in == nil { - return nil - } - out := new(GlusterfsPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GlusterfsVolumeSource) DeepCopyInto(out *GlusterfsVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlusterfsVolumeSource. -func (in *GlusterfsVolumeSource) DeepCopy() *GlusterfsVolumeSource { - if in == nil { - return nil - } - out := new(GlusterfsVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HTTPGetAction) DeepCopyInto(out *HTTPGetAction) { - *out = *in - out.Port = in.Port - if in.HTTPHeaders != nil { - in, out := &in.HTTPHeaders, &out.HTTPHeaders - *out = make([]HTTPHeader, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPGetAction. -func (in *HTTPGetAction) DeepCopy() *HTTPGetAction { - if in == nil { - return nil - } - out := new(HTTPGetAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HTTPHeader) DeepCopyInto(out *HTTPHeader) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeader. -func (in *HTTPHeader) DeepCopy() *HTTPHeader { - if in == nil { - return nil - } - out := new(HTTPHeader) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostAlias) DeepCopyInto(out *HostAlias) { - *out = *in - if in.Hostnames != nil { - in, out := &in.Hostnames, &out.Hostnames - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostAlias. -func (in *HostAlias) DeepCopy() *HostAlias { - if in == nil { - return nil - } - out := new(HostAlias) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostIP) DeepCopyInto(out *HostIP) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostIP. -func (in *HostIP) DeepCopy() *HostIP { - if in == nil { - return nil - } - out := new(HostIP) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostPathVolumeSource) DeepCopyInto(out *HostPathVolumeSource) { - *out = *in - if in.Type != nil { - in, out := &in.Type, &out.Type - *out = new(HostPathType) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPathVolumeSource. -func (in *HostPathVolumeSource) DeepCopy() *HostPathVolumeSource { - if in == nil { - return nil - } - out := new(HostPathVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ISCSIPersistentVolumeSource) DeepCopyInto(out *ISCSIPersistentVolumeSource) { - *out = *in - if in.Portals != nil { - in, out := &in.Portals, &out.Portals - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - if in.InitiatorName != nil { - in, out := &in.InitiatorName, &out.InitiatorName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ISCSIPersistentVolumeSource. -func (in *ISCSIPersistentVolumeSource) DeepCopy() *ISCSIPersistentVolumeSource { - if in == nil { - return nil - } - out := new(ISCSIPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ISCSIVolumeSource) DeepCopyInto(out *ISCSIVolumeSource) { - *out = *in - if in.Portals != nil { - in, out := &in.Portals, &out.Portals - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - if in.InitiatorName != nil { - in, out := &in.InitiatorName, &out.InitiatorName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ISCSIVolumeSource. -func (in *ISCSIVolumeSource) DeepCopy() *ISCSIVolumeSource { - if in == nil { - return nil - } - out := new(ISCSIVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImageVolumeSource) DeepCopyInto(out *ImageVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageVolumeSource. -func (in *ImageVolumeSource) DeepCopy() *ImageVolumeSource { - if in == nil { - return nil - } - out := new(ImageVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeyToPath) DeepCopyInto(out *KeyToPath) { - *out = *in - if in.Mode != nil { - in, out := &in.Mode, &out.Mode - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyToPath. -func (in *KeyToPath) DeepCopy() *KeyToPath { - if in == nil { - return nil - } - out := new(KeyToPath) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Lifecycle) DeepCopyInto(out *Lifecycle) { - *out = *in - if in.PostStart != nil { - in, out := &in.PostStart, &out.PostStart - *out = new(LifecycleHandler) - (*in).DeepCopyInto(*out) - } - if in.PreStop != nil { - in, out := &in.PreStop, &out.PreStop - *out = new(LifecycleHandler) - (*in).DeepCopyInto(*out) - } - if in.StopSignal != nil { - in, out := &in.StopSignal, &out.StopSignal - *out = new(Signal) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Lifecycle. -func (in *Lifecycle) DeepCopy() *Lifecycle { - if in == nil { - return nil - } - out := new(Lifecycle) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LifecycleHandler) DeepCopyInto(out *LifecycleHandler) { - *out = *in - if in.Exec != nil { - in, out := &in.Exec, &out.Exec - *out = new(ExecAction) - (*in).DeepCopyInto(*out) - } - if in.HTTPGet != nil { - in, out := &in.HTTPGet, &out.HTTPGet - *out = new(HTTPGetAction) - (*in).DeepCopyInto(*out) - } - if in.TCPSocket != nil { - in, out := &in.TCPSocket, &out.TCPSocket - *out = new(TCPSocketAction) - **out = **in - } - if in.Sleep != nil { - in, out := &in.Sleep, &out.Sleep - *out = new(SleepAction) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LifecycleHandler. -func (in *LifecycleHandler) DeepCopy() *LifecycleHandler { - if in == nil { - return nil - } - out := new(LifecycleHandler) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LimitRange) DeepCopyInto(out *LimitRange) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRange. -func (in *LimitRange) DeepCopy() *LimitRange { - if in == nil { - return nil - } - out := new(LimitRange) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LimitRange) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LimitRangeItem) DeepCopyInto(out *LimitRangeItem) { - *out = *in - if in.Max != nil { - in, out := &in.Max, &out.Max - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Min != nil { - in, out := &in.Min, &out.Min - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Default != nil { - in, out := &in.Default, &out.Default - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.DefaultRequest != nil { - in, out := &in.DefaultRequest, &out.DefaultRequest - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.MaxLimitRequestRatio != nil { - in, out := &in.MaxLimitRequestRatio, &out.MaxLimitRequestRatio - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRangeItem. -func (in *LimitRangeItem) DeepCopy() *LimitRangeItem { - if in == nil { - return nil - } - out := new(LimitRangeItem) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LimitRangeList) DeepCopyInto(out *LimitRangeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LimitRange, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRangeList. -func (in *LimitRangeList) DeepCopy() *LimitRangeList { - if in == nil { - return nil - } - out := new(LimitRangeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LimitRangeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LimitRangeSpec) DeepCopyInto(out *LimitRangeSpec) { - *out = *in - if in.Limits != nil { - in, out := &in.Limits, &out.Limits - *out = make([]LimitRangeItem, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRangeSpec. -func (in *LimitRangeSpec) DeepCopy() *LimitRangeSpec { - if in == nil { - return nil - } - out := new(LimitRangeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LinuxContainerUser) DeepCopyInto(out *LinuxContainerUser) { - *out = *in - if in.SupplementalGroups != nil { - in, out := &in.SupplementalGroups, &out.SupplementalGroups - *out = make([]int64, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LinuxContainerUser. -func (in *LinuxContainerUser) DeepCopy() *LinuxContainerUser { - if in == nil { - return nil - } - out := new(LinuxContainerUser) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *List) DeepCopyInto(out *List) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]runtime.Object, len(*in)) - for i := range *in { - if (*in)[i] != nil { - (*out)[i] = (*in)[i].DeepCopyObject() - } - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new List. -func (in *List) DeepCopy() *List { - if in == nil { - return nil - } - out := new(List) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *List) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerIngress) DeepCopyInto(out *LoadBalancerIngress) { - *out = *in - if in.IPMode != nil { - in, out := &in.IPMode, &out.IPMode - *out = new(LoadBalancerIPMode) - **out = **in - } - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]PortStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerIngress. -func (in *LoadBalancerIngress) DeepCopy() *LoadBalancerIngress { - if in == nil { - return nil - } - out := new(LoadBalancerIngress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LoadBalancerStatus) DeepCopyInto(out *LoadBalancerStatus) { - *out = *in - if in.Ingress != nil { - in, out := &in.Ingress, &out.Ingress - *out = make([]LoadBalancerIngress, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerStatus. -func (in *LoadBalancerStatus) DeepCopy() *LoadBalancerStatus { - if in == nil { - return nil - } - out := new(LoadBalancerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LocalObjectReference) DeepCopyInto(out *LocalObjectReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalObjectReference. -func (in *LocalObjectReference) DeepCopy() *LocalObjectReference { - if in == nil { - return nil - } - out := new(LocalObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LocalVolumeSource) DeepCopyInto(out *LocalVolumeSource) { - *out = *in - if in.FSType != nil { - in, out := &in.FSType, &out.FSType - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalVolumeSource. -func (in *LocalVolumeSource) DeepCopy() *LocalVolumeSource { - if in == nil { - return nil - } - out := new(LocalVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ModifyVolumeStatus) DeepCopyInto(out *ModifyVolumeStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModifyVolumeStatus. -func (in *ModifyVolumeStatus) DeepCopy() *ModifyVolumeStatus { - if in == nil { - return nil - } - out := new(ModifyVolumeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NFSVolumeSource) DeepCopyInto(out *NFSVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NFSVolumeSource. -func (in *NFSVolumeSource) DeepCopy() *NFSVolumeSource { - if in == nil { - return nil - } - out := new(NFSVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Namespace) DeepCopyInto(out *Namespace) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Namespace. -func (in *Namespace) DeepCopy() *Namespace { - if in == nil { - return nil - } - out := new(Namespace) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Namespace) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NamespaceCondition) DeepCopyInto(out *NamespaceCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceCondition. -func (in *NamespaceCondition) DeepCopy() *NamespaceCondition { - if in == nil { - return nil - } - out := new(NamespaceCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NamespaceList) DeepCopyInto(out *NamespaceList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Namespace, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceList. -func (in *NamespaceList) DeepCopy() *NamespaceList { - if in == nil { - return nil - } - out := new(NamespaceList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *NamespaceList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NamespaceSpec) DeepCopyInto(out *NamespaceSpec) { - *out = *in - if in.Finalizers != nil { - in, out := &in.Finalizers, &out.Finalizers - *out = make([]FinalizerName, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceSpec. -func (in *NamespaceSpec) DeepCopy() *NamespaceSpec { - if in == nil { - return nil - } - out := new(NamespaceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NamespaceStatus) DeepCopyInto(out *NamespaceStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]NamespaceCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceStatus. -func (in *NamespaceStatus) DeepCopy() *NamespaceStatus { - if in == nil { - return nil - } - out := new(NamespaceStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Node) DeepCopyInto(out *Node) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Node. -func (in *Node) DeepCopy() *Node { - if in == nil { - return nil - } - out := new(Node) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Node) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeAddress) DeepCopyInto(out *NodeAddress) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAddress. -func (in *NodeAddress) DeepCopy() *NodeAddress { - if in == nil { - return nil - } - out := new(NodeAddress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeAffinity) DeepCopyInto(out *NodeAffinity) { - *out = *in - if in.RequiredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.RequiredDuringSchedulingIgnoredDuringExecution, &out.RequiredDuringSchedulingIgnoredDuringExecution - *out = new(NodeSelector) - (*in).DeepCopyInto(*out) - } - if in.PreferredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.PreferredDuringSchedulingIgnoredDuringExecution, &out.PreferredDuringSchedulingIgnoredDuringExecution - *out = make([]PreferredSchedulingTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeAffinity. -func (in *NodeAffinity) DeepCopy() *NodeAffinity { - if in == nil { - return nil - } - out := new(NodeAffinity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeCondition) DeepCopyInto(out *NodeCondition) { - *out = *in - in.LastHeartbeatTime.DeepCopyInto(&out.LastHeartbeatTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeCondition. -func (in *NodeCondition) DeepCopy() *NodeCondition { - if in == nil { - return nil - } - out := new(NodeCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeConfigSource) DeepCopyInto(out *NodeConfigSource) { - *out = *in - if in.ConfigMap != nil { - in, out := &in.ConfigMap, &out.ConfigMap - *out = new(ConfigMapNodeConfigSource) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeConfigSource. -func (in *NodeConfigSource) DeepCopy() *NodeConfigSource { - if in == nil { - return nil - } - out := new(NodeConfigSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeConfigStatus) DeepCopyInto(out *NodeConfigStatus) { - *out = *in - if in.Assigned != nil { - in, out := &in.Assigned, &out.Assigned - *out = new(NodeConfigSource) - (*in).DeepCopyInto(*out) - } - if in.Active != nil { - in, out := &in.Active, &out.Active - *out = new(NodeConfigSource) - (*in).DeepCopyInto(*out) - } - if in.LastKnownGood != nil { - in, out := &in.LastKnownGood, &out.LastKnownGood - *out = new(NodeConfigSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeConfigStatus. -func (in *NodeConfigStatus) DeepCopy() *NodeConfigStatus { - if in == nil { - return nil - } - out := new(NodeConfigStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDaemonEndpoints) DeepCopyInto(out *NodeDaemonEndpoints) { - *out = *in - out.KubeletEndpoint = in.KubeletEndpoint - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDaemonEndpoints. -func (in *NodeDaemonEndpoints) DeepCopy() *NodeDaemonEndpoints { - if in == nil { - return nil - } - out := new(NodeDaemonEndpoints) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeFeatures) DeepCopyInto(out *NodeFeatures) { - *out = *in - if in.SupplementalGroupsPolicy != nil { - in, out := &in.SupplementalGroupsPolicy, &out.SupplementalGroupsPolicy - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeFeatures. -func (in *NodeFeatures) DeepCopy() *NodeFeatures { - if in == nil { - return nil - } - out := new(NodeFeatures) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeList) DeepCopyInto(out *NodeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Node, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeList. -func (in *NodeList) DeepCopy() *NodeList { - if in == nil { - return nil - } - out := new(NodeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *NodeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeProxyOptions) DeepCopyInto(out *NodeProxyOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeProxyOptions. -func (in *NodeProxyOptions) DeepCopy() *NodeProxyOptions { - if in == nil { - return nil - } - out := new(NodeProxyOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *NodeProxyOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeRuntimeHandler) DeepCopyInto(out *NodeRuntimeHandler) { - *out = *in - if in.Features != nil { - in, out := &in.Features, &out.Features - *out = new(NodeRuntimeHandlerFeatures) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeRuntimeHandler. -func (in *NodeRuntimeHandler) DeepCopy() *NodeRuntimeHandler { - if in == nil { - return nil - } - out := new(NodeRuntimeHandler) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeRuntimeHandlerFeatures) DeepCopyInto(out *NodeRuntimeHandlerFeatures) { - *out = *in - if in.RecursiveReadOnlyMounts != nil { - in, out := &in.RecursiveReadOnlyMounts, &out.RecursiveReadOnlyMounts - *out = new(bool) - **out = **in - } - if in.UserNamespaces != nil { - in, out := &in.UserNamespaces, &out.UserNamespaces - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeRuntimeHandlerFeatures. -func (in *NodeRuntimeHandlerFeatures) DeepCopy() *NodeRuntimeHandlerFeatures { - if in == nil { - return nil - } - out := new(NodeRuntimeHandlerFeatures) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSelector) DeepCopyInto(out *NodeSelector) { - *out = *in - if in.NodeSelectorTerms != nil { - in, out := &in.NodeSelectorTerms, &out.NodeSelectorTerms - *out = make([]NodeSelectorTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSelector. -func (in *NodeSelector) DeepCopy() *NodeSelector { - if in == nil { - return nil - } - out := new(NodeSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSelectorRequirement) DeepCopyInto(out *NodeSelectorRequirement) { - *out = *in - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSelectorRequirement. -func (in *NodeSelectorRequirement) DeepCopy() *NodeSelectorRequirement { - if in == nil { - return nil - } - out := new(NodeSelectorRequirement) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSelectorTerm) DeepCopyInto(out *NodeSelectorTerm) { - *out = *in - if in.MatchExpressions != nil { - in, out := &in.MatchExpressions, &out.MatchExpressions - *out = make([]NodeSelectorRequirement, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.MatchFields != nil { - in, out := &in.MatchFields, &out.MatchFields - *out = make([]NodeSelectorRequirement, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSelectorTerm. -func (in *NodeSelectorTerm) DeepCopy() *NodeSelectorTerm { - if in == nil { - return nil - } - out := new(NodeSelectorTerm) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSpec) DeepCopyInto(out *NodeSpec) { - *out = *in - if in.PodCIDRs != nil { - in, out := &in.PodCIDRs, &out.PodCIDRs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Taints != nil { - in, out := &in.Taints, &out.Taints - *out = make([]Taint, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ConfigSource != nil { - in, out := &in.ConfigSource, &out.ConfigSource - *out = new(NodeConfigSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSpec. -func (in *NodeSpec) DeepCopy() *NodeSpec { - if in == nil { - return nil - } - out := new(NodeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeStatus) DeepCopyInto(out *NodeStatus) { - *out = *in - if in.Capacity != nil { - in, out := &in.Capacity, &out.Capacity - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Allocatable != nil { - in, out := &in.Allocatable, &out.Allocatable - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]NodeCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Addresses != nil { - in, out := &in.Addresses, &out.Addresses - *out = make([]NodeAddress, len(*in)) - copy(*out, *in) - } - out.DaemonEndpoints = in.DaemonEndpoints - in.NodeInfo.DeepCopyInto(&out.NodeInfo) - if in.Images != nil { - in, out := &in.Images, &out.Images - *out = make([]ContainerImage, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.VolumesInUse != nil { - in, out := &in.VolumesInUse, &out.VolumesInUse - *out = make([]UniqueVolumeName, len(*in)) - copy(*out, *in) - } - if in.VolumesAttached != nil { - in, out := &in.VolumesAttached, &out.VolumesAttached - *out = make([]AttachedVolume, len(*in)) - copy(*out, *in) - } - if in.Config != nil { - in, out := &in.Config, &out.Config - *out = new(NodeConfigStatus) - (*in).DeepCopyInto(*out) - } - if in.RuntimeHandlers != nil { - in, out := &in.RuntimeHandlers, &out.RuntimeHandlers - *out = make([]NodeRuntimeHandler, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Features != nil { - in, out := &in.Features, &out.Features - *out = new(NodeFeatures) - (*in).DeepCopyInto(*out) - } - if in.DeclaredFeatures != nil { - in, out := &in.DeclaredFeatures, &out.DeclaredFeatures - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeStatus. -func (in *NodeStatus) DeepCopy() *NodeStatus { - if in == nil { - return nil - } - out := new(NodeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSwapStatus) DeepCopyInto(out *NodeSwapStatus) { - *out = *in - if in.Capacity != nil { - in, out := &in.Capacity, &out.Capacity - *out = new(int64) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSwapStatus. -func (in *NodeSwapStatus) DeepCopy() *NodeSwapStatus { - if in == nil { - return nil - } - out := new(NodeSwapStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeSystemInfo) DeepCopyInto(out *NodeSystemInfo) { - *out = *in - if in.Swap != nil { - in, out := &in.Swap, &out.Swap - *out = new(NodeSwapStatus) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSystemInfo. -func (in *NodeSystemInfo) DeepCopy() *NodeSystemInfo { - if in == nil { - return nil - } - out := new(NodeSystemInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ObjectFieldSelector) DeepCopyInto(out *ObjectFieldSelector) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectFieldSelector. -func (in *ObjectFieldSelector) DeepCopy() *ObjectFieldSelector { - if in == nil { - return nil - } - out := new(ObjectFieldSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ObjectReference) DeepCopyInto(out *ObjectReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectReference. -func (in *ObjectReference) DeepCopy() *ObjectReference { - if in == nil { - return nil - } - out := new(ObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ObjectReference) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolume) DeepCopyInto(out *PersistentVolume) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolume. -func (in *PersistentVolume) DeepCopy() *PersistentVolume { - if in == nil { - return nil - } - out := new(PersistentVolume) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistentVolume) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaim) DeepCopyInto(out *PersistentVolumeClaim) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaim. -func (in *PersistentVolumeClaim) DeepCopy() *PersistentVolumeClaim { - if in == nil { - return nil - } - out := new(PersistentVolumeClaim) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistentVolumeClaim) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimCondition) DeepCopyInto(out *PersistentVolumeClaimCondition) { - *out = *in - in.LastProbeTime.DeepCopyInto(&out.LastProbeTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimCondition. -func (in *PersistentVolumeClaimCondition) DeepCopy() *PersistentVolumeClaimCondition { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimList) DeepCopyInto(out *PersistentVolumeClaimList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PersistentVolumeClaim, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimList. -func (in *PersistentVolumeClaimList) DeepCopy() *PersistentVolumeClaimList { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistentVolumeClaimList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimSpec) DeepCopyInto(out *PersistentVolumeClaimSpec) { - *out = *in - if in.AccessModes != nil { - in, out := &in.AccessModes, &out.AccessModes - *out = make([]PersistentVolumeAccessMode, len(*in)) - copy(*out, *in) - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - in.Resources.DeepCopyInto(&out.Resources) - if in.StorageClassName != nil { - in, out := &in.StorageClassName, &out.StorageClassName - *out = new(string) - **out = **in - } - if in.VolumeMode != nil { - in, out := &in.VolumeMode, &out.VolumeMode - *out = new(PersistentVolumeMode) - **out = **in - } - if in.DataSource != nil { - in, out := &in.DataSource, &out.DataSource - *out = new(TypedLocalObjectReference) - (*in).DeepCopyInto(*out) - } - if in.DataSourceRef != nil { - in, out := &in.DataSourceRef, &out.DataSourceRef - *out = new(TypedObjectReference) - (*in).DeepCopyInto(*out) - } - if in.VolumeAttributesClassName != nil { - in, out := &in.VolumeAttributesClassName, &out.VolumeAttributesClassName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimSpec. -func (in *PersistentVolumeClaimSpec) DeepCopy() *PersistentVolumeClaimSpec { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimStatus) DeepCopyInto(out *PersistentVolumeClaimStatus) { - *out = *in - if in.AccessModes != nil { - in, out := &in.AccessModes, &out.AccessModes - *out = make([]PersistentVolumeAccessMode, len(*in)) - copy(*out, *in) - } - if in.Capacity != nil { - in, out := &in.Capacity, &out.Capacity - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]PersistentVolumeClaimCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.AllocatedResources != nil { - in, out := &in.AllocatedResources, &out.AllocatedResources - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.AllocatedResourceStatuses != nil { - in, out := &in.AllocatedResourceStatuses, &out.AllocatedResourceStatuses - *out = make(map[ResourceName]ClaimResourceStatus, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.CurrentVolumeAttributesClassName != nil { - in, out := &in.CurrentVolumeAttributesClassName, &out.CurrentVolumeAttributesClassName - *out = new(string) - **out = **in - } - if in.ModifyVolumeStatus != nil { - in, out := &in.ModifyVolumeStatus, &out.ModifyVolumeStatus - *out = new(ModifyVolumeStatus) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimStatus. -func (in *PersistentVolumeClaimStatus) DeepCopy() *PersistentVolumeClaimStatus { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimTemplate) DeepCopyInto(out *PersistentVolumeClaimTemplate) { - *out = *in - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimTemplate. -func (in *PersistentVolumeClaimTemplate) DeepCopy() *PersistentVolumeClaimTemplate { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimVolumeSource) DeepCopyInto(out *PersistentVolumeClaimVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimVolumeSource. -func (in *PersistentVolumeClaimVolumeSource) DeepCopy() *PersistentVolumeClaimVolumeSource { - if in == nil { - return nil - } - out := new(PersistentVolumeClaimVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeList) DeepCopyInto(out *PersistentVolumeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PersistentVolume, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeList. -func (in *PersistentVolumeList) DeepCopy() *PersistentVolumeList { - if in == nil { - return nil - } - out := new(PersistentVolumeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistentVolumeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeSource) DeepCopyInto(out *PersistentVolumeSource) { - *out = *in - if in.GCEPersistentDisk != nil { - in, out := &in.GCEPersistentDisk, &out.GCEPersistentDisk - *out = new(GCEPersistentDiskVolumeSource) - **out = **in - } - if in.AWSElasticBlockStore != nil { - in, out := &in.AWSElasticBlockStore, &out.AWSElasticBlockStore - *out = new(AWSElasticBlockStoreVolumeSource) - **out = **in - } - if in.HostPath != nil { - in, out := &in.HostPath, &out.HostPath - *out = new(HostPathVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Glusterfs != nil { - in, out := &in.Glusterfs, &out.Glusterfs - *out = new(GlusterfsPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.NFS != nil { - in, out := &in.NFS, &out.NFS - *out = new(NFSVolumeSource) - **out = **in - } - if in.RBD != nil { - in, out := &in.RBD, &out.RBD - *out = new(RBDPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Quobyte != nil { - in, out := &in.Quobyte, &out.Quobyte - *out = new(QuobyteVolumeSource) - **out = **in - } - if in.ISCSI != nil { - in, out := &in.ISCSI, &out.ISCSI - *out = new(ISCSIPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.FlexVolume != nil { - in, out := &in.FlexVolume, &out.FlexVolume - *out = new(FlexPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Cinder != nil { - in, out := &in.Cinder, &out.Cinder - *out = new(CinderPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.CephFS != nil { - in, out := &in.CephFS, &out.CephFS - *out = new(CephFSPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.FC != nil { - in, out := &in.FC, &out.FC - *out = new(FCVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Flocker != nil { - in, out := &in.Flocker, &out.Flocker - *out = new(FlockerVolumeSource) - **out = **in - } - if in.AzureFile != nil { - in, out := &in.AzureFile, &out.AzureFile - *out = new(AzureFilePersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.VsphereVolume != nil { - in, out := &in.VsphereVolume, &out.VsphereVolume - *out = new(VsphereVirtualDiskVolumeSource) - **out = **in - } - if in.AzureDisk != nil { - in, out := &in.AzureDisk, &out.AzureDisk - *out = new(AzureDiskVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.PhotonPersistentDisk != nil { - in, out := &in.PhotonPersistentDisk, &out.PhotonPersistentDisk - *out = new(PhotonPersistentDiskVolumeSource) - **out = **in - } - if in.PortworxVolume != nil { - in, out := &in.PortworxVolume, &out.PortworxVolume - *out = new(PortworxVolumeSource) - **out = **in - } - if in.ScaleIO != nil { - in, out := &in.ScaleIO, &out.ScaleIO - *out = new(ScaleIOPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Local != nil { - in, out := &in.Local, &out.Local - *out = new(LocalVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.StorageOS != nil { - in, out := &in.StorageOS, &out.StorageOS - *out = new(StorageOSPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.CSI != nil { - in, out := &in.CSI, &out.CSI - *out = new(CSIPersistentVolumeSource) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeSource. -func (in *PersistentVolumeSource) DeepCopy() *PersistentVolumeSource { - if in == nil { - return nil - } - out := new(PersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeSpec) DeepCopyInto(out *PersistentVolumeSpec) { - *out = *in - if in.Capacity != nil { - in, out := &in.Capacity, &out.Capacity - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - in.PersistentVolumeSource.DeepCopyInto(&out.PersistentVolumeSource) - if in.AccessModes != nil { - in, out := &in.AccessModes, &out.AccessModes - *out = make([]PersistentVolumeAccessMode, len(*in)) - copy(*out, *in) - } - if in.ClaimRef != nil { - in, out := &in.ClaimRef, &out.ClaimRef - *out = new(ObjectReference) - **out = **in - } - if in.MountOptions != nil { - in, out := &in.MountOptions, &out.MountOptions - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.VolumeMode != nil { - in, out := &in.VolumeMode, &out.VolumeMode - *out = new(PersistentVolumeMode) - **out = **in - } - if in.NodeAffinity != nil { - in, out := &in.NodeAffinity, &out.NodeAffinity - *out = new(VolumeNodeAffinity) - (*in).DeepCopyInto(*out) - } - if in.VolumeAttributesClassName != nil { - in, out := &in.VolumeAttributesClassName, &out.VolumeAttributesClassName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeSpec. -func (in *PersistentVolumeSpec) DeepCopy() *PersistentVolumeSpec { - if in == nil { - return nil - } - out := new(PersistentVolumeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeStatus) DeepCopyInto(out *PersistentVolumeStatus) { - *out = *in - if in.LastPhaseTransitionTime != nil { - in, out := &in.LastPhaseTransitionTime, &out.LastPhaseTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeStatus. -func (in *PersistentVolumeStatus) DeepCopy() *PersistentVolumeStatus { - if in == nil { - return nil - } - out := new(PersistentVolumeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PhotonPersistentDiskVolumeSource) DeepCopyInto(out *PhotonPersistentDiskVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PhotonPersistentDiskVolumeSource. -func (in *PhotonPersistentDiskVolumeSource) DeepCopy() *PhotonPersistentDiskVolumeSource { - if in == nil { - return nil - } - out := new(PhotonPersistentDiskVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Pod) DeepCopyInto(out *Pod) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pod. -func (in *Pod) DeepCopy() *Pod { - if in == nil { - return nil - } - out := new(Pod) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Pod) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodAffinity) DeepCopyInto(out *PodAffinity) { - *out = *in - if in.RequiredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.RequiredDuringSchedulingIgnoredDuringExecution, &out.RequiredDuringSchedulingIgnoredDuringExecution - *out = make([]PodAffinityTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.PreferredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.PreferredDuringSchedulingIgnoredDuringExecution, &out.PreferredDuringSchedulingIgnoredDuringExecution - *out = make([]WeightedPodAffinityTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAffinity. -func (in *PodAffinity) DeepCopy() *PodAffinity { - if in == nil { - return nil - } - out := new(PodAffinity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodAffinityTerm) DeepCopyInto(out *PodAffinityTerm) { - *out = *in - if in.LabelSelector != nil { - in, out := &in.LabelSelector, &out.LabelSelector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - if in.Namespaces != nil { - in, out := &in.Namespaces, &out.Namespaces - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.NamespaceSelector != nil { - in, out := &in.NamespaceSelector, &out.NamespaceSelector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - if in.MatchLabelKeys != nil { - in, out := &in.MatchLabelKeys, &out.MatchLabelKeys - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.MismatchLabelKeys != nil { - in, out := &in.MismatchLabelKeys, &out.MismatchLabelKeys - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAffinityTerm. -func (in *PodAffinityTerm) DeepCopy() *PodAffinityTerm { - if in == nil { - return nil - } - out := new(PodAffinityTerm) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodAntiAffinity) DeepCopyInto(out *PodAntiAffinity) { - *out = *in - if in.RequiredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.RequiredDuringSchedulingIgnoredDuringExecution, &out.RequiredDuringSchedulingIgnoredDuringExecution - *out = make([]PodAffinityTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.PreferredDuringSchedulingIgnoredDuringExecution != nil { - in, out := &in.PreferredDuringSchedulingIgnoredDuringExecution, &out.PreferredDuringSchedulingIgnoredDuringExecution - *out = make([]WeightedPodAffinityTerm, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAntiAffinity. -func (in *PodAntiAffinity) DeepCopy() *PodAntiAffinity { - if in == nil { - return nil - } - out := new(PodAntiAffinity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodAttachOptions) DeepCopyInto(out *PodAttachOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAttachOptions. -func (in *PodAttachOptions) DeepCopy() *PodAttachOptions { - if in == nil { - return nil - } - out := new(PodAttachOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodAttachOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCertificateProjection) DeepCopyInto(out *PodCertificateProjection) { - *out = *in - if in.MaxExpirationSeconds != nil { - in, out := &in.MaxExpirationSeconds, &out.MaxExpirationSeconds - *out = new(int32) - **out = **in - } - if in.UserAnnotations != nil { - in, out := &in.UserAnnotations, &out.UserAnnotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCertificateProjection. -func (in *PodCertificateProjection) DeepCopy() *PodCertificateProjection { - if in == nil { - return nil - } - out := new(PodCertificateProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodCondition) DeepCopyInto(out *PodCondition) { - *out = *in - in.LastProbeTime.DeepCopyInto(&out.LastProbeTime) - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodCondition. -func (in *PodCondition) DeepCopy() *PodCondition { - if in == nil { - return nil - } - out := new(PodCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodDNSConfig) DeepCopyInto(out *PodDNSConfig) { - *out = *in - if in.Nameservers != nil { - in, out := &in.Nameservers, &out.Nameservers - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Searches != nil { - in, out := &in.Searches, &out.Searches - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Options != nil { - in, out := &in.Options, &out.Options - *out = make([]PodDNSConfigOption, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfig. -func (in *PodDNSConfig) DeepCopy() *PodDNSConfig { - if in == nil { - return nil - } - out := new(PodDNSConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodDNSConfigOption) DeepCopyInto(out *PodDNSConfigOption) { - *out = *in - if in.Value != nil { - in, out := &in.Value, &out.Value - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfigOption. -func (in *PodDNSConfigOption) DeepCopy() *PodDNSConfigOption { - if in == nil { - return nil - } - out := new(PodDNSConfigOption) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodExecOptions) DeepCopyInto(out *PodExecOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - if in.Command != nil { - in, out := &in.Command, &out.Command - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodExecOptions. -func (in *PodExecOptions) DeepCopy() *PodExecOptions { - if in == nil { - return nil - } - out := new(PodExecOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodExecOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodExtendedResourceClaimStatus) DeepCopyInto(out *PodExtendedResourceClaimStatus) { - *out = *in - if in.RequestMappings != nil { - in, out := &in.RequestMappings, &out.RequestMappings - *out = make([]ContainerExtendedResourceRequest, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodExtendedResourceClaimStatus. -func (in *PodExtendedResourceClaimStatus) DeepCopy() *PodExtendedResourceClaimStatus { - if in == nil { - return nil - } - out := new(PodExtendedResourceClaimStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodIP) DeepCopyInto(out *PodIP) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodIP. -func (in *PodIP) DeepCopy() *PodIP { - if in == nil { - return nil - } - out := new(PodIP) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodList) DeepCopyInto(out *PodList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Pod, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodList. -func (in *PodList) DeepCopy() *PodList { - if in == nil { - return nil - } - out := new(PodList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodLogOptions) DeepCopyInto(out *PodLogOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - if in.SinceSeconds != nil { - in, out := &in.SinceSeconds, &out.SinceSeconds - *out = new(int64) - **out = **in - } - if in.SinceTime != nil { - in, out := &in.SinceTime, &out.SinceTime - *out = (*in).DeepCopy() - } - if in.TailLines != nil { - in, out := &in.TailLines, &out.TailLines - *out = new(int64) - **out = **in - } - if in.LimitBytes != nil { - in, out := &in.LimitBytes, &out.LimitBytes - *out = new(int64) - **out = **in - } - if in.Stream != nil { - in, out := &in.Stream, &out.Stream - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodLogOptions. -func (in *PodLogOptions) DeepCopy() *PodLogOptions { - if in == nil { - return nil - } - out := new(PodLogOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodLogOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodOS) DeepCopyInto(out *PodOS) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodOS. -func (in *PodOS) DeepCopy() *PodOS { - if in == nil { - return nil - } - out := new(PodOS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodPortForwardOptions) DeepCopyInto(out *PodPortForwardOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]int32, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodPortForwardOptions. -func (in *PodPortForwardOptions) DeepCopy() *PodPortForwardOptions { - if in == nil { - return nil - } - out := new(PodPortForwardOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodPortForwardOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodProxyOptions) DeepCopyInto(out *PodProxyOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodProxyOptions. -func (in *PodProxyOptions) DeepCopy() *PodProxyOptions { - if in == nil { - return nil - } - out := new(PodProxyOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodProxyOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodReadinessGate) DeepCopyInto(out *PodReadinessGate) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodReadinessGate. -func (in *PodReadinessGate) DeepCopy() *PodReadinessGate { - if in == nil { - return nil - } - out := new(PodReadinessGate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodResourceClaim) DeepCopyInto(out *PodResourceClaim) { - *out = *in - if in.ResourceClaimName != nil { - in, out := &in.ResourceClaimName, &out.ResourceClaimName - *out = new(string) - **out = **in - } - if in.ResourceClaimTemplateName != nil { - in, out := &in.ResourceClaimTemplateName, &out.ResourceClaimTemplateName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodResourceClaim. -func (in *PodResourceClaim) DeepCopy() *PodResourceClaim { - if in == nil { - return nil - } - out := new(PodResourceClaim) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodResourceClaimStatus) DeepCopyInto(out *PodResourceClaimStatus) { - *out = *in - if in.ResourceClaimName != nil { - in, out := &in.ResourceClaimName, &out.ResourceClaimName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodResourceClaimStatus. -func (in *PodResourceClaimStatus) DeepCopy() *PodResourceClaimStatus { - if in == nil { - return nil - } - out := new(PodResourceClaimStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodSchedulingGate) DeepCopyInto(out *PodSchedulingGate) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSchedulingGate. -func (in *PodSchedulingGate) DeepCopy() *PodSchedulingGate { - if in == nil { - return nil - } - out := new(PodSchedulingGate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) { - *out = *in - if in.ShareProcessNamespace != nil { - in, out := &in.ShareProcessNamespace, &out.ShareProcessNamespace - *out = new(bool) - **out = **in - } - if in.HostUsers != nil { - in, out := &in.HostUsers, &out.HostUsers - *out = new(bool) - **out = **in - } - if in.SELinuxOptions != nil { - in, out := &in.SELinuxOptions, &out.SELinuxOptions - *out = new(SELinuxOptions) - **out = **in - } - if in.WindowsOptions != nil { - in, out := &in.WindowsOptions, &out.WindowsOptions - *out = new(WindowsSecurityContextOptions) - (*in).DeepCopyInto(*out) - } - if in.RunAsUser != nil { - in, out := &in.RunAsUser, &out.RunAsUser - *out = new(int64) - **out = **in - } - if in.RunAsGroup != nil { - in, out := &in.RunAsGroup, &out.RunAsGroup - *out = new(int64) - **out = **in - } - if in.RunAsNonRoot != nil { - in, out := &in.RunAsNonRoot, &out.RunAsNonRoot - *out = new(bool) - **out = **in - } - if in.SupplementalGroups != nil { - in, out := &in.SupplementalGroups, &out.SupplementalGroups - *out = make([]int64, len(*in)) - copy(*out, *in) - } - if in.SupplementalGroupsPolicy != nil { - in, out := &in.SupplementalGroupsPolicy, &out.SupplementalGroupsPolicy - *out = new(SupplementalGroupsPolicy) - **out = **in - } - if in.FSGroup != nil { - in, out := &in.FSGroup, &out.FSGroup - *out = new(int64) - **out = **in - } - if in.FSGroupChangePolicy != nil { - in, out := &in.FSGroupChangePolicy, &out.FSGroupChangePolicy - *out = new(PodFSGroupChangePolicy) - **out = **in - } - if in.Sysctls != nil { - in, out := &in.Sysctls, &out.Sysctls - *out = make([]Sysctl, len(*in)) - copy(*out, *in) - } - if in.SeccompProfile != nil { - in, out := &in.SeccompProfile, &out.SeccompProfile - *out = new(SeccompProfile) - (*in).DeepCopyInto(*out) - } - if in.AppArmorProfile != nil { - in, out := &in.AppArmorProfile, &out.AppArmorProfile - *out = new(AppArmorProfile) - (*in).DeepCopyInto(*out) - } - if in.SELinuxChangePolicy != nil { - in, out := &in.SELinuxChangePolicy, &out.SELinuxChangePolicy - *out = new(PodSELinuxChangePolicy) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityContext. -func (in *PodSecurityContext) DeepCopy() *PodSecurityContext { - if in == nil { - return nil - } - out := new(PodSecurityContext) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodSignature) DeepCopyInto(out *PodSignature) { - *out = *in - if in.PodController != nil { - in, out := &in.PodController, &out.PodController - *out = new(v1.OwnerReference) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSignature. -func (in *PodSignature) DeepCopy() *PodSignature { - if in == nil { - return nil - } - out := new(PodSignature) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodSpec) DeepCopyInto(out *PodSpec) { - *out = *in - if in.Volumes != nil { - in, out := &in.Volumes, &out.Volumes - *out = make([]Volume, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.InitContainers != nil { - in, out := &in.InitContainers, &out.InitContainers - *out = make([]Container, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Containers != nil { - in, out := &in.Containers, &out.Containers - *out = make([]Container, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.EphemeralContainers != nil { - in, out := &in.EphemeralContainers, &out.EphemeralContainers - *out = make([]EphemeralContainer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.TerminationGracePeriodSeconds != nil { - in, out := &in.TerminationGracePeriodSeconds, &out.TerminationGracePeriodSeconds - *out = new(int64) - **out = **in - } - if in.ActiveDeadlineSeconds != nil { - in, out := &in.ActiveDeadlineSeconds, &out.ActiveDeadlineSeconds - *out = new(int64) - **out = **in - } - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.AutomountServiceAccountToken != nil { - in, out := &in.AutomountServiceAccountToken, &out.AutomountServiceAccountToken - *out = new(bool) - **out = **in - } - if in.SecurityContext != nil { - in, out := &in.SecurityContext, &out.SecurityContext - *out = new(PodSecurityContext) - (*in).DeepCopyInto(*out) - } - if in.ImagePullSecrets != nil { - in, out := &in.ImagePullSecrets, &out.ImagePullSecrets - *out = make([]LocalObjectReference, len(*in)) - copy(*out, *in) - } - if in.SetHostnameAsFQDN != nil { - in, out := &in.SetHostnameAsFQDN, &out.SetHostnameAsFQDN - *out = new(bool) - **out = **in - } - if in.Affinity != nil { - in, out := &in.Affinity, &out.Affinity - *out = new(Affinity) - (*in).DeepCopyInto(*out) - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.HostAliases != nil { - in, out := &in.HostAliases, &out.HostAliases - *out = make([]HostAlias, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Priority != nil { - in, out := &in.Priority, &out.Priority - *out = new(int32) - **out = **in - } - if in.PreemptionPolicy != nil { - in, out := &in.PreemptionPolicy, &out.PreemptionPolicy - *out = new(PreemptionPolicy) - **out = **in - } - if in.DNSConfig != nil { - in, out := &in.DNSConfig, &out.DNSConfig - *out = new(PodDNSConfig) - (*in).DeepCopyInto(*out) - } - if in.ReadinessGates != nil { - in, out := &in.ReadinessGates, &out.ReadinessGates - *out = make([]PodReadinessGate, len(*in)) - copy(*out, *in) - } - if in.RuntimeClassName != nil { - in, out := &in.RuntimeClassName, &out.RuntimeClassName - *out = new(string) - **out = **in - } - if in.Overhead != nil { - in, out := &in.Overhead, &out.Overhead - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.EnableServiceLinks != nil { - in, out := &in.EnableServiceLinks, &out.EnableServiceLinks - *out = new(bool) - **out = **in - } - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]TopologySpreadConstraint, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.OS != nil { - in, out := &in.OS, &out.OS - *out = new(PodOS) - **out = **in - } - if in.SchedulingGates != nil { - in, out := &in.SchedulingGates, &out.SchedulingGates - *out = make([]PodSchedulingGate, len(*in)) - copy(*out, *in) - } - if in.ResourceClaims != nil { - in, out := &in.ResourceClaims, &out.ResourceClaims - *out = make([]PodResourceClaim, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = new(ResourceRequirements) - (*in).DeepCopyInto(*out) - } - if in.HostnameOverride != nil { - in, out := &in.HostnameOverride, &out.HostnameOverride - *out = new(string) - **out = **in - } - if in.WorkloadRef != nil { - in, out := &in.WorkloadRef, &out.WorkloadRef - *out = new(WorkloadReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSpec. -func (in *PodSpec) DeepCopy() *PodSpec { - if in == nil { - return nil - } - out := new(PodSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodStatus) DeepCopyInto(out *PodStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]PodCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.HostIPs != nil { - in, out := &in.HostIPs, &out.HostIPs - *out = make([]HostIP, len(*in)) - copy(*out, *in) - } - if in.PodIPs != nil { - in, out := &in.PodIPs, &out.PodIPs - *out = make([]PodIP, len(*in)) - copy(*out, *in) - } - if in.StartTime != nil { - in, out := &in.StartTime, &out.StartTime - *out = (*in).DeepCopy() - } - if in.InitContainerStatuses != nil { - in, out := &in.InitContainerStatuses, &out.InitContainerStatuses - *out = make([]ContainerStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ContainerStatuses != nil { - in, out := &in.ContainerStatuses, &out.ContainerStatuses - *out = make([]ContainerStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.EphemeralContainerStatuses != nil { - in, out := &in.EphemeralContainerStatuses, &out.EphemeralContainerStatuses - *out = make([]ContainerStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ResourceClaimStatuses != nil { - in, out := &in.ResourceClaimStatuses, &out.ResourceClaimStatuses - *out = make([]PodResourceClaimStatus, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ExtendedResourceClaimStatus != nil { - in, out := &in.ExtendedResourceClaimStatus, &out.ExtendedResourceClaimStatus - *out = new(PodExtendedResourceClaimStatus) - (*in).DeepCopyInto(*out) - } - if in.AllocatedResources != nil { - in, out := &in.AllocatedResources, &out.AllocatedResources - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = new(ResourceRequirements) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodStatus. -func (in *PodStatus) DeepCopy() *PodStatus { - if in == nil { - return nil - } - out := new(PodStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodStatusResult) DeepCopyInto(out *PodStatusResult) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodStatusResult. -func (in *PodStatusResult) DeepCopy() *PodStatusResult { - if in == nil { - return nil - } - out := new(PodStatusResult) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodStatusResult) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodTemplate) DeepCopyInto(out *PodTemplate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Template.DeepCopyInto(&out.Template) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplate. -func (in *PodTemplate) DeepCopy() *PodTemplate { - if in == nil { - return nil - } - out := new(PodTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodTemplate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodTemplateList) DeepCopyInto(out *PodTemplateList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PodTemplate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplateList. -func (in *PodTemplateList) DeepCopy() *PodTemplateList { - if in == nil { - return nil - } - out := new(PodTemplateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PodTemplateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PodTemplateSpec) DeepCopyInto(out *PodTemplateSpec) { - *out = *in - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplateSpec. -func (in *PodTemplateSpec) DeepCopy() *PodTemplateSpec { - if in == nil { - return nil - } - out := new(PodTemplateSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PortStatus) DeepCopyInto(out *PortStatus) { - *out = *in - if in.Error != nil { - in, out := &in.Error, &out.Error - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortStatus. -func (in *PortStatus) DeepCopy() *PortStatus { - if in == nil { - return nil - } - out := new(PortStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PortworxVolumeSource) DeepCopyInto(out *PortworxVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortworxVolumeSource. -func (in *PortworxVolumeSource) DeepCopy() *PortworxVolumeSource { - if in == nil { - return nil - } - out := new(PortworxVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Preconditions) DeepCopyInto(out *Preconditions) { - *out = *in - if in.UID != nil { - in, out := &in.UID, &out.UID - *out = new(types.UID) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Preconditions. -func (in *Preconditions) DeepCopy() *Preconditions { - if in == nil { - return nil - } - out := new(Preconditions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PreferAvoidPodsEntry) DeepCopyInto(out *PreferAvoidPodsEntry) { - *out = *in - in.PodSignature.DeepCopyInto(&out.PodSignature) - in.EvictionTime.DeepCopyInto(&out.EvictionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreferAvoidPodsEntry. -func (in *PreferAvoidPodsEntry) DeepCopy() *PreferAvoidPodsEntry { - if in == nil { - return nil - } - out := new(PreferAvoidPodsEntry) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PreferredSchedulingTerm) DeepCopyInto(out *PreferredSchedulingTerm) { - *out = *in - in.Preference.DeepCopyInto(&out.Preference) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreferredSchedulingTerm. -func (in *PreferredSchedulingTerm) DeepCopy() *PreferredSchedulingTerm { - if in == nil { - return nil - } - out := new(PreferredSchedulingTerm) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Probe) DeepCopyInto(out *Probe) { - *out = *in - in.ProbeHandler.DeepCopyInto(&out.ProbeHandler) - if in.TerminationGracePeriodSeconds != nil { - in, out := &in.TerminationGracePeriodSeconds, &out.TerminationGracePeriodSeconds - *out = new(int64) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Probe. -func (in *Probe) DeepCopy() *Probe { - if in == nil { - return nil - } - out := new(Probe) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ProbeHandler) DeepCopyInto(out *ProbeHandler) { - *out = *in - if in.Exec != nil { - in, out := &in.Exec, &out.Exec - *out = new(ExecAction) - (*in).DeepCopyInto(*out) - } - if in.HTTPGet != nil { - in, out := &in.HTTPGet, &out.HTTPGet - *out = new(HTTPGetAction) - (*in).DeepCopyInto(*out) - } - if in.TCPSocket != nil { - in, out := &in.TCPSocket, &out.TCPSocket - *out = new(TCPSocketAction) - **out = **in - } - if in.GRPC != nil { - in, out := &in.GRPC, &out.GRPC - *out = new(GRPCAction) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProbeHandler. -func (in *ProbeHandler) DeepCopy() *ProbeHandler { - if in == nil { - return nil - } - out := new(ProbeHandler) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ProjectedVolumeSource) DeepCopyInto(out *ProjectedVolumeSource) { - *out = *in - if in.Sources != nil { - in, out := &in.Sources, &out.Sources - *out = make([]VolumeProjection, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.DefaultMode != nil { - in, out := &in.DefaultMode, &out.DefaultMode - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectedVolumeSource. -func (in *ProjectedVolumeSource) DeepCopy() *ProjectedVolumeSource { - if in == nil { - return nil - } - out := new(ProjectedVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *QuobyteVolumeSource) DeepCopyInto(out *QuobyteVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuobyteVolumeSource. -func (in *QuobyteVolumeSource) DeepCopy() *QuobyteVolumeSource { - if in == nil { - return nil - } - out := new(QuobyteVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RBDPersistentVolumeSource) DeepCopyInto(out *RBDPersistentVolumeSource) { - *out = *in - if in.CephMonitors != nil { - in, out := &in.CephMonitors, &out.CephMonitors - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RBDPersistentVolumeSource. -func (in *RBDPersistentVolumeSource) DeepCopy() *RBDPersistentVolumeSource { - if in == nil { - return nil - } - out := new(RBDPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RBDVolumeSource) DeepCopyInto(out *RBDVolumeSource) { - *out = *in - if in.CephMonitors != nil { - in, out := &in.CephMonitors, &out.CephMonitors - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RBDVolumeSource. -func (in *RBDVolumeSource) DeepCopy() *RBDVolumeSource { - if in == nil { - return nil - } - out := new(RBDVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RangeAllocation) DeepCopyInto(out *RangeAllocation) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Data != nil { - in, out := &in.Data, &out.Data - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RangeAllocation. -func (in *RangeAllocation) DeepCopy() *RangeAllocation { - if in == nil { - return nil - } - out := new(RangeAllocation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RangeAllocation) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicationController) DeepCopyInto(out *ReplicationController) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationController. -func (in *ReplicationController) DeepCopy() *ReplicationController { - if in == nil { - return nil - } - out := new(ReplicationController) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ReplicationController) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicationControllerCondition) DeepCopyInto(out *ReplicationControllerCondition) { - *out = *in - in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationControllerCondition. -func (in *ReplicationControllerCondition) DeepCopy() *ReplicationControllerCondition { - if in == nil { - return nil - } - out := new(ReplicationControllerCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicationControllerList) DeepCopyInto(out *ReplicationControllerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ReplicationController, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationControllerList. -func (in *ReplicationControllerList) DeepCopy() *ReplicationControllerList { - if in == nil { - return nil - } - out := new(ReplicationControllerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ReplicationControllerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicationControllerSpec) DeepCopyInto(out *ReplicationControllerSpec) { - *out = *in - if in.Replicas != nil { - in, out := &in.Replicas, &out.Replicas - *out = new(int32) - **out = **in - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Template != nil { - in, out := &in.Template, &out.Template - *out = new(PodTemplateSpec) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationControllerSpec. -func (in *ReplicationControllerSpec) DeepCopy() *ReplicationControllerSpec { - if in == nil { - return nil - } - out := new(ReplicationControllerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReplicationControllerStatus) DeepCopyInto(out *ReplicationControllerStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]ReplicationControllerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationControllerStatus. -func (in *ReplicationControllerStatus) DeepCopy() *ReplicationControllerStatus { - if in == nil { - return nil - } - out := new(ReplicationControllerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceClaim) DeepCopyInto(out *ResourceClaim) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaim. -func (in *ResourceClaim) DeepCopy() *ResourceClaim { - if in == nil { - return nil - } - out := new(ResourceClaim) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceFieldSelector) DeepCopyInto(out *ResourceFieldSelector) { - *out = *in - out.Divisor = in.Divisor.DeepCopy() - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceFieldSelector. -func (in *ResourceFieldSelector) DeepCopy() *ResourceFieldSelector { - if in == nil { - return nil - } - out := new(ResourceFieldSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceHealth) DeepCopyInto(out *ResourceHealth) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceHealth. -func (in *ResourceHealth) DeepCopy() *ResourceHealth { - if in == nil { - return nil - } - out := new(ResourceHealth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in ResourceList) DeepCopyInto(out *ResourceList) { - { - in := &in - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceList. -func (in ResourceList) DeepCopy() ResourceList { - if in == nil { - return nil - } - out := new(ResourceList) - in.DeepCopyInto(out) - return *out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceQuota) DeepCopyInto(out *ResourceQuota) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuota. -func (in *ResourceQuota) DeepCopy() *ResourceQuota { - if in == nil { - return nil - } - out := new(ResourceQuota) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ResourceQuota) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceQuotaList) DeepCopyInto(out *ResourceQuotaList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ResourceQuota, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuotaList. -func (in *ResourceQuotaList) DeepCopy() *ResourceQuotaList { - if in == nil { - return nil - } - out := new(ResourceQuotaList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ResourceQuotaList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceQuotaSpec) DeepCopyInto(out *ResourceQuotaSpec) { - *out = *in - if in.Hard != nil { - in, out := &in.Hard, &out.Hard - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ResourceQuotaScope, len(*in)) - copy(*out, *in) - } - if in.ScopeSelector != nil { - in, out := &in.ScopeSelector, &out.ScopeSelector - *out = new(ScopeSelector) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuotaSpec. -func (in *ResourceQuotaSpec) DeepCopy() *ResourceQuotaSpec { - if in == nil { - return nil - } - out := new(ResourceQuotaSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceQuotaStatus) DeepCopyInto(out *ResourceQuotaStatus) { - *out = *in - if in.Hard != nil { - in, out := &in.Hard, &out.Hard - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Used != nil { - in, out := &in.Used, &out.Used - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuotaStatus. -func (in *ResourceQuotaStatus) DeepCopy() *ResourceQuotaStatus { - if in == nil { - return nil - } - out := new(ResourceQuotaStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceRequirements) DeepCopyInto(out *ResourceRequirements) { - *out = *in - if in.Limits != nil { - in, out := &in.Limits, &out.Limits - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Requests != nil { - in, out := &in.Requests, &out.Requests - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Claims != nil { - in, out := &in.Claims, &out.Claims - *out = make([]ResourceClaim, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceRequirements. -func (in *ResourceRequirements) DeepCopy() *ResourceRequirements { - if in == nil { - return nil - } - out := new(ResourceRequirements) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ResourceStatus) DeepCopyInto(out *ResourceStatus) { - *out = *in - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = make([]ResourceHealth, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceStatus. -func (in *ResourceStatus) DeepCopy() *ResourceStatus { - if in == nil { - return nil - } - out := new(ResourceStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SELinuxOptions) DeepCopyInto(out *SELinuxOptions) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxOptions. -func (in *SELinuxOptions) DeepCopy() *SELinuxOptions { - if in == nil { - return nil - } - out := new(SELinuxOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScaleIOPersistentVolumeSource) DeepCopyInto(out *ScaleIOPersistentVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(SecretReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleIOPersistentVolumeSource. -func (in *ScaleIOPersistentVolumeSource) DeepCopy() *ScaleIOPersistentVolumeSource { - if in == nil { - return nil - } - out := new(ScaleIOPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScaleIOVolumeSource) DeepCopyInto(out *ScaleIOVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleIOVolumeSource. -func (in *ScaleIOVolumeSource) DeepCopy() *ScaleIOVolumeSource { - if in == nil { - return nil - } - out := new(ScaleIOVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScopeSelector) DeepCopyInto(out *ScopeSelector) { - *out = *in - if in.MatchExpressions != nil { - in, out := &in.MatchExpressions, &out.MatchExpressions - *out = make([]ScopedResourceSelectorRequirement, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScopeSelector. -func (in *ScopeSelector) DeepCopy() *ScopeSelector { - if in == nil { - return nil - } - out := new(ScopeSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ScopedResourceSelectorRequirement) DeepCopyInto(out *ScopedResourceSelectorRequirement) { - *out = *in - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScopedResourceSelectorRequirement. -func (in *ScopedResourceSelectorRequirement) DeepCopy() *ScopedResourceSelectorRequirement { - if in == nil { - return nil - } - out := new(ScopedResourceSelectorRequirement) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SeccompProfile) DeepCopyInto(out *SeccompProfile) { - *out = *in - if in.LocalhostProfile != nil { - in, out := &in.LocalhostProfile, &out.LocalhostProfile - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SeccompProfile. -func (in *SeccompProfile) DeepCopy() *SeccompProfile { - if in == nil { - return nil - } - out := new(SeccompProfile) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Secret) DeepCopyInto(out *Secret) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Immutable != nil { - in, out := &in.Immutable, &out.Immutable - *out = new(bool) - **out = **in - } - if in.Data != nil { - in, out := &in.Data, &out.Data - *out = make(map[string][]byte, len(*in)) - for key, val := range *in { - var outVal []byte - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make([]byte, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Secret. -func (in *Secret) DeepCopy() *Secret { - if in == nil { - return nil - } - out := new(Secret) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Secret) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretEnvSource) DeepCopyInto(out *SecretEnvSource) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretEnvSource. -func (in *SecretEnvSource) DeepCopy() *SecretEnvSource { - if in == nil { - return nil - } - out := new(SecretEnvSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. -func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { - if in == nil { - return nil - } - out := new(SecretKeySelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretList) DeepCopyInto(out *SecretList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Secret, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretList. -func (in *SecretList) DeepCopy() *SecretList { - if in == nil { - return nil - } - out := new(SecretList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *SecretList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretProjection) DeepCopyInto(out *SecretProjection) { - *out = *in - out.LocalObjectReference = in.LocalObjectReference - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]KeyToPath, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretProjection. -func (in *SecretProjection) DeepCopy() *SecretProjection { - if in == nil { - return nil - } - out := new(SecretProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretReference) DeepCopyInto(out *SecretReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference. -func (in *SecretReference) DeepCopy() *SecretReference { - if in == nil { - return nil - } - out := new(SecretReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecretVolumeSource) DeepCopyInto(out *SecretVolumeSource) { - *out = *in - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]KeyToPath, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.DefaultMode != nil { - in, out := &in.DefaultMode, &out.DefaultMode - *out = new(int32) - **out = **in - } - if in.Optional != nil { - in, out := &in.Optional, &out.Optional - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretVolumeSource. -func (in *SecretVolumeSource) DeepCopy() *SecretVolumeSource { - if in == nil { - return nil - } - out := new(SecretVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SecurityContext) DeepCopyInto(out *SecurityContext) { - *out = *in - if in.Capabilities != nil { - in, out := &in.Capabilities, &out.Capabilities - *out = new(Capabilities) - (*in).DeepCopyInto(*out) - } - if in.Privileged != nil { - in, out := &in.Privileged, &out.Privileged - *out = new(bool) - **out = **in - } - if in.SELinuxOptions != nil { - in, out := &in.SELinuxOptions, &out.SELinuxOptions - *out = new(SELinuxOptions) - **out = **in - } - if in.WindowsOptions != nil { - in, out := &in.WindowsOptions, &out.WindowsOptions - *out = new(WindowsSecurityContextOptions) - (*in).DeepCopyInto(*out) - } - if in.RunAsUser != nil { - in, out := &in.RunAsUser, &out.RunAsUser - *out = new(int64) - **out = **in - } - if in.RunAsGroup != nil { - in, out := &in.RunAsGroup, &out.RunAsGroup - *out = new(int64) - **out = **in - } - if in.RunAsNonRoot != nil { - in, out := &in.RunAsNonRoot, &out.RunAsNonRoot - *out = new(bool) - **out = **in - } - if in.ReadOnlyRootFilesystem != nil { - in, out := &in.ReadOnlyRootFilesystem, &out.ReadOnlyRootFilesystem - *out = new(bool) - **out = **in - } - if in.AllowPrivilegeEscalation != nil { - in, out := &in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation - *out = new(bool) - **out = **in - } - if in.ProcMount != nil { - in, out := &in.ProcMount, &out.ProcMount - *out = new(ProcMountType) - **out = **in - } - if in.SeccompProfile != nil { - in, out := &in.SeccompProfile, &out.SeccompProfile - *out = new(SeccompProfile) - (*in).DeepCopyInto(*out) - } - if in.AppArmorProfile != nil { - in, out := &in.AppArmorProfile, &out.AppArmorProfile - *out = new(AppArmorProfile) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityContext. -func (in *SecurityContext) DeepCopy() *SecurityContext { - if in == nil { - return nil - } - out := new(SecurityContext) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SerializedReference) DeepCopyInto(out *SerializedReference) { - *out = *in - out.TypeMeta = in.TypeMeta - out.Reference = in.Reference - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SerializedReference. -func (in *SerializedReference) DeepCopy() *SerializedReference { - if in == nil { - return nil - } - out := new(SerializedReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *SerializedReference) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Service) DeepCopyInto(out *Service) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Service. -func (in *Service) DeepCopy() *Service { - if in == nil { - return nil - } - out := new(Service) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Service) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceAccount) DeepCopyInto(out *ServiceAccount) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - if in.Secrets != nil { - in, out := &in.Secrets, &out.Secrets - *out = make([]ObjectReference, len(*in)) - copy(*out, *in) - } - if in.ImagePullSecrets != nil { - in, out := &in.ImagePullSecrets, &out.ImagePullSecrets - *out = make([]LocalObjectReference, len(*in)) - copy(*out, *in) - } - if in.AutomountServiceAccountToken != nil { - in, out := &in.AutomountServiceAccountToken, &out.AutomountServiceAccountToken - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccount. -func (in *ServiceAccount) DeepCopy() *ServiceAccount { - if in == nil { - return nil - } - out := new(ServiceAccount) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceAccount) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceAccountList) DeepCopyInto(out *ServiceAccountList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ServiceAccount, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountList. -func (in *ServiceAccountList) DeepCopy() *ServiceAccountList { - if in == nil { - return nil - } - out := new(ServiceAccountList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceAccountList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceAccountTokenProjection) DeepCopyInto(out *ServiceAccountTokenProjection) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountTokenProjection. -func (in *ServiceAccountTokenProjection) DeepCopy() *ServiceAccountTokenProjection { - if in == nil { - return nil - } - out := new(ServiceAccountTokenProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceList) DeepCopyInto(out *ServiceList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Service, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceList. -func (in *ServiceList) DeepCopy() *ServiceList { - if in == nil { - return nil - } - out := new(ServiceList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServicePort) DeepCopyInto(out *ServicePort) { - *out = *in - if in.AppProtocol != nil { - in, out := &in.AppProtocol, &out.AppProtocol - *out = new(string) - **out = **in - } - out.TargetPort = in.TargetPort - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePort. -func (in *ServicePort) DeepCopy() *ServicePort { - if in == nil { - return nil - } - out := new(ServicePort) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceProxyOptions) DeepCopyInto(out *ServiceProxyOptions) { - *out = *in - out.TypeMeta = in.TypeMeta - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceProxyOptions. -func (in *ServiceProxyOptions) DeepCopy() *ServiceProxyOptions { - if in == nil { - return nil - } - out := new(ServiceProxyOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceProxyOptions) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) { - *out = *in - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]ServicePort, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.ClusterIPs != nil { - in, out := &in.ClusterIPs, &out.ClusterIPs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPFamilies != nil { - in, out := &in.IPFamilies, &out.IPFamilies - *out = make([]IPFamily, len(*in)) - copy(*out, *in) - } - if in.IPFamilyPolicy != nil { - in, out := &in.IPFamilyPolicy, &out.IPFamilyPolicy - *out = new(IPFamilyPolicy) - **out = **in - } - if in.ExternalIPs != nil { - in, out := &in.ExternalIPs, &out.ExternalIPs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SessionAffinityConfig != nil { - in, out := &in.SessionAffinityConfig, &out.SessionAffinityConfig - *out = new(SessionAffinityConfig) - (*in).DeepCopyInto(*out) - } - if in.LoadBalancerSourceRanges != nil { - in, out := &in.LoadBalancerSourceRanges, &out.LoadBalancerSourceRanges - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllocateLoadBalancerNodePorts != nil { - in, out := &in.AllocateLoadBalancerNodePorts, &out.AllocateLoadBalancerNodePorts - *out = new(bool) - **out = **in - } - if in.LoadBalancerClass != nil { - in, out := &in.LoadBalancerClass, &out.LoadBalancerClass - *out = new(string) - **out = **in - } - if in.InternalTrafficPolicy != nil { - in, out := &in.InternalTrafficPolicy, &out.InternalTrafficPolicy - *out = new(ServiceInternalTrafficPolicy) - **out = **in - } - if in.TrafficDistribution != nil { - in, out := &in.TrafficDistribution, &out.TrafficDistribution - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpec. -func (in *ServiceSpec) DeepCopy() *ServiceSpec { - if in == nil { - return nil - } - out := new(ServiceSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceStatus) DeepCopyInto(out *ServiceStatus) { - *out = *in - in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceStatus. -func (in *ServiceStatus) DeepCopy() *ServiceStatus { - if in == nil { - return nil - } - out := new(ServiceStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SessionAffinityConfig) DeepCopyInto(out *SessionAffinityConfig) { - *out = *in - if in.ClientIP != nil { - in, out := &in.ClientIP, &out.ClientIP - *out = new(ClientIPConfig) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SessionAffinityConfig. -func (in *SessionAffinityConfig) DeepCopy() *SessionAffinityConfig { - if in == nil { - return nil - } - out := new(SessionAffinityConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SleepAction) DeepCopyInto(out *SleepAction) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SleepAction. -func (in *SleepAction) DeepCopy() *SleepAction { - if in == nil { - return nil - } - out := new(SleepAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StorageOSPersistentVolumeSource) DeepCopyInto(out *StorageOSPersistentVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(ObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageOSPersistentVolumeSource. -func (in *StorageOSPersistentVolumeSource) DeepCopy() *StorageOSPersistentVolumeSource { - if in == nil { - return nil - } - out := new(StorageOSPersistentVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StorageOSVolumeSource) DeepCopyInto(out *StorageOSVolumeSource) { - *out = *in - if in.SecretRef != nil { - in, out := &in.SecretRef, &out.SecretRef - *out = new(LocalObjectReference) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageOSVolumeSource. -func (in *StorageOSVolumeSource) DeepCopy() *StorageOSVolumeSource { - if in == nil { - return nil - } - out := new(StorageOSVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Sysctl) DeepCopyInto(out *Sysctl) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sysctl. -func (in *Sysctl) DeepCopy() *Sysctl { - if in == nil { - return nil - } - out := new(Sysctl) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TCPSocketAction) DeepCopyInto(out *TCPSocketAction) { - *out = *in - out.Port = in.Port - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPSocketAction. -func (in *TCPSocketAction) DeepCopy() *TCPSocketAction { - if in == nil { - return nil - } - out := new(TCPSocketAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Taint) DeepCopyInto(out *Taint) { - *out = *in - if in.TimeAdded != nil { - in, out := &in.TimeAdded, &out.TimeAdded - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Taint. -func (in *Taint) DeepCopy() *Taint { - if in == nil { - return nil - } - out := new(Taint) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Toleration) DeepCopyInto(out *Toleration) { - *out = *in - if in.TolerationSeconds != nil { - in, out := &in.TolerationSeconds, &out.TolerationSeconds - *out = new(int64) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Toleration. -func (in *Toleration) DeepCopy() *Toleration { - if in == nil { - return nil - } - out := new(Toleration) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TopologySelectorLabelRequirement) DeepCopyInto(out *TopologySelectorLabelRequirement) { - *out = *in - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TopologySelectorLabelRequirement. -func (in *TopologySelectorLabelRequirement) DeepCopy() *TopologySelectorLabelRequirement { - if in == nil { - return nil - } - out := new(TopologySelectorLabelRequirement) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TopologySelectorTerm) DeepCopyInto(out *TopologySelectorTerm) { - *out = *in - if in.MatchLabelExpressions != nil { - in, out := &in.MatchLabelExpressions, &out.MatchLabelExpressions - *out = make([]TopologySelectorLabelRequirement, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TopologySelectorTerm. -func (in *TopologySelectorTerm) DeepCopy() *TopologySelectorTerm { - if in == nil { - return nil - } - out := new(TopologySelectorTerm) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TopologySpreadConstraint) DeepCopyInto(out *TopologySpreadConstraint) { - *out = *in - if in.LabelSelector != nil { - in, out := &in.LabelSelector, &out.LabelSelector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } - if in.MinDomains != nil { - in, out := &in.MinDomains, &out.MinDomains - *out = new(int32) - **out = **in - } - if in.NodeAffinityPolicy != nil { - in, out := &in.NodeAffinityPolicy, &out.NodeAffinityPolicy - *out = new(NodeInclusionPolicy) - **out = **in - } - if in.NodeTaintsPolicy != nil { - in, out := &in.NodeTaintsPolicy, &out.NodeTaintsPolicy - *out = new(NodeInclusionPolicy) - **out = **in - } - if in.MatchLabelKeys != nil { - in, out := &in.MatchLabelKeys, &out.MatchLabelKeys - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TopologySpreadConstraint. -func (in *TopologySpreadConstraint) DeepCopy() *TopologySpreadConstraint { - if in == nil { - return nil - } - out := new(TopologySpreadConstraint) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TypedLocalObjectReference) DeepCopyInto(out *TypedLocalObjectReference) { - *out = *in - if in.APIGroup != nil { - in, out := &in.APIGroup, &out.APIGroup - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TypedLocalObjectReference. -func (in *TypedLocalObjectReference) DeepCopy() *TypedLocalObjectReference { - if in == nil { - return nil - } - out := new(TypedLocalObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TypedObjectReference) DeepCopyInto(out *TypedObjectReference) { - *out = *in - if in.APIGroup != nil { - in, out := &in.APIGroup, &out.APIGroup - *out = new(string) - **out = **in - } - if in.Namespace != nil { - in, out := &in.Namespace, &out.Namespace - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TypedObjectReference. -func (in *TypedObjectReference) DeepCopy() *TypedObjectReference { - if in == nil { - return nil - } - out := new(TypedObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Volume) DeepCopyInto(out *Volume) { - *out = *in - in.VolumeSource.DeepCopyInto(&out.VolumeSource) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Volume. -func (in *Volume) DeepCopy() *Volume { - if in == nil { - return nil - } - out := new(Volume) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeDevice) DeepCopyInto(out *VolumeDevice) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeDevice. -func (in *VolumeDevice) DeepCopy() *VolumeDevice { - if in == nil { - return nil - } - out := new(VolumeDevice) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeMount) DeepCopyInto(out *VolumeMount) { - *out = *in - if in.RecursiveReadOnly != nil { - in, out := &in.RecursiveReadOnly, &out.RecursiveReadOnly - *out = new(RecursiveReadOnlyMode) - **out = **in - } - if in.MountPropagation != nil { - in, out := &in.MountPropagation, &out.MountPropagation - *out = new(MountPropagationMode) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeMount. -func (in *VolumeMount) DeepCopy() *VolumeMount { - if in == nil { - return nil - } - out := new(VolumeMount) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeMountStatus) DeepCopyInto(out *VolumeMountStatus) { - *out = *in - if in.RecursiveReadOnly != nil { - in, out := &in.RecursiveReadOnly, &out.RecursiveReadOnly - *out = new(RecursiveReadOnlyMode) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeMountStatus. -func (in *VolumeMountStatus) DeepCopy() *VolumeMountStatus { - if in == nil { - return nil - } - out := new(VolumeMountStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeNodeAffinity) DeepCopyInto(out *VolumeNodeAffinity) { - *out = *in - if in.Required != nil { - in, out := &in.Required, &out.Required - *out = new(NodeSelector) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeNodeAffinity. -func (in *VolumeNodeAffinity) DeepCopy() *VolumeNodeAffinity { - if in == nil { - return nil - } - out := new(VolumeNodeAffinity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeProjection) DeepCopyInto(out *VolumeProjection) { - *out = *in - if in.Secret != nil { - in, out := &in.Secret, &out.Secret - *out = new(SecretProjection) - (*in).DeepCopyInto(*out) - } - if in.DownwardAPI != nil { - in, out := &in.DownwardAPI, &out.DownwardAPI - *out = new(DownwardAPIProjection) - (*in).DeepCopyInto(*out) - } - if in.ConfigMap != nil { - in, out := &in.ConfigMap, &out.ConfigMap - *out = new(ConfigMapProjection) - (*in).DeepCopyInto(*out) - } - if in.ServiceAccountToken != nil { - in, out := &in.ServiceAccountToken, &out.ServiceAccountToken - *out = new(ServiceAccountTokenProjection) - **out = **in - } - if in.ClusterTrustBundle != nil { - in, out := &in.ClusterTrustBundle, &out.ClusterTrustBundle - *out = new(ClusterTrustBundleProjection) - (*in).DeepCopyInto(*out) - } - if in.PodCertificate != nil { - in, out := &in.PodCertificate, &out.PodCertificate - *out = new(PodCertificateProjection) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeProjection. -func (in *VolumeProjection) DeepCopy() *VolumeProjection { - if in == nil { - return nil - } - out := new(VolumeProjection) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeResourceRequirements) DeepCopyInto(out *VolumeResourceRequirements) { - *out = *in - if in.Limits != nil { - in, out := &in.Limits, &out.Limits - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - if in.Requests != nil { - in, out := &in.Requests, &out.Requests - *out = make(ResourceList, len(*in)) - for key, val := range *in { - (*out)[key] = val.DeepCopy() - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeResourceRequirements. -func (in *VolumeResourceRequirements) DeepCopy() *VolumeResourceRequirements { - if in == nil { - return nil - } - out := new(VolumeResourceRequirements) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VolumeSource) DeepCopyInto(out *VolumeSource) { - *out = *in - if in.HostPath != nil { - in, out := &in.HostPath, &out.HostPath - *out = new(HostPathVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.EmptyDir != nil { - in, out := &in.EmptyDir, &out.EmptyDir - *out = new(EmptyDirVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.GCEPersistentDisk != nil { - in, out := &in.GCEPersistentDisk, &out.GCEPersistentDisk - *out = new(GCEPersistentDiskVolumeSource) - **out = **in - } - if in.AWSElasticBlockStore != nil { - in, out := &in.AWSElasticBlockStore, &out.AWSElasticBlockStore - *out = new(AWSElasticBlockStoreVolumeSource) - **out = **in - } - if in.GitRepo != nil { - in, out := &in.GitRepo, &out.GitRepo - *out = new(GitRepoVolumeSource) - **out = **in - } - if in.Secret != nil { - in, out := &in.Secret, &out.Secret - *out = new(SecretVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.NFS != nil { - in, out := &in.NFS, &out.NFS - *out = new(NFSVolumeSource) - **out = **in - } - if in.ISCSI != nil { - in, out := &in.ISCSI, &out.ISCSI - *out = new(ISCSIVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Glusterfs != nil { - in, out := &in.Glusterfs, &out.Glusterfs - *out = new(GlusterfsVolumeSource) - **out = **in - } - if in.PersistentVolumeClaim != nil { - in, out := &in.PersistentVolumeClaim, &out.PersistentVolumeClaim - *out = new(PersistentVolumeClaimVolumeSource) - **out = **in - } - if in.RBD != nil { - in, out := &in.RBD, &out.RBD - *out = new(RBDVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Quobyte != nil { - in, out := &in.Quobyte, &out.Quobyte - *out = new(QuobyteVolumeSource) - **out = **in - } - if in.FlexVolume != nil { - in, out := &in.FlexVolume, &out.FlexVolume - *out = new(FlexVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Cinder != nil { - in, out := &in.Cinder, &out.Cinder - *out = new(CinderVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.CephFS != nil { - in, out := &in.CephFS, &out.CephFS - *out = new(CephFSVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Flocker != nil { - in, out := &in.Flocker, &out.Flocker - *out = new(FlockerVolumeSource) - **out = **in - } - if in.DownwardAPI != nil { - in, out := &in.DownwardAPI, &out.DownwardAPI - *out = new(DownwardAPIVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.FC != nil { - in, out := &in.FC, &out.FC - *out = new(FCVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.AzureFile != nil { - in, out := &in.AzureFile, &out.AzureFile - *out = new(AzureFileVolumeSource) - **out = **in - } - if in.ConfigMap != nil { - in, out := &in.ConfigMap, &out.ConfigMap - *out = new(ConfigMapVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.VsphereVolume != nil { - in, out := &in.VsphereVolume, &out.VsphereVolume - *out = new(VsphereVirtualDiskVolumeSource) - **out = **in - } - if in.AzureDisk != nil { - in, out := &in.AzureDisk, &out.AzureDisk - *out = new(AzureDiskVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.PhotonPersistentDisk != nil { - in, out := &in.PhotonPersistentDisk, &out.PhotonPersistentDisk - *out = new(PhotonPersistentDiskVolumeSource) - **out = **in - } - if in.Projected != nil { - in, out := &in.Projected, &out.Projected - *out = new(ProjectedVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.PortworxVolume != nil { - in, out := &in.PortworxVolume, &out.PortworxVolume - *out = new(PortworxVolumeSource) - **out = **in - } - if in.ScaleIO != nil { - in, out := &in.ScaleIO, &out.ScaleIO - *out = new(ScaleIOVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.StorageOS != nil { - in, out := &in.StorageOS, &out.StorageOS - *out = new(StorageOSVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.CSI != nil { - in, out := &in.CSI, &out.CSI - *out = new(CSIVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Ephemeral != nil { - in, out := &in.Ephemeral, &out.Ephemeral - *out = new(EphemeralVolumeSource) - (*in).DeepCopyInto(*out) - } - if in.Image != nil { - in, out := &in.Image, &out.Image - *out = new(ImageVolumeSource) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeSource. -func (in *VolumeSource) DeepCopy() *VolumeSource { - if in == nil { - return nil - } - out := new(VolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VsphereVirtualDiskVolumeSource) DeepCopyInto(out *VsphereVirtualDiskVolumeSource) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VsphereVirtualDiskVolumeSource. -func (in *VsphereVirtualDiskVolumeSource) DeepCopy() *VsphereVirtualDiskVolumeSource { - if in == nil { - return nil - } - out := new(VsphereVirtualDiskVolumeSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WeightedPodAffinityTerm) DeepCopyInto(out *WeightedPodAffinityTerm) { - *out = *in - in.PodAffinityTerm.DeepCopyInto(&out.PodAffinityTerm) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WeightedPodAffinityTerm. -func (in *WeightedPodAffinityTerm) DeepCopy() *WeightedPodAffinityTerm { - if in == nil { - return nil - } - out := new(WeightedPodAffinityTerm) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WindowsSecurityContextOptions) DeepCopyInto(out *WindowsSecurityContextOptions) { - *out = *in - if in.GMSACredentialSpecName != nil { - in, out := &in.GMSACredentialSpecName, &out.GMSACredentialSpecName - *out = new(string) - **out = **in - } - if in.GMSACredentialSpec != nil { - in, out := &in.GMSACredentialSpec, &out.GMSACredentialSpec - *out = new(string) - **out = **in - } - if in.RunAsUserName != nil { - in, out := &in.RunAsUserName, &out.RunAsUserName - *out = new(string) - **out = **in - } - if in.HostProcess != nil { - in, out := &in.HostProcess, &out.HostProcess - *out = new(bool) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WindowsSecurityContextOptions. -func (in *WindowsSecurityContextOptions) DeepCopy() *WindowsSecurityContextOptions { - if in == nil { - return nil - } - out := new(WindowsSecurityContextOptions) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WorkloadReference) DeepCopyInto(out *WorkloadReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadReference. -func (in *WorkloadReference) DeepCopy() *WorkloadReference { - if in == nil { - return nil - } - out := new(WorkloadReference) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/k8s.io/kubernetes/pkg/capabilities/capabilities.go b/vendor/k8s.io/kubernetes/pkg/capabilities/capabilities.go deleted file mode 100644 index 9054a5ced..000000000 --- a/vendor/k8s.io/kubernetes/pkg/capabilities/capabilities.go +++ /dev/null @@ -1,96 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package capabilities - -import ( - "sync" -) - -// Capabilities defines the set of capabilities available within the system. -// For now these are global. Eventually they may be per-user -type Capabilities struct { - AllowPrivileged bool - - // Pod sources from which to allow privileged capabilities like host networking, sharing the host - // IPC namespace, and sharing the host PID namespace. - PrivilegedSources PrivilegedSources - - // PerConnectionBandwidthLimitBytesPerSec limits the throughput of each connection (currently only used for proxy, exec, attach) - PerConnectionBandwidthLimitBytesPerSec int64 -} - -// PrivilegedSources defines the pod sources allowed to make privileged requests for certain types -// of capabilities like host networking, sharing the host IPC namespace, and sharing the host PID namespace. -type PrivilegedSources struct { - // List of pod sources for which using host network is allowed. - HostNetworkSources []string - - // List of pod sources for which using host pid namespace is allowed. - HostPIDSources []string - - // List of pod sources for which using host ipc is allowed. - HostIPCSources []string -} - -var capInstance struct { - once sync.Once - lock sync.Mutex - capabilities *Capabilities -} - -// Initialize the capability set. This can only be done once per binary, subsequent calls are ignored. -func Initialize(c Capabilities) { - // Only do this once - capInstance.once.Do(func() { - capInstance.capabilities = &c - }) -} - -// Setup the capability set. It wraps Initialize for improving usability. -func Setup(allowPrivileged bool, perConnectionBytesPerSec int64) { - Initialize(Capabilities{ - AllowPrivileged: allowPrivileged, - PerConnectionBandwidthLimitBytesPerSec: perConnectionBytesPerSec, - }) -} - -// ResetForTest resets the capabilities to a given state for testing purposes. -// This function should only be called from tests. -func ResetForTest() { - capInstance.lock.Lock() - defer capInstance.lock.Unlock() - capInstance.capabilities = nil - capInstance.once = sync.Once{} -} - -// Get returns a read-only copy of the system capabilities. -func Get() Capabilities { - capInstance.lock.Lock() - defer capInstance.lock.Unlock() - // This check prevents clobbering of capabilities that might've been set via SetForTests - if capInstance.capabilities == nil { - Initialize(Capabilities{ - AllowPrivileged: false, - PrivilegedSources: PrivilegedSources{ - HostNetworkSources: []string{}, - HostPIDSources: []string{}, - HostIPCSources: []string{}, - }, - }) - } - return *capInstance.capabilities -} diff --git a/vendor/k8s.io/kubernetes/pkg/capabilities/doc.go b/vendor/k8s.io/kubernetes/pkg/capabilities/doc.go deleted file mode 100644 index 68db7faa2..000000000 --- a/vendor/k8s.io/kubernetes/pkg/capabilities/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package capabilities manages system level capabilities -package capabilities diff --git a/vendor/k8s.io/kubernetes/pkg/controller/OWNERS b/vendor/k8s.io/kubernetes/pkg/controller/OWNERS deleted file mode 100644 index be732c048..000000000 --- a/vendor/k8s.io/kubernetes/pkg/controller/OWNERS +++ /dev/null @@ -1,18 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -approvers: - - deads2k - - derekwaynecarr - - mikedanese - - janetkuo - - cheftako - - andrewsykim - - sig-apps-approvers -reviewers: - - andrewsykim - - deads2k - - cheftako - - jefftree - - sig-apps-reviewers -labels: - - sig/apps diff --git a/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go b/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go deleted file mode 100644 index 68a99ea6f..000000000 --- a/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go +++ /dev/null @@ -1,596 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "context" - "encoding/json" - "fmt" - "sync" - - apps "k8s.io/api/apps/v1" - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/types" - utilerrors "k8s.io/apimachinery/pkg/util/errors" - "k8s.io/klog/v2" -) - -type BaseControllerRefManager struct { - Controller metav1.Object - Selector labels.Selector - - canAdoptErr error - canAdoptOnce sync.Once - CanAdoptFunc func(ctx context.Context) error -} - -func (m *BaseControllerRefManager) CanAdopt(ctx context.Context) error { - m.canAdoptOnce.Do(func() { - if m.CanAdoptFunc != nil { - m.canAdoptErr = m.CanAdoptFunc(ctx) - } - }) - return m.canAdoptErr -} - -// ClaimObject tries to take ownership of an object for this controller. -// -// It will reconcile the following: -// - Adopt orphans if the match function returns true. -// - Release owned objects if the match function returns false. -// -// A non-nil error is returned if some form of reconciliation was attempted and -// failed. Usually, controllers should try again later in case reconciliation -// is still needed. -// -// If the error is nil, either the reconciliation succeeded, or no -// reconciliation was necessary. The returned boolean indicates whether you now -// own the object. -// -// No reconciliation will be attempted if the controller is being deleted. -func (m *BaseControllerRefManager) ClaimObject(ctx context.Context, obj metav1.Object, match func(metav1.Object) bool, adopt, release func(context.Context, metav1.Object) error) (bool, error) { - controllerRef := metav1.GetControllerOfNoCopy(obj) - if controllerRef != nil { - if controllerRef.UID != m.Controller.GetUID() { - // Owned by someone else. Ignore. - return false, nil - } - if match(obj) { - // We already own it and the selector matches. - // Return true (successfully claimed) before checking deletion timestamp. - // We're still allowed to claim things we already own while being deleted - // because doing so requires taking no actions. - return true, nil - } - // Owned by us but selector doesn't match. - // Try to release, unless we're being deleted. - if m.Controller.GetDeletionTimestamp() != nil { - return false, nil - } - if err := release(ctx, obj); err != nil { - // If the pod no longer exists, ignore the error. - if errors.IsNotFound(err) { - return false, nil - } - // Either someone else released it, or there was a transient error. - // The controller should requeue and try again if it's still stale. - return false, err - } - // Successfully released. - return false, nil - } - - // It's an orphan. - if m.Controller.GetDeletionTimestamp() != nil || !match(obj) { - // Ignore if we're being deleted or selector doesn't match. - return false, nil - } - if obj.GetDeletionTimestamp() != nil { - // Ignore if the object is being deleted - return false, nil - } - - if len(m.Controller.GetNamespace()) > 0 && m.Controller.GetNamespace() != obj.GetNamespace() { - // Ignore if namespace not match - return false, nil - } - - // Selector matches. Try to adopt. - if err := adopt(ctx, obj); err != nil { - // If the pod no longer exists, ignore the error. - if errors.IsNotFound(err) { - return false, nil - } - // Either someone else claimed it first, or there was a transient error. - // The controller should requeue and try again if it's still orphaned. - return false, err - } - // Successfully adopted. - return true, nil -} - -type PodControllerRefManager struct { - BaseControllerRefManager - controllerKind schema.GroupVersionKind - podControl PodControlInterface - finalizers []string -} - -// NewPodControllerRefManager returns a PodControllerRefManager that exposes -// methods to manage the controllerRef of pods. -// -// The CanAdopt() function can be used to perform a potentially expensive check -// (such as a live GET from the API server) prior to the first adoption. -// It will only be called (at most once) if an adoption is actually attempted. -// If CanAdopt() returns a non-nil error, all adoptions will fail. -// -// NOTE: Once CanAdopt() is called, it will not be called again by the same -// PodControllerRefManager instance. Create a new instance if it makes -// sense to check CanAdopt() again (e.g. in a different sync pass). -func NewPodControllerRefManager( - podControl PodControlInterface, - controller metav1.Object, - selector labels.Selector, - controllerKind schema.GroupVersionKind, - canAdopt func(ctx context.Context) error, - finalizers ...string, -) *PodControllerRefManager { - return &PodControllerRefManager{ - BaseControllerRefManager: BaseControllerRefManager{ - Controller: controller, - Selector: selector, - CanAdoptFunc: canAdopt, - }, - controllerKind: controllerKind, - podControl: podControl, - finalizers: finalizers, - } -} - -// ClaimPods tries to take ownership of a list of Pods. -// -// It will reconcile the following: -// - Adopt orphans if the selector matches. -// - Release owned objects if the selector no longer matches. -// -// Optional: If one or more filters are specified, a Pod will only be claimed if -// all filters return true. -// -// A non-nil error is returned if some form of reconciliation was attempted and -// failed. Usually, controllers should try again later in case reconciliation -// is still needed. -// -// If the error is nil, either the reconciliation succeeded, or no -// reconciliation was necessary. The list of Pods that you now own is returned. -func (m *PodControllerRefManager) ClaimPods(ctx context.Context, pods []*v1.Pod, filters ...func(*v1.Pod) bool) ([]*v1.Pod, error) { - var claimed []*v1.Pod - var errlist []error - - match := func(obj metav1.Object) bool { - pod := obj.(*v1.Pod) - // Check selector first so filters only run on potentially matching Pods. - if !m.Selector.Matches(labels.Set(pod.Labels)) { - return false - } - for _, filter := range filters { - if !filter(pod) { - return false - } - } - return true - } - adopt := func(ctx context.Context, obj metav1.Object) error { - return m.AdoptPod(ctx, obj.(*v1.Pod)) - } - release := func(ctx context.Context, obj metav1.Object) error { - return m.ReleasePod(ctx, obj.(*v1.Pod)) - } - - for _, pod := range pods { - ok, err := m.ClaimObject(ctx, pod, match, adopt, release) - if err != nil { - errlist = append(errlist, err) - continue - } - if ok { - claimed = append(claimed, pod) - } - } - return claimed, utilerrors.NewAggregate(errlist) -} - -// AdoptPod sends a patch to take control of the pod. It returns the error if -// the patching fails. -func (m *PodControllerRefManager) AdoptPod(ctx context.Context, pod *v1.Pod) error { - if err := m.CanAdopt(ctx); err != nil { - return fmt.Errorf("can't adopt Pod %v/%v (%v): %v", pod.Namespace, pod.Name, pod.UID, err) - } - // Note that ValidateOwnerReferences() will reject this patch if another - // OwnerReference exists with controller=true. - - patchBytes, err := ownerRefControllerPatch(m.Controller, m.controllerKind, pod.UID, m.finalizers...) - if err != nil { - return err - } - return m.podControl.PatchPod(ctx, pod.Namespace, pod.Name, patchBytes) -} - -// ReleasePod sends a patch to free the pod from the control of the controller. -// It returns the error if the patching fails. 404 and 422 errors are ignored. -func (m *PodControllerRefManager) ReleasePod(ctx context.Context, pod *v1.Pod) error { - logger := klog.FromContext(ctx) - logger.V(2).Info("Patching pod to remove its controllerRef", "pod", klog.KObj(pod), "gvk", m.controllerKind, "controller", m.Controller.GetName()) - patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(pod.UID, []types.UID{m.Controller.GetUID()}, m.finalizers...) - if err != nil { - return err - } - err = m.podControl.PatchPod(ctx, pod.Namespace, pod.Name, patchBytes) - if err != nil { - if errors.IsNotFound(err) { - // If the pod no longer exists, ignore it. - return nil - } - if errors.IsInvalid(err) { - // Invalid error will be returned in two cases: 1. the pod - // has no owner reference, 2. the uid of the pod doesn't - // match, which means the pod is deleted and then recreated. - // In both cases, the error can be ignored. - - // TODO: If the pod has owner references, but none of them - // has the owner.UID, server will silently ignore the patch. - // Investigate why. - return nil - } - } - return err -} - -// ReplicaSetControllerRefManager is used to manage controllerRef of ReplicaSets. -// Three methods are defined on this object 1: Classify 2: AdoptReplicaSet and -// 3: ReleaseReplicaSet which are used to classify the ReplicaSets into appropriate -// categories and accordingly adopt or release them. See comments on these functions -// for more details. -type ReplicaSetControllerRefManager struct { - BaseControllerRefManager - controllerKind schema.GroupVersionKind - rsControl RSControlInterface -} - -// NewReplicaSetControllerRefManager returns a ReplicaSetControllerRefManager that exposes -// methods to manage the controllerRef of ReplicaSets. -// -// The CanAdopt() function can be used to perform a potentially expensive check -// (such as a live GET from the API server) prior to the first adoption. -// It will only be called (at most once) if an adoption is actually attempted. -// If CanAdopt() returns a non-nil error, all adoptions will fail. -// -// NOTE: Once CanAdopt() is called, it will not be called again by the same -// ReplicaSetControllerRefManager instance. Create a new instance if it -// makes sense to check CanAdopt() again (e.g. in a different sync pass). -func NewReplicaSetControllerRefManager( - rsControl RSControlInterface, - controller metav1.Object, - selector labels.Selector, - controllerKind schema.GroupVersionKind, - canAdopt func(ctx context.Context) error, -) *ReplicaSetControllerRefManager { - return &ReplicaSetControllerRefManager{ - BaseControllerRefManager: BaseControllerRefManager{ - Controller: controller, - Selector: selector, - CanAdoptFunc: canAdopt, - }, - controllerKind: controllerKind, - rsControl: rsControl, - } -} - -// ClaimReplicaSets tries to take ownership of a list of ReplicaSets. -// -// It will reconcile the following: -// - Adopt orphans if the selector matches. -// - Release owned objects if the selector no longer matches. -// -// A non-nil error is returned if some form of reconciliation was attempted and -// failed. Usually, controllers should try again later in case reconciliation -// is still needed. -// -// If the error is nil, either the reconciliation succeeded, or no -// reconciliation was necessary. The list of ReplicaSets that you now own is -// returned. -func (m *ReplicaSetControllerRefManager) ClaimReplicaSets(ctx context.Context, sets []*apps.ReplicaSet) ([]*apps.ReplicaSet, error) { - var claimed []*apps.ReplicaSet - var errlist []error - - match := func(obj metav1.Object) bool { - return m.Selector.Matches(labels.Set(obj.GetLabels())) - } - adopt := func(ctx context.Context, obj metav1.Object) error { - return m.AdoptReplicaSet(ctx, obj.(*apps.ReplicaSet)) - } - release := func(ctx context.Context, obj metav1.Object) error { - return m.ReleaseReplicaSet(ctx, obj.(*apps.ReplicaSet)) - } - - for _, rs := range sets { - ok, err := m.ClaimObject(ctx, rs, match, adopt, release) - if err != nil { - errlist = append(errlist, err) - continue - } - if ok { - claimed = append(claimed, rs) - } - } - return claimed, utilerrors.NewAggregate(errlist) -} - -// AdoptReplicaSet sends a patch to take control of the ReplicaSet. It returns -// the error if the patching fails. -func (m *ReplicaSetControllerRefManager) AdoptReplicaSet(ctx context.Context, rs *apps.ReplicaSet) error { - if err := m.CanAdopt(ctx); err != nil { - return fmt.Errorf("can't adopt ReplicaSet %v/%v (%v): %v", rs.Namespace, rs.Name, rs.UID, err) - } - // Note that ValidateOwnerReferences() will reject this patch if another - // OwnerReference exists with controller=true. - patchBytes, err := ownerRefControllerPatch(m.Controller, m.controllerKind, rs.UID) - if err != nil { - return err - } - return m.rsControl.PatchReplicaSet(ctx, rs.Namespace, rs.Name, patchBytes) -} - -// ReleaseReplicaSet sends a patch to free the ReplicaSet from the control of the Deployment controller. -// It returns the error if the patching fails. 404 and 422 errors are ignored. -func (m *ReplicaSetControllerRefManager) ReleaseReplicaSet(ctx context.Context, replicaSet *apps.ReplicaSet) error { - logger := klog.FromContext(ctx) - logger.V(2).Info("Patching ReplicaSet to remove its controllerRef", "replicaSet", klog.KObj(replicaSet), "gvk", m.controllerKind, "controller", m.Controller.GetName()) - patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(replicaSet.UID, []types.UID{m.Controller.GetUID()}) - if err != nil { - return err - } - err = m.rsControl.PatchReplicaSet(ctx, replicaSet.Namespace, replicaSet.Name, patchBytes) - if err != nil { - if errors.IsNotFound(err) { - // If the ReplicaSet no longer exists, ignore it. - return nil - } - if errors.IsInvalid(err) { - // Invalid error will be returned in two cases: 1. the ReplicaSet - // has no owner reference, 2. the uid of the ReplicaSet doesn't - // match, which means the ReplicaSet is deleted and then recreated. - // In both cases, the error can be ignored. - return nil - } - } - return err -} - -// RecheckDeletionTimestamp returns a CanAdopt() function to recheck deletion. -// -// The CanAdopt() function calls getObject() to fetch the latest value, -// and denies adoption attempts if that object has a non-nil DeletionTimestamp. -func RecheckDeletionTimestamp(getObject func(context.Context) (metav1.Object, error)) func(context.Context) error { - return func(ctx context.Context) error { - obj, err := getObject(ctx) - if err != nil { - return fmt.Errorf("can't recheck DeletionTimestamp: %v", err) - } - if obj.GetDeletionTimestamp() != nil { - return fmt.Errorf("%v/%v has just been deleted at %v", obj.GetNamespace(), obj.GetName(), obj.GetDeletionTimestamp()) - } - return nil - } -} - -// ControllerRevisionControllerRefManager is used to manage controllerRef of ControllerRevisions. -// Three methods are defined on this object 1: Classify 2: AdoptControllerRevision and -// 3: ReleaseControllerRevision which are used to classify the ControllerRevisions into appropriate -// categories and accordingly adopt or release them. See comments on these functions -// for more details. -type ControllerRevisionControllerRefManager struct { - BaseControllerRefManager - controllerKind schema.GroupVersionKind - crControl ControllerRevisionControlInterface -} - -// NewControllerRevisionControllerRefManager returns a ControllerRevisionControllerRefManager that exposes -// methods to manage the controllerRef of ControllerRevisions. -// -// The canAdopt() function can be used to perform a potentially expensive check -// (such as a live GET from the API server) prior to the first adoption. -// It will only be called (at most once) if an adoption is actually attempted. -// If canAdopt() returns a non-nil error, all adoptions will fail. -// -// NOTE: Once canAdopt() is called, it will not be called again by the same -// ControllerRevisionControllerRefManager instance. Create a new instance if it -// makes sense to check canAdopt() again (e.g. in a different sync pass). -func NewControllerRevisionControllerRefManager( - crControl ControllerRevisionControlInterface, - controller metav1.Object, - selector labels.Selector, - controllerKind schema.GroupVersionKind, - canAdopt func(ctx context.Context) error, -) *ControllerRevisionControllerRefManager { - return &ControllerRevisionControllerRefManager{ - BaseControllerRefManager: BaseControllerRefManager{ - Controller: controller, - Selector: selector, - CanAdoptFunc: canAdopt, - }, - controllerKind: controllerKind, - crControl: crControl, - } -} - -// ClaimControllerRevisions tries to take ownership of a list of ControllerRevisions. -// -// It will reconcile the following: -// - Adopt orphans if the selector matches. -// - Release owned objects if the selector no longer matches. -// -// A non-nil error is returned if some form of reconciliation was attempted and -// failed. Usually, controllers should try again later in case reconciliation -// is still needed. -// -// If the error is nil, either the reconciliation succeeded, or no -// reconciliation was necessary. The list of ControllerRevisions that you now own is -// returned. -func (m *ControllerRevisionControllerRefManager) ClaimControllerRevisions(ctx context.Context, histories []*apps.ControllerRevision) ([]*apps.ControllerRevision, error) { - var claimed []*apps.ControllerRevision - var errlist []error - - match := func(obj metav1.Object) bool { - return m.Selector.Matches(labels.Set(obj.GetLabels())) - } - adopt := func(ctx context.Context, obj metav1.Object) error { - return m.AdoptControllerRevision(ctx, obj.(*apps.ControllerRevision)) - } - release := func(ctx context.Context, obj metav1.Object) error { - return m.ReleaseControllerRevision(ctx, obj.(*apps.ControllerRevision)) - } - - for _, h := range histories { - ok, err := m.ClaimObject(ctx, h, match, adopt, release) - if err != nil { - errlist = append(errlist, err) - continue - } - if ok { - claimed = append(claimed, h) - } - } - return claimed, utilerrors.NewAggregate(errlist) -} - -// AdoptControllerRevision sends a patch to take control of the ControllerRevision. It returns the error if -// the patching fails. -func (m *ControllerRevisionControllerRefManager) AdoptControllerRevision(ctx context.Context, history *apps.ControllerRevision) error { - if err := m.CanAdopt(ctx); err != nil { - return fmt.Errorf("can't adopt ControllerRevision %v/%v (%v): %v", history.Namespace, history.Name, history.UID, err) - } - // Note that ValidateOwnerReferences() will reject this patch if another - // OwnerReference exists with controller=true. - patchBytes, err := ownerRefControllerPatch(m.Controller, m.controllerKind, history.UID) - if err != nil { - return err - } - return m.crControl.PatchControllerRevision(ctx, history.Namespace, history.Name, patchBytes) -} - -// ReleaseControllerRevision sends a patch to free the ControllerRevision from the control of its controller. -// It returns the error if the patching fails. 404 and 422 errors are ignored. -func (m *ControllerRevisionControllerRefManager) ReleaseControllerRevision(ctx context.Context, history *apps.ControllerRevision) error { - logger := klog.FromContext(ctx) - logger.V(2).Info("Patching ControllerRevision to remove its controllerRef", "controllerRevision", klog.KObj(history), "gvk", m.controllerKind, "controller", m.Controller.GetName()) - patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(history.UID, []types.UID{m.Controller.GetUID()}) - if err != nil { - return err - } - - err = m.crControl.PatchControllerRevision(ctx, history.Namespace, history.Name, patchBytes) - if err != nil { - if errors.IsNotFound(err) { - // If the ControllerRevision no longer exists, ignore it. - return nil - } - if errors.IsInvalid(err) { - // Invalid error will be returned in two cases: 1. the ControllerRevision - // has no owner reference, 2. the uid of the ControllerRevision doesn't - // match, which means the ControllerRevision is deleted and then recreated. - // In both cases, the error can be ignored. - return nil - } - } - return err -} - -type objectForAddOwnerRefPatch struct { - Metadata objectMetaForPatch `json:"metadata"` -} - -type objectMetaForPatch struct { - OwnerReferences []metav1.OwnerReference `json:"ownerReferences"` - UID types.UID `json:"uid"` - Finalizers []string `json:"finalizers,omitempty"` -} - -func ownerRefControllerPatch(controller metav1.Object, controllerKind schema.GroupVersionKind, uid types.UID, finalizers ...string) ([]byte, error) { - blockOwnerDeletion := true - isController := true - addControllerPatch := objectForAddOwnerRefPatch{ - Metadata: objectMetaForPatch{ - UID: uid, - OwnerReferences: []metav1.OwnerReference{ - { - APIVersion: controllerKind.GroupVersion().String(), - Kind: controllerKind.Kind, - Name: controller.GetName(), - UID: controller.GetUID(), - Controller: &isController, - BlockOwnerDeletion: &blockOwnerDeletion, - }, - }, - Finalizers: finalizers, - }, - } - patchBytes, err := json.Marshal(&addControllerPatch) - if err != nil { - return nil, err - } - return patchBytes, nil -} - -type objectForDeleteOwnerRefStrategicMergePatch struct { - Metadata objectMetaForMergePatch `json:"metadata"` -} - -type objectMetaForMergePatch struct { - UID types.UID `json:"uid"` - OwnerReferences []map[string]string `json:"ownerReferences"` - DeleteFinalizers []string `json:"$deleteFromPrimitiveList/finalizers,omitempty"` -} - -func GenerateDeleteOwnerRefStrategicMergeBytes(dependentUID types.UID, ownerUIDs []types.UID, finalizers ...string) ([]byte, error) { - var ownerReferences []map[string]string - for _, ownerUID := range ownerUIDs { - ownerReferences = append(ownerReferences, ownerReference(ownerUID, "delete")) - } - patch := objectForDeleteOwnerRefStrategicMergePatch{ - Metadata: objectMetaForMergePatch{ - UID: dependentUID, - OwnerReferences: ownerReferences, - DeleteFinalizers: finalizers, - }, - } - patchBytes, err := json.Marshal(&patch) - if err != nil { - return nil, err - } - return patchBytes, nil -} - -func ownerReference(uid types.UID, patchType string) map[string]string { - return map[string]string{ - "$patch": patchType, - "uid": string(uid), - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go b/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go deleted file mode 100644 index c6c3b31f0..000000000 --- a/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go +++ /dev/null @@ -1,1452 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "context" - "encoding/binary" - "encoding/json" - "fmt" - "hash/fnv" - "math" - "sync" - "sync/atomic" - "time" - - apps "k8s.io/api/apps/v1" - v1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/meta" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/rand" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/strategicpatch" - "k8s.io/apimachinery/pkg/util/wait" - utilfeature "k8s.io/apiserver/pkg/util/feature" - clientset "k8s.io/client-go/kubernetes" - "k8s.io/client-go/tools/cache" - "k8s.io/client-go/tools/record" - clientretry "k8s.io/client-go/util/retry" - podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "k8s.io/kubernetes/pkg/apis/core/helper" - _ "k8s.io/kubernetes/pkg/apis/core/install" - "k8s.io/kubernetes/pkg/apis/core/validation" - "k8s.io/kubernetes/pkg/features" - hashutil "k8s.io/kubernetes/pkg/util/hash" - taintutils "k8s.io/kubernetes/pkg/util/taints" - "k8s.io/utils/clock" - "k8s.io/utils/ptr" - - "k8s.io/klog/v2" -) - -const ( - // If a watch drops a delete event for a pod, it'll take this long - // before a dormant controller waiting for those packets is woken up anyway. It is - // specifically targeted at the case where some problem prevents an update - // of expectations, without it the controller could stay asleep forever. This should - // be set based on the expected latency of watch events. - // - // Currently a controller can service (create *and* observe the watch events for said - // creation) about 10 pods a second, so it takes about 1 min to service - // 500 pods. Just creation is limited to 20qps, and watching happens with ~10-30s - // latency/pod at the scale of 3000 pods over 100 nodes. - ExpectationsTimeout = 5 * time.Minute - // When batching pod creates, SlowStartInitialBatchSize is the size of the - // initial batch. The size of each successive batch is twice the size of - // the previous batch. For example, for a value of 1, batch sizes would be - // 1, 2, 4, 8, ... and for a value of 10, batch sizes would be - // 10, 20, 40, 80, ... Setting the value higher means that quota denials - // will result in more doomed API calls and associated event spam. Setting - // the value lower will result in more API call round trip periods for - // large batches. - // - // Given a number of pods to start "N": - // The number of doomed calls per sync once quota is exceeded is given by: - // min(N,SlowStartInitialBatchSize) - // The number of batches is given by: - // 1+floor(log_2(ceil(N/SlowStartInitialBatchSize))) - SlowStartInitialBatchSize = 1 - - // PodNodeNameKeyIndex is the name of the index used by PodInformer to index pods by their node name. - PodNodeNameKeyIndex = "spec.nodeName" - - // PodControllerIndex is the name for the Pod store's index function, - // which indexes by the key returned from PodControllerIndexKey. - PodControllerIndex = "podController" -) - -var UpdateTaintBackoff = wait.Backoff{ - Steps: 5, - Duration: 100 * time.Millisecond, - Jitter: 1.0, -} - -var UpdateLabelBackoff = wait.Backoff{ - Steps: 5, - Duration: 100 * time.Millisecond, - Jitter: 1.0, -} - -var ( - KeyFunc = cache.DeletionHandlingMetaNamespaceKeyFunc - podPhaseToOrdinal = map[v1.PodPhase]int{v1.PodPending: 0, v1.PodUnknown: 1, v1.PodRunning: 2} -) - -type ResyncPeriodFunc func() time.Duration - -// Returns 0 for resyncPeriod in case resyncing is not needed. -func NoResyncPeriodFunc() time.Duration { - return 0 -} - -// StaticResyncPeriodFunc returns the resync period specified -func StaticResyncPeriodFunc(resyncPeriod time.Duration) ResyncPeriodFunc { - return func() time.Duration { - return resyncPeriod - } -} - -// Expectations are a way for controllers to tell the controller manager what they expect. eg: -// ControllerExpectations: { -// controller1: expects 2 adds in 2 minutes -// controller2: expects 2 dels in 2 minutes -// controller3: expects -1 adds in 2 minutes => controller3's expectations have already been met -// } -// -// Implementation: -// ControlleeExpectation = pair of atomic counters to track controllee's creation/deletion -// ControllerExpectationsStore = TTLStore + a ControlleeExpectation per controller -// -// * Once set expectations can only be lowered -// * A controller isn't synced till its expectations are either fulfilled, or expire -// * Controllers that don't set expectations will get woken up for every matching controllee - -// ExpKeyFunc to parse out the key from a ControlleeExpectation -var ExpKeyFunc = func(obj interface{}) (string, error) { - if e, ok := obj.(*ControlleeExpectations); ok { - return e.key, nil - } - return "", fmt.Errorf("could not find key for obj %#v", obj) -} - -// ControllerExpectationsInterface is an interface that allows users to set and wait on expectations. -// Only abstracted out for testing. -// Warning: if using KeyFunc it is not safe to use a single ControllerExpectationsInterface with different -// types of controllers, because the keys might conflict across types. -type ControllerExpectationsInterface interface { - GetExpectations(controllerKey string) (*ControlleeExpectations, bool, error) - SatisfiedExpectations(logger klog.Logger, controllerKey string) bool - DeleteExpectations(logger klog.Logger, controllerKey string) - SetExpectations(logger klog.Logger, controllerKey string, add, del int) error - ExpectCreations(logger klog.Logger, controllerKey string, adds int) error - ExpectDeletions(logger klog.Logger, controllerKey string, dels int) error - CreationObserved(logger klog.Logger, controllerKey string) - DeletionObserved(logger klog.Logger, controllerKey string) - RaiseExpectations(logger klog.Logger, controllerKey string, add, del int) - LowerExpectations(logger klog.Logger, controllerKey string, add, del int) -} - -// ControllerExpectations is a cache mapping controllers to what they expect to see before being woken up for a sync. -type ControllerExpectations struct { - cache.Store -} - -// GetExpectations returns the ControlleeExpectations of the given controller. -func (r *ControllerExpectations) GetExpectations(controllerKey string) (*ControlleeExpectations, bool, error) { - exp, exists, err := r.GetByKey(controllerKey) - if err == nil && exists { - return exp.(*ControlleeExpectations), true, nil - } - return nil, false, err -} - -// DeleteExpectations deletes the expectations of the given controller from the TTLStore. -func (r *ControllerExpectations) DeleteExpectations(logger klog.Logger, controllerKey string) { - if exp, exists, err := r.GetByKey(controllerKey); err == nil && exists { - if err := r.Delete(exp); err != nil { - - logger.V(2).Info("Error deleting expectations", "controller", controllerKey, "err", err) - } - } -} - -// SatisfiedExpectations returns true if the required adds/dels for the given controller have been observed. -// Add/del counts are established by the controller at sync time, and updated as controllees are observed by the controller -// manager. -func (r *ControllerExpectations) SatisfiedExpectations(logger klog.Logger, controllerKey string) bool { - if exp, exists, err := r.GetExpectations(controllerKey); exists { - if exp.Fulfilled() { - logger.V(4).Info("Controller expectations fulfilled", "expectations", exp) - return true - } else if exp.isExpired() { - logger.V(4).Info("Controller expectations expired", "expectations", exp) - return true - } else { - logger.V(4).Info("Controller still waiting on expectations", "expectations", exp) - return false - } - } else if err != nil { - logger.V(2).Info("Error encountered while checking expectations, forcing sync", "err", err) - } else { - // When a new controller is created, it doesn't have expectations. - // When it doesn't see expected watch events for > TTL, the expectations expire. - // - In this case it wakes up, creates/deletes controllees, and sets expectations again. - // When it has satisfied expectations and no controllees need to be created/destroyed > TTL, the expectations expire. - // - In this case it continues without setting expectations till it needs to create/delete controllees. - logger.V(4).Info("Controller either never recorded expectations, or the ttl expired", "controller", controllerKey) - } - // Trigger a sync if we either encountered and error (which shouldn't happen since we're - // getting from local store) or this controller hasn't established expectations. - return true -} - -// TODO: Extend ExpirationCache to support explicit expiration. -// TODO: Make this possible to disable in tests. -// TODO: Support injection of clock. -func (exp *ControlleeExpectations) isExpired() bool { - return clock.RealClock{}.Since(exp.timestamp) > ExpectationsTimeout -} - -// SetExpectations registers new expectations for the given controller. Forgets existing expectations. -func (r *ControllerExpectations) SetExpectations(logger klog.Logger, controllerKey string, add, del int) error { - exp := &ControlleeExpectations{add: int64(add), del: int64(del), key: controllerKey, timestamp: clock.RealClock{}.Now()} - logger.V(4).Info("Setting expectations", "expectations", exp) - return r.Add(exp) -} - -func (r *ControllerExpectations) ExpectCreations(logger klog.Logger, controllerKey string, adds int) error { - return r.SetExpectations(logger, controllerKey, adds, 0) -} - -func (r *ControllerExpectations) ExpectDeletions(logger klog.Logger, controllerKey string, dels int) error { - return r.SetExpectations(logger, controllerKey, 0, dels) -} - -// Decrements the expectation counts of the given controller. -func (r *ControllerExpectations) LowerExpectations(logger klog.Logger, controllerKey string, add, del int) { - if exp, exists, err := r.GetExpectations(controllerKey); err == nil && exists { - exp.Add(int64(-add), int64(-del)) - // The expectations might've been modified since the update on the previous line. - logger.V(4).Info("Lowered expectations", "expectations", exp) - } -} - -// Increments the expectation counts of the given controller. -func (r *ControllerExpectations) RaiseExpectations(logger klog.Logger, controllerKey string, add, del int) { - if exp, exists, err := r.GetExpectations(controllerKey); err == nil && exists { - exp.Add(int64(add), int64(del)) - // The expectations might've been modified since the update on the previous line. - logger.V(4).Info("Raised expectations", "expectations", exp) - } -} - -// CreationObserved atomically decrements the `add` expectation count of the given controller. -func (r *ControllerExpectations) CreationObserved(logger klog.Logger, controllerKey string) { - r.LowerExpectations(logger, controllerKey, 1, 0) -} - -// DeletionObserved atomically decrements the `del` expectation count of the given controller. -func (r *ControllerExpectations) DeletionObserved(logger klog.Logger, controllerKey string) { - r.LowerExpectations(logger, controllerKey, 0, 1) -} - -// ControlleeExpectations track controllee creates/deletes. -type ControlleeExpectations struct { - // Important: Since these two int64 fields are using sync/atomic, they have to be at the top of the struct due to a bug on 32-bit platforms - // See: https://golang.org/pkg/sync/atomic/ for more information - add int64 - del int64 - key string - timestamp time.Time -} - -// Add increments the add and del counters. -func (e *ControlleeExpectations) Add(add, del int64) { - atomic.AddInt64(&e.add, add) - atomic.AddInt64(&e.del, del) -} - -// Fulfilled returns true if this expectation has been fulfilled. -func (e *ControlleeExpectations) Fulfilled() bool { - // TODO: think about why this line being atomic doesn't matter - return atomic.LoadInt64(&e.add) <= 0 && atomic.LoadInt64(&e.del) <= 0 -} - -// GetExpectations returns the add and del expectations of the controllee. -func (e *ControlleeExpectations) GetExpectations() (int64, int64) { - return atomic.LoadInt64(&e.add), atomic.LoadInt64(&e.del) -} - -// MarshalLog makes a thread-safe copy of the values of the expectations that -// can be used for logging. -func (e *ControlleeExpectations) MarshalLog() interface{} { - return struct { - add int64 - del int64 - key string - }{ - add: atomic.LoadInt64(&e.add), - del: atomic.LoadInt64(&e.del), - key: e.key, - } -} - -// NewControllerExpectations returns a store for ControllerExpectations. -func NewControllerExpectations() *ControllerExpectations { - return &ControllerExpectations{cache.NewStore(ExpKeyFunc)} -} - -// UIDSetKeyFunc to parse out the key from a UIDSet. -var UIDSetKeyFunc = func(obj interface{}) (string, error) { - if u, ok := obj.(*UIDSet); ok { - return u.key, nil - } - return "", fmt.Errorf("could not find key for obj %#v", obj) -} - -// UIDSet holds a key and a set of UIDs. Used by the -// UIDTrackingControllerExpectations to remember which UID it has seen/still -// waiting for. -type UIDSet struct { - sets.String - key string -} - -// UIDTrackingControllerExpectations tracks the UID of the pods it deletes. -// This cache is needed over plain old expectations to safely handle graceful -// deletion. The desired behavior is to treat an update that sets the -// DeletionTimestamp on an object as a delete. To do so consistently, one needs -// to remember the expected deletes so they aren't double counted. -// TODO: Track creates as well (#22599) -type UIDTrackingControllerExpectations struct { - ControllerExpectationsInterface - // TODO: There is a much nicer way to do this that involves a single store, - // a lock per entry, and a ControlleeExpectationsInterface type. - uidStoreLock sync.Mutex - // Store used for the UIDs associated with any expectation tracked via the - // ControllerExpectationsInterface. - uidStore cache.Store -} - -// GetUIDs is a convenience method to avoid exposing the set of expected uids. -// The returned set is not thread safe, all modifications must be made holding -// the uidStoreLock. -func (u *UIDTrackingControllerExpectations) GetUIDs(controllerKey string) sets.String { - if uid, exists, err := u.uidStore.GetByKey(controllerKey); err == nil && exists { - return uid.(*UIDSet).String - } - return nil -} - -// ExpectDeletions records expectations for the given deleteKeys, against the given controller. -func (u *UIDTrackingControllerExpectations) ExpectDeletions(logger klog.Logger, rcKey string, deletedKeys []string) error { - expectedUIDs := sets.NewString() - for _, k := range deletedKeys { - expectedUIDs.Insert(k) - } - logger.V(4).Info("Controller waiting on deletions", "controller", rcKey, "keys", deletedKeys) - u.uidStoreLock.Lock() - defer u.uidStoreLock.Unlock() - - if existing := u.GetUIDs(rcKey); existing != nil && existing.Len() != 0 { - logger.Error(nil, "Clobbering existing delete keys", "keys", existing) - } - if err := u.uidStore.Add(&UIDSet{expectedUIDs, rcKey}); err != nil { - return err - } - return u.ControllerExpectationsInterface.ExpectDeletions(logger, rcKey, expectedUIDs.Len()) -} - -// DeletionObserved records the given deleteKey as a deletion, for the given rc. -func (u *UIDTrackingControllerExpectations) DeletionObserved(logger klog.Logger, rcKey, deleteKey string) { - u.uidStoreLock.Lock() - defer u.uidStoreLock.Unlock() - - uids := u.GetUIDs(rcKey) - if uids != nil && uids.Has(deleteKey) { - logger.V(4).Info("Controller received delete for pod", "controller", rcKey, "key", deleteKey) - u.ControllerExpectationsInterface.DeletionObserved(logger, rcKey) - uids.Delete(deleteKey) - } -} - -// DeleteExpectations deletes the UID set and invokes DeleteExpectations on the -// underlying ControllerExpectationsInterface. -func (u *UIDTrackingControllerExpectations) DeleteExpectations(logger klog.Logger, rcKey string) { - u.uidStoreLock.Lock() - defer u.uidStoreLock.Unlock() - - u.ControllerExpectationsInterface.DeleteExpectations(logger, rcKey) - if uidExp, exists, err := u.uidStore.GetByKey(rcKey); err == nil && exists { - if err := u.uidStore.Delete(uidExp); err != nil { - logger.V(2).Info("Error deleting uid expectations", "controller", rcKey, "err", err) - } - } -} - -// NewUIDTrackingControllerExpectations returns a wrapper around -// ControllerExpectations that is aware of deleteKeys. -func NewUIDTrackingControllerExpectations(ce ControllerExpectationsInterface) *UIDTrackingControllerExpectations { - return &UIDTrackingControllerExpectations{ControllerExpectationsInterface: ce, uidStore: cache.NewStore(UIDSetKeyFunc)} -} - -// Reasons for pod events -const ( - // FailedCreatePodReason is added in an event and in a replica set condition - // when a pod for a replica set is failed to be created. - FailedCreatePodReason = "FailedCreate" - // SuccessfulCreatePodReason is added in an event when a pod for a replica set - // is successfully created. - SuccessfulCreatePodReason = "SuccessfulCreate" - // FailedDeletePodReason is added in an event and in a replica set condition - // when a pod for a replica set is failed to be deleted. - FailedDeletePodReason = "FailedDelete" - // SuccessfulDeletePodReason is added in an event when a pod for a replica set - // is successfully deleted. - SuccessfulDeletePodReason = "SuccessfulDelete" -) - -// RSControlInterface is an interface that knows how to add or delete -// ReplicaSets, as well as increment or decrement them. It is used -// by the deployment controller to ease testing of actions that it takes. -type RSControlInterface interface { - PatchReplicaSet(ctx context.Context, namespace, name string, data []byte) error -} - -// RealRSControl is the default implementation of RSControllerInterface. -type RealRSControl struct { - KubeClient clientset.Interface - Recorder record.EventRecorder -} - -var _ RSControlInterface = &RealRSControl{} - -func (r RealRSControl) PatchReplicaSet(ctx context.Context, namespace, name string, data []byte) error { - _, err := r.KubeClient.AppsV1().ReplicaSets(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) - return err -} - -// TODO: merge the controller revision interface in controller_history.go with this one -// ControllerRevisionControlInterface is an interface that knows how to patch -// ControllerRevisions, as well as increment or decrement them. It is used -// by the daemonset controller to ease testing of actions that it takes. -type ControllerRevisionControlInterface interface { - PatchControllerRevision(ctx context.Context, namespace, name string, data []byte) error -} - -// RealControllerRevisionControl is the default implementation of ControllerRevisionControlInterface. -type RealControllerRevisionControl struct { - KubeClient clientset.Interface -} - -var _ ControllerRevisionControlInterface = &RealControllerRevisionControl{} - -func (r RealControllerRevisionControl) PatchControllerRevision(ctx context.Context, namespace, name string, data []byte) error { - _, err := r.KubeClient.AppsV1().ControllerRevisions(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) - return err -} - -// PodControlInterface is an interface that knows how to add or delete pods -// created as an interface to allow testing. -type PodControlInterface interface { - // CreatePods creates new pods according to the spec, and sets object as the pod's controller. - CreatePods(ctx context.Context, namespace string, template *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference) error - // CreatePodsWithGenerateName creates new pods according to the spec, sets object as the pod's controller and sets pod's generateName. - CreatePodsWithGenerateName(ctx context.Context, namespace string, template *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference, generateName string) error - // DeletePod deletes the pod identified by podID. - DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error - // PatchPod patches the pod. - PatchPod(ctx context.Context, namespace, name string, data []byte) error -} - -// RealPodControl is the default implementation of PodControlInterface. -type RealPodControl struct { - KubeClient clientset.Interface - Recorder record.EventRecorder -} - -var _ PodControlInterface = &RealPodControl{} - -func getPodsLabelSet(template *v1.PodTemplateSpec) labels.Set { - desiredLabels := make(labels.Set) - for k, v := range template.Labels { - desiredLabels[k] = v - } - return desiredLabels -} - -func getPodsFinalizers(template *v1.PodTemplateSpec) []string { - desiredFinalizers := make([]string, len(template.Finalizers)) - copy(desiredFinalizers, template.Finalizers) - return desiredFinalizers -} - -func getPodsAnnotationSet(template *v1.PodTemplateSpec) labels.Set { - desiredAnnotations := make(labels.Set) - for k, v := range template.Annotations { - desiredAnnotations[k] = v - } - return desiredAnnotations -} - -func getPodsPrefix(controllerName string) string { - // use the dash (if the name isn't too long) to make the pod name a bit prettier - prefix := fmt.Sprintf("%s-", controllerName) - if len(validation.ValidatePodName(prefix, true)) != 0 { - prefix = controllerName - } - return prefix -} - -func validateControllerRef(controllerRef *metav1.OwnerReference) error { - if controllerRef == nil { - return fmt.Errorf("controllerRef is nil") - } - if len(controllerRef.APIVersion) == 0 { - return fmt.Errorf("controllerRef has empty APIVersion") - } - if len(controllerRef.Kind) == 0 { - return fmt.Errorf("controllerRef has empty Kind") - } - if controllerRef.Controller == nil || !*controllerRef.Controller { - return fmt.Errorf("controllerRef.Controller is not set to true") - } - if controllerRef.BlockOwnerDeletion == nil || !*controllerRef.BlockOwnerDeletion { - return fmt.Errorf("controllerRef.BlockOwnerDeletion is not set") - } - return nil -} - -func (r RealPodControl) CreatePods(ctx context.Context, namespace string, template *v1.PodTemplateSpec, controllerObject runtime.Object, controllerRef *metav1.OwnerReference) error { - return r.CreatePodsWithGenerateName(ctx, namespace, template, controllerObject, controllerRef, "") -} - -func (r RealPodControl) CreatePodsWithGenerateName(ctx context.Context, namespace string, template *v1.PodTemplateSpec, controllerObject runtime.Object, controllerRef *metav1.OwnerReference, generateName string) error { - if err := validateControllerRef(controllerRef); err != nil { - return err - } - pod, err := GetPodFromTemplate(template, controllerObject, controllerRef) - if err != nil { - return err - } - if len(generateName) > 0 { - pod.ObjectMeta.GenerateName = generateName - } - return r.createPods(ctx, namespace, pod, controllerObject) -} - -func (r RealPodControl) PatchPod(ctx context.Context, namespace, name string, data []byte) error { - _, err := r.KubeClient.CoreV1().Pods(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) - return err -} - -func GetPodFromTemplate(template *v1.PodTemplateSpec, parentObject runtime.Object, controllerRef *metav1.OwnerReference) (*v1.Pod, error) { - desiredLabels := getPodsLabelSet(template) - desiredFinalizers := getPodsFinalizers(template) - desiredAnnotations := getPodsAnnotationSet(template) - accessor, err := meta.Accessor(parentObject) - if err != nil { - return nil, fmt.Errorf("parentObject does not have ObjectMeta, %v", err) - } - prefix := getPodsPrefix(accessor.GetName()) - - pod := &v1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - Labels: desiredLabels, - Annotations: desiredAnnotations, - GenerateName: prefix, - Finalizers: desiredFinalizers, - }, - } - if controllerRef != nil { - pod.OwnerReferences = append(pod.OwnerReferences, *controllerRef) - } - pod.Spec = *template.Spec.DeepCopy() - return pod, nil -} - -func (r RealPodControl) createPods(ctx context.Context, namespace string, pod *v1.Pod, object runtime.Object) error { - if len(labels.Set(pod.Labels)) == 0 { - return fmt.Errorf("unable to create pods, no labels") - } - newPod, err := r.KubeClient.CoreV1().Pods(namespace).Create(ctx, pod, metav1.CreateOptions{}) - if err != nil { - // only send an event if the namespace isn't terminating - if !apierrors.HasStatusCause(err, v1.NamespaceTerminatingCause) { - r.Recorder.Eventf(object, v1.EventTypeWarning, FailedCreatePodReason, "Error creating: %v", err) - } - return err - } - logger := klog.FromContext(ctx) - accessor, err := meta.Accessor(object) - if err != nil { - logger.Error(err, "parentObject does not have ObjectMeta") - return nil - } - logger.V(4).Info("Controller created pod", "controller", accessor.GetName(), "pod", klog.KObj(newPod)) - r.Recorder.Eventf(object, v1.EventTypeNormal, SuccessfulCreatePodReason, "Created pod: %v", newPod.Name) - - return nil -} - -func (r RealPodControl) DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error { - accessor, err := meta.Accessor(object) - if err != nil { - return fmt.Errorf("object does not have ObjectMeta, %v", err) - } - logger := klog.FromContext(ctx) - logger.V(2).Info("Deleting pod", "controller", accessor.GetName(), "pod", klog.KRef(namespace, podID)) - if err := r.KubeClient.CoreV1().Pods(namespace).Delete(ctx, podID, metav1.DeleteOptions{}); err != nil { - if apierrors.IsNotFound(err) { - logger.V(4).Info("Pod has already been deleted.", "pod", klog.KRef(namespace, podID)) - return err - } - r.Recorder.Eventf(object, v1.EventTypeWarning, FailedDeletePodReason, "Error deleting: %v", err) - return fmt.Errorf("unable to delete pods: %v", err) - } - r.Recorder.Eventf(object, v1.EventTypeNormal, SuccessfulDeletePodReason, "Deleted pod: %v", podID) - - return nil -} - -type FakePodControl struct { - sync.Mutex - Templates []v1.PodTemplateSpec - ControllerRefs []metav1.OwnerReference - DeletePodName []string - Patches [][]byte - Err error - CreateLimit int - CreateCallCount int -} - -var _ PodControlInterface = &FakePodControl{} - -func (f *FakePodControl) PatchPod(ctx context.Context, namespace, name string, data []byte) error { - f.Lock() - defer f.Unlock() - f.Patches = append(f.Patches, data) - if f.Err != nil { - return f.Err - } - return nil -} - -func (f *FakePodControl) CreatePods(ctx context.Context, namespace string, spec *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference) error { - return f.CreatePodsWithGenerateName(ctx, namespace, spec, object, controllerRef, "") -} - -func (f *FakePodControl) CreatePodsWithGenerateName(ctx context.Context, namespace string, spec *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference, generateNamePrefix string) error { - f.Lock() - defer f.Unlock() - f.CreateCallCount++ - if f.CreateLimit != 0 && f.CreateCallCount > f.CreateLimit { - return fmt.Errorf("not creating pod, limit %d already reached (create call %d)", f.CreateLimit, f.CreateCallCount) - } - spec.GenerateName = generateNamePrefix - f.Templates = append(f.Templates, *spec) - f.ControllerRefs = append(f.ControllerRefs, *controllerRef) - if f.Err != nil { - return f.Err - } - return nil -} - -func (f *FakePodControl) DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error { - f.Lock() - defer f.Unlock() - f.DeletePodName = append(f.DeletePodName, podID) - if f.Err != nil { - return f.Err - } - return nil -} - -func (f *FakePodControl) Clear() { - f.Lock() - defer f.Unlock() - f.DeletePodName = []string{} - f.Templates = []v1.PodTemplateSpec{} - f.ControllerRefs = []metav1.OwnerReference{} - f.Patches = [][]byte{} - f.CreateLimit = 0 - f.CreateCallCount = 0 -} - -// ByLogging allows custom sorting of pods so the best one can be picked for getting its logs. -type ByLogging []*v1.Pod - -func (s ByLogging) Len() int { return len(s) } -func (s ByLogging) Swap(i, j int) { s[i], s[j] = s[j], s[i] } - -func (s ByLogging) Less(i, j int) bool { - // 1. assigned < unassigned - if s[i].Spec.NodeName != s[j].Spec.NodeName && (len(s[i].Spec.NodeName) == 0 || len(s[j].Spec.NodeName) == 0) { - return len(s[i].Spec.NodeName) > 0 - } - // 2. PodRunning < PodUnknown < PodPending - if s[i].Status.Phase != s[j].Status.Phase { - return podPhaseToOrdinal[s[i].Status.Phase] > podPhaseToOrdinal[s[j].Status.Phase] - } - // 3. ready < not ready - if podutil.IsPodReady(s[i]) != podutil.IsPodReady(s[j]) { - return podutil.IsPodReady(s[i]) - } - // TODO: take availability into account when we push minReadySeconds information from deployment into pods, - // see https://github.com/kubernetes/kubernetes/issues/22065 - // 4. Been ready for more time < less time < empty time - if podutil.IsPodReady(s[i]) && podutil.IsPodReady(s[j]) { - readyTime1 := podReadyTime(s[i]) - readyTime2 := podReadyTime(s[j]) - if !readyTime1.Equal(readyTime2) { - return afterOrZero(readyTime2, readyTime1) - } - } - // 5. Pods with containers with higher restart counts < lower restart counts - if res := compareMaxContainerRestarts(s[i], s[j]); res != nil { - return *res - } - // 6. older pods < newer pods < empty timestamp pods - if !s[i].CreationTimestamp.Equal(&s[j].CreationTimestamp) { - return afterOrZero(&s[j].CreationTimestamp, &s[i].CreationTimestamp) - } - return false -} - -// ActivePods type allows custom sorting of pods so a controller can pick the best ones to delete. -type ActivePods []*v1.Pod - -func (s ActivePods) Len() int { return len(s) } -func (s ActivePods) Swap(i, j int) { s[i], s[j] = s[j], s[i] } - -func (s ActivePods) Less(i, j int) bool { - // 1. Unassigned < assigned - // If only one of the pods is unassigned, the unassigned one is smaller - if s[i].Spec.NodeName != s[j].Spec.NodeName && (len(s[i].Spec.NodeName) == 0 || len(s[j].Spec.NodeName) == 0) { - return len(s[i].Spec.NodeName) == 0 - } - // 2. PodPending < PodUnknown < PodRunning - if podPhaseToOrdinal[s[i].Status.Phase] != podPhaseToOrdinal[s[j].Status.Phase] { - return podPhaseToOrdinal[s[i].Status.Phase] < podPhaseToOrdinal[s[j].Status.Phase] - } - // 3. Not ready < ready - // If only one of the pods is not ready, the not ready one is smaller - if podutil.IsPodReady(s[i]) != podutil.IsPodReady(s[j]) { - return !podutil.IsPodReady(s[i]) - } - // TODO: take availability into account when we push minReadySeconds information from deployment into pods, - // see https://github.com/kubernetes/kubernetes/issues/22065 - // 4. Been ready for empty time < less time < more time - // If both pods are ready, the latest ready one is smaller - if podutil.IsPodReady(s[i]) && podutil.IsPodReady(s[j]) { - readyTime1 := podReadyTime(s[i]) - readyTime2 := podReadyTime(s[j]) - if !readyTime1.Equal(readyTime2) { - return afterOrZero(readyTime1, readyTime2) - } - } - // 5. Pods with containers with higher restart counts < lower restart counts - if res := compareMaxContainerRestarts(s[i], s[j]); res != nil { - return *res - } - // 6. Empty creation time pods < newer pods < older pods - if !s[i].CreationTimestamp.Equal(&s[j].CreationTimestamp) { - return afterOrZero(&s[i].CreationTimestamp, &s[j].CreationTimestamp) - } - return false -} - -// ActivePodsWithRanks is a sortable list of pods and a list of corresponding -// ranks which will be considered during sorting. The two lists must have equal -// length. After sorting, the pods will be ordered as follows, applying each -// rule in turn until one matches: -// -// 1. If only one of the pods is assigned to a node, the pod that is not -// assigned comes before the pod that is. -// 2. If the pods' phases differ, a pending pod comes before a pod whose phase -// is unknown, and a pod whose phase is unknown comes before a running pod. -// 3. If exactly one of the pods is ready, the pod that is not ready comes -// before the ready pod. -// 4. If controller.kubernetes.io/pod-deletion-cost annotation is set, then -// the pod with the lower value will come first. -// 5. If the pods' ranks differ, the pod with greater rank comes before the pod -// with lower rank. -// 6. If both pods are ready but have not been ready for the same amount of -// time, the pod that has been ready for a shorter amount of time comes -// before the pod that has been ready for longer. -// 7. If one pod has a container that has restarted more than any container in -// the other pod, the pod with the container with more restarts comes -// before the other pod. -// 8. If the pods' creation times differ, the pod that was created more recently -// comes before the older pod. -// -// In 6 and 8, times are compared in a logarithmic scale. This allows a level -// of randomness among equivalent Pods when sorting. If two pods have the same -// logarithmic rank, they are sorted by UUID to provide a pseudorandom order. -// -// If none of these rules matches, the second pod comes before the first pod. -// -// The intention of this ordering is to put pods that should be preferred for -// deletion first in the list. -type ActivePodsWithRanks struct { - // Pods is a list of pods. - Pods []*v1.Pod - - // Rank is a ranking of pods. This ranking is used during sorting when - // comparing two pods that are both scheduled, in the same phase, and - // having the same ready status. - Rank []int - - // Now is a reference timestamp for doing logarithmic timestamp comparisons. - // If zero, comparison happens without scaling. - Now metav1.Time -} - -func (s ActivePodsWithRanks) Len() int { - return len(s.Pods) -} - -func (s ActivePodsWithRanks) Swap(i, j int) { - s.Pods[i], s.Pods[j] = s.Pods[j], s.Pods[i] - s.Rank[i], s.Rank[j] = s.Rank[j], s.Rank[i] -} - -// Less compares two pods with corresponding ranks and returns true if the first -// one should be preferred for deletion. -func (s ActivePodsWithRanks) Less(i, j int) bool { - // 1. Unassigned < assigned - // If only one of the pods is unassigned, the unassigned one is smaller - if s.Pods[i].Spec.NodeName != s.Pods[j].Spec.NodeName && (len(s.Pods[i].Spec.NodeName) == 0 || len(s.Pods[j].Spec.NodeName) == 0) { - return len(s.Pods[i].Spec.NodeName) == 0 - } - // 2. PodPending < PodUnknown < PodRunning - if podPhaseToOrdinal[s.Pods[i].Status.Phase] != podPhaseToOrdinal[s.Pods[j].Status.Phase] { - return podPhaseToOrdinal[s.Pods[i].Status.Phase] < podPhaseToOrdinal[s.Pods[j].Status.Phase] - } - // 3. Not ready < ready - // If only one of the pods is not ready, the not ready one is smaller - if podutil.IsPodReady(s.Pods[i]) != podutil.IsPodReady(s.Pods[j]) { - return !podutil.IsPodReady(s.Pods[i]) - } - - // 4. lower pod-deletion-cost < higher pod-deletion cost - if utilfeature.DefaultFeatureGate.Enabled(features.PodDeletionCost) { - pi, _ := helper.GetDeletionCostFromPodAnnotations(s.Pods[i].Annotations) - pj, _ := helper.GetDeletionCostFromPodAnnotations(s.Pods[j].Annotations) - if pi != pj { - return pi < pj - } - } - - // 5. Doubled up < not doubled up - // If one of the two pods is on the same node as one or more additional - // ready pods that belong to the same replicaset, whichever pod has more - // colocated ready pods is less - if s.Rank[i] != s.Rank[j] { - return s.Rank[i] > s.Rank[j] - } - // TODO: take availability into account when we push minReadySeconds information from deployment into pods, - // see https://github.com/kubernetes/kubernetes/issues/22065 - // 6. Been ready for empty time < less time < more time - // If both pods are ready, the latest ready one is smaller - if podutil.IsPodReady(s.Pods[i]) && podutil.IsPodReady(s.Pods[j]) { - readyTime1 := podReadyTime(s.Pods[i]) - readyTime2 := podReadyTime(s.Pods[j]) - if !readyTime1.Equal(readyTime2) { - if !utilfeature.DefaultFeatureGate.Enabled(features.LogarithmicScaleDown) { - return afterOrZero(readyTime1, readyTime2) - } else { - if s.Now.IsZero() || readyTime1.IsZero() || readyTime2.IsZero() { - return afterOrZero(readyTime1, readyTime2) - } - rankDiff := logarithmicRankDiff(*readyTime1, *readyTime2, s.Now) - if rankDiff == 0 { - return s.Pods[i].UID < s.Pods[j].UID - } - return rankDiff < 0 - } - } - } - // 7. Pods with containers with higher restart counts < lower restart counts - if res := compareMaxContainerRestarts(s.Pods[i], s.Pods[j]); res != nil { - return *res - } - // 8. Empty creation time pods < newer pods < older pods - if !s.Pods[i].CreationTimestamp.Equal(&s.Pods[j].CreationTimestamp) { - if !utilfeature.DefaultFeatureGate.Enabled(features.LogarithmicScaleDown) { - return afterOrZero(&s.Pods[i].CreationTimestamp, &s.Pods[j].CreationTimestamp) - } else { - if s.Now.IsZero() || s.Pods[i].CreationTimestamp.IsZero() || s.Pods[j].CreationTimestamp.IsZero() { - return afterOrZero(&s.Pods[i].CreationTimestamp, &s.Pods[j].CreationTimestamp) - } - rankDiff := logarithmicRankDiff(s.Pods[i].CreationTimestamp, s.Pods[j].CreationTimestamp, s.Now) - if rankDiff == 0 { - return s.Pods[i].UID < s.Pods[j].UID - } - return rankDiff < 0 - } - } - return false -} - -// afterOrZero checks if time t1 is after time t2; if one of them -// is zero, the zero time is seen as after non-zero time. -func afterOrZero(t1, t2 *metav1.Time) bool { - if t1.Time.IsZero() || t2.Time.IsZero() { - return t1.Time.IsZero() - } - return t1.After(t2.Time) -} - -// logarithmicRankDiff calculates the base-2 logarithmic ranks of 2 timestamps, -// compared to the current timestamp -func logarithmicRankDiff(t1, t2, now metav1.Time) int64 { - d1 := now.Sub(t1.Time) - d2 := now.Sub(t2.Time) - r1 := int64(-1) - r2 := int64(-1) - if d1 > 0 { - r1 = int64(math.Log2(float64(d1))) - } - if d2 > 0 { - r2 = int64(math.Log2(float64(d2))) - } - return r1 - r2 -} - -func podReadyTime(pod *v1.Pod) *metav1.Time { - if podutil.IsPodReady(pod) { - for _, c := range pod.Status.Conditions { - // we only care about pod ready conditions - if c.Type == v1.PodReady && c.Status == v1.ConditionTrue { - return &c.LastTransitionTime - } - } - } - return &metav1.Time{} -} - -func maxContainerRestarts(pod *v1.Pod) (regularRestarts, sidecarRestarts int) { - for _, c := range pod.Status.ContainerStatuses { - regularRestarts = max(regularRestarts, int(c.RestartCount)) - } - names := sets.New[string]() - for _, c := range pod.Spec.InitContainers { - if c.RestartPolicy != nil && *c.RestartPolicy == v1.ContainerRestartPolicyAlways { - names.Insert(c.Name) - } - } - for _, c := range pod.Status.InitContainerStatuses { - if names.Has(c.Name) { - sidecarRestarts = max(sidecarRestarts, int(c.RestartCount)) - } - } - return -} - -// We use *bool here to determine equality: -// true: pi has a higher container restart count. -// false: pj has a higher container restart count. -// nil: Both have the same container restart count. -func compareMaxContainerRestarts(pi *v1.Pod, pj *v1.Pod) *bool { - regularRestartsI, sidecarRestartsI := maxContainerRestarts(pi) - regularRestartsJ, sidecarRestartsJ := maxContainerRestarts(pj) - if regularRestartsI != regularRestartsJ { - res := regularRestartsI > regularRestartsJ - return &res - } - // If pods have the same restart count, an attempt is made to compare the restart counts of sidecar containers. - if sidecarRestartsI != sidecarRestartsJ { - res := sidecarRestartsI > sidecarRestartsJ - return &res - } - return nil -} - -// FilterClaimedPods returns pods that are controlled by the controller and match the selector. -func FilterClaimedPods(controller metav1.Object, selector labels.Selector, pods []*v1.Pod) []*v1.Pod { - var result []*v1.Pod - for _, pod := range pods { - if !metav1.IsControlledBy(pod, controller) { - // It's an orphan or owned by someone else. - continue - } - if selector.Matches(labels.Set(pod.Labels)) { - result = append(result, pod) - } - } - return result -} - -// FilterActivePods returns pods that have not terminated. -func FilterActivePods(logger klog.Logger, pods []*v1.Pod) []*v1.Pod { - var result []*v1.Pod - for _, p := range pods { - if IsPodActive(p) { - result = append(result, p) - } - } - return result -} - -func FilterTerminatingPods(pods []*v1.Pod) []*v1.Pod { - var result []*v1.Pod - for _, p := range pods { - if IsPodTerminating(p) { - result = append(result, p) - } - } - return result -} - -func CountTerminatingPods(pods []*v1.Pod) int32 { - numberOfTerminatingPods := 0 - for _, p := range pods { - if IsPodTerminating(p) { - numberOfTerminatingPods += 1 - } - } - return int32(numberOfTerminatingPods) -} - -// nextPodAvailabilityCheck implements similar logic to podutil.IsPodAvailable -func nextPodAvailabilityCheck(pod *v1.Pod, minReadySeconds int32, now time.Time) *time.Duration { - if !podutil.IsPodReady(pod) || minReadySeconds <= 0 { - return nil - } - - c := podutil.GetPodReadyCondition(pod.Status) - if c.LastTransitionTime.IsZero() { - return nil - } - minReadySecondsDuration := time.Duration(minReadySeconds) * time.Second - nextCheck := c.LastTransitionTime.Add(minReadySecondsDuration).Sub(now) - if nextCheck > 0 { - return ptr.To(nextCheck) - } - return nil -} - -// findMinNextPodAvailabilitySimpleCheck finds a duration when the next availability check should occur. It also returns the -// first pod affected by the future availability recalculation (there might be more pods if they became ready at the same time; -// this helps to implement FindMinNextPodAvailabilityCheck). -func findMinNextPodAvailabilitySimpleCheck(pods []*v1.Pod, minReadySeconds int32, now time.Time) (*time.Duration, *v1.Pod) { - var minAvailabilityCheck *time.Duration - var checkPod *v1.Pod - for _, p := range pods { - nextCheck := nextPodAvailabilityCheck(p, minReadySeconds, now) - if nextCheck != nil && (minAvailabilityCheck == nil || *nextCheck < *minAvailabilityCheck) { - minAvailabilityCheck = nextCheck - checkPod = p - } - } - return minAvailabilityCheck, checkPod -} - -// FindMinNextPodAvailabilityCheck finds a duration when the next availability check should occur. -// We should check for the availability at the same time as the status evaluation/update occurs (e.g. .status.availableReplicas) by -// passing lastOwnerStatusEvaluation. This ensures that we will not skip any pods that might become available -// (findMinNextPodAvailabilitySimpleCheck would return nil in the future time), since the owner status evaluation. -// clock is then used to calculate the precise time for the next availability check. -func FindMinNextPodAvailabilityCheck(pods []*v1.Pod, minReadySeconds int32, lastOwnerStatusEvaluation time.Time, clock clock.PassiveClock) *time.Duration { - nextCheckAccordingToOwnerStatusEvaluation, checkPod := findMinNextPodAvailabilitySimpleCheck(pods, minReadySeconds, lastOwnerStatusEvaluation) - if nextCheckAccordingToOwnerStatusEvaluation == nil || checkPod == nil { - return nil - } - // There must be a nextCheck. We try to calculate a more precise value for the next availability check. - // Check the earliest pod to avoid being preempted by a later pod. - if updatedNextCheck := nextPodAvailabilityCheck(checkPod, minReadySeconds, clock.Now()); updatedNextCheck != nil { - // There is a delay since the last Now() call (lastOwnerStatusEvaluation). Use the updatedNextCheck. - return updatedNextCheck - } - // Fall back to 0 (immediate check) in case the last nextPodAvailabilityCheck call (with a refreshed Now) returns nil, as we might be past the check. - return ptr.To(time.Duration(0)) -} - -func IsPodActive(p *v1.Pod) bool { - return v1.PodSucceeded != p.Status.Phase && - v1.PodFailed != p.Status.Phase && - p.DeletionTimestamp == nil -} - -func IsPodTerminating(p *v1.Pod) bool { - return !podutil.IsPodTerminal(p) && - p.DeletionTimestamp != nil -} - -// FilterActiveReplicaSets returns replica sets that have (or at least ought to have) pods. -func FilterActiveReplicaSets(replicaSets []*apps.ReplicaSet) []*apps.ReplicaSet { - activeFilter := func(rs *apps.ReplicaSet) bool { - return rs != nil && *(rs.Spec.Replicas) > 0 - } - return FilterReplicaSets(replicaSets, activeFilter) -} - -type filterRS func(rs *apps.ReplicaSet) bool - -// FilterReplicaSets returns replica sets that are filtered by filterFn (all returned ones should match filterFn). -func FilterReplicaSets(RSes []*apps.ReplicaSet, filterFn filterRS) []*apps.ReplicaSet { - var filtered []*apps.ReplicaSet - for i := range RSes { - if filterFn(RSes[i]) { - filtered = append(filtered, RSes[i]) - } - } - return filtered -} - -// AddPodNodeNameIndexer adds an indexer for Pod's nodeName to the given PodInformer. -// This indexer is used to efficiently look up pods by their node name. -func AddPodNodeNameIndexer(podInformer cache.SharedIndexInformer) error { - if _, exists := podInformer.GetIndexer().GetIndexers()[PodNodeNameKeyIndex]; exists { - // indexer already exists, do nothing - return nil - } - - return podInformer.AddIndexers(cache.Indexers{ - PodNodeNameKeyIndex: func(obj interface{}) ([]string, error) { - pod, ok := obj.(*v1.Pod) - if !ok { - return []string{}, nil - } - if len(pod.Spec.NodeName) == 0 { - return []string{}, nil - } - return []string{pod.Spec.NodeName}, nil - }, - }) -} - -// PodControllerIndexKey returns the index key to locate pods with the specified controller ownerReference. -// If ownerReference is nil, the returned key locates pods in the namespace without a controller ownerReference. -func PodControllerIndexKey(namespace string, ownerReference *metav1.OwnerReference) string { - if ownerReference == nil { - return namespace - } - return namespace + "/" + ownerReference.Kind + "/" + ownerReference.Name + "/" + string(ownerReference.UID) -} - -// AddPodControllerIndexer adds an indexer for Pod's controllerRef.UID to the given PodInformer. -// This indexer is used to efficiently look up pods by their ControllerRef.UID -func AddPodControllerIndexer(podInformer cache.SharedIndexInformer) error { - if _, exists := podInformer.GetIndexer().GetIndexers()[PodControllerIndex]; exists { - // indexer already exists, do nothing - return nil - } - return podInformer.AddIndexers(cache.Indexers{ - PodControllerIndex: func(obj interface{}) ([]string, error) { - pod, ok := obj.(*v1.Pod) - if !ok { - return nil, nil - } - // Get the ControllerRef of the Pod to check if it's managed by a controller. - // Index with a non-nil controller (indicating an owned pod) or a nil controller (indicating an orphan pod). - return []string{PodControllerIndexKey(pod.Namespace, metav1.GetControllerOf(pod))}, nil - }, - }) -} - -// FilterPodsByOwner gets the Pods managed by an owner or orphan Pods in the owner's namespace -func FilterPodsByOwner(podIndexer cache.Indexer, owner *metav1.ObjectMeta, ownerKind string, includeOrphanedPods bool) ([]*v1.Pod, error) { - result := []*v1.Pod{} - - if len(owner.Namespace) == 0 { - return nil, fmt.Errorf("no owner namespace provided") - } - if len(owner.Name) == 0 { - return nil, fmt.Errorf("no owner name provided") - } - if len(owner.UID) == 0 { - return nil, fmt.Errorf("no owner uid provided") - } - if len(ownerKind) == 0 { - return nil, fmt.Errorf("no owner kind provided") - } - // Always include the owner key, which identifies Pods that are controlled by the owner - keys := []string{PodControllerIndexKey(owner.Namespace, &metav1.OwnerReference{Name: owner.Name, Kind: ownerKind, UID: owner.UID})} - if includeOrphanedPods { - // Optionally include the unowned key, which identifies orphaned Pods in the owner's namespace and might be adopted by the owner later - keys = append(keys, PodControllerIndexKey(owner.Namespace, nil)) - } - for _, key := range keys { - pods, err := podIndexer.ByIndex(PodControllerIndex, key) - if err != nil { - return nil, err - } - for _, obj := range pods { - pod, ok := obj.(*v1.Pod) - if !ok { - utilruntime.HandleError(fmt.Errorf("unexpected object type in pod indexer: %v", obj)) - continue - } - result = append(result, pod) - } - } - return result, nil -} - -// PodKey returns a key unique to the given pod within a cluster. -// It's used so we consistently use the same key scheme in this module. -// It does exactly what cache.MetaNamespaceKeyFunc would have done -// except there's not possibility for error since we know the exact type. -func PodKey(pod *v1.Pod) string { - return fmt.Sprintf("%v/%v", pod.Namespace, pod.Name) -} - -// ControllersByCreationTimestamp sorts a list of ReplicationControllers by creation timestamp, using their names as a tie breaker. -type ControllersByCreationTimestamp []*v1.ReplicationController - -func (o ControllersByCreationTimestamp) Len() int { return len(o) } -func (o ControllersByCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] } -func (o ControllersByCreationTimestamp) Less(i, j int) bool { - if o[i].CreationTimestamp.Equal(&o[j].CreationTimestamp) { - return o[i].Name < o[j].Name - } - return o[i].CreationTimestamp.Before(&o[j].CreationTimestamp) -} - -// ReplicaSetsByCreationTimestamp sorts a list of ReplicaSet by creation timestamp, using their names as a tie breaker. -type ReplicaSetsByCreationTimestamp []*apps.ReplicaSet - -func (o ReplicaSetsByCreationTimestamp) Len() int { return len(o) } -func (o ReplicaSetsByCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] } -func (o ReplicaSetsByCreationTimestamp) Less(i, j int) bool { - if o[i].CreationTimestamp.Equal(&o[j].CreationTimestamp) { - return o[i].Name < o[j].Name - } - return o[i].CreationTimestamp.Before(&o[j].CreationTimestamp) -} - -// ReplicaSetsBySizeOlder sorts a list of ReplicaSet by size in descending order, using their creation timestamp or name as a tie breaker. -// By using the creation timestamp, this sorts from old to new replica sets. -type ReplicaSetsBySizeOlder []*apps.ReplicaSet - -func (o ReplicaSetsBySizeOlder) Len() int { return len(o) } -func (o ReplicaSetsBySizeOlder) Swap(i, j int) { o[i], o[j] = o[j], o[i] } -func (o ReplicaSetsBySizeOlder) Less(i, j int) bool { - if *(o[i].Spec.Replicas) == *(o[j].Spec.Replicas) { - return ReplicaSetsByCreationTimestamp(o).Less(i, j) - } - return *(o[i].Spec.Replicas) > *(o[j].Spec.Replicas) -} - -// ReplicaSetsBySizeNewer sorts a list of ReplicaSet by size in descending order, using their creation timestamp or name as a tie breaker. -// By using the creation timestamp, this sorts from new to old replica sets. -type ReplicaSetsBySizeNewer []*apps.ReplicaSet - -func (o ReplicaSetsBySizeNewer) Len() int { return len(o) } -func (o ReplicaSetsBySizeNewer) Swap(i, j int) { o[i], o[j] = o[j], o[i] } -func (o ReplicaSetsBySizeNewer) Less(i, j int) bool { - if *(o[i].Spec.Replicas) == *(o[j].Spec.Replicas) { - return ReplicaSetsByCreationTimestamp(o).Less(j, i) - } - return *(o[i].Spec.Replicas) > *(o[j].Spec.Replicas) -} - -// AddOrUpdateTaintOnNode add taints to the node. If taint was added into node, it'll issue API calls -// to update nodes; otherwise, no API calls. Return error if any. -func AddOrUpdateTaintOnNode(ctx context.Context, c clientset.Interface, nodeName string, taints ...*v1.Taint) error { - if len(taints) == 0 { - return nil - } - firstTry := true - return clientretry.RetryOnConflict(UpdateTaintBackoff, func() error { - var err error - var oldNode *v1.Node - // First we try getting node from the API server cache, as it's cheaper. If it fails - // we get it from etcd to be sure to have fresh data. - option := metav1.GetOptions{} - if firstTry { - option.ResourceVersion = "0" - firstTry = false - } - oldNode, err = c.CoreV1().Nodes().Get(ctx, nodeName, option) - if err != nil { - return err - } - - var newNode *v1.Node - oldNodeCopy := oldNode - updated := false - for _, taint := range taints { - curNewNode, ok, err := taintutils.AddOrUpdateTaint(oldNodeCopy, taint) - if err != nil { - return fmt.Errorf("failed to update taint of node") - } - updated = updated || ok - newNode = curNewNode - oldNodeCopy = curNewNode - } - if !updated { - return nil - } - return PatchNodeTaints(ctx, c, nodeName, oldNode, newNode) - }) -} - -// RemoveTaintOffNode is for cleaning up taints temporarily added to node, -// won't fail if target taint doesn't exist or has been removed. -// If passed a node it'll check if there's anything to be done, if taint is not present it won't issue -// any API calls. -func RemoveTaintOffNode(ctx context.Context, c clientset.Interface, nodeName string, node *v1.Node, taints ...*v1.Taint) error { - if len(taints) == 0 { - return nil - } - // Short circuit for limiting amount of API calls. - if node != nil { - match := false - for _, taint := range taints { - if taintutils.TaintExists(node.Spec.Taints, taint) { - match = true - break - } - } - if !match { - return nil - } - } - - firstTry := true - return clientretry.RetryOnConflict(UpdateTaintBackoff, func() error { - var err error - var oldNode *v1.Node - // First we try getting node from the API server cache, as it's cheaper. If it fails - // we get it from etcd to be sure to have fresh data. - option := metav1.GetOptions{} - if firstTry { - option.ResourceVersion = "0" - firstTry = false - } - oldNode, err = c.CoreV1().Nodes().Get(ctx, nodeName, option) - if err != nil { - return err - } - - var newNode *v1.Node - oldNodeCopy := oldNode - updated := false - for _, taint := range taints { - curNewNode, ok, err := taintutils.RemoveTaint(oldNodeCopy, taint) - if err != nil { - return fmt.Errorf("failed to remove taint of node") - } - updated = updated || ok - newNode = curNewNode - oldNodeCopy = curNewNode - } - if !updated { - return nil - } - return PatchNodeTaints(ctx, c, nodeName, oldNode, newNode) - }) -} - -// PatchNodeTaints patches node's taints. -func PatchNodeTaints(ctx context.Context, c clientset.Interface, nodeName string, oldNode *v1.Node, newNode *v1.Node) error { - // Strip base diff node from RV to ensure that our Patch request will set RV to check for conflicts over .spec.taints. - // This is needed because .spec.taints does not specify patchMergeKey and patchStrategy and adding them is no longer an option for compatibility reasons. - // Using other Patch strategy works for adding new taints, however will not resolve problem with taint removal. - oldNodeNoRV := oldNode.DeepCopy() - oldNodeNoRV.ResourceVersion = "" - oldDataNoRV, err := json.Marshal(&oldNodeNoRV) - if err != nil { - return fmt.Errorf("failed to marshal old node %#v for node %q: %v", oldNodeNoRV, nodeName, err) - } - - newTaints := newNode.Spec.Taints - newNodeClone := oldNode.DeepCopy() - newNodeClone.Spec.Taints = newTaints - newData, err := json.Marshal(newNodeClone) - if err != nil { - return fmt.Errorf("failed to marshal new node %#v for node %q: %v", newNodeClone, nodeName, err) - } - - patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldDataNoRV, newData, v1.Node{}) - if err != nil { - return fmt.Errorf("failed to create patch for node %q: %v", nodeName, err) - } - - _, err = c.CoreV1().Nodes().Patch(ctx, nodeName, types.StrategicMergePatchType, patchBytes, metav1.PatchOptions{}) - return err -} - -// ComputeHash returns a hash value calculated from pod template and -// a collisionCount to avoid hash collision. The hash will be safe encoded to -// avoid bad words. -func ComputeHash(template *v1.PodTemplateSpec, collisionCount *int32) string { - podTemplateSpecHasher := fnv.New32a() - hashutil.DeepHashObject(podTemplateSpecHasher, *template) - - // Add collisionCount in the hash if it exists. - if collisionCount != nil { - collisionCountBytes := make([]byte, 8) - binary.LittleEndian.PutUint32(collisionCountBytes, uint32(*collisionCount)) - podTemplateSpecHasher.Write(collisionCountBytes) - } - - return rand.SafeEncodeString(fmt.Sprint(podTemplateSpecHasher.Sum32())) -} - -func AddOrUpdateLabelsOnNode(kubeClient clientset.Interface, nodeName string, labelsToUpdate map[string]string) error { - firstTry := true - return clientretry.RetryOnConflict(UpdateLabelBackoff, func() error { - var err error - var node *v1.Node - // First we try getting node from the API server cache, as it's cheaper. If it fails - // we get it from etcd to be sure to have fresh data. - option := metav1.GetOptions{} - if firstTry { - option.ResourceVersion = "0" - firstTry = false - } - node, err = kubeClient.CoreV1().Nodes().Get(context.TODO(), nodeName, option) - if err != nil { - return err - } - - // Make a copy of the node and update the labels. - newNode := node.DeepCopy() - if newNode.Labels == nil { - newNode.Labels = make(map[string]string) - } - for key, value := range labelsToUpdate { - newNode.Labels[key] = value - } - - oldData, err := json.Marshal(node) - if err != nil { - return fmt.Errorf("failed to marshal the existing node %#v: %v", node, err) - } - newData, err := json.Marshal(newNode) - if err != nil { - return fmt.Errorf("failed to marshal the new node %#v: %v", newNode, err) - } - patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, &v1.Node{}) - if err != nil { - return fmt.Errorf("failed to create a two-way merge patch: %v", err) - } - if _, err := kubeClient.CoreV1().Nodes().Patch(context.TODO(), node.Name, types.StrategicMergePatchType, patchBytes, metav1.PatchOptions{}); err != nil { - return fmt.Errorf("failed to patch the node: %v", err) - } - return nil - }) -} diff --git a/vendor/k8s.io/kubernetes/pkg/controller/doc.go b/vendor/k8s.io/kubernetes/pkg/controller/doc.go deleted file mode 100644 index ded390582..000000000 --- a/vendor/k8s.io/kubernetes/pkg/controller/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package controller contains code for controllers (like the replication -// controller). -package controller diff --git a/vendor/k8s.io/kubernetes/pkg/features/OWNERS b/vendor/k8s.io/kubernetes/pkg/features/OWNERS deleted file mode 100644 index 3e1dd9f08..000000000 --- a/vendor/k8s.io/kubernetes/pkg/features/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -approvers: - - feature-approvers diff --git a/vendor/k8s.io/kubernetes/pkg/features/client_adapter.go b/vendor/k8s.io/kubernetes/pkg/features/client_adapter.go deleted file mode 100644 index d07f7d4ae..000000000 --- a/vendor/k8s.io/kubernetes/pkg/features/client_adapter.go +++ /dev/null @@ -1,114 +0,0 @@ -/* -Copyright 2024 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package features - -import ( - "fmt" - - clientfeatures "k8s.io/client-go/features" - "k8s.io/component-base/featuregate" -) - -// clientAdapter adapts a k8s.io/component-base/featuregate.MutableFeatureGate to client-go's -// feature Gate and Registry interfaces. The component-base types Feature, FeatureSpec, and -// prerelease, and the component-base prerelease constants, are duplicated by parallel types and -// constants in client-go. The parallel types exist to allow the feature gate mechanism to be used -// for client-go features without introducing a circular dependency between component-base and -// client-go. -type clientAdapter struct { - mfg featuregate.MutableFeatureGate -} - -var _ clientfeatures.Gates = &clientAdapter{} - -func (a *clientAdapter) Enabled(name clientfeatures.Feature) bool { - return a.mfg.Enabled(featuregate.Feature(name)) -} - -var _ clientfeatures.VersionedRegistry = &clientAdapter{} - -func (a *clientAdapter) Add(in map[clientfeatures.Feature]clientfeatures.FeatureSpec) error { - out := map[featuregate.Feature]featuregate.FeatureSpec{} - for name, spec := range in { - converted := featuregate.FeatureSpec{ - Default: spec.Default, - LockToDefault: spec.LockToDefault, - } - switch spec.PreRelease { - case clientfeatures.Alpha: - converted.PreRelease = featuregate.Alpha - case clientfeatures.Beta: - converted.PreRelease = featuregate.Beta - case clientfeatures.GA: - converted.PreRelease = featuregate.GA - case clientfeatures.Deprecated: - converted.PreRelease = featuregate.Deprecated - default: - // The default case implies programmer error. The same set of prerelease - // constants must exist in both component-base and client-go, and each one - // must have a case here. - panic(fmt.Sprintf("unrecognized prerelease %q of feature %q", spec.PreRelease, name)) - } - out[featuregate.Feature(name)] = converted - } - return a.mfg.Add(out) //nolint:forbidigo -} - -// AddVersioned adds the provided versioned feature gates. -func (a *clientAdapter) AddVersioned(in map[clientfeatures.Feature]clientfeatures.VersionedSpecs) error { - mvfg, ok := a.mfg.(featuregate.MutableVersionedFeatureGate) - if !ok { - return fmt.Errorf("feature gate does not support versioning") - } - - out := make(map[featuregate.Feature]featuregate.VersionedSpecs) - for name, specs := range in { - convertedSpecs := make(featuregate.VersionedSpecs, len(specs)) - for i, spec := range specs { - converted := featuregate.FeatureSpec{ - Default: spec.Default, - LockToDefault: spec.LockToDefault, - Version: spec.Version, - } - switch spec.PreRelease { - case clientfeatures.Alpha: - converted.PreRelease = featuregate.Alpha - case clientfeatures.Beta: - converted.PreRelease = featuregate.Beta - case clientfeatures.GA: - converted.PreRelease = featuregate.GA - case clientfeatures.Deprecated: - converted.PreRelease = featuregate.Deprecated - default: - // The default case implies programmer error. The same set of prerelease - // constants must exist in both component-base and client-go, and each one - // must have a case here. - panic(fmt.Sprintf("unrecognized prerelease %q of feature %q", spec.PreRelease, name)) - } - convertedSpecs[i] = converted - } - out[featuregate.Feature(name)] = convertedSpecs - } - return mvfg.AddVersioned(out) -} - -// Set implements the unexported interface that client-go feature gate testing expects for -// ek8s.io/client-go/features/testing.SetFeatureDuringTest. This is necessary for integration tests -// to set test overrides for client-go feature gates. -func (a *clientAdapter) Set(name clientfeatures.Feature, enabled bool) error { - return a.mfg.SetFromMap(map[string]bool{string(name): enabled}) -} diff --git a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go b/vendor/k8s.io/kubernetes/pkg/features/kube_features.go deleted file mode 100644 index e273afa59..000000000 --- a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go +++ /dev/null @@ -1,2598 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package features - -import ( - apiextensionsfeatures "k8s.io/apiextensions-apiserver/pkg/features" - "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/version" - genericfeatures "k8s.io/apiserver/pkg/features" - utilfeature "k8s.io/apiserver/pkg/util/feature" - clientfeatures "k8s.io/client-go/features" - "k8s.io/component-base/featuregate" - zpagesfeatures "k8s.io/component-base/zpages/features" - kcmfeatures "k8s.io/controller-manager/pkg/features" -) - -// Every feature gate should have an entry here following this template: -// -// // owner: @username -// // kep: https://kep.k8s.io/NNN -// MyFeature featuregate.Feature = "MyFeature" -// -// Feature gates should be listed in alphabetical, case-sensitive -// (upper before any lower case character) order. This reduces the risk -// of code conflicts because changes are more likely to be scattered -// across the file. -const ( - // owner: @aojea - // - // Allow kubelet to request a certificate without any Node IP available, only - // with DNS names. - AllowDNSOnlyNodeCSR featuregate.Feature = "AllowDNSOnlyNodeCSR" - - // owner: @micahhausler - // - // Setting AllowInsecureKubeletCertificateSigningRequests to true disables node admission validation of CSRs - // for kubelet signers where CN=system:node:$nodeName. - AllowInsecureKubeletCertificateSigningRequests featuregate.Feature = "AllowInsecureKubeletCertificateSigningRequests" - - // owner: @HirazawaUi - // - // Allow spec.terminationGracePeriodSeconds to be overridden by MaxPodGracePeriodSeconds in soft evictions. - AllowOverwriteTerminationGracePeriodSeconds featuregate.Feature = "AllowOverwriteTerminationGracePeriodSeconds" - - // owner: @bswartz - // - // Enables usage of any object for volume data source in PVCs - AnyVolumeDataSource featuregate.Feature = "AnyVolumeDataSource" - - // owner: @liggitt - // kep: https://kep.k8s.io/4601 - // - // Make the Node authorizer use fine-grained selector authorization. - // Requires AuthorizeWithSelectors to be enabled. - AuthorizeNodeWithSelectors featuregate.Feature = "AuthorizeNodeWithSelectors" - - // owner: @seans3 - // kep: http://kep.k8s.io/4006 - // - // Forces authorization of the "create" verb for pod subresources like exec, attach, and portforward. - // See: https://github.com/kubernetes/kubernetes/issues/133515 - AuthorizePodWebsocketUpgradeCreatePermission featuregate.Feature = "AuthorizePodWebsocketUpgradeCreatePermission" - - // owner: @szuecs - // - // Enable nodes to change CPUCFSQuotaPeriod - CPUCFSQuotaPeriod featuregate.Feature = "CustomCPUCFSQuotaPeriod" - - // owner: @fromanirh - // beta: see below. - // - // Allow fine-tuning of cpumanager policies, experimental, alpha-quality options - // Per https://groups.google.com/g/kubernetes-sig-architecture/c/Nxsc7pfe5rw/m/vF2djJh0BAAJ - // We want to avoid a proliferation of feature gates. This feature gate: - // - will guard *a group* of cpumanager options whose quality level is alpha. - // - will never graduate to beta or stable. - // See https://groups.google.com/g/kubernetes-sig-architecture/c/Nxsc7pfe5rw/m/vF2djJh0BAAJ - // for details about the removal of this feature gate. - CPUManagerPolicyAlphaOptions featuregate.Feature = "CPUManagerPolicyAlphaOptions" - - // owner: @fromanirh - // beta: see below. - // - // Allow fine-tuning of cpumanager policies, experimental, beta-quality options - // Per https://groups.google.com/g/kubernetes-sig-architecture/c/Nxsc7pfe5rw/m/vF2djJh0BAAJ - // We want to avoid a proliferation of feature gates. This feature gate: - // - will guard *a group* of cpumanager options whose quality level is beta. - // - is thus *introduced* as beta - // - will never graduate to stable. - // See https://groups.google.com/g/kubernetes-sig-architecture/c/Nxsc7pfe5rw/m/vF2djJh0BAAJ - // for details about the removal of this feature gate. - CPUManagerPolicyBetaOptions featuregate.Feature = "CPUManagerPolicyBetaOptions" - - // owner: @ffromani - // - // Allow the usage of options to fine-tune the cpumanager policies. - CPUManagerPolicyOptions featuregate.Feature = "CPUManagerPolicyOptions" - - // owner: @trierra - // kep: http://kep.k8s.io/2589 - // - // Enables the Portworx in-tree driver to Portworx migration feature. - CSIMigrationPortworx featuregate.Feature = "CSIMigrationPortworx" - - // owner: @aramase - // kep: http://kep.k8s.io/5538 - // - // Enables CSI drivers to opt-in for receiving service account tokens from kubelet - // through the dedicated secrets field in NodePublishVolumeRequest instead of the volume_context field. - CSIServiceAccountTokenSecrets featuregate.Feature = "CSIServiceAccountTokenSecrets" - - // owner: @fengzixu - // - // Enables kubelet to detect CSI volume condition and send the event of the abnormal volume to the corresponding pod that is using it. - CSIVolumeHealth featuregate.Feature = "CSIVolumeHealth" - - // owner: @HirazawaUi - // - // Enabling this feature gate will cause the pod's status to change due to a kubelet restart. - ChangeContainerStatusOnKubeletRestart = "ChangeContainerStatusOnKubeletRestart" - - // owner: @sanposhiho @wojtek-t - // kep: https://kep.k8s.io/5278 - // - // Clear pod.Status.NominatedNodeName when pod is bound to a node. - // This prevents stale information from affecting external scheduling components. - ClearingNominatedNodeNameAfterBinding featuregate.Feature = "ClearingNominatedNodeNameAfterBinding" - - // owner: @ahmedtd - // - // Enable ClusterTrustBundle objects and Kubelet integration. - ClusterTrustBundle featuregate.Feature = "ClusterTrustBundle" - - // owner: @ahmedtd - // - // Enable ClusterTrustBundle Kubelet projected volumes. Depends on ClusterTrustBundle. - ClusterTrustBundleProjection featuregate.Feature = "ClusterTrustBundleProjection" - - // owner: @adrianreber - // kep: https://kep.k8s.io/2008 - // - // Enables container Checkpoint support in the kubelet - ContainerCheckpoint featuregate.Feature = "ContainerCheckpoint" - - // onwer: @yuanwang04 - // kep: https://kep.k8s.io/5307 - // - // Supports container restart policy and container restart policy rules to override the pod restart policy. - // Enable a single container to restart even if the pod has restart policy "Never". - ContainerRestartRules featuregate.Feature = "ContainerRestartRules" - - // owner: @sreeram-venkitesh - // - // Enables configuring custom stop signals for containers from container lifecycle - ContainerStopSignals featuregate.Feature = "ContainerStopSignals" - - // owner: @jefftree - // kep: https://kep.k8s.io/4355 - // - // Enables coordinated leader election in the API server - CoordinatedLeaderElection featuregate.Feature = "CoordinatedLeaderElection" - - // owner: @ttakahashi21 @mkimuram - // kep: https://kep.k8s.io/3294 - // - // Enable usage of Provision of PVCs from snapshots in other namespaces - CrossNamespaceVolumeDataSource featuregate.Feature = "CrossNamespaceVolumeDataSource" - - // owner: @ritazh - // kep: http://kep.k8s.io/5018 - // - // Enables support for requesting admin access in a ResourceClaim. - // Admin access is granted even if a device is already in use and, - // depending on the DRA driver, may enable additional permissions - // when a container uses the allocated device. - DRAAdminAccess featuregate.Feature = "DRAAdminAccess" - // owner: @sunya-ch - // kep: https://kep.k8s.io/5075 - // - // DRAConsumableCapacity - DRAConsumableCapacity featuregate.Feature = "DRAConsumableCapacity" - - // owner: @KobayashiD27 - // kep: http://kep.k8s.io/5007 - // alpha: v1.34 - // - // Enables support for delaying the binding of pods - // which depend on devices with binding conditions. - // - // DRAResourceClaimDeviceStatus also needs to be - // enabled. - DRADeviceBindingConditions featuregate.Feature = "DRADeviceBindingConditions" - - // owner: @pohly - // kep: http://kep.k8s.io/5055 - // - // DeviceTaintRules allow administrators to add taints to devices. - DRADeviceTaintRules featuregate.Feature = "DRADeviceTaintRules" - - // owner: @pohly - // kep: http://kep.k8s.io/5055 - // - // Marking devices as tainted can prevent using them for new pods and/or - // cause pods using them to stop. Users can decide to tolerate taints. - DRADeviceTaints featuregate.Feature = "DRADeviceTaints" - - // owner: @yliaog - // kep: http://kep.k8s.io/5004 - // - // Enables support for providing extended resource requests backed by DRA. - DRAExtendedResource featuregate.Feature = "DRAExtendedResource" - - // owner: @mortent, @cici37 - // kep: http://kep.k8s.io/4815 - // - // Enables support for dynamically partitioning devices based on - // which parts of them were allocated during scheduling. - // - DRAPartitionableDevices featuregate.Feature = "DRAPartitionableDevices" - - // owner: @mortent - // kep: http://kep.k8s.io/4816 - // - // Enables support for providing a prioritized list of requests - // for resources. The first entry that can be satisfied will - // be selected. - DRAPrioritizedList featuregate.Feature = "DRAPrioritizedList" - - // owner: @LionelJouin - // kep: http://kep.k8s.io/4817 - // - // Enables support the ResourceClaim.status.devices field and for setting this - // status from DRA drivers. - DRAResourceClaimDeviceStatus featuregate.Feature = "DRAResourceClaimDeviceStatus" - - // owner: @pohly - // kep: http://kep.k8s.io/4381 - // - // Enables aborting the per-node Filter operation in the scheduler after - // a certain time (10 seconds by default, configurable in the DynamicResources - // scheduler plugin configuration). - DRASchedulerFilterTimeout featuregate.Feature = "DRASchedulerFilterTimeout" - - // owner: @atiratree - // kep: http://kep.k8s.io/3973 - // - // Deployments and replica sets can now also track terminating pods via .status.terminatingReplicas. - DeploymentReplicaSetTerminatingReplicas featuregate.Feature = "DeploymentReplicaSetTerminatingReplicas" - - // owner: @aojea - // - // The apiservers with the MultiCIDRServiceAllocator feature enable, in order to support live migration from the old bitmap ClusterIP - // allocators to the new IPAddress allocators introduced by the MultiCIDRServiceAllocator feature, performs a dual-write on - // both allocators. This feature gate disables the dual write on the new Cluster IP allocators. - DisableAllocatorDualWrite featuregate.Feature = "DisableAllocatorDualWrite" - - // owner: @ffromani - // beta: v1.33 - // - // Disables CPU Quota for containers which have exclusive CPUs allocated. - // Disables pod-Level CPU Quota for pods containing at least one container with exclusive CPUs allocated - // Exclusive CPUs for a container (init, application, sidecar) are allocated when: - // (1) cpumanager policy is static, - // (2) the pod has QoS Guaranteed, - // (3) the container has integer cpu request. - // The expected behavior is that CPU Quota for containers having exclusive CPUs allocated is disabled. - // Because this fix changes a long-established (but incorrect) behavior, users observing - // any regressions can use the DisableCPUQuotaWithExclusiveCPUs feature gate (default on) to - // restore the old behavior. Please file issues if you hit issues and have to use this Feature Gate. - // The Feature Gate will be locked to true and then removed in +2 releases (1.35) if there are no bug reported - DisableCPUQuotaWithExclusiveCPUs featuregate.Feature = "DisableCPUQuotaWithExclusiveCPUs" - - // owner: @HirazawaUi - // kep: http://kep.k8s.io/4004 - // - // DisableNodeKubeProxyVersion disable the status.nodeInfo.kubeProxyVersion field of v1.Node - DisableNodeKubeProxyVersion featuregate.Feature = "DisableNodeKubeProxyVersion" - - // owner: @pohly - // kep: http://kep.k8s.io/4381 - // - // Enables support for resources with custom parameters and a lifecycle - // that is independent of a Pod. Resource allocation is done by the scheduler - // based on "structured parameters". - DynamicResourceAllocation featuregate.Feature = "DynamicResourceAllocation" - - // owner: @HirazawaUi - // kep: http://kep.k8s.io/3721 - // - // Allow containers to read environment variables from a file. - // Environment variables file must be produced by an initContainer and located within an emptyDir volume. - // The kubelet will populate the environment variables in the container - // from the specified file in the emptyDir volume, without mounting the file. - EnvFiles featuregate.Feature = "EnvFiles" - - // owner: @harche - // kep: http://kep.k8s.io/3386 - // - // Allows using event-driven PLEG (pod lifecycle event generator) through kubelet - // which avoids frequent relisting of containers which helps optimize performance. - EventedPLEG featuregate.Feature = "EventedPLEG" - - // owner: @andrewsykim @SergeyKanzhelev - // - // Ensure kubelet respects exec probe timeouts. Feature gate exists in-case existing workloads - // may depend on old behavior where exec probe timeouts were ignored. - // Locked to default, will remove in v1.38. Progress is reflected in KEP #1972 update - ExecProbeTimeout featuregate.Feature = "ExecProbeTimeout" - - // owner: @HarshalNeelkamal - // - // Enables external service account JWT signing and key management. - // If enabled, it allows passing --service-account-signing-endpoint flag to configure external signer. - ExternalServiceAccountTokenSigner featuregate.Feature = "ExternalServiceAccountTokenSigner" - - // owner: @erictune @wojtek-t - // - // Enables support for gang scheduling in kube-scheduler. - GangScheduling featuregate.Feature = "GangScheduling" - - // owner: @erictune @wojtek-t - // - // Enables support for generic Workload API. - GenericWorkload featuregate.Feature = "GenericWorkload" - - // owner: @vinayakankugoyal @thockin - // - // Controls if the gitRepo volume plugin is supported or not. - // KEP #5040 disables the gitRepo volume plugin by default starting v1.33, - // this provides a way for users to override it. - GitRepoVolumeDriver featuregate.Feature = "GitRepoVolumeDriver" - - // owner: @bobbypage - // Adds support for kubelet to detect node shutdown and gracefully terminate pods prior to the node being shutdown. - GracefulNodeShutdown featuregate.Feature = "GracefulNodeShutdown" - - // owner: @wzshiming - // Make the kubelet use shutdown configuration based on pod priority values for graceful shutdown. - GracefulNodeShutdownBasedOnPodPriority featuregate.Feature = "GracefulNodeShutdownBasedOnPodPriority" - - // owner: @jm-franc - // kep: https://kep.k8s.io/4951 - // - // Enables support of configurable HPA scale-up and scale-down tolerances. - HPAConfigurableTolerance featuregate.Feature = "HPAConfigurableTolerance" - - // owner: @dxist - // - // Enables support of HPA scaling to zero pods when an object or custom metric is configured. - HPAScaleToZero featuregate.Feature = "HPAScaleToZero" - - // owner: @deepakkinni @xing-yang - // kep: https://kep.k8s.io/2644 - // - // Honor Persistent Volume Reclaim Policy when it is "Delete" irrespective of PV-PVC - // deletion ordering. - HonorPVReclaimPolicy featuregate.Feature = "HonorPVReclaimPolicy" - - // owner: @HirazawaUi - // kep: https://kep.k8s.io/4762 - // - // Allows setting any FQDN as the pod's hostname - HostnameOverride featuregate.Feature = "HostnameOverride" - - // owner: @haircommander - // kep: http://kep.k8s.io/4210 - // ImageMaximumGCAge enables the Kubelet configuration field of the same name, allowing an admin - // to specify the age after which an image will be garbage collected. - ImageMaximumGCAge featuregate.Feature = "ImageMaximumGCAge" - - // owner: @saschagrunert - // kep: https://kep.k8s.io/4639 - // - // Enables the image volume source. - ImageVolume featuregate.Feature = "ImageVolume" - - // owner: @ndixita - // kep: https://kep.k8s.io/5419 - // - // Enables specifying resources at pod-level. - InPlacePodLevelResourcesVerticalScaling featuregate.Feature = "InPlacePodLevelResourcesVerticalScaling" - - // owner: @vinaykul,@tallclair - // kep: http://kep.k8s.io/1287 - // - // Enables In-Place Pod Vertical Scaling - InPlacePodVerticalScaling featuregate.Feature = "InPlacePodVerticalScaling" - - // owner: @tallclair - // kep: http://kep.k8s.io/1287 - // - // Deprecated: This feature gate is no longer used. - // Was: Enables the AllocatedResources field in container status. This feature requires - // InPlacePodVerticalScaling also be enabled. - InPlacePodVerticalScalingAllocatedStatus featuregate.Feature = "InPlacePodVerticalScalingAllocatedStatus" - - // owner: @tallclair @esotsal - // - // Allow resource resize for containers in Guaranteed pods with integer CPU requests ( default false ). - // Applies only in nodes with InPlacePodVerticalScaling and CPU Manager features enabled, and - // CPU Manager Static Policy option set. - InPlacePodVerticalScalingExclusiveCPUs featuregate.Feature = "InPlacePodVerticalScalingExclusiveCPUs" - - // owner: @tallclair @pkrishn - // - // Allow memory resize for containers in Guaranteed pods (default false) when Memory Manager Policy is set to Static. - // Applies only in nodes with InPlacePodVerticalScaling and Memory Manager features enabled. - InPlacePodVerticalScalingExclusiveMemory featuregate.Feature = "InPlacePodVerticalScalingExclusiveMemory" - - // owner: @trierra - // - // Disables the Portworx in-tree driver. - InTreePluginPortworxUnregister featuregate.Feature = "InTreePluginPortworxUnregister" - - // owner: @mimowo - // kep: https://kep.k8s.io/3850 - // - // Allows users to specify counting of failed pods per index. - JobBackoffLimitPerIndex featuregate.Feature = "JobBackoffLimitPerIndex" - - // owner: @mimowo - // kep: https://kep.k8s.io/4368 - // - // Allows to delegate reconciliation of a Job object to an external controller. - JobManagedBy featuregate.Feature = "JobManagedBy" - - // owner: @kannon92 - // kep : https://kep.k8s.io/3939 - // - // Allow users to specify recreating pods of a job only when - // pods have fully terminated. - JobPodReplacementPolicy featuregate.Feature = "JobPodReplacementPolicy" - - // owner: @tenzen-y - // kep: https://kep.k8s.io/3998 - // - // Allow users to specify when a Job can be declared as succeeded - // based on the set of succeeded pods. - JobSuccessPolicy featuregate.Feature = "JobSuccessPolicy" - - // owner: @marquiz - // kep: http://kep.k8s.io/4033 - // - // Enable detection of the kubelet cgroup driver configuration option from - // the CRI. The CRI runtime also needs to support this feature in which - // case the kubelet will ignore the cgroupDriver (--cgroup-driver) - // configuration option. If runtime doesn't support it, the kubelet will - // fallback to using it's cgroupDriver option. - KubeletCgroupDriverFromCRI featuregate.Feature = "KubeletCgroupDriverFromCRI" - - // owner: @lauralorenz @hankfreund - // kep: https://kep.k8s.io/5593 - // - // Enables support for configurable per-node backoff maximums for restarting - // containers (aka containers in CrashLoopBackOff) - KubeletCrashLoopBackOffMax featuregate.Feature = "KubeletCrashLoopBackOffMax" - - // owner: @stlaz - // kep: https://kep.k8s.io/2535 - // - // Enables tracking credentials for image pulls in order to authorize image - // access for different tenants. - KubeletEnsureSecretPulledImages featuregate.Feature = "KubeletEnsureSecretPulledImages" - - // owner: @vinayakankugoyal - // kep: http://kep.k8s.io/2862 - // - // Enable fine-grained kubelet API authorization for webhook based - // authorization. - KubeletFineGrainedAuthz featuregate.Feature = "KubeletFineGrainedAuthz" - - // owner: @AkihiroSuda - // - // Enables support for running kubelet in a user namespace. - // The user namespace has to be created before running kubelet. - // All the node components such as CRI need to be running in the same user namespace. - KubeletInUserNamespace featuregate.Feature = "KubeletInUserNamespace" - - // KubeletPSI enables Kubelet to surface PSI metrics - // owner: @roycaihw - // kep: https://kep.k8s.io/4205 - KubeletPSI featuregate.Feature = "KubeletPSI" - - // owner: @moshe010 - // - // Enable POD resources API to return resources allocated by Dynamic Resource Allocation - KubeletPodResourcesDynamicResources featuregate.Feature = "KubeletPodResourcesDynamicResources" - - // owner: @moshe010 - // - // Enable POD resources API with Get method - KubeletPodResourcesGet featuregate.Feature = "KubeletPodResourcesGet" - - // owner: @ffromani - // Deprecated: v1.34 - // - // issue: https://github.com/kubernetes/kubernetes/issues/119423 - // Disables restricted output for the podresources API list endpoint. - // "Restricted" output only includes the pods which are actually running and thus they - // hold resources. Turns out this was originally the intended behavior, see: - // https://github.com/kubernetes/kubernetes/pull/79409#issuecomment-505975671 - // This behavior was lost over time and interaction with memory manager creates - // an unfixable bug because the endpoint returns spurious stale information the clients - // cannot filter out, because the API doesn't provide enough context. See: - // https://github.com/kubernetes/kubernetes/issues/132020 - // The endpoint has returning extra information for long time, but that information - // is also useless for the purpose of this API. Nevertheless, we are changing a long-established - // albeit buggy behavior, so users observing any regressions can use the - // KubeletPodResourcesListUseActivePods/ feature gate (default on) to restore the old behavior. - // Please file issues if you hit issues and have to use this Feature Gate. - // The Feature Gate will be locked to true in +4 releases (1.38) and then removed (1.39) - // if there are no bug reported. - KubeletPodResourcesListUseActivePods featuregate.Feature = "KubeletPodResourcesListUseActivePods" - - // owner: @hoskeri - // - // Restores previous behavior where Kubelet fails self registration if node create returns 403 Forbidden. - KubeletRegistrationGetOnExistsOnly featuregate.Feature = "KubeletRegistrationGetOnExistsOnly" - - // owner: @kannon92 - // kep: https://kep.k8s.io/4191 - // - // The split image filesystem feature enables kubelet to perform garbage collection - // of images (read-only layers) and/or containers (writeable layers) deployed on - // separate filesystems. - KubeletSeparateDiskGC featuregate.Feature = "KubeletSeparateDiskGC" - - // owner: @aramase - // kep: http://kep.k8s.io/4412 - // - // Enable kubelet to send the service account token bound to the pod for which the image - // is being pulled to the credential provider plugin. - KubeletServiceAccountTokenForCredentialProviders featuregate.Feature = "KubeletServiceAccountTokenForCredentialProviders" - - // owner: @sallyom - // kep: https://kep.k8s.io/2832 - // - // Add support for distributed tracing in the kubelet - KubeletTracing featuregate.Feature = "KubeletTracing" - - // owner: @RobertKrawitz - // - // Allow use of filesystems for ephemeral storage monitoring. - // Only applies if LocalStorageCapacityIsolation is set. - // Relies on UserNamespacesSupport feature, and thus should follow it when setting defaults. - LocalStorageCapacityIsolationFSQuotaMonitoring featuregate.Feature = "LocalStorageCapacityIsolationFSQuotaMonitoring" - - // owner: @damemi - // - // Enables scaling down replicas via logarithmic comparison of creation/ready timestamps - LogarithmicScaleDown featuregate.Feature = "LogarithmicScaleDown" - - // owner: @sanposhiho - // kep: https://kep.k8s.io/3633 - // - // Enables the MatchLabelKeys and MismatchLabelKeys in PodAffinity and PodAntiAffinity. - MatchLabelKeysInPodAffinity featuregate.Feature = "MatchLabelKeysInPodAffinity" - - // owner: @denkensk - // kep: https://kep.k8s.io/3243 - // - // Enable MatchLabelKeys in PodTopologySpread. - MatchLabelKeysInPodTopologySpread featuregate.Feature = "MatchLabelKeysInPodTopologySpread" - - // owner: @mochizuki875 - // kep: https://kep.k8s.io/3243 - // - // Enable merging key-value labels into LabelSelector corresponding to MatchLabelKeys in PodTopologySpread. - MatchLabelKeysInPodTopologySpreadSelectorMerge featuregate.Feature = "MatchLabelKeysInPodTopologySpreadSelectorMerge" - - // owner: @krmayankk - // kep: https://kep.k8s.io/961 - // - // Enables maxUnavailable for StatefulSet - MaxUnavailableStatefulSet featuregate.Feature = "MaxUnavailableStatefulSet" - - // owner: @cynepco3hahue(alukiano) @cezaryzukowski @k-wiatrzyk, @Tal-or (only for GA graduation) - // - // Allows setting memory affinity for a container based on NUMA topology - MemoryManager featuregate.Feature = "MemoryManager" - - // owner: @xiaoxubeii - // kep: https://kep.k8s.io/2570 - // - // Enables kubelet to support memory QoS with cgroups v2. - MemoryQoS featuregate.Feature = "MemoryQoS" - - // owner: @aojea - // kep: https://kep.k8s.io/1880 - // - // Enables the dynamic configuration of Service IP ranges - MultiCIDRServiceAllocator featuregate.Feature = "MultiCIDRServiceAllocator" - - // owner: torredil - // kep: https://kep.k8s.io/4876 - // - // Makes CSINode.Spec.Drivers[*].Allocatable.Count mutable, allowing CSI drivers to - // update the number of volumes that can be allocated on a node - MutableCSINodeAllocatableCount featuregate.Feature = "MutableCSINodeAllocatableCount" - - // owner: huww98 - // kep: https://kep.k8s.io/5381 - // - // Makes PersistentVolume.Spec.NodeAffinity mutable, allowing CSI drivers to - // update the topology info when the data is migrated - MutablePVNodeAffinity featuregate.Feature = "MutablePVNodeAffinity" - - // owner: @kannon92 - // kep: https://kep.k8s.io/5440 - // - // Enables mutable pod resources for suspended Jobs, regardless of whether they have started before. - MutablePodResourcesForSuspendedJobs featuregate.Feature = "MutablePodResourcesForSuspendedJobs" - - // owner: @mimowo - // kep: https://kep.k8s.io/5440 - // - // Enables mutable scheduling directives for suspended Jobs, regardless of whether they have started before. - MutableSchedulingDirectivesForSuspendedJobs featuregate.Feature = "MutableSchedulingDirectivesForSuspendedJobs" - - // owner: @danwinship - // kep: https://kep.k8s.io/3866 - // - // Allows running kube-proxy with `--mode nftables`. - NFTablesProxyMode featuregate.Feature = "NFTablesProxyMode" - - // owner: @pravk03, @tallclair - // kep: https://kep.k8s.io/5328 - // - // Enables the DeclaredFeatures API in the NodeStatus, populated by the Kubelet. Also enables the scheduler filter using DeclaredFeatures. - NodeDeclaredFeatures featuregate.Feature = "NodeDeclaredFeatures" - - // owner: @kerthcet - // kep: https://kep.k8s.io/3094 - // - // Allow users to specify whether to take nodeAffinity/nodeTaint into consideration when - // calculating pod topology spread skew. - NodeInclusionPolicyInPodTopologySpread featuregate.Feature = "NodeInclusionPolicyInPodTopologySpread" - - // owner: @aravindhp @LorbusChris - // kep: http://kep.k8s.io/2271 - // - // Enables querying logs of node services using the /logs endpoint. Enabling this feature has security implications. - // The recommendation is to enable it on a need basis for debugging purposes and disabling otherwise. - NodeLogQuery featuregate.Feature = "NodeLogQuery" - - // owner: @iholder101 @kannon92 - // kep: https://kep.k8s.io/2400 - // - // Permits kubelet to run with swap enabled. - NodeSwap featuregate.Feature = "NodeSwap" - - // owner: @sanposhiho, @wojtek-t - // kep: https://kep.k8s.io/5278 - // - // Extends NominatedNodeName field to express expected pod placement, allowing - // both the scheduler and external components (e.g., Cluster Autoscaler, Karpenter, Kueue) - // to share pod placement intentions. This enables better coordination between - // components, prevents inappropriate node scale-downs, and helps the scheduler - // resume work after restarts. - NominatedNodeNameForExpectation featuregate.Feature = "NominatedNodeNameForExpectation" - - // owner: @bwsalmon - // kep: https://kep.k8s.io/5598 - // - // Enables opportunistic batching in the scheduler. - OpportunisticBatching featuregate.Feature = "OpportunisticBatching" - - // owner: @cici37 - // kep: https://kep.k8s.io/5080 - // - // Enables ordered namespace deletion. - OrderedNamespaceDeletion featuregate.Feature = "OrderedNamespaceDeletion" - - // owner: @haircommander - // kep: https://kep.k8s.io/2364 - // - // Configures the Kubelet to use the CRI to populate pod and container stats, instead of supplimenting with stats from cAdvisor. - // Requires the CRI implementation supports supplying the required stats. - PodAndContainerStatsFromCRI featuregate.Feature = "PodAndContainerStatsFromCRI" - - // owner: @ahmedtd - // kep: https://kep.k8s.io/4317 - // - // Enable PodCertificateRequest objects and podCertificate projected volume sources. - PodCertificateRequest featuregate.Feature = "PodCertificateRequest" - - // owner: @ahg-g - // - // Enables controlling pod ranking on replicaset scale-down. - PodDeletionCost featuregate.Feature = "PodDeletionCost" - - // owner: @ndixita - // key: https://kep.k8s.io/2837 - // - // Enables specifying resources at pod-level. - PodLevelResources featuregate.Feature = "PodLevelResources" - - // owner: @AxeZhan - // kep: http://kep.k8s.io/3960 - // - // Enables SleepAction in container lifecycle hooks - PodLifecycleSleepAction featuregate.Feature = "PodLifecycleSleepAction" - - // owner: @sreeram-venkitesh - // kep: http://kep.k8s.io/4818 - // - // Allows zero value for sleep duration in SleepAction in container lifecycle hooks - PodLifecycleSleepActionAllowZero featuregate.Feature = "PodLifecycleSleepActionAllowZero" - - // owner: @knight42 - // kep: https://kep.k8s.io/3288 - // - // Enables only stdout or stderr of the container to be retrievd. - PodLogsQuerySplitStreams featuregate.Feature = "PodLogsQuerySplitStreams" - - // owner: @natasha41575 - // kep: http://kep.k8s.io/5067 - // - // Enables the pod to report status.ObservedGeneration to reflect the generation of the last observed podspec. - PodObservedGenerationTracking featuregate.Feature = "PodObservedGenerationTracking" - - // owner: @ddebroy, @kannon92 - // - // Enables reporting of PodReadyToStartContainersCondition condition in pod status after pod - // sandbox creation and network configuration completes successfully - PodReadyToStartContainersCondition featuregate.Feature = "PodReadyToStartContainersCondition" - - // owner: @Huang-Wei - // kep: https://kep.k8s.io/3521 - // - // Enable users to specify when a Pod is ready for scheduling. - PodSchedulingReadiness featuregate.Feature = "PodSchedulingReadiness" - - // owner: @munnerz - // kep: https://kep.k8s.io/4742 - // alpha: v1.33 - // beta: v1.35 - // - // Enables the PodTopologyLabelsAdmission admission plugin that mutates `pod/binding` - // requests by copying the `topology.kubernetes.io/{zone,region}` labels from the assigned - // Node object (in the Binding being admitted) onto the Binding - // so that it can be persisted onto the Pod object when the Pod is being scheduled. - // This allows workloads running in pods to understand the topology information of their assigned node. - // Enabling this feature also permits external schedulers to set labels on pods in an atomic - // operation when scheduling a Pod by setting the `metadata.labels` field on the submitted Binding, - // similar to how `metadata.annotations` behaves. - PodTopologyLabelsAdmission featuregate.Feature = "PodTopologyLabelsAdmission" - - // owner: @seans3 - // kep: http://kep.k8s.io/4006 - // - // Enables PortForward to be proxied with a websocket client - PortForwardWebsockets featuregate.Feature = "PortForwardWebsockets" - - // owner: @danwinship - // kep: https://kep.k8s.io/3015 - // - // Enables PreferSameZone and PreferSameNode values for trafficDistribution - PreferSameTrafficDistribution featuregate.Feature = "PreferSameTrafficDistribution" - - // owner: @sreeram-venkitesh - // - // Denies pod admission if static pods reference other API objects. - PreventStaticPodAPIReferences featuregate.Feature = "PreventStaticPodAPIReferences" - - // owner: @jessfraz - // - // Enables control over ProcMountType for containers. - ProcMountType featuregate.Feature = "ProcMountType" - - // owner: @sjenning - // - // Allows resource reservations at the QoS level preventing pods at lower QoS levels from - // bursting into resources requested at higher QoS levels (memory only for now) - QOSReserved featuregate.Feature = "QOSReserved" - - // owner: @gnufied - // kep: https://kep.k8s.io/1790 - // - // Allow users to recover from volume expansion failure - RecoverVolumeExpansionFailure featuregate.Feature = "RecoverVolumeExpansionFailure" - - // owner: @AkihiroSuda - // kep: https://kep.k8s.io/3857 - // - // Allows recursive read-only mounts. - RecursiveReadOnlyMounts featuregate.Feature = "RecursiveReadOnlyMounts" - - // owner: @lauralorenz - // kep: https://kep.k8s.io/4603 - // - // Enables support for a lower internal cluster-wide backoff maximum for restarting - // containers (aka containers in CrashLoopBackOff) - ReduceDefaultCrashLoopBackOffDecay featuregate.Feature = "ReduceDefaultCrashLoopBackOffDecay" - - // owner: @adrianmoisey - // kep: https://kep.k8s.io/4427 - // - // Relaxed DNS search string validation. - RelaxedDNSSearchValidation featuregate.Feature = "RelaxedDNSSearchValidation" - - // owner: @HirazawaUi - // kep: https://kep.k8s.io/4369 - // - // Allow almost all printable ASCII characters in environment variables - RelaxedEnvironmentVariableValidation featuregate.Feature = "RelaxedEnvironmentVariableValidation" - - // owner: @adrianmoisey - // kep: https://kep.k8s.io/5311 - // - // Relaxed DNS search string validation. - RelaxedServiceNameValidation featuregate.Feature = "RelaxedServiceNameValidation" - - // owner: @zhangweikop - // - // Enable kubelet tls server to update certificate if the specified certificate files are changed. - // This feature is useful when specifying tlsCertFile & tlsPrivateKeyFile in kubelet Configuration. - // No effect for other cases such as using serverTLSbootstap. - ReloadKubeletServerCertificateFile featuregate.Feature = "ReloadKubeletServerCertificateFile" - - // owner: @SergeyKanzhelev - // kep: https://kep.k8s.io/4680 - // - // Adds the AllocatedResourcesStatus to the container status. - ResourceHealthStatus featuregate.Feature = "ResourceHealthStatus" - - // owner: @yuanwang04 - // kep: https://kep.k8s.io/5532 - // - // Restart the pod in-place on the same node. - RestartAllContainersOnContainerExits featuregate.Feature = "RestartAllContainersOnContainerExits" - - // owner: @mikedanese - // - // Gets a server certificate for the kubelet from the Certificate Signing - // Request API instead of generating one self signed and auto rotates the - // certificate as expiration approaches. - RotateKubeletServerCertificate featuregate.Feature = "RotateKubeletServerCertificate" - - // owner: @kiashok - // kep: https://kep.k8s.io/4216 - // - // Adds support to pull images based on the runtime class specified. - RuntimeClassInImageCriAPI featuregate.Feature = "RuntimeClassInImageCriApi" - - // owner: @jsafrane - // kep: https://kep.k8s.io/1710 - // - // Speed up container startup by mounting volumes with the correct SELinux label - // instead of changing each file on the volumes recursively. - // Enables the SELinuxChangePolicy field in PodSecurityContext before SELinuxMount featgure gate is enabled. - SELinuxChangePolicy featuregate.Feature = "SELinuxChangePolicy" - - // owner: @jsafrane - // kep: https://kep.k8s.io/1710 - // Speed up container startup by mounting volumes with the correct SELinux label - // instead of changing each file on the volumes recursively. - SELinuxMount featuregate.Feature = "SELinuxMount" - - // owner: @jsafrane - // kep: https://kep.k8s.io/1710 - // Speed up container startup by mounting volumes with the correct SELinux label - // instead of changing each file on the volumes recursively. - // Initial implementation focused on ReadWriteOncePod volumes. - SELinuxMountReadWriteOncePod featuregate.Feature = "SELinuxMountReadWriteOncePod" - - // owner: @macsko - // kep: http://kep.k8s.io/5229 - // - // Makes all API calls during scheduling asynchronous, by introducing a new kube-scheduler-wide way of handling such calls. - SchedulerAsyncAPICalls featuregate.Feature = "SchedulerAsyncAPICalls" - - // owner: @sanposhiho - // kep: http://kep.k8s.io/4832 - // - // Running some expensive operation within the scheduler's preemption asynchronously, - // which improves the scheduling latency when the preemption involves in. - SchedulerAsyncPreemption featuregate.Feature = "SchedulerAsyncPreemption" - - // owner: @macsko - // kep: http://kep.k8s.io/5142 - // - // Improves scheduling queue behavior by popping pods from the backoffQ when the activeQ is empty. - // This allows to process potentially schedulable pods ASAP, eliminating a penalty effect of the backoff queue. - SchedulerPopFromBackoffQ featuregate.Feature = "SchedulerPopFromBackoffQ" - - // owner: @sanposhiho - // kep: http://kep.k8s.io/4247 - // - // Enables the scheduler's enhancement called QueueingHints, - // which benefits to reduce the useless requeueing. - SchedulerQueueingHints featuregate.Feature = "SchedulerQueueingHints" - - // owner: @atosatto @yuanchen8911 - // kep: http://kep.k8s.io/3902 - // - // Decouples Taint Eviction Controller, performing taint-based Pod eviction, from Node Lifecycle Controller. - SeparateTaintEvictionController featuregate.Feature = "SeparateTaintEvictionController" - - // owner: @aramase - // kep: https://kep.k8s.io/4412 - // - // ServiceAccountNodeAudienceRestriction is used to restrict the audience for which the - // kubelet can request a service account token for. - ServiceAccountNodeAudienceRestriction featuregate.Feature = "ServiceAccountNodeAudienceRestriction" - - // owner: @munnerz - // kep: http://kep.k8s.io/4193 - // - // Controls whether JTIs (UUIDs) are embedded into generated service account tokens, and whether these JTIs are - // recorded into the audit log for future requests made by these tokens. - ServiceAccountTokenJTI featuregate.Feature = "ServiceAccountTokenJTI" - - // owner: @munnerz - // kep: http://kep.k8s.io/4193 - // - // Controls whether the apiserver supports binding service account tokens to Node objects. - ServiceAccountTokenNodeBinding featuregate.Feature = "ServiceAccountTokenNodeBinding" - - // owner: @munnerz - // kep: http://kep.k8s.io/4193 - // - // Controls whether the apiserver will validate Node claims in service account tokens. - ServiceAccountTokenNodeBindingValidation featuregate.Feature = "ServiceAccountTokenNodeBindingValidation" - - // owner: @munnerz - // kep: http://kep.k8s.io/4193 - // - // Controls whether the apiserver embeds the node name and uid for the associated node when issuing - // service account tokens bound to Pod objects. - ServiceAccountTokenPodNodeInfo featuregate.Feature = "ServiceAccountTokenPodNodeInfo" - - // owner: @gauravkghildiyal @robscott - // kep: https://kep.k8s.io/4444 - // - // Enables trafficDistribution field on Services. - ServiceTrafficDistribution featuregate.Feature = "ServiceTrafficDistribution" - - // owner: @gjkim42 @SergeyKanzhelev @matthyx @tzneal - // kep: http://kep.k8s.io/753 - // - // Introduces sidecar containers, a new type of init container that starts - // before other containers but remains running for the full duration of the - // pod's lifecycle and will not block pod termination. - SidecarContainers featuregate.Feature = "SidecarContainers" - - // owner: @liggitt - // - // Mitigates spurious statefulset rollouts due to controller revision comparison mismatches - // which are not semantically significant (e.g. serialization differences or missing defaulted fields). - StatefulSetSemanticRevisionComparison = "StatefulSetSemanticRevisionComparison" - - // owner: @cupnes - // kep: https://kep.k8s.io/4049 - // - // Enables scoring nodes by available storage capacity with - // StorageCapacityScoring feature gate. - StorageCapacityScoring featuregate.Feature = "StorageCapacityScoring" - - // owner: @ahutsunshine - // - // Allows namespace indexer for namespace scope resources in apiserver cache to accelerate list operations. - // Superseded by BtreeWatchCache. - StorageNamespaceIndex featuregate.Feature = "StorageNamespaceIndex" - - // owner: @enj, @michaelasp - // kep: https://kep.k8s.io/4192 - // - // Enables support for the StorageVersionMigrator controller. - StorageVersionMigrator featuregate.Feature = "StorageVersionMigrator" - - // owner: @serathius - // Allow API server JSON encoder to encode collections item by item, instead of all at once. - StreamingCollectionEncodingToJSON featuregate.Feature = "StreamingCollectionEncodingToJSON" - - // owner: serathius - // Allow API server Protobuf encoder to encode collections item by item, instead of all at once. - StreamingCollectionEncodingToProtobuf featuregate.Feature = "StreamingCollectionEncodingToProtobuf" - - // owner: @danwinship - // kep: https://kep.k8s.io/4858 - // - // Requires stricter validation of IP addresses and CIDR values in API objects. - StrictIPCIDRValidation featuregate.Feature = "StrictIPCIDRValidation" - - // owner: @everpeace - // kep: https://kep.k8s.io/3619 - // - // Enable SupplementalGroupsPolicy feature in PodSecurityContext - SupplementalGroupsPolicy featuregate.Feature = "SupplementalGroupsPolicy" - - // owner: @zhifei92 - // - // Enables the systemd watchdog for the kubelet. When enabled, the kubelet will - // periodically notify the systemd watchdog to indicate that it is still alive. - // This can help prevent the system from restarting the kubelet if it becomes - // unresponsive. The feature gate is enabled by default, but should only be used - // if the system supports the systemd watchdog feature and has it configured properly. - SystemdWatchdog = featuregate.Feature("SystemdWatchdog") - - // owner: @helayoty - // kep: https://kep.k8s.io/5471 - // - // Enables numeric comparison operators (Lt, Gt) for tolerations to match taints with threshold-based values. - TaintTolerationComparisonOperators featuregate.Feature = "TaintTolerationComparisonOperators" - - // owner: @robscott - // kep: https://kep.k8s.io/2433 - // - // Enables topology aware hints for EndpointSlices - TopologyAwareHints featuregate.Feature = "TopologyAwareHints" - - // owner: @PiotrProkop - // kep: https://kep.k8s.io/3545 - // - // Allow fine-tuning of topology manager policies with alpha options. - // This feature gate: - // - will guard *a group* of topology manager options whose quality level is alpha. - // - will never graduate to beta or stable. - TopologyManagerPolicyAlphaOptions featuregate.Feature = "TopologyManagerPolicyAlphaOptions" - - // owner: @PiotrProkop - // kep: https://kep.k8s.io/3545 - // - // Allow fine-tuning of topology manager policies with beta options. - // This feature gate: - // - will guard *a group* of topology manager options whose quality level is beta. - // - is thus *introduced* as beta - // - will never graduate to stable. - TopologyManagerPolicyBetaOptions featuregate.Feature = "TopologyManagerPolicyBetaOptions" - - // owner: @PiotrProkop - // kep: https://kep.k8s.io/3545 - // - // Allow the usage of options to fine-tune the topology manager policies. - TopologyManagerPolicyOptions featuregate.Feature = "TopologyManagerPolicyOptions" - - // owner: @seans3 - // kep: http://kep.k8s.io/4006 - // - // Enables StreamTranslator proxy to handle WebSockets upgrade requests for the - // version of the RemoteCommand subprotocol that supports the "close" signal. - TranslateStreamCloseWebsocketRequests featuregate.Feature = "TranslateStreamCloseWebsocketRequests" - - // owner: @HirazawaUi - // kep: https://kep.k8s.io/5607 - // - // Allow hostNetwork pods to use user namespaces - UserNamespacesHostNetworkSupport featuregate.Feature = "UserNamespacesHostNetworkSupport" - - // owner: @rata, @giuseppe - // kep: https://kep.k8s.io/127 - // - // Enables user namespace support for stateless pods. - UserNamespacesSupport featuregate.Feature = "UserNamespacesSupport" - - // owner: @mattcarry, @sunnylovestiramisu - // kep: https://kep.k8s.io/3751 - // - // Enables user specified volume attributes for persistent volumes, like iops and throughput. - VolumeAttributesClass featuregate.Feature = "VolumeAttributesClass" - - // owner: @gnufied - // kep: https://kep.k8s.io/5030 - // - // Enables volume limit scaling for CSI drivers. This allows scheduler to - // co-ordinate better with cluster-autoscaler for storage limits. - VolumeLimitScaling featuregate.Feature = "VolumeLimitScaling" - - // owner: @ksubrmnn - // - // Allows kube-proxy to create DSR loadbalancers for Windows - WinDSR featuregate.Feature = "WinDSR" - - // owner: @ksubrmnn - // - // Allows kube-proxy to run in Overlay mode for Windows - WinOverlay featuregate.Feature = "WinOverlay" - - // owner: @jsturtevant - // kep: https://kep.k8s.io/4888 - // - // Add CPU and Memory Affinity support to Windows nodes with CPUManager, MemoryManager and Topology manager - WindowsCPUAndMemoryAffinity featuregate.Feature = "WindowsCPUAndMemoryAffinity" - - // owner: @zylxjtu - // kep: https://kep.k8s.io/4802 - // - // Enables support for graceful shutdown windows node. - WindowsGracefulNodeShutdown featuregate.Feature = "WindowsGracefulNodeShutdown" - - // owner: @marosset - // kep: https://kep.k8s.io/3503 - // - // Enables support for joining Windows containers to a hosts' network namespace. - WindowsHostNetwork featuregate.Feature = "WindowsHostNetwork" -) - -// defaultVersionedKubernetesFeatureGates consists of all known Kubernetes-specific feature keys with VersionedSpecs. -// To add a new feature, define a key for it in pkg/features/kube_features.go and add it here. The features will be -// available throughout Kubernetes binaries. -// For features available via specific kubernetes components like apiserver, -// cloud-controller-manager, etc find the respective kube_features.go file -// (eg:staging/src/apiserver/pkg/features/kube_features.go), define the versioned -// feature gate there, and reference it in this file. -// To support n-3 compatibility version, features may only be removed 3 releases after graduation. -// -// Entries are alphabetized. -var defaultVersionedKubernetesFeatureGates = map[featuregate.Feature]featuregate.VersionedSpecs{ - AllowDNSOnlyNodeCSR: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - AllowInsecureKubeletCertificateSigningRequests: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - AllowOverwriteTerminationGracePeriodSeconds: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Deprecated}, - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Deprecated, LockToDefault: true}, // remove in 1.38 - }, - - AnyVolumeDataSource: { - {Version: version.MustParse("1.18"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.24"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.33 -> remove in 1.36 - }, - - AuthorizeNodeWithSelectors: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - AuthorizePodWebsocketUpgradeCreatePermission: { - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - CPUCFSQuotaPeriod: { - {Version: version.MustParse("1.12"), Default: false, PreRelease: featuregate.Alpha}, - }, - - CPUManagerPolicyAlphaOptions: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - }, - - CPUManagerPolicyBetaOptions: { - {Version: version.MustParse("1.23"), Default: true, PreRelease: featuregate.Beta}, - }, - - CPUManagerPolicyOptions: { - {Version: version.MustParse("1.22"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.23"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - CSIMigrationPortworx: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, // On by default (requires Portworx CSI driver) - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - CSIServiceAccountTokenSecrets: { - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - CSIVolumeHealth: { - {Version: version.MustParse("1.21"), Default: false, PreRelease: featuregate.Alpha}, - }, - - ChangeContainerStatusOnKubeletRestart: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - ClearingNominatedNodeNameAfterBinding: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - ClusterTrustBundle: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - }, - - ClusterTrustBundleProjection: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - }, - - ContainerCheckpoint: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - }, - - ContainerRestartRules: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - ContainerStopSignals: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - CrossNamespaceVolumeDataSource: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRAAdminAccess: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - DRAConsumableCapacity: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRADeviceBindingConditions: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRADeviceTaintRules: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRADeviceTaints: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRAExtendedResource: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRAPartitionableDevices: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - DRAPrioritizedList: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - DRAResourceClaimDeviceStatus: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - DRASchedulerFilterTimeout: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - DeploymentReplicaSetTerminatingReplicas: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - DisableAllocatorDualWrite: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove after MultiCIDRServiceAllocator is GA - }, - - DisableCPUQuotaWithExclusiveCPUs: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - DisableNodeKubeProxyVersion: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Deprecated}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Deprecated}, // lock to default in 1.34 and remove in v1.37 - }, - - DynamicResourceAllocation: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - // TODO (https://github.com/kubernetes/kubernetes/issues/134459): remove completely in 1.38 - }, - EnvFiles: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - EventedPLEG: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - }, - - ExecProbeTimeout: { - {Version: version.MustParse("1.20"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in v1.38 - }, - - ExternalServiceAccountTokenSigner: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - GangScheduling: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - GenericWorkload: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - GitRepoVolumeDriver: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - GracefulNodeShutdown: { - {Version: version.MustParse("1.20"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.21"), Default: true, PreRelease: featuregate.Beta}, - }, - - GracefulNodeShutdownBasedOnPodPriority: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.24"), Default: true, PreRelease: featuregate.Beta}, - }, - - HPAConfigurableTolerance: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - HPAScaleToZero: { - {Version: version.MustParse("1.16"), Default: false, PreRelease: featuregate.Alpha}, - }, - - HonorPVReclaimPolicy: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - HostnameOverride: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - ImageMaximumGCAge: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.38 - }, - - ImageVolume: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - InPlacePodLevelResourcesVerticalScaling: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - InPlacePodVerticalScaling: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.38 - }, - - InPlacePodVerticalScalingAllocatedStatus: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Deprecated}, // remove in 1.36 - }, - - InPlacePodVerticalScalingExclusiveCPUs: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - InPlacePodVerticalScalingExclusiveMemory: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - }, - - InTreePluginPortworxUnregister: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, // remove it along with CSIMigrationPortworx in 1.36 - }, - - JobBackoffLimitPerIndex: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - JobManagedBy: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.38 - }, - - JobPodReplacementPolicy: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - JobSuccessPolicy: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - KubeletCgroupDriverFromCRI: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - KubeletCrashLoopBackOffMax: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletEnsureSecretPulledImages: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletFineGrainedAuthz: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletInUserNamespace: { - {Version: version.MustParse("1.22"), Default: false, PreRelease: featuregate.Alpha}, - }, - - KubeletPSI: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletPodResourcesDynamicResources: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletPodResourcesGet: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletPodResourcesListUseActivePods: { - {Version: version.MustParse("1.0"), Default: false, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Deprecated}, // lock to default in 1.38, remove in 1.39 - }, - - KubeletRegistrationGetOnExistsOnly: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - KubeletSeparateDiskGC: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletServiceAccountTokenForCredentialProviders: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - KubeletTracing: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.27"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - LocalStorageCapacityIsolationFSQuotaMonitoring: { - {Version: version.MustParse("1.15"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - }, - - LogarithmicScaleDown: { - {Version: version.MustParse("1.21"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.22"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - MatchLabelKeysInPodAffinity: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - MatchLabelKeysInPodTopologySpread: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.27"), Default: true, PreRelease: featuregate.Beta}, - }, - - MatchLabelKeysInPodTopologySpreadSelectorMerge: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - MaxUnavailableStatefulSet: { - {Version: version.MustParse("1.24"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - MemoryManager: { - {Version: version.MustParse("1.21"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.22"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - MemoryQoS: { - {Version: version.MustParse("1.22"), Default: false, PreRelease: featuregate.Alpha}, - }, - - MultiCIDRServiceAllocator: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 (locked to default in 1.34) - }, - - MutableCSINodeAllocatableCount: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - MutablePVNodeAffinity: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - MutablePodResourcesForSuspendedJobs: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - MutableSchedulingDirectivesForSuspendedJobs: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - NFTablesProxyMode: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - NodeDeclaredFeatures: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - NodeInclusionPolicyInPodTopologySpread: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.26"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - NodeLogQuery: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Beta}, - }, - - NodeSwap: { - {Version: version.MustParse("1.22"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - NominatedNodeNameForExpectation: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - OpportunisticBatching: { - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - OrderedNamespaceDeletion: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - PodAndContainerStatsFromCRI: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - }, - - PodCertificateRequest: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Beta}, - }, - - PodDeletionCost: { - {Version: version.MustParse("1.21"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.22"), Default: true, PreRelease: featuregate.Beta}, - }, - - PodLevelResources: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - PodLifecycleSleepAction: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.34; remove in 1.37 - }, - - PodLifecycleSleepActionAllowZero: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.34, remove in 1.37 - }, - - PodLogsQuerySplitStreams: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - PodObservedGenerationTracking: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.35, remove in 1.38 - }, - - PodReadyToStartContainersCondition: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - }, - - PodSchedulingReadiness: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.27"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.30; remove in 1.32 - }, - - PodTopologyLabelsAdmission: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - PortForwardWebsockets: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - }, - - PreferSameTrafficDistribution: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - PreventStaticPodAPIReferences: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - ProcMountType: { - {Version: version.MustParse("1.12"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - QOSReserved: { - {Version: version.MustParse("1.11"), Default: false, PreRelease: featuregate.Alpha}, - }, - - RecoverVolumeExpansionFailure: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA in 1.34; remove in 1.37 - }, - - RecursiveReadOnlyMounts: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.36 - }, - - ReduceDefaultCrashLoopBackOffDecay: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - RelaxedDNSSearchValidation: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - RelaxedEnvironmentVariableValidation: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - RelaxedServiceNameValidation: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Alpha}, - }, - - ReloadKubeletServerCertificateFile: { - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - }, - - ResourceHealthStatus: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - }, - - RestartAllContainersOnContainerExits: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - RotateKubeletServerCertificate: { - {Version: version.MustParse("1.7"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.12"), Default: true, PreRelease: featuregate.Beta}, - }, - - RuntimeClassInImageCriAPI: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - }, - - SELinuxChangePolicy: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - SELinuxMount: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - }, - - SELinuxMountReadWriteOncePod: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.28"), Default: true, PreRelease: featuregate.Beta}, - }, - - SchedulerAsyncAPICalls: { - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - SchedulerAsyncPreemption: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - SchedulerPopFromBackoffQ: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - SchedulerQueueingHints: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - SeparateTaintEvictionController: { - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 (locked to default in 1.34) - }, - - ServiceAccountNodeAudienceRestriction: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - ServiceAccountTokenJTI: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - ServiceAccountTokenNodeBinding: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - ServiceAccountTokenNodeBindingValidation: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - ServiceAccountTokenPodNodeInfo: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - ServiceTrafficDistribution: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA and LockToDefault in 1.33, remove in 1.36 - }, - - SidecarContainers: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, LockToDefault: true, PreRelease: featuregate.GA}, // GA in 1.33 remove in 1.36 - }, - - StatefulSetSemanticRevisionComparison: { - // This is a mitigation for a 1.34 regression due to serialization differences that cannot be feature-gated, - // so this mitigation should not auto-disable even if emulating versions prior to 1.34 with --emulation-version. - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.Beta}, - }, - - StorageCapacityScoring: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - StorageNamespaceIndex: { - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Deprecated}, - }, - - StorageVersionMigrator: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Beta}, - }, - - StreamingCollectionEncodingToJSON: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - StreamingCollectionEncodingToProtobuf: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - StrictIPCIDRValidation: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - }, - - SupplementalGroupsPolicy: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.38 - }, - - SystemdWatchdog: { - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remov in 1.37 - }, - - TaintTolerationComparisonOperators: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - TopologyAwareHints: { - {Version: version.MustParse("1.21"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.24"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - TopologyManagerPolicyAlphaOptions: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - }, - - TopologyManagerPolicyBetaOptions: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.28"), Default: true, PreRelease: featuregate.Beta}, - }, - - TopologyManagerPolicyOptions: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.28"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA}, - }, - - TranslateStreamCloseWebsocketRequests: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - }, - - UserNamespacesHostNetworkSupport: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - UserNamespacesSupport: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - VolumeAttributesClass: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA}, - }, - - VolumeLimitScaling: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - WinDSR: { - {Version: version.MustParse("1.14"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - WinOverlay: { - {Version: version.MustParse("1.14"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.20"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - WindowsCPUAndMemoryAffinity: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - WindowsGracefulNodeShutdown: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - WindowsHostNetwork: { - {Version: version.MustParse("1.26"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - apiextensionsfeatures.CRDObservedGenerationTracking: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Beta}, - }, - - apiextensionsfeatures.CRDValidationRatcheting: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - apiextensionsfeatures.CustomResourceFieldSelectors: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, LockToDefault: true, PreRelease: featuregate.GA}, - }, - - genericfeatures.APIResponseCompression: { - {Version: version.MustParse("1.8"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.16"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.APIServerIdentity: { - {Version: version.MustParse("1.20"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.26"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.APIServerTracing: { - {Version: version.MustParse("1.22"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.27"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - genericfeatures.APIServingWithRoutine: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.AggregatedDiscoveryRemoveBetaType: { - {Version: version.MustParse("1.0"), Default: false, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Deprecated}, - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Deprecated, LockToDefault: true}, - }, - - genericfeatures.AllowParsingUserUIDFromCertAuth: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.AllowUnsafeMalformedObjectDeletion: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.AnonymousAuthConfigurableEndpoints: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - genericfeatures.AuthorizeWithSelectors: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.37 - }, - - genericfeatures.BtreeWatchCache: { - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - genericfeatures.CBORServingAndStorage: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.ConcurrentWatchObjectDecode: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - }, - - genericfeatures.ConsistentListFromCache: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - genericfeatures.ConstrainedImpersonation: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.CoordinatedLeaderElection: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - }, - - genericfeatures.DeclarativeValidation: { - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.DeclarativeValidationTakeover: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - }, - - genericfeatures.DetectCacheInconsistency: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.KMSv1: { - {Version: version.MustParse("1.0"), Default: true, PreRelease: featuregate.GA}, - {Version: version.MustParse("1.28"), Default: true, PreRelease: featuregate.Deprecated}, - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - genericfeatures.ListFromCacheSnapshot: { - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.MutatingAdmissionPolicy: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.34"), Default: false, PreRelease: featuregate.Beta}, - }, - - genericfeatures.OpenAPIEnums: { - {Version: version.MustParse("1.23"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.24"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.RemoteRequestHeaderUID: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.ResilientWatchCacheInitialization: { - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - genericfeatures.RetryGenerateName: { - {Version: version.MustParse("1.30"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, LockToDefault: true, PreRelease: featuregate.GA}, - }, - - genericfeatures.SeparateCacheWatchRPC: { - {Version: version.MustParse("1.28"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Deprecated}, - }, - - genericfeatures.SizeBasedListCostEstimate: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.StorageVersionAPI: { - {Version: version.MustParse("1.20"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.StorageVersionHash: { - {Version: version.MustParse("1.14"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.15"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.StructuredAuthenticationConfiguration: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // GA and LockToDefault in 1.34, remove in 1.37 - }, - - genericfeatures.StructuredAuthenticationConfigurationEgressSelector: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.StructuredAuthenticationConfigurationJWKSMetrics: { - {Version: version.MustParse("1.35"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.StructuredAuthorizationConfiguration: { - {Version: version.MustParse("1.29"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.30"), Default: true, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - }, - - genericfeatures.TokenRequestServiceAccountUIDValidation: { - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.UnauthenticatedHTTP2DOSMitigation: { - {Version: version.MustParse("1.25"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.29"), Default: true, PreRelease: featuregate.Beta}, - }, - - genericfeatures.UnknownVersionInteroperabilityProxy: { - {Version: version.MustParse("1.28"), Default: false, PreRelease: featuregate.Alpha}, - }, - - genericfeatures.WatchCacheInitializationPostStartHook: { - {Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Beta}, - }, - - genericfeatures.WatchFromStorageWithoutResourceVersion: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Deprecated, LockToDefault: true}, - }, - - genericfeatures.WatchList: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - {Version: version.MustParse("1.32"), Default: true, PreRelease: featuregate.Beta}, - // switch this back to false because the json and proto streaming encoders appear to work better. - {Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta}, - {Version: version.MustParse("1.34"), Default: true, PreRelease: featuregate.Beta}, - }, - - kcmfeatures.CloudControllerManagerWatchBasedRoutesReconciliation: { - {Version: version.MustParse("1.35"), Default: false, PreRelease: featuregate.Alpha}, - }, - - kcmfeatures.CloudControllerManagerWebhook: { - {Version: version.MustParse("1.27"), Default: false, PreRelease: featuregate.Alpha}, - }, - - zpagesfeatures.ComponentFlagz: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, - - zpagesfeatures.ComponentStatusz: { - {Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha}, - }, -} - -// defaultKubernetesFeatureGateDependencies enumerates the dependencies of any feature gate that -// depends on another. Dependencies ensure that a dependent feature gate can only be enabled if all -// of its dependencies are also enabled, and ensures a feature at a higher stability level cannot -// depend on a less stable feature. -// -// Entries are alphabetized. -var defaultKubernetesFeatureGateDependencies = map[featuregate.Feature][]featuregate.Feature{ - AllowDNSOnlyNodeCSR: {}, - - AllowInsecureKubeletCertificateSigningRequests: {}, - - AllowOverwriteTerminationGracePeriodSeconds: {}, - - AnyVolumeDataSource: {}, - - AuthorizeNodeWithSelectors: {genericfeatures.AuthorizeWithSelectors}, - - AuthorizePodWebsocketUpgradeCreatePermission: {}, - - CPUCFSQuotaPeriod: {}, - - CPUManagerPolicyAlphaOptions: {}, - - CPUManagerPolicyBetaOptions: {}, - - CPUManagerPolicyOptions: {}, - - CSIMigrationPortworx: {}, - - CSIServiceAccountTokenSecrets: {}, - - CSIVolumeHealth: {}, - - ChangeContainerStatusOnKubeletRestart: {}, - - ClearingNominatedNodeNameAfterBinding: {}, - - ClusterTrustBundle: {}, - - ClusterTrustBundleProjection: {ClusterTrustBundle}, - - ContainerCheckpoint: {}, - - ContainerRestartRules: {}, - - ContainerStopSignals: {}, - - CoordinatedLeaderElection: {}, - - CrossNamespaceVolumeDataSource: {}, - - DRAAdminAccess: {DynamicResourceAllocation}, - - DRAConsumableCapacity: {DynamicResourceAllocation}, - - DRADeviceBindingConditions: {DynamicResourceAllocation, DRAResourceClaimDeviceStatus}, - - DRADeviceTaintRules: {DRADeviceTaints}, // DynamicResourceAllocation is indirect. - - DRADeviceTaints: {DynamicResourceAllocation}, - - DRAExtendedResource: {DynamicResourceAllocation}, - - DRAPartitionableDevices: {DynamicResourceAllocation}, - - DRAPrioritizedList: {DynamicResourceAllocation}, - - DRAResourceClaimDeviceStatus: {}, // Soft dependency on DynamicResourceAllocation due to on/off-by-default conflict. - - DRASchedulerFilterTimeout: {DynamicResourceAllocation}, - - DeploymentReplicaSetTerminatingReplicas: {}, - - DisableAllocatorDualWrite: {MultiCIDRServiceAllocator}, - - DisableCPUQuotaWithExclusiveCPUs: {}, - - DisableNodeKubeProxyVersion: {}, - - DynamicResourceAllocation: {}, - - EnvFiles: {}, - - EventedPLEG: {}, - - ExecProbeTimeout: {}, - - ExternalServiceAccountTokenSigner: {}, - - GangScheduling: {GenericWorkload}, - - GenericWorkload: {}, - - GitRepoVolumeDriver: {}, - - GracefulNodeShutdown: {}, - - GracefulNodeShutdownBasedOnPodPriority: {GracefulNodeShutdown}, - - HPAConfigurableTolerance: {}, - - HPAScaleToZero: {}, - - HonorPVReclaimPolicy: {}, - - HostnameOverride: {}, - - ImageMaximumGCAge: {}, - - ImageVolume: {}, - - InPlacePodLevelResourcesVerticalScaling: {InPlacePodVerticalScaling, PodLevelResources, NodeDeclaredFeatures}, - - InPlacePodVerticalScaling: {}, - - InPlacePodVerticalScalingAllocatedStatus: {InPlacePodVerticalScaling}, - - InPlacePodVerticalScalingExclusiveCPUs: {InPlacePodVerticalScaling}, - - InPlacePodVerticalScalingExclusiveMemory: {InPlacePodVerticalScaling, MemoryManager}, - - InTreePluginPortworxUnregister: {}, - - JobBackoffLimitPerIndex: {}, - - JobManagedBy: {}, - - JobPodReplacementPolicy: {}, - - JobSuccessPolicy: {}, - - KubeletCgroupDriverFromCRI: {}, - - KubeletCrashLoopBackOffMax: {}, - - KubeletEnsureSecretPulledImages: {}, - - KubeletFineGrainedAuthz: {}, - - KubeletInUserNamespace: {}, - - KubeletPSI: {}, - - KubeletPodResourcesDynamicResources: {}, - - KubeletPodResourcesGet: {}, - - KubeletPodResourcesListUseActivePods: {}, - - KubeletRegistrationGetOnExistsOnly: {}, - - KubeletSeparateDiskGC: {}, - - KubeletServiceAccountTokenForCredentialProviders: {}, - - KubeletTracing: {}, - - LocalStorageCapacityIsolationFSQuotaMonitoring: {}, - - LogarithmicScaleDown: {}, - - MatchLabelKeysInPodAffinity: {}, - - MatchLabelKeysInPodTopologySpread: {}, - - MatchLabelKeysInPodTopologySpreadSelectorMerge: {MatchLabelKeysInPodTopologySpread}, - - MaxUnavailableStatefulSet: {}, - - MemoryManager: {}, - - MemoryQoS: {}, - - MultiCIDRServiceAllocator: {}, - - MutableCSINodeAllocatableCount: {}, - - MutablePVNodeAffinity: {}, - - MutablePodResourcesForSuspendedJobs: {}, - - MutableSchedulingDirectivesForSuspendedJobs: {}, - - NFTablesProxyMode: {}, - - NodeDeclaredFeatures: {}, - - NodeInclusionPolicyInPodTopologySpread: {}, - - NodeLogQuery: {}, - - NodeSwap: {}, - - NominatedNodeNameForExpectation: {}, - - OpportunisticBatching: {}, - - OrderedNamespaceDeletion: {}, - - PodAndContainerStatsFromCRI: {}, - - PodCertificateRequest: {AuthorizeNodeWithSelectors}, - - PodDeletionCost: {}, - - PodLevelResources: {}, - - PodLifecycleSleepAction: {}, - - PodLifecycleSleepActionAllowZero: {PodLifecycleSleepAction}, - - PodLogsQuerySplitStreams: {}, - - PodObservedGenerationTracking: {}, - - PodReadyToStartContainersCondition: {}, - - PodSchedulingReadiness: {}, - - PodTopologyLabelsAdmission: {}, - - PortForwardWebsockets: {}, - - PreferSameTrafficDistribution: {}, - - PreventStaticPodAPIReferences: {}, - - ProcMountType: {UserNamespacesSupport}, - - QOSReserved: {}, - - RecoverVolumeExpansionFailure: {}, - - RecursiveReadOnlyMounts: {}, - - ReduceDefaultCrashLoopBackOffDecay: {}, - - RelaxedDNSSearchValidation: {}, - - RelaxedEnvironmentVariableValidation: {}, - - RelaxedServiceNameValidation: {}, - - ReloadKubeletServerCertificateFile: {}, - - ResourceHealthStatus: {DynamicResourceAllocation}, - - // RestartAllContainersOnContainerExits introduces a new container restart rule action. - // All restart rules will be dropped by API if ContainerRestartRules feature is not enabled. - RestartAllContainersOnContainerExits: {ContainerRestartRules, NodeDeclaredFeatures}, - - RotateKubeletServerCertificate: {}, - - RuntimeClassInImageCriAPI: {}, - - SELinuxChangePolicy: {}, - - SELinuxMount: {}, - - SELinuxMountReadWriteOncePod: {}, - - SchedulerAsyncAPICalls: {}, - - SchedulerAsyncPreemption: {}, - - SchedulerPopFromBackoffQ: {}, - - SchedulerQueueingHints: {}, - - SeparateTaintEvictionController: {}, - - ServiceAccountNodeAudienceRestriction: {}, - - ServiceAccountTokenJTI: {}, - - ServiceAccountTokenNodeBinding: {ServiceAccountTokenNodeBindingValidation}, - - ServiceAccountTokenNodeBindingValidation: {}, - - ServiceAccountTokenPodNodeInfo: {}, - - ServiceTrafficDistribution: {}, - - SidecarContainers: {}, - - StatefulSetSemanticRevisionComparison: {}, - - StorageCapacityScoring: {}, - - StorageNamespaceIndex: {}, - - StorageVersionMigrator: {}, - - StreamingCollectionEncodingToJSON: {}, - - StreamingCollectionEncodingToProtobuf: {}, - - StrictIPCIDRValidation: {}, - - SupplementalGroupsPolicy: {}, - - SystemdWatchdog: {}, - - TaintTolerationComparisonOperators: {}, - - TopologyAwareHints: {}, - - TopologyManagerPolicyAlphaOptions: {}, - - TopologyManagerPolicyBetaOptions: {}, - - TopologyManagerPolicyOptions: {}, - - TranslateStreamCloseWebsocketRequests: {}, - - UserNamespacesHostNetworkSupport: {UserNamespacesSupport}, - - UserNamespacesSupport: {}, - - VolumeAttributesClass: {}, - - VolumeLimitScaling: {}, - - WinDSR: {}, - - WinOverlay: {}, - - WindowsCPUAndMemoryAffinity: {MemoryManager}, - - WindowsGracefulNodeShutdown: {GracefulNodeShutdown}, - - WindowsHostNetwork: {}, - - apiextensionsfeatures.CRDObservedGenerationTracking: {}, - - apiextensionsfeatures.CRDValidationRatcheting: {}, - - apiextensionsfeatures.CustomResourceFieldSelectors: {}, - - genericfeatures.APIResponseCompression: {}, - - genericfeatures.APIServerIdentity: {}, - - genericfeatures.APIServerTracing: {}, - - genericfeatures.APIServingWithRoutine: {}, - - genericfeatures.AggregatedDiscoveryRemoveBetaType: {}, - - genericfeatures.AllowParsingUserUIDFromCertAuth: {}, - - genericfeatures.AllowUnsafeMalformedObjectDeletion: {}, - - genericfeatures.AnonymousAuthConfigurableEndpoints: {}, - - genericfeatures.AuthorizeWithSelectors: {}, - - genericfeatures.BtreeWatchCache: {}, - - genericfeatures.CBORServingAndStorage: {}, - - genericfeatures.ConcurrentWatchObjectDecode: {}, - - genericfeatures.ConsistentListFromCache: {}, - - genericfeatures.ConstrainedImpersonation: {}, - - genericfeatures.DeclarativeValidation: {}, - - genericfeatures.DeclarativeValidationTakeover: {genericfeatures.DeclarativeValidation}, - - genericfeatures.DetectCacheInconsistency: {}, - - genericfeatures.KMSv1: {}, - - genericfeatures.ListFromCacheSnapshot: {}, - - genericfeatures.MutatingAdmissionPolicy: {}, - - genericfeatures.OpenAPIEnums: {}, - - genericfeatures.RemoteRequestHeaderUID: {}, - - genericfeatures.ResilientWatchCacheInitialization: {}, - - genericfeatures.RetryGenerateName: {}, - - genericfeatures.SeparateCacheWatchRPC: {}, - - genericfeatures.SizeBasedListCostEstimate: {}, - - genericfeatures.StorageVersionAPI: {genericfeatures.APIServerIdentity}, - - genericfeatures.StorageVersionHash: {}, - - genericfeatures.StructuredAuthenticationConfiguration: {}, - - genericfeatures.StructuredAuthenticationConfigurationEgressSelector: {genericfeatures.StructuredAuthenticationConfiguration}, - - genericfeatures.StructuredAuthenticationConfigurationJWKSMetrics: {genericfeatures.StructuredAuthenticationConfiguration}, - - genericfeatures.StructuredAuthorizationConfiguration: {}, - - genericfeatures.TokenRequestServiceAccountUIDValidation: {}, - - genericfeatures.UnauthenticatedHTTP2DOSMitigation: {}, - - genericfeatures.UnknownVersionInteroperabilityProxy: {genericfeatures.APIServerIdentity}, - - genericfeatures.WatchCacheInitializationPostStartHook: {}, - - genericfeatures.WatchFromStorageWithoutResourceVersion: {}, - - genericfeatures.WatchList: {}, - - kcmfeatures.CloudControllerManagerWatchBasedRoutesReconciliation: {}, - - kcmfeatures.CloudControllerManagerWebhook: {}, - - zpagesfeatures.ComponentFlagz: {}, - - zpagesfeatures.ComponentStatusz: {}, -} - -func init() { - runtime.Must(utilfeature.DefaultMutableFeatureGate.AddVersioned(defaultVersionedKubernetesFeatureGates)) - runtime.Must(utilfeature.DefaultMutableFeatureGate.AddDependencies(defaultKubernetesFeatureGateDependencies)) - runtime.Must(zpagesfeatures.AddFeatureGates(utilfeature.DefaultMutableFeatureGate)) - - // Register all client-go features with kube's feature gate instance and make all client-go - // feature checks use kube's instance. The effect is that for kube binaries, client-go - // features are wired to the existing --feature-gates flag just as all other features - // are. Further, client-go features automatically support the existing mechanisms for - // feature enablement metrics and test overrides. - ca := &clientAdapter{utilfeature.DefaultMutableFeatureGate} - runtime.Must(clientfeatures.AddVersionedFeaturesToExistingFeatureGates(ca)) - clientfeatures.ReplaceFeatureGates(ca) -} diff --git a/vendor/k8s.io/kubernetes/pkg/fieldpath/doc.go b/vendor/k8s.io/kubernetes/pkg/fieldpath/doc.go deleted file mode 100644 index 83cbdce0c..000000000 --- a/vendor/k8s.io/kubernetes/pkg/fieldpath/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package fieldpath supplies methods for extracting fields from objects -// given a path to a field. -package fieldpath diff --git a/vendor/k8s.io/kubernetes/pkg/fieldpath/fieldpath.go b/vendor/k8s.io/kubernetes/pkg/fieldpath/fieldpath.go deleted file mode 100644 index f8466d403..000000000 --- a/vendor/k8s.io/kubernetes/pkg/fieldpath/fieldpath.go +++ /dev/null @@ -1,120 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package fieldpath - -import ( - "fmt" - "sort" - "strconv" - "strings" - - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/util/validation" -) - -// FormatMap formats map[string]string to a string. -func FormatMap(m map[string]string) (fmtStr string) { - // output with keys in sorted order to provide stable output - keys := make([]string, 0, len(m)) - var grow int - for k, v := range m { - keys = append(keys, k) - // why add 4: (for =, \n, " and ") - grow += len(k) + len(v) + 4 - } - sort.Strings(keys) - // allocate space to avoid expansion - dst := make([]byte, 0, grow) - for _, key := range keys { - if len(dst) > 0 { - dst = append(dst, '\n') - } - dst = append(dst, key...) - dst = append(dst, '=') - dst = strconv.AppendQuote(dst, m[key]) - } - return string(dst) -} - -// ExtractFieldPathAsString extracts the field from the given object -// and returns it as a string. The object must be a pointer to an -// API type. -func ExtractFieldPathAsString(obj interface{}, fieldPath string) (string, error) { - accessor, err := meta.Accessor(obj) - if err != nil { - return "", err - } - - if path, subscript, ok := SplitMaybeSubscriptedPath(fieldPath); ok { - switch path { - case "metadata.annotations": - if errs := validation.IsQualifiedName(strings.ToLower(subscript)); len(errs) != 0 { - return "", fmt.Errorf("invalid key subscript in %s: %s", fieldPath, strings.Join(errs, ";")) - } - return accessor.GetAnnotations()[subscript], nil - case "metadata.labels": - if errs := validation.IsQualifiedName(subscript); len(errs) != 0 { - return "", fmt.Errorf("invalid key subscript in %s: %s", fieldPath, strings.Join(errs, ";")) - } - return accessor.GetLabels()[subscript], nil - default: - return "", fmt.Errorf("fieldPath %q does not support subscript", fieldPath) - } - } - - switch fieldPath { - case "metadata.annotations": - return FormatMap(accessor.GetAnnotations()), nil - case "metadata.labels": - return FormatMap(accessor.GetLabels()), nil - case "metadata.name": - return accessor.GetName(), nil - case "metadata.namespace": - return accessor.GetNamespace(), nil - case "metadata.uid": - return string(accessor.GetUID()), nil - } - - return "", fmt.Errorf("unsupported fieldPath: %v", fieldPath) -} - -// SplitMaybeSubscriptedPath checks whether the specified fieldPath is -// subscripted, and -// - if yes, this function splits the fieldPath into path and subscript, and -// returns (path, subscript, true). -// - if no, this function returns (fieldPath, "", false). -// -// Example inputs and outputs: -// -// "metadata.annotations['myKey']" --> ("metadata.annotations", "myKey", true) -// "metadata.annotations['a[b]c']" --> ("metadata.annotations", "a[b]c", true) -// "metadata.labels['']" --> ("metadata.labels", "", true) -// "metadata.labels" --> ("metadata.labels", "", false) -func SplitMaybeSubscriptedPath(fieldPath string) (string, string, bool) { - if !strings.HasSuffix(fieldPath, "']") { - return fieldPath, "", false - } - s := strings.TrimSuffix(fieldPath, "']") - parts := strings.SplitN(s, "['", 2) - if len(parts) < 2 { - return fieldPath, "", false - } - if len(parts[0]) == 0 { - return fieldPath, "", false - } - return parts[0], parts[1], true -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/bitmap.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/bitmap.go deleted file mode 100644 index c176c578c..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/bitmap.go +++ /dev/null @@ -1,264 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package allocator - -import ( - "errors" - "fmt" - "math/big" - "math/rand" - "sync" - "time" -) - -// AllocationBitmap is a contiguous block of resources that can be allocated atomically. -// -// Each resource has an offset. The internal structure is a bitmap, with a bit for each offset. -// -// If a resource is taken, the bit at that offset is set to one. -// r.count is always equal to the number of set bits and can be recalculated at any time -// by counting the set bits in r.allocated. -// -// TODO: use RLE and compact the allocator to minimize space. -type AllocationBitmap struct { - // strategy carries the details of how to choose the next available item out of the range - strategy bitAllocator - // max is the maximum size of the usable items in the range - max int - // rangeSpec is the range specifier, matching RangeAllocation.Range - rangeSpec string - - // lock guards the following members - lock sync.Mutex - // count is the number of currently allocated elements in the range - count int - // allocated is a bit array of the allocated items in the range - allocated *big.Int -} - -// AllocationBitmap implements Interface and Snapshottable -var _ Interface = &AllocationBitmap{} -var _ Snapshottable = &AllocationBitmap{} - -// bitAllocator represents a search strategy in the allocation map for a valid item. -type bitAllocator interface { - AllocateBit(allocated *big.Int, max, count int) (int, bool) -} - -// NewAllocationMap creates an allocation bitmap using the random scan strategy. -func NewAllocationMap(max int, rangeSpec string) *AllocationBitmap { - return NewAllocationMapWithOffset(max, rangeSpec, 0) -} - -// NewAllocationMapWithOffset creates an allocation bitmap using a random scan strategy that -// allows to pass an offset that divides the allocation bitmap in two blocks. -// The first block of values will not be used for random value assigned by the AllocateNext() -// method until the second block of values has been exhausted. -// The offset value must be always smaller than the bitmap size. -func NewAllocationMapWithOffset(max int, rangeSpec string, offset int) *AllocationBitmap { - a := AllocationBitmap{ - strategy: randomScanStrategyWithOffset{ - rand: rand.New(rand.NewSource(time.Now().UnixNano())), - offset: offset, - }, - allocated: big.NewInt(0), - count: 0, - max: max, - rangeSpec: rangeSpec, - } - - return &a -} - -// Allocate attempts to reserve the provided item. -// Returns true if it was allocated, false if it was already in use -func (r *AllocationBitmap) Allocate(offset int) (bool, error) { - r.lock.Lock() - defer r.lock.Unlock() - - // max is the maximum size of the usable items in the range - if offset < 0 || offset >= r.max { - return false, fmt.Errorf("offset %d out of range [0,%d]", offset, r.max) - } - if r.allocated.Bit(offset) == 1 { - return false, nil - } - r.allocated = r.allocated.SetBit(r.allocated, offset, 1) - r.count++ - return true, nil -} - -// AllocateNext reserves one of the items from the pool. -// (0, false, nil) may be returned if there are no items left. -func (r *AllocationBitmap) AllocateNext() (int, bool, error) { - r.lock.Lock() - defer r.lock.Unlock() - - next, ok := r.strategy.AllocateBit(r.allocated, r.max, r.count) - if !ok { - return 0, false, nil - } - r.count++ - r.allocated = r.allocated.SetBit(r.allocated, next, 1) - return next, true, nil -} - -// Release releases the item back to the pool. Releasing an -// unallocated item or an item out of the range is a no-op and -// returns no error. -func (r *AllocationBitmap) Release(offset int) error { - r.lock.Lock() - defer r.lock.Unlock() - - if r.allocated.Bit(offset) == 0 { - return nil - } - - r.allocated = r.allocated.SetBit(r.allocated, offset, 0) - r.count-- - return nil -} - -const ( - // Find the size of a big.Word in bytes. - notZero = uint64(^big.Word(0)) - wordPower = (notZero>>8)&1 + (notZero>>16)&1 + (notZero>>32)&1 - wordSize = 1 << wordPower -) - -// ForEach calls the provided function for each allocated bit. The -// AllocationBitmap may not be modified while this loop is running. -func (r *AllocationBitmap) ForEach(fn func(int)) { - r.lock.Lock() - defer r.lock.Unlock() - - words := r.allocated.Bits() - for wordIdx, word := range words { - bit := 0 - for word > 0 { - if (word & 1) != 0 { - fn((wordIdx * wordSize * 8) + bit) - word = word &^ 1 - } - bit++ - word = word >> 1 - } - } -} - -// Has returns true if the provided item is already allocated and a call -// to Allocate(offset) would fail. -func (r *AllocationBitmap) Has(offset int) bool { - r.lock.Lock() - defer r.lock.Unlock() - - return r.allocated.Bit(offset) == 1 -} - -// Free returns the count of items left in the range. -func (r *AllocationBitmap) Free() int { - r.lock.Lock() - defer r.lock.Unlock() - return r.max - r.count -} - -// Snapshot saves the current state of the pool. -func (r *AllocationBitmap) Snapshot() (string, []byte) { - r.lock.Lock() - defer r.lock.Unlock() - - return r.rangeSpec, r.allocated.Bytes() -} - -// Restore restores the pool to the previously captured state. -func (r *AllocationBitmap) Restore(rangeSpec string, data []byte) error { - r.lock.Lock() - defer r.lock.Unlock() - - if r.rangeSpec != rangeSpec { - return errors.New("the provided range does not match the current range") - } - - r.allocated = big.NewInt(0).SetBytes(data) - r.count = countBits(r.allocated) - - return nil -} - -// Destroy cleans up everything on shutdown. -func (r *AllocationBitmap) Destroy() { -} - -// randomScanStrategy chooses a random address from the provided big.Int, and then -// scans forward looking for the next available address (it will wrap the range if -// necessary). -type randomScanStrategy struct { - rand *rand.Rand -} - -func (rss randomScanStrategy) AllocateBit(allocated *big.Int, max, count int) (int, bool) { - if count >= max { - return 0, false - } - offset := rss.rand.Intn(max) - for i := 0; i < max; i++ { - at := (offset + i) % max - if allocated.Bit(at) == 0 { - return at, true - } - } - return 0, false -} - -var _ bitAllocator = randomScanStrategy{} - -// randomScanStrategyWithOffset choose a random address from the provided big.Int and then scans -// forward looking for the next available address. The big.Int range is subdivided so it will try -// to allocate first from the reserved upper range of addresses (it will wrap the upper subrange if necessary). -// If there is no free address it will try to allocate one from the lower range too. -type randomScanStrategyWithOffset struct { - rand *rand.Rand - offset int -} - -func (rss randomScanStrategyWithOffset) AllocateBit(allocated *big.Int, max, count int) (int, bool) { - if count >= max { - return 0, false - } - // size of the upper subrange, prioritized for random allocation - subrangeMax := max - rss.offset - // try to get a value from the upper range [rss.reserved, max] - start := rss.rand.Intn(subrangeMax) - for i := 0; i < subrangeMax; i++ { - at := rss.offset + ((start + i) % subrangeMax) - if allocated.Bit(at) == 0 { - return at, true - } - } - - start = rss.rand.Intn(rss.offset) - // subrange full, try to get the value from the first block before giving up. - for i := 0; i < rss.offset; i++ { - at := (start + i) % rss.offset - if allocated.Bit(at) == 0 { - return at, true - } - } - return 0, false -} - -var _ bitAllocator = randomScanStrategyWithOffset{} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/interfaces.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/interfaces.go deleted file mode 100644 index 1328425ff..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/interfaces.go +++ /dev/null @@ -1,45 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package allocator - -// Interface manages the allocation of items out of a range. Interface -// should be threadsafe. -type Interface interface { - Allocate(int) (bool, error) - AllocateNext() (int, bool, error) - Release(int) error - ForEach(func(int)) - Has(int) bool - Free() int - - // Destroy shuts down all internal structures. - // Destroy needs to be implemented in thread-safe way and be prepared for being - // called more than once. - Destroy() -} - -// Snapshottable is an Interface that can be snapshotted and restored. Snapshottable -// should be threadsafe. -type Snapshottable interface { - Interface - Snapshot() (string, []byte) - Restore(string, []byte) error -} - -type AllocatorFactory func(max int, rangeSpec string) (Interface, error) - -type AllocatorWithOffsetFactory func(max int, rangeSpec string, offset int) (Interface, error) diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/utils.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/utils.go deleted file mode 100644 index c034f51e6..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/utils.go +++ /dev/null @@ -1,31 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package allocator - -import ( - "math/big" - "math/bits" -) - -// countBits returns the number of set bits in n -func countBits(n *big.Int) int { - var count int = 0 - for _, w := range n.Bits() { - count += bits.OnesCount64(uint64(w)) - } - return count -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/bitmap.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/bitmap.go deleted file mode 100644 index 02878ea48..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/bitmap.go +++ /dev/null @@ -1,423 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package ipallocator - -import ( - "fmt" - "math/big" - "net" - - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/registry/core/service/allocator" - netutils "k8s.io/utils/net" -) - -// Range is a contiguous block of IPs that can be allocated atomically. -// -// The internal structure of the range is: -// -// For CIDR 10.0.0.0/24 -// 254 addresses usable out of 256 total (minus base and broadcast IPs) -// The number of usable addresses is r.max -// -// CIDR base IP CIDR broadcast IP -// 10.0.0.0 10.0.0.255 -// | | -// 0 1 2 3 4 5 ... ... 253 254 255 -// | | -// r.base r.base + r.max -// | | -// offset #0 of r.allocated last offset of r.allocated -type Range struct { - net *net.IPNet - // base is a cached version of the start IP in the CIDR range as a *big.Int - base *big.Int - // max is the maximum size of the usable addresses in the range - max int - // family is the IP family of this range - family api.IPFamily - - alloc allocator.Interface - // metrics is a metrics recorder that can be disabled - metrics metricsRecorderInterface -} - -var _ Interface = (*Range)(nil) - -// New creates a Range over a net.IPNet, calling allocatorFactory to construct the backing store. -func New(cidr *net.IPNet, allocatorFactory allocator.AllocatorWithOffsetFactory) (*Range, error) { - max := netutils.RangeSize(cidr) - base := netutils.BigForIP(cidr.IP) - rangeSpec := cidr.String() - var family api.IPFamily - - if netutils.IsIPv6CIDR(cidr) { - family = api.IPv6Protocol - // Limit the max size, since the allocator keeps a bitmap of that size. - if max > 65536 { - max = 65536 - } - } else { - family = api.IPv4Protocol - // Don't use the IPv4 network's broadcast address, but don't just - // Allocate() it - we don't ever want to be able to release it. - max-- - } - - // Don't use the network's ".0" address, but don't just Allocate() it - we - // don't ever want to be able to release it. - base.Add(base, big.NewInt(1)) - max-- - - // cidr with whole mask can be negative - if max < 0 { - max = 0 - } - - r := Range{ - net: cidr, - base: base, - max: maximum(0, int(max)), - family: family, - metrics: &emptyMetricsRecorder{}, // disabled by default - } - - offset := calculateRangeOffset(cidr) - - var err error - r.alloc, err = allocatorFactory(r.max, rangeSpec, offset) - if err != nil { - return nil, err - } - return &r, nil -} - -// NewInMemory creates an in-memory allocator. -func NewInMemory(cidr *net.IPNet) (*Range, error) { - return New(cidr, func(max int, rangeSpec string, offset int) (allocator.Interface, error) { - return allocator.NewAllocationMapWithOffset(max, rangeSpec, offset), nil - }) -} - -// NewFromSnapshot allocates a Range and initializes it from a snapshot. -func NewFromSnapshot(snap *api.RangeAllocation) (*Range, error) { - _, ipnet, err := netutils.ParseCIDRSloppy(snap.Range) - if err != nil { - return nil, err - } - r, err := NewInMemory(ipnet) - if err != nil { - return nil, err - } - if err := r.Restore(ipnet, snap.Data); err != nil { - return nil, err - } - return r, nil -} - -func maximum(a, b int) int { - if a > b { - return a - } - return b -} - -// Free returns the count of IP addresses left in the range. -func (r *Range) Free() int { - return r.alloc.Free() -} - -// Used returns the count of IP addresses used in the range. -func (r *Range) Used() int { - return r.max - r.alloc.Free() -} - -// CIDR returns the CIDR covered by the range. -func (r *Range) CIDR() net.IPNet { - return *r.net -} - -// DryRun returns a non-persisting form of this Range. -func (r *Range) DryRun() Interface { - return dryRunRange{r} -} - -// For clearer code. -const dryRunTrue = true -const dryRunFalse = false - -// Allocate attempts to reserve the provided IP. ErrNotInRange or -// ErrAllocated will be returned if the IP is not valid for this range -// or has already been reserved. ErrFull will be returned if there -// are no addresses left. -func (r *Range) Allocate(ip net.IP) error { - return r.allocate(ip, dryRunFalse) -} - -func (r *Range) allocate(ip net.IP, dryRun bool) error { - label := r.CIDR() - ok, offset := r.contains(ip) - if !ok { - if !dryRun { - // update metrics - r.metrics.incrementAllocationErrors(label.String(), "static") - } - return &ErrNotInRange{ip, r.net.String()} - } - if dryRun { - // Don't bother to check whether the IP is actually free. It's racy and - // not worth the effort to plumb any further. - return nil - } - - allocated, err := r.alloc.Allocate(offset) - if err != nil { - // update metrics - r.metrics.incrementAllocationErrors(label.String(), "static") - - return err - } - if !allocated { - // update metrics - r.metrics.incrementAllocationErrors(label.String(), "static") - - return ErrAllocated - } - // update metrics - r.metrics.incrementAllocations(label.String(), "static") - r.metrics.setAllocated(label.String(), r.Used()) - r.metrics.setAvailable(label.String(), r.Free()) - - return nil -} - -// AllocateNext reserves one of the IPs from the pool. ErrFull may -// be returned if there are no addresses left. -func (r *Range) AllocateNext() (net.IP, error) { - return r.allocateNext(dryRunFalse) -} - -func (r *Range) allocateNext(dryRun bool) (net.IP, error) { - label := r.CIDR() - if dryRun { - // Don't bother finding a free value. It's racy and not worth the - // effort to plumb any further. - return r.CIDR().IP, nil - } - - offset, ok, err := r.alloc.AllocateNext() - if err != nil { - // update metrics - r.metrics.incrementAllocationErrors(label.String(), "dynamic") - - return nil, err - } - if !ok { - // update metrics - r.metrics.incrementAllocationErrors(label.String(), "dynamic") - - return nil, ErrFull - } - // update metrics - r.metrics.incrementAllocations(label.String(), "dynamic") - r.metrics.setAllocated(label.String(), r.Used()) - r.metrics.setAvailable(label.String(), r.Free()) - - return netutils.AddIPOffset(r.base, offset), nil -} - -// Release releases the IP back to the pool. Releasing an -// unallocated IP or an IP out of the range is a no-op and -// returns no error. -func (r *Range) Release(ip net.IP) error { - return r.release(ip, dryRunFalse) -} - -func (r *Range) release(ip net.IP, dryRun bool) error { - ok, offset := r.contains(ip) - if !ok { - return nil - } - if dryRun { - return nil - } - - err := r.alloc.Release(offset) - if err == nil { - // update metrics - label := r.CIDR() - r.metrics.setAllocated(label.String(), r.Used()) - r.metrics.setAvailable(label.String(), r.Free()) - } - return err -} - -// ForEach calls the provided function for each allocated IP. -func (r *Range) ForEach(fn func(net.IP)) { - r.alloc.ForEach(func(offset int) { - ip, _ := netutils.GetIndexedIP(r.net, offset+1) // +1 because Range doesn't store IP 0 - fn(ip) - }) -} - -// Has returns true if the provided IP is already allocated and a call -// to Allocate(ip) would fail with ErrAllocated. -func (r *Range) Has(ip net.IP) bool { - ok, offset := r.contains(ip) - if !ok { - return false - } - - return r.alloc.Has(offset) -} - -// IPFamily returns the IP family of this range. -func (r *Range) IPFamily() api.IPFamily { - return r.family -} - -// Snapshot saves the current state of the pool. -func (r *Range) Snapshot(dst *api.RangeAllocation) error { - snapshottable, ok := r.alloc.(allocator.Snapshottable) - if !ok { - return fmt.Errorf("not a snapshottable allocator") - } - rangeString, data := snapshottable.Snapshot() - dst.Range = rangeString - dst.Data = data - return nil -} - -// Restore restores the pool to the previously captured state. ErrMismatchedNetwork -// is returned if the provided IPNet range doesn't exactly match the previous range. -func (r *Range) Restore(net *net.IPNet, data []byte) error { - if !net.IP.Equal(r.net.IP) || net.Mask.String() != r.net.Mask.String() { - return ErrMismatchedNetwork - } - snapshottable, ok := r.alloc.(allocator.Snapshottable) - if !ok { - return fmt.Errorf("not a snapshottable allocator") - } - if err := snapshottable.Restore(net.String(), data); err != nil { - return fmt.Errorf("restoring snapshot encountered %v", err) - } - return nil -} - -// contains returns true and the offset if the ip is in the range, and false -// and nil otherwise. The first and last addresses of the CIDR are omitted. -func (r *Range) contains(ip net.IP) (bool, int) { - if !r.net.Contains(ip) { - return false, 0 - } - - offset := calculateIPOffset(r.base, ip) - if offset < 0 || offset >= r.max { - return false, 0 - } - return true, offset -} - -// Destroy shuts down internal allocator. -func (r *Range) Destroy() { - r.alloc.Destroy() -} - -// EnableMetrics enables metrics recording. -func (r *Range) EnableMetrics() { - registerMetrics() - r.metrics = &metricsRecorder{} -} - -// calculateIPOffset calculates the integer offset of ip from base such that -// base + offset = ip. It requires ip >= base. -func calculateIPOffset(base *big.Int, ip net.IP) int { - return int(big.NewInt(0).Sub(netutils.BigForIP(ip), base).Int64()) -} - -// calculateRangeOffset estimates the offset used on the range for statically allocation based on -// the following formula `min(max($min, cidrSize/$step), $max)`, described as ~never less than -// $min or more than $max, with a graduated step function between them~. The function returns 0 -// if any of the parameters is invalid. -func calculateRangeOffset(cidr *net.IPNet) int { - // default values for min(max($min, cidrSize/$step), $max) - const ( - min = 16 - max = 256 - step = 16 - ) - - cidrSize := netutils.RangeSize(cidr) - // available addresses are always less than the cidr size - // A /28 CIDR returns 16 addresses, but 2 of them, the network - // and broadcast addresses are not available. - if cidrSize <= min { - return 0 - } - - offset := cidrSize / step - if offset < min { - return min - } - if offset > max { - return max - } - return int(offset) -} - -// dryRunRange is a shim to satisfy Interface without persisting state. -type dryRunRange struct { - real *Range -} - -func (dry dryRunRange) Allocate(ip net.IP) error { - return dry.real.allocate(ip, dryRunTrue) -} - -func (dry dryRunRange) AllocateNext() (net.IP, error) { - return dry.real.allocateNext(dryRunTrue) -} - -func (dry dryRunRange) Release(ip net.IP) error { - return dry.real.release(ip, dryRunTrue) -} - -func (dry dryRunRange) ForEach(cb func(net.IP)) { - dry.real.ForEach(cb) -} - -func (dry dryRunRange) CIDR() net.IPNet { - return dry.real.CIDR() -} - -func (dry dryRunRange) IPFamily() api.IPFamily { - return dry.real.IPFamily() -} - -func (dry dryRunRange) DryRun() Interface { - return dry -} - -func (dry dryRunRange) Has(ip net.IP) bool { - return dry.real.Has(ip) -} - -func (dry dryRunRange) Destroy() { -} - -func (dry dryRunRange) EnableMetrics() { -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/cidrallocator.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/cidrallocator.go deleted file mode 100644 index cbb3b1c03..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/cidrallocator.go +++ /dev/null @@ -1,567 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package ipallocator - -import ( - "errors" - "fmt" - "net" - "net/netip" - "sync" - "time" - - v1 "k8s.io/api/core/v1" - networkingv1 "k8s.io/api/networking/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/wait" - utilfeature "k8s.io/apiserver/pkg/util/feature" - networkingv1informers "k8s.io/client-go/informers/networking/v1" - networkingv1client "k8s.io/client-go/kubernetes/typed/networking/v1" - networkingv1listers "k8s.io/client-go/listers/networking/v1" - "k8s.io/client-go/tools/cache" - "k8s.io/client-go/util/workqueue" - "k8s.io/klog/v2" - "k8s.io/kubernetes/pkg/api/servicecidr" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/features" - netutils "k8s.io/utils/net" -) - -// MetaAllocator maintains a structure with IP alloctors for the corresponding ServiceCIDRs. -// CIDR overlapping is allowed and the MetaAllocator should take this into consideration. -// Each allocator doesn't stored the IPAddresses, instead it reads them from the informer -// cache, it is cheap to create and delete IP Allocators. -// MetaAllocator use any READY allocator to Allocate IP addresses that has available IPs. - -// MetaAllocator implements current allocator interface using -// ServiceCIDR and IPAddress API objects. -type MetaAllocator struct { - client networkingv1client.NetworkingV1Interface - serviceCIDRLister networkingv1listers.ServiceCIDRLister - serviceCIDRSynced cache.InformerSynced - ipAddressLister networkingv1listers.IPAddressLister - ipAddressSynced cache.InformerSynced - ipAddressInformer networkingv1informers.IPAddressInformer - queue workqueue.TypedRateLimitingInterface[string] - - internalStopCh chan struct{} - - // allocators is a map indexed by the network prefix - // Multiple ServiceCIDR can contain the same network prefix - // so we need to store the references from each allocators to - // the corresponding ServiceCIDRs - mu sync.Mutex - allocators map[string]*item - - ipFamily api.IPFamily - metrics bool // enable the metrics collection - - // TODO(aojea): remove with the feature gate DisableAllocatorDualWrite - bitmapAllocator Interface -} - -type item struct { - allocator *Allocator - serviceCIDRs sets.Set[string] // reference of the serviceCIDRs using this Allocator -} - -var _ Interface = &MetaAllocator{} - -// NewMetaAllocator returns an IP allocator that use the IPAddress -// and ServiceCIDR objects to track the assigned IP addresses, -// using an informer cache as storage. -func NewMetaAllocator( - client networkingv1client.NetworkingV1Interface, - serviceCIDRInformer networkingv1informers.ServiceCIDRInformer, - ipAddressInformer networkingv1informers.IPAddressInformer, - isIPv6 bool, - bitmapAllocator Interface, -) (*MetaAllocator, error) { - - c := newMetaAllocator(client, serviceCIDRInformer, ipAddressInformer, isIPv6, bitmapAllocator) - go c.run() - return c, nil -} - -// newMetaAllocator is used to build the allocator for testing -func newMetaAllocator(client networkingv1client.NetworkingV1Interface, - serviceCIDRInformer networkingv1informers.ServiceCIDRInformer, - ipAddressInformer networkingv1informers.IPAddressInformer, - isIPv6 bool, - bitmapAllocator Interface, -) *MetaAllocator { - // TODO: make the NewMetaAllocator agnostic of the IP family - family := api.IPv4Protocol - if isIPv6 { - family = api.IPv6Protocol - } - - c := &MetaAllocator{ - client: client, - serviceCIDRLister: serviceCIDRInformer.Lister(), - serviceCIDRSynced: serviceCIDRInformer.Informer().HasSynced, - ipAddressLister: ipAddressInformer.Lister(), - ipAddressSynced: ipAddressInformer.Informer().HasSynced, - ipAddressInformer: ipAddressInformer, - queue: workqueue.NewTypedRateLimitingQueueWithConfig( - workqueue.DefaultTypedControllerRateLimiter[string](), - workqueue.TypedRateLimitingQueueConfig[string]{Name: ControllerName}, - ), - internalStopCh: make(chan struct{}), - allocators: make(map[string]*item), - ipFamily: family, - metrics: false, - bitmapAllocator: bitmapAllocator, - } - - _, _ = serviceCIDRInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ - AddFunc: c.enqueueServiceCIDR, - UpdateFunc: func(old, new interface{}) { - c.enqueueServiceCIDR(new) - }, - // Process the deletion directly in the handler to be able to use the object fields - // without having to cache them. ServiceCIDRs are protected by finalizers - // so the "started deletion" logic will be handled in the reconcile loop. - DeleteFunc: c.deleteServiceCIDR, - }) - - return c -} - -func (c *MetaAllocator) enqueueServiceCIDR(obj interface{}) { - key, err := cache.MetaNamespaceKeyFunc(obj) - if err == nil { - c.queue.Add(key) - } -} - -func (c *MetaAllocator) deleteServiceCIDR(obj interface{}) { - serviceCIDR, ok := obj.(*networkingv1.ServiceCIDR) - if !ok { - tombstone, ok := obj.(cache.DeletedFinalStateUnknown) - if !ok { - return - } - serviceCIDR, ok = tombstone.Obj.(*networkingv1.ServiceCIDR) - if !ok { - return - } - } - klog.Infof("deleting ClusterIP allocator for Service CIDR %v", serviceCIDR) - - c.mu.Lock() - defer c.mu.Unlock() - for _, cidr := range serviceCIDR.Spec.CIDRs { - // skip IP families not supported by this MetaAllocator - if c.ipFamily != api.IPFamily(convertToV1IPFamily(netutils.IPFamilyOfCIDRString(cidr))) { - continue - } - // get the Allocator used by this ServiceCIDR - v, ok := c.allocators[cidr] - if !ok { - continue - } - // remove the reference to this ServiceCIDR - v.serviceCIDRs.Delete(serviceCIDR.Name) - if v.serviceCIDRs.Len() > 0 { - klog.V(2).Infof("deleted Service CIDR from allocator %s, remaining %v", cidr, v.serviceCIDRs) - } else { - // if there are no references to this Allocator - // destroy and remove it from the map - v.allocator.Destroy() - delete(c.allocators, cidr) - klog.Infof("deleted ClusterIP allocator for Service CIDR %s", cidr) - } - } -} - -func (c *MetaAllocator) run() { - defer runtime.HandleCrash() - defer c.queue.ShutDown() - klog.Info("starting ServiceCIDR Allocator Controller") - defer klog.Info("stopping ServiceCIDR Allocator Controller") - - // Wait for all involved caches to be synced, before processing items from the queue is started - if !cache.WaitForCacheSync(c.internalStopCh, c.serviceCIDRSynced, c.ipAddressSynced) { - runtime.HandleError(fmt.Errorf("timed out waiting for caches to sync")) - return - } - - // this is single threaded only one serviceCIDR at a time - go wait.Until(c.runWorker, time.Second, c.internalStopCh) - - <-c.internalStopCh -} - -func (c *MetaAllocator) runWorker() { - for c.processNextItem() { - } -} - -func (c *MetaAllocator) processNextItem() bool { - // Wait until there is a new item in the working queue - key, quit := c.queue.Get() - if quit { - return false - } - defer c.queue.Done(key) - err := c.syncAllocators() - // Handle the error if something went wrong during the execution of the business logic - if err != nil { - if c.queue.NumRequeues(key) < 5 { - klog.Infof("error syncing cidr %v: %v", key, err) - c.queue.AddRateLimited(key) - return true - } - } - c.queue.Forget(key) - return true -} - -// syncAllocators adds new allocators and syncs the ready state of the allocators -// deletion of allocators is handled directly on the event handler. -func (c *MetaAllocator) syncAllocators() error { - start := time.Now() - klog.V(2).Info("syncing ServiceCIDR allocators") - defer func() { - klog.V(2).Infof("syncing ServiceCIDR allocators took: %v", time.Since(start)) - }() - - c.mu.Lock() - defer c.mu.Unlock() - - serviceCIDRs, err := c.serviceCIDRLister.List(labels.Everything()) - if err != nil { - return err - } - - for _, serviceCIDR := range serviceCIDRs { - for _, cidr := range serviceCIDR.Spec.CIDRs { - // skip IP families not supported by this MetaAllocator - if c.ipFamily != api.IPFamily(convertToV1IPFamily(netutils.IPFamilyOfCIDRString(cidr))) { - continue - } - // the allocator is ready if the object is ready and is not being deleted - ready := false - if isReady(serviceCIDR) && serviceCIDR.DeletionTimestamp.IsZero() { - ready = true - } - - // check if an allocator already exist for this CIDR - v, ok := c.allocators[cidr] - // Update allocator with ServiceCIDR - if ok { - v.serviceCIDRs.Insert(serviceCIDR.Name) - // an Allocator is ready if at least one of the ServiceCIDRs is ready - if ready { - v.allocator.ready.Store(true) - } else if v.serviceCIDRs.Has(serviceCIDR.Name) && len(v.serviceCIDRs) == 1 { - v.allocator.ready.Store(false) - } - klog.Infof("updated ClusterIP allocator for Service CIDR %s", cidr) - continue - } - - // Create new allocator for ServiceCIDR - _, ipnet, err := netutils.ParseCIDRSloppy(cidr) // this was already validated - if err != nil { - klog.Infof("error parsing cidr %s", cidr) - continue - } - // New ServiceCIDR, create new allocator - allocator, err := NewIPAllocator(ipnet, c.client, c.ipAddressInformer) - if err != nil { - klog.Infof("error creating new IPAllocator for Service CIDR %s", cidr) - continue - } - if c.metrics { - allocator.EnableMetrics() - } - allocator.ready.Store(ready) - c.allocators[cidr] = &item{ - allocator: allocator, - serviceCIDRs: sets.New[string](serviceCIDR.Name), - } - klog.Infof("created ClusterIP allocator for Service CIDR %s", cidr) - } - } - return nil -} - -// getAllocator returns any allocator that contains the IP passed as argument. -// if ready is set only an allocator that is ready is returned. -// Allocate operations can work with ANY allocator that is ready, the allocators -// contain references to the IP addresses hence does not matter what allocators have -// the IP. Release operations need to work with ANY allocator independent of its state. -func (c *MetaAllocator) getAllocator(ip net.IP, ready bool) (*Allocator, error) { - c.mu.Lock() - defer c.mu.Unlock() - address := servicecidr.IPToAddr(ip) - // use the first allocator that contains the address - for cidr, item := range c.allocators { - prefix, err := netip.ParsePrefix(cidr) - if err != nil { - return nil, err - } - if servicecidr.PrefixContainsIP(prefix, address) { - if !ready { - return item.allocator, nil - } - if item.allocator.ready.Load() { - return item.allocator, nil - } - } - } - klog.V(2).Infof("Could not get allocator for IP %s", ip.String()) - return nil, ErrMismatchedNetwork -} - -func (c *MetaAllocator) AllocateService(service *api.Service, ip net.IP) error { - allocator, err := c.getAllocator(ip, true) - if err != nil { - return err - } - if !utilfeature.DefaultFeatureGate.Enabled(features.DisableAllocatorDualWrite) { - cidr := c.bitmapAllocator.CIDR() - if cidr.Contains(ip) { - err := c.bitmapAllocator.Allocate(ip) - if err != nil { - return err - } - } - } - return allocator.AllocateService(service, ip) -} - -// Allocate attempts to reserve the provided IP. ErrNotInRange or -// ErrAllocated will be returned if the IP is not valid for this range -// or has already been reserved. ErrFull will be returned if there -// are no addresses left. -// Only for testing, it will fail to create the IPAddress object because -// the Service reference is required.s -func (c *MetaAllocator) Allocate(ip net.IP) error { - return c.AllocateService(nil, ip) - -} - -func (c *MetaAllocator) AllocateNextService(service *api.Service) (net.IP, error) { - // If the cluster is still using the old allocators use them first to try to - // get an IP address to keep backwards compatibility. - if !utilfeature.DefaultFeatureGate.Enabled(features.DisableAllocatorDualWrite) { - ip, err := c.bitmapAllocator.AllocateNext() - if err == nil { - allocator, err := c.getAllocator(ip, true) - if err != nil { - return nil, err - } - return ip, allocator.AllocateService(service, ip) - } else { - klog.Infof("no IP address available on the old ClusterIP allocator, trying to get a new address using the new allocators") - } - } - c.mu.Lock() - defer c.mu.Unlock() - // TODO(aojea) add strategy to return a random allocator but - // taking into consideration the number of addresses of each allocator. - // Per example, if we have allocator A and B with 256 and 1024 possible - // addresses each, the chances to get B has to be 4 times the chances to - // get A so we can spread the load of IPs randomly. - // However, we need to validate the best strategy before going to Beta. - isIPv6 := c.ipFamily == api.IPFamily(v1.IPv6Protocol) - for cidr, item := range c.allocators { - if netutils.IsIPv6CIDRString(cidr) != isIPv6 { - continue - } - ip, err := item.allocator.AllocateNextService(service) - if err == nil { - return ip, nil - } - // only keep trying if the allocator is full or not ready - if !errors.Is(err, ErrFull) && !errors.Is(err, ErrNotReady) { - return nil, err - } - } - return nil, ErrFull -} - -// AllocateNext return an IP address that wasn't allocated yet. -// Only for testing, it will fail to create the IPAddress object because -// the Service reference is required -func (c *MetaAllocator) AllocateNext() (net.IP, error) { - return c.AllocateNextService(nil) -} - -func (c *MetaAllocator) Release(ip net.IP) error { - allocator, err := c.getAllocator(ip, false) - if err != nil { - return err - } - if !utilfeature.DefaultFeatureGate.Enabled(features.DisableAllocatorDualWrite) { - cidr := c.bitmapAllocator.CIDR() - if cidr.Contains(ip) { - _ = c.bitmapAllocator.Release(ip) - } - } - return allocator.Release(ip) - -} -func (c *MetaAllocator) ForEach(f func(ip net.IP)) { - ipLabelSelector := labels.Set(map[string]string{ - networkingv1.LabelIPAddressFamily: string(c.IPFamily()), - networkingv1.LabelManagedBy: ControllerName, - }).AsSelectorPreValidated() - ips, err := c.ipAddressLister.List(ipLabelSelector) - if err != nil { - return - } - for _, ip := range ips { - f(netutils.ParseIPSloppy(ip.Name)) - } -} - -func (c *MetaAllocator) CIDR() net.IPNet { - return net.IPNet{} - -} -func (c *MetaAllocator) IPFamily() api.IPFamily { - return c.ipFamily -} -func (c *MetaAllocator) Has(ip net.IP) bool { - allocator, err := c.getAllocator(ip, true) - if err != nil { - return false - } - return allocator.Has(ip) -} -func (c *MetaAllocator) Destroy() { - select { - case <-c.internalStopCh: - default: - if !utilfeature.DefaultFeatureGate.Enabled(features.DisableAllocatorDualWrite) { - c.bitmapAllocator.Destroy() - } - close(c.internalStopCh) - } -} - -// for testing -func (c *MetaAllocator) Used() int { - ipLabelSelector := labels.Set(map[string]string{ - networkingv1.LabelIPAddressFamily: string(c.IPFamily()), - networkingv1.LabelManagedBy: ControllerName, - }).AsSelectorPreValidated() - ips, err := c.ipAddressLister.List(ipLabelSelector) - if err != nil { - return 0 - } - return len(ips) -} - -// for testing -func (c *MetaAllocator) Free() int { - c.mu.Lock() - defer c.mu.Unlock() - - size := 0 - prefixes := []netip.Prefix{} - // Get all the existing prefixes - for cidr := range c.allocators { - prefix, err := netip.ParsePrefix(cidr) - if err != nil { - continue - } - prefixes = append(prefixes, prefix) - } - // only count the top level prefixes to not double count - for _, prefix := range prefixes { - if !isNotContained(prefix, prefixes) { - continue - } - v, ok := c.allocators[prefix.String()] - if !ok { - continue - } - size += int(v.allocator.size) - } - return size - c.Used() -} - -func (c *MetaAllocator) EnableMetrics() { - c.mu.Lock() - defer c.mu.Unlock() - c.metrics = true - for _, item := range c.allocators { - item.allocator.EnableMetrics() - } -} - -// DryRun returns a random allocator -func (c *MetaAllocator) DryRun() Interface { - c.mu.Lock() - defer c.mu.Unlock() - for _, item := range c.allocators { - return item.allocator.DryRun() - } - return &Allocator{} -} - -func isReady(serviceCIDR *networkingv1.ServiceCIDR) bool { - if serviceCIDR == nil { - return false - } - - for _, condition := range serviceCIDR.Status.Conditions { - if condition.Type == networkingv1.ServiceCIDRConditionReady { - return condition.Status == metav1.ConditionStatus(metav1.ConditionTrue) - } - } - // assume the ServiceCIDR is Ready, in order to handle scenarios where kcm is not running - return true -} - -// Convert netutils.IPFamily to v1.IPFamily -// TODO: consolidate helpers -// copied from pkg/proxy/util/utils.go -func convertToV1IPFamily(ipFamily netutils.IPFamily) v1.IPFamily { - switch ipFamily { - case netutils.IPv4: - return v1.IPv4Protocol - case netutils.IPv6: - return v1.IPv6Protocol - } - - return v1.IPFamilyUnknown -} - -// isNotContained returns true if the prefix is not contained in any -// of the passed prefixes. -func isNotContained(prefix netip.Prefix, prefixes []netip.Prefix) bool { - for _, p := range prefixes { - // skip same prefix - if prefix == p { - continue - } - // 192.168.0.0/24 is contained within 192.168.0.0/16 - if prefix.Overlaps(p) && prefix.Bits() >= p.Bits() { - return false - } - } - return true -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/interfaces.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/interfaces.go deleted file mode 100644 index 2bf298025..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/interfaces.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2022 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package ipallocator - -import ( - "errors" - "fmt" - "net" - - api "k8s.io/kubernetes/pkg/apis/core" -) - -// Interface manages the allocation of IP addresses out of a range. Interface -// should be threadsafe. -type Interface interface { - Allocate(net.IP) error - AllocateNext() (net.IP, error) - Release(net.IP) error - ForEach(func(net.IP)) - CIDR() net.IPNet - IPFamily() api.IPFamily - Has(ip net.IP) bool - Destroy() - EnableMetrics() - - // DryRun offers a way to try operations without persisting them. - DryRun() Interface -} - -var ( - ErrFull = errors.New("range is full") - ErrAllocated = errors.New("provided IP is already allocated") - ErrMismatchedNetwork = errors.New("the provided network does not match the current range") - ErrNotReady = errors.New("allocator not ready") -) - -type ErrNotInRange struct { - IP net.IP - ValidRange string -} - -func (e *ErrNotInRange) Error() string { - return fmt.Sprintf("the provided IP (%v) is not in the valid range. The range of valid IPs is %s", e.IP, e.ValidRange) -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/ipallocator.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/ipallocator.go deleted file mode 100644 index 0c07f8e94..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/ipallocator.go +++ /dev/null @@ -1,629 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package ipallocator - -import ( - "context" - "errors" - "fmt" - "math" - "math/big" - "math/rand" - "net" - "net/netip" - "sync/atomic" - "time" - - networkingv1 "k8s.io/api/networking/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - networkingv1informers "k8s.io/client-go/informers/networking/v1" - networkingv1client "k8s.io/client-go/kubernetes/typed/networking/v1" - networkingv1listers "k8s.io/client-go/listers/networking/v1" - "k8s.io/client-go/tools/cache" - "k8s.io/klog/v2" - api "k8s.io/kubernetes/pkg/apis/core" - netutils "k8s.io/utils/net" - utiltrace "k8s.io/utils/trace" -) - -const ControllerName = "ipallocator.k8s.io" - -// Allocator implements current ipallocator interface using IPAddress API object -// and an informer as backend. -type Allocator struct { - cidr *net.IPNet - prefix netip.Prefix - firstAddress netip.Addr // first IP address within the range - offsetAddress netip.Addr // IP address that delimits the upper and lower subranges - lastAddress netip.Addr // last IP address within the range - family api.IPFamily // family is the IP family of this range - - rangeOffset int // subdivides the assigned IP range to prefer dynamic allocation from the upper range - size uint64 // cap the total number of IPs available to maxInt64 - - client networkingv1client.NetworkingV1Interface - ipAddressLister networkingv1listers.IPAddressLister - ipAddressSynced cache.InformerSynced - // ready indicates if the allocator is able to allocate new IP addresses. - // This is required because it depends on the ServiceCIDR to be ready. - ready atomic.Bool - - // metrics is a metrics recorder that can be disabled - metrics metricsRecorderInterface - metricLabel string - - rand *rand.Rand -} - -var _ Interface = &Allocator{} - -// NewIPAllocator returns an IP allocator associated to a network range -// that use the IPAddress object to track the assigned IP addresses, -// using an informer cache as storage. -func NewIPAllocator( - cidr *net.IPNet, - client networkingv1client.NetworkingV1Interface, - ipAddressInformer networkingv1informers.IPAddressInformer, -) (*Allocator, error) { - prefix, err := netip.ParsePrefix(cidr.String()) - if err != nil { - return nil, err - } - - if prefix.Addr().Is6() && prefix.Bits() < 64 { - return nil, fmt.Errorf("shortest allowed prefix length for service CIDR is 64, got %d", prefix.Bits()) - } - - // TODO: use the utils/net function once is available - size := hostsPerNetwork(cidr) - var family api.IPFamily - if netutils.IsIPv6CIDR(cidr) { - family = api.IPv6Protocol - } else { - family = api.IPv4Protocol - } - // Caching the first, offset and last addresses allows to optimize - // the search loops by using the netip.Addr iterator instead - // of having to do conversions with IP addresses. - // Don't allocate the network's ".0" address. - ipFirst := prefix.Masked().Addr().Next() - // Use the broadcast address as last address for IPv6 - ipLast, err := broadcastAddress(prefix) - if err != nil { - return nil, err - } - // For IPv4 don't use the network's broadcast address - if family == api.IPv4Protocol { - ipLast = ipLast.Prev() - } - // KEP-3070: Reserve Service IP Ranges For Dynamic and Static IP Allocation - // calculate the subrange offset - rangeOffset := calculateRangeOffset(cidr) - offsetAddress, err := addOffsetAddress(ipFirst, uint64(rangeOffset)) - if err != nil { - return nil, err - } - a := &Allocator{ - cidr: cidr, - prefix: prefix, - firstAddress: ipFirst, - lastAddress: ipLast, - rangeOffset: rangeOffset, - offsetAddress: offsetAddress, - size: size, - family: family, - client: client, - ipAddressLister: ipAddressInformer.Lister(), - ipAddressSynced: ipAddressInformer.Informer().HasSynced, - metrics: &emptyMetricsRecorder{}, // disabled by default - metricLabel: cidr.String(), - rand: rand.New(rand.NewSource(time.Now().UnixNano())), - } - a.ready.Store(true) - return a, nil -} - -func (a *Allocator) createIPAddress(name string, svc *api.Service, scope string) error { - ipAddress := networkingv1.IPAddress{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Labels: map[string]string{ - networkingv1.LabelIPAddressFamily: string(a.IPFamily()), - networkingv1.LabelManagedBy: ControllerName, - }, - }, - Spec: networkingv1.IPAddressSpec{ - ParentRef: serviceToRef(svc), - }, - } - _, err := a.client.IPAddresses().Create(context.Background(), &ipAddress, metav1.CreateOptions{}) - if err != nil { - // update metrics - a.metrics.incrementAllocationErrors(a.metricLabel, scope) - if apierrors.IsAlreadyExists(err) { - return ErrAllocated - } - return err - } - // update metrics - a.metrics.incrementAllocations(a.metricLabel, scope) - a.metrics.setAllocated(a.metricLabel, a.Used()) - a.metrics.setAvailable(a.metricLabel, a.Free()) - return nil -} - -// Allocate attempts to reserve the provided IP. ErrNotInRange or -// ErrAllocated will be returned if the IP is not valid for this range -// or has already been reserved. ErrFull will be returned if there -// are no addresses left. -// Only for testing, it will fail to create the IPAddress object because -// the Service reference is required. -func (a *Allocator) Allocate(ip net.IP) error { - return a.AllocateService(nil, ip) -} - -// AllocateService attempts to reserve the provided IP. ErrNotInRange or -// ErrAllocated will be returned if the IP is not valid for this range -// or has already been reserved. ErrFull will be returned if there -// are no addresses left. -func (a *Allocator) AllocateService(svc *api.Service, ip net.IP) error { - return a.allocateService(svc, ip, dryRunFalse) -} - -func (a *Allocator) allocateService(svc *api.Service, ip net.IP, dryRun bool) error { - if !a.ready.Load() || !a.ipAddressSynced() { - return ErrNotReady - } - addr, err := netip.ParseAddr(ip.String()) - if err != nil { - return err - } - - // check address is within the range of available addresses - if addr.Less(a.firstAddress) || // requested address is lower than the first address in the subnet - a.lastAddress.Less(addr) { // the last address in the subnet is lower than the requested address - if !dryRun { - // update metrics - a.metrics.incrementAllocationErrors(a.metricLabel, "static") - } - return &ErrNotInRange{ip, a.prefix.String()} - } - if dryRun { - return nil - } - start := time.Now() - err = a.createIPAddress(ip.String(), svc, "static") - if err != nil { - return err - } - a.metrics.setLatency(a.metricLabel, time.Since(start)) - return nil -} - -// AllocateNext return an IP address that wasn't allocated yet. -// Only for testing, it will fail to create the IPAddress object because -// the Service reference is required. -func (a *Allocator) AllocateNext() (net.IP, error) { - return a.AllocateNextService(nil) -} - -// AllocateNext return an IP address that wasn't allocated yet. -func (a *Allocator) AllocateNextService(svc *api.Service) (net.IP, error) { - return a.allocateNextService(svc, dryRunFalse) -} - -// allocateNextService tries to allocate a free IP address within the subnet. -// If the subnet is big enough, it partitions the subnet into two subranges, -// delimited by a.rangeOffset. -// It tries to allocate a free IP address from the upper subnet first and -// falls back to the lower subnet. -// It starts allocating from a random IP within each range. -func (a *Allocator) allocateNextService(svc *api.Service, dryRun bool) (net.IP, error) { - if !a.ready.Load() || !a.ipAddressSynced() { - return nil, ErrNotReady - } - if dryRun { - // Don't bother finding a free value. It's racy and not worth the - // effort to plumb any further. - return a.CIDR().IP, nil - } - - trace := utiltrace.New("allocate dynamic ClusterIP address") - defer trace.LogIfLong(500 * time.Millisecond) - start := time.Now() - - // rand.Int63n panics for n <= 0 so we need to avoid problems when - // converting from uint64 to int64 - rangeSize := a.size - uint64(a.rangeOffset) - var offset uint64 - switch { - case rangeSize >= math.MaxInt64: - offset = a.rand.Uint64() - // a.offsetAddress + offset should not overflow a 64 bit CIDR. - if math.MaxUint64-offset < uint64(a.rangeOffset) { - offset -= uint64(a.rangeOffset) - } - case rangeSize == 0: - return net.IP{}, ErrFull - default: - offset = uint64(a.rand.Int63n(int64(rangeSize))) - } - iterator := ipIterator(a.offsetAddress, a.lastAddress, offset) - ip, err := a.allocateFromRange(iterator, svc) - if err == nil { - a.metrics.setLatency(a.metricLabel, time.Since(start)) - return ip, nil - } - // if the upper range is full, try to allocate from the lower range - if errors.Is(err, ErrFull) && a.rangeOffset != 0 { - offset = uint64(a.rand.Intn(a.rangeOffset)) - iterator = ipIterator(a.firstAddress, a.offsetAddress.Prev(), offset) - ip, err = a.allocateFromRange(iterator, svc) - if err == nil { - a.metrics.setLatency(a.metricLabel, time.Since(start)) - return ip, nil - } - } - // no IP available - if err == nil { - klog.Info("[SHOULD NOT HAPPEN] - No IP Allocated and no error") - err = ErrFull - } - a.metrics.incrementAllocationErrors(a.metricLabel, "dynamic") - return net.IP{}, err -} - -// IP iterator allows to iterate over all the IP addresses -// in a range defined by the start and last address. -// It starts iterating at the address position defined by the offset. -// It returns an invalid address to indicate it hasfinished. -func ipIterator(first netip.Addr, last netip.Addr, offset uint64) func() netip.Addr { - // There are no modulo operations for IP addresses - modulo := func(addr netip.Addr) netip.Addr { - if addr.Compare(last) == 1 { - return first - } - return addr - } - next := func(addr netip.Addr) netip.Addr { - return modulo(addr.Next()) - } - start, err := addOffsetAddress(first, offset) - if err != nil { - return func() netip.Addr { return netip.Addr{} } - } - start = modulo(start) - ip := start - seen := false - return func() netip.Addr { - value := ip - // is the last or the first iteration - if value == start { - if seen { - return netip.Addr{} - } - seen = true - } - ip = next(ip) - return value - } - -} - -// allocateFromRange allocates an empty IP address from the range of -// IPs between the first and last address (both included), starting -// from the start address. -// TODO: this is a linear search, it can be optimized. -func (a *Allocator) allocateFromRange(iterator func() netip.Addr, svc *api.Service) (net.IP, error) { - for { - ip := iterator() - if !ip.IsValid() { - break - } - name := ip.String() - _, err := a.ipAddressLister.Get(name) - // continue if ip already exist - if err == nil { - continue - } - if !apierrors.IsNotFound(err) { - klog.Infof("unexpected error: %v", err) - continue - } - // address is not present on the cache, try to allocate it - err = a.createIPAddress(name, svc, "dynamic") - // an error can happen if there is a TOCTOU race and the IP address - // was allocated by another instance, in that case, swallow the error - // and try with the next IP address, but abort on other errors. - // Ref: https://issues.k8s.io/135333 - if err != nil { - if errors.Is(err, ErrAllocated) { - klog.Infof("mid-air collision trying to allocate IP %s that already exists, retrying ...", name) - continue - } - klog.Infof("can not create IPAddress %s: %v", name, err) - return nil, err - } - return ip.AsSlice(), nil - } - return net.IP{}, ErrFull -} - -// Release releases the IP back to the pool. Releasing an -// unallocated IP or an IP out of the range is a no-op and -// returns no error. -func (a *Allocator) Release(ip net.IP) error { - return a.release(ip, dryRunFalse) -} - -func (a *Allocator) release(ip net.IP, dryRun bool) error { - if dryRun { - return nil - } - name := ip.String() - // Try to Delete the IPAddress independently of the cache state. - // The error is ignored for compatibility reasons. - err := a.client.IPAddresses().Delete(context.Background(), name, metav1.DeleteOptions{}) - if err == nil { - // update metrics - a.metrics.setAllocated(a.metricLabel, a.Used()) - a.metrics.setAvailable(a.metricLabel, a.Free()) - return nil - } - klog.Infof("error releasing ip %s : %v", name, err) - return nil -} - -// ForEach executes the function on each allocated IP -// This is required to satisfy the Allocator Interface only -func (a *Allocator) ForEach(f func(net.IP)) { - ipLabelSelector := labels.Set(map[string]string{ - networkingv1.LabelIPAddressFamily: string(a.IPFamily()), - networkingv1.LabelManagedBy: ControllerName, - }).AsSelectorPreValidated() - ips, err := a.ipAddressLister.List(ipLabelSelector) - if err != nil { - return - } - for _, ip := range ips { - f(netutils.ParseIPSloppy(ip.Name)) - } -} - -func (a *Allocator) CIDR() net.IPNet { - return *a.cidr -} - -// for testing -func (a *Allocator) Has(ip net.IP) bool { - // convert IP to name - name := ip.String() - ipAddress, err := a.client.IPAddresses().Get(context.Background(), name, metav1.GetOptions{}) - if err != nil || len(ipAddress.Name) == 0 { - return false - } - return true -} - -func (a *Allocator) IPFamily() api.IPFamily { - return a.family -} - -// for testing, it assumes this is the allocator is unique for the ipFamily -func (a *Allocator) Used() int { - ipLabelSelector := labels.Set(map[string]string{ - networkingv1.LabelIPAddressFamily: string(a.IPFamily()), - networkingv1.LabelManagedBy: ControllerName, - }).AsSelectorPreValidated() - ips, err := a.ipAddressLister.List(ipLabelSelector) - if err != nil { - return 0 - } - - // Count only IPs that belong to this allocator's CIDR - count := 0 - for _, ipAddress := range ips { - // Parse the IP address string to netip.Addr type - ip, err := netip.ParseAddr(ipAddress.Name) - if err != nil { - continue - } - // Only count valid IPs that fall within this allocator's CIDR range - if a.prefix.Contains(ip) { - count++ - } - } - return count -} - -// for testing, it assumes this is the allocator is unique for the ipFamily -func (a *Allocator) Free() int { - used := a.Used() - - // Prevent integer overflow: if a.size exceeds int max value, use MaxInt - if a.size > math.MaxInt { - // In this case, used is definitely less than MaxInt, so no negative values - return math.MaxInt - used - } - - size := int(a.size) - - // Prevent negative return values due to data inconsistency - if used > size { - // This usually indicates data inconsistency, log a warning and return 0 - klog.Warningf("IP allocator inconsistency detected: used (%d) > size (%d) for CIDR %s", - used, size, a.cidr.String()) - return 0 - } - - return size - used -} - -// Destroy -func (a *Allocator) Destroy() { -} - -// DryRun -func (a *Allocator) DryRun() Interface { - return dryRunAllocator{a} -} - -// EnableMetrics -func (a *Allocator) EnableMetrics() { - registerMetrics() - a.metrics = &metricsRecorder{} -} - -// dryRunRange is a shim to satisfy Interface without persisting state. -type dryRunAllocator struct { - real *Allocator -} - -func (dry dryRunAllocator) Allocate(ip net.IP) error { - return dry.real.allocateService(nil, ip, dryRunTrue) - -} - -func (dry dryRunAllocator) AllocateNext() (net.IP, error) { - return dry.real.allocateNextService(nil, dryRunTrue) -} - -func (dry dryRunAllocator) Release(ip net.IP) error { - return dry.real.release(ip, dryRunTrue) -} - -func (dry dryRunAllocator) ForEach(cb func(net.IP)) { - dry.real.ForEach(cb) -} - -func (dry dryRunAllocator) CIDR() net.IPNet { - return dry.real.CIDR() -} - -func (dry dryRunAllocator) IPFamily() api.IPFamily { - return dry.real.IPFamily() -} - -func (dry dryRunAllocator) DryRun() Interface { - return dry -} - -func (dry dryRunAllocator) Has(ip net.IP) bool { - return dry.real.Has(ip) -} - -func (dry dryRunAllocator) Destroy() { -} - -func (dry dryRunAllocator) EnableMetrics() { -} - -// addOffsetAddress returns the address at the provided offset within the subnet -// TODO: move it to k8s.io/utils/net, this is the same as current AddIPOffset() -// but using netip.Addr instead of net.IP -func addOffsetAddress(address netip.Addr, offset uint64) (netip.Addr, error) { - addressBytes := address.AsSlice() - addressBig := big.NewInt(0).SetBytes(addressBytes) - r := big.NewInt(0).Add(addressBig, big.NewInt(0).SetUint64(offset)).Bytes() - // r must be 4 or 16 bytes depending of the ip family - // bigInt conversion to bytes will not take this into consideration - // and drop the leading zeros, so we have to take this into account. - lenDiff := len(addressBytes) - len(r) - if lenDiff > 0 { - r = append(make([]byte, lenDiff), r...) - } else if lenDiff < 0 { - return netip.Addr{}, fmt.Errorf("invalid address %v", r) - } - addr, ok := netip.AddrFromSlice(r) - if !ok { - return netip.Addr{}, fmt.Errorf("invalid address %v", r) - } - return addr, nil -} - -// hostsPerNetwork returns the number of available hosts in a subnet. -// The max number is limited by the size of an uint64. -// Number of hosts is calculated with the formula: -// IPv4: 2^x – 2, not consider network and broadcast address -// IPv6: 2^x - 1, not consider network address -// where x is the number of host bits in the subnet. -func hostsPerNetwork(subnet *net.IPNet) uint64 { - ones, bits := subnet.Mask.Size() - // this checks that we are not overflowing an int64 - if bits-ones >= 64 { - return math.MaxUint64 - } - max := uint64(1) << uint(bits-ones) - // Don't use the network's ".0" address, - if max == 0 { - return 0 - } - max-- - if netutils.IsIPv4CIDR(subnet) { - // Don't use the IPv4 network's broadcast address - if max == 0 { - return 0 - } - max-- - } - return max -} - -// broadcastAddress returns the broadcast address of the subnet -// The broadcast address is obtained by setting all the host bits -// in a subnet to 1. -// network 192.168.0.0/24 : subnet bits 24 host bits 32 - 24 = 8 -// broadcast address 192.168.0.255 -func broadcastAddress(subnet netip.Prefix) (netip.Addr, error) { - base := subnet.Masked().Addr() - bytes := base.AsSlice() - // get all the host bits from the subnet - n := 8*len(bytes) - subnet.Bits() - // set all the host bits to 1 - for i := len(bytes) - 1; i >= 0 && n > 0; i-- { - if n >= 8 { - bytes[i] = 0xff - n -= 8 - } else { - mask := ^uint8(0) >> (8 - n) - bytes[i] |= mask - break - } - } - - addr, ok := netip.AddrFromSlice(bytes) - if !ok { - return netip.Addr{}, fmt.Errorf("invalid address %v", bytes) - } - return addr, nil -} - -// serviceToRef obtain the Service Parent Reference -func serviceToRef(svc *api.Service) *networkingv1.ParentReference { - if svc == nil { - return nil - } - - return &networkingv1.ParentReference{ - Group: "", - Resource: "services", - Namespace: svc.Namespace, - Name: svc.Name, - } -} diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/metrics.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/metrics.go deleted file mode 100644 index bcc38e866..000000000 --- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/metrics.go +++ /dev/null @@ -1,141 +0,0 @@ -/* -Copyright 2021 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package ipallocator - -import ( - "sync" - "time" - - "k8s.io/component-base/metrics" - "k8s.io/component-base/metrics/legacyregistry" -) - -const ( - namespace = "kube_apiserver" - subsystem = "clusterip_allocator" -) - -var ( - // clusterIPAllocated indicates the amount of cluster IP allocated by Service CIDR. - clusterIPAllocated = metrics.NewGaugeVec( - &metrics.GaugeOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "allocated_ips", - Help: "Gauge measuring the number of allocated IPs for Services", - StabilityLevel: metrics.ALPHA, - }, - []string{"cidr"}, - ) - // clusterIPAvailable indicates the amount of cluster IP available by Service CIDR. - clusterIPAvailable = metrics.NewGaugeVec( - &metrics.GaugeOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "available_ips", - Help: "Gauge measuring the number of available IPs for Services", - StabilityLevel: metrics.ALPHA, - }, - []string{"cidr"}, - ) - // clusterIPAllocation counts the total number of ClusterIP allocation and allocation mode: static or dynamic. - clusterIPAllocations = metrics.NewCounterVec( - &metrics.CounterOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "allocation_total", - Help: "Number of Cluster IPs allocations", - StabilityLevel: metrics.ALPHA, - }, - []string{"cidr", "scope"}, - ) - // clusterIPAllocationErrors counts the number of error trying to allocate a ClusterIP and allocation mode: static or dynamic. - clusterIPAllocationErrors = metrics.NewCounterVec( - &metrics.CounterOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "allocation_errors_total", - Help: "Number of errors trying to allocate Cluster IPs", - StabilityLevel: metrics.ALPHA, - }, - []string{"cidr", "scope"}, - ) - clusterIPAllocationLatency = metrics.NewHistogramVec( - &metrics.HistogramOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "allocation_duration_seconds", - Help: "Duration in seconds to allocate a Cluster IP by ServiceCIDR", - Buckets: metrics.DefBuckets, - StabilityLevel: metrics.ALPHA, - }, - []string{"cidr"}, - ) -) - -var registerMetricsOnce sync.Once - -func registerMetrics() { - registerMetricsOnce.Do(func() { - legacyregistry.MustRegister(clusterIPAllocated) - legacyregistry.MustRegister(clusterIPAvailable) - legacyregistry.MustRegister(clusterIPAllocations) - legacyregistry.MustRegister(clusterIPAllocationErrors) - legacyregistry.MustRegister(clusterIPAllocationLatency) - }) -} - -// metricsRecorderInterface is the interface to record metrics. -type metricsRecorderInterface interface { - setAllocated(cidr string, allocated int) - setAvailable(cidr string, available int) - setLatency(cidr string, latency time.Duration) - incrementAllocations(cidr, scope string) - incrementAllocationErrors(cidr, scope string) -} - -// metricsRecorder implements metricsRecorderInterface. -type metricsRecorder struct{} - -func (m *metricsRecorder) setAllocated(cidr string, allocated int) { - clusterIPAllocated.WithLabelValues(cidr).Set(float64(allocated)) -} - -func (m *metricsRecorder) setAvailable(cidr string, available int) { - clusterIPAvailable.WithLabelValues(cidr).Set(float64(available)) -} - -func (m *metricsRecorder) setLatency(cidr string, latency time.Duration) { - clusterIPAllocationLatency.WithLabelValues(cidr).Observe(latency.Seconds()) -} - -func (m *metricsRecorder) incrementAllocations(cidr, scope string) { - clusterIPAllocations.WithLabelValues(cidr, scope).Inc() -} - -func (m *metricsRecorder) incrementAllocationErrors(cidr, scope string) { - clusterIPAllocationErrors.WithLabelValues(cidr, scope).Inc() -} - -// emptyMetricsRecorder is a null object implements metricsRecorderInterface. -type emptyMetricsRecorder struct{} - -func (*emptyMetricsRecorder) setAllocated(cidr string, allocated int) {} -func (*emptyMetricsRecorder) setAvailable(cidr string, available int) {} -func (*emptyMetricsRecorder) setLatency(cidr string, latency time.Duration) {} -func (*emptyMetricsRecorder) incrementAllocations(cidr, scope string) {} -func (*emptyMetricsRecorder) incrementAllocationErrors(cidr, scope string) {} diff --git a/vendor/k8s.io/kubernetes/pkg/util/hash/hash.go b/vendor/k8s.io/kubernetes/pkg/util/hash/hash.go deleted file mode 100644 index 0962e5cfb..000000000 --- a/vendor/k8s.io/kubernetes/pkg/util/hash/hash.go +++ /dev/null @@ -1,32 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package hash - -import ( - "fmt" - "hash" - - "k8s.io/apimachinery/pkg/util/dump" -) - -// DeepHashObject writes specified object to hash using the spew library -// which follows pointers and prints actual values of the nested objects -// ensuring the hash does not change when a pointer changes. -func DeepHashObject(hasher hash.Hash, objectToWrite interface{}) { - hasher.Reset() - fmt.Fprintf(hasher, "%v", dump.ForHash(objectToWrite)) -} diff --git a/vendor/k8s.io/kubernetes/pkg/util/parsers/parsers.go b/vendor/k8s.io/kubernetes/pkg/util/parsers/parsers.go deleted file mode 100644 index 73916fda3..000000000 --- a/vendor/k8s.io/kubernetes/pkg/util/parsers/parsers.go +++ /dev/null @@ -1,69 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package parsers - -import ( - "fmt" - // Import the crypto sha256 algorithm for the docker image parser to work - _ "crypto/sha256" - // Import the crypto/sha512 algorithm for the docker image parser to work with 384 and 512 sha hashes - _ "crypto/sha512" - - dockerref "github.com/distribution/reference" - "github.com/robfig/cron/v3" -) - -// ParseImageName parses a docker image string into three parts: repo, tag and digest. -// If both tag and digest are empty, a default image tag will be returned. -func ParseImageName(image string) (string, string, string, error) { - named, err := dockerref.ParseNormalizedNamed(image) - if err != nil { - return "", "", "", fmt.Errorf("couldn't parse image name %q: %v", image, err) - } - - repoToPull := named.Name() - var tag, digest string - - tagged, ok := named.(dockerref.Tagged) - if ok { - tag = tagged.Tag() - } - - digested, ok := named.(dockerref.Digested) - if ok { - digest = digested.Digest().String() - } - // If no tag was specified, use the default "latest". - if len(tag) == 0 && len(digest) == 0 { - tag = "latest" - } - return repoToPull, tag, digest, nil -} - -// ParseCronScheduleWithPanicRecovery safely parses a cron schedule, recovering from panics -// that can occur in cron.ParseStandard for malformed schedules like "TZ=0". -func ParseCronScheduleWithPanicRecovery(schedule string) (sched cron.Schedule, err error) { - defer func() { - if r := recover(); r != nil { - sched = nil - err = fmt.Errorf("invalid schedule format: %v", r) - } - }() - - sched, err = cron.ParseStandard(schedule) - return -} diff --git a/vendor/k8s.io/kubernetes/pkg/util/taints/taints.go b/vendor/k8s.io/kubernetes/pkg/util/taints/taints.go deleted file mode 100644 index 1a1e0d1de..000000000 --- a/vendor/k8s.io/kubernetes/pkg/util/taints/taints.go +++ /dev/null @@ -1,289 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// package taints implements utilities for working with taints -package taints - -import ( - "fmt" - "strings" - - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/kubernetes/pkg/apis/core/helper" -) - -const ( - MODIFIED = "modified" - TAINTED = "tainted" - UNTAINTED = "untainted" -) - -// parseTaint parses a taint from a string, whose form must be either -// '=:', ':', or ''. -func parseTaint(st string) (v1.Taint, error) { - var taint v1.Taint - - var key string - var value string - var effect v1.TaintEffect - - parts := strings.Split(st, ":") - switch len(parts) { - case 1: - key = parts[0] - case 2: - effect = v1.TaintEffect(parts[1]) - if err := validateTaintEffect(effect); err != nil { - return taint, err - } - - partsKV := strings.Split(parts[0], "=") - if len(partsKV) > 2 { - return taint, fmt.Errorf("invalid taint spec: %v", st) - } - key = partsKV[0] - if len(partsKV) == 2 { - value = partsKV[1] - if errs := validation.IsValidLabelValue(value); len(errs) > 0 { - return taint, fmt.Errorf("invalid taint spec: %v, %s", st, strings.Join(errs, "; ")) - } - } - default: - return taint, fmt.Errorf("invalid taint spec: %v", st) - } - - if errs := validation.IsQualifiedName(key); len(errs) > 0 { - return taint, fmt.Errorf("invalid taint spec: %v, %s", st, strings.Join(errs, "; ")) - } - - taint.Key = key - taint.Value = value - taint.Effect = effect - - return taint, nil -} - -func validateTaintEffect(effect v1.TaintEffect) error { - if effect != v1.TaintEffectNoSchedule && effect != v1.TaintEffectPreferNoSchedule && effect != v1.TaintEffectNoExecute { - return fmt.Errorf("invalid taint effect: %v, unsupported taint effect", effect) - } - - return nil -} - -// ParseTaints takes a spec which is an array and creates slices for new taints to be added, taints to be deleted. -// It also validates the spec. For example, the form `` may be used to remove a taint, but not to add one. -func ParseTaints(spec []string) ([]v1.Taint, []v1.Taint, error) { - var taints, taintsToRemove []v1.Taint - uniqueTaints := map[v1.TaintEffect]sets.String{} - - for _, taintSpec := range spec { - if strings.HasSuffix(taintSpec, "-") { - taintToRemove, err := parseTaint(strings.TrimSuffix(taintSpec, "-")) - if err != nil { - return nil, nil, err - } - taintsToRemove = append(taintsToRemove, v1.Taint{Key: taintToRemove.Key, Effect: taintToRemove.Effect}) - } else { - newTaint, err := parseTaint(taintSpec) - if err != nil { - return nil, nil, err - } - // validate that the taint has an effect, which is required to add the taint - if len(newTaint.Effect) == 0 { - return nil, nil, fmt.Errorf("invalid taint spec: %v", taintSpec) - } - // validate if taint is unique by - if len(uniqueTaints[newTaint.Effect]) > 0 && uniqueTaints[newTaint.Effect].Has(newTaint.Key) { - return nil, nil, fmt.Errorf("duplicated taints with the same key and effect: %v", newTaint) - } - // add taint to existingTaints for uniqueness check - if len(uniqueTaints[newTaint.Effect]) == 0 { - uniqueTaints[newTaint.Effect] = sets.String{} - } - uniqueTaints[newTaint.Effect].Insert(newTaint.Key) - - taints = append(taints, newTaint) - } - } - return taints, taintsToRemove, nil -} - -// CheckIfTaintsAlreadyExists checks if the node already has taints that we want to add and returns a string with taint keys. -func CheckIfTaintsAlreadyExists(oldTaints []v1.Taint, taints []v1.Taint) string { - var existingTaintList = make([]string, 0) - for _, taint := range taints { - for _, oldTaint := range oldTaints { - if taint.Key == oldTaint.Key && taint.Effect == oldTaint.Effect { - existingTaintList = append(existingTaintList, taint.Key) - } - } - } - return strings.Join(existingTaintList, ",") -} - -// DeleteTaintsByKey removes all the taints that have the same key to given taintKey -func DeleteTaintsByKey(taints []v1.Taint, taintKey string) ([]v1.Taint, bool) { - newTaints := []v1.Taint{} - deleted := false - for i := range taints { - if taintKey == taints[i].Key { - deleted = true - continue - } - newTaints = append(newTaints, taints[i]) - } - return newTaints, deleted -} - -// DeleteTaint removes all the taints that have the same key and effect to given taintToDelete. -func DeleteTaint(taints []v1.Taint, taintToDelete *v1.Taint) ([]v1.Taint, bool) { - newTaints := []v1.Taint{} - deleted := false - for i := range taints { - if taintToDelete.MatchTaint(&taints[i]) { - deleted = true - continue - } - newTaints = append(newTaints, taints[i]) - } - return newTaints, deleted -} - -// RemoveTaint tries to remove a taint from annotations list. Returns a new copy of updated Node and true if something was updated -// false otherwise. -func RemoveTaint(node *v1.Node, taint *v1.Taint) (*v1.Node, bool, error) { - newNode := node.DeepCopy() - nodeTaints := newNode.Spec.Taints - if len(nodeTaints) == 0 { - return newNode, false, nil - } - - if !TaintExists(nodeTaints, taint) { - return newNode, false, nil - } - - newTaints, _ := DeleteTaint(nodeTaints, taint) - newNode.Spec.Taints = newTaints - return newNode, true, nil -} - -// AddOrUpdateTaint tries to add a taint to annotations list. Returns a new copy of updated Node and true if something was updated -// false otherwise. -func AddOrUpdateTaint(node *v1.Node, taint *v1.Taint) (*v1.Node, bool, error) { - newNode := node.DeepCopy() - nodeTaints := newNode.Spec.Taints - - var newTaints []v1.Taint - updated := false - for i := range nodeTaints { - if taint.MatchTaint(&nodeTaints[i]) { - if helper.Semantic.DeepEqual(*taint, nodeTaints[i]) { - return newNode, false, nil - } - newTaints = append(newTaints, *taint) - updated = true - continue - } - - newTaints = append(newTaints, nodeTaints[i]) - } - - if !updated { - newTaints = append(newTaints, *taint) - } - - newNode.Spec.Taints = newTaints - return newNode, true, nil -} - -// TaintExists checks if the given taint exists in list of taints. Returns true if exists false otherwise. -func TaintExists(taints []v1.Taint, taintToFind *v1.Taint) bool { - for _, taint := range taints { - if taint.MatchTaint(taintToFind) { - return true - } - } - return false -} - -// TaintKeyExists checks if the given taint key exists in list of taints. Returns true if exists false otherwise. -func TaintKeyExists(taints []v1.Taint, taintKeyToMatch string) bool { - for _, taint := range taints { - if taint.Key == taintKeyToMatch { - return true - } - } - return false -} - -// TaintSetDiff finds the difference between two taint slices and -// returns all new and removed elements of the new slice relative to the old slice. -// for example: -// input: taintsNew=[a b] taintsOld=[a c] -// output: taintsToAdd=[b] taintsToRemove=[c] -func TaintSetDiff(taintsNew, taintsOld []v1.Taint) (taintsToAdd []*v1.Taint, taintsToRemove []*v1.Taint) { - for _, taint := range taintsNew { - if !TaintExists(taintsOld, &taint) { - t := taint - taintsToAdd = append(taintsToAdd, &t) - } - } - - for _, taint := range taintsOld { - if !TaintExists(taintsNew, &taint) { - t := taint - taintsToRemove = append(taintsToRemove, &t) - } - } - - return -} - -// TaintSetFilter filters from the taint slice according to the passed fn function to get the filtered taint slice. -func TaintSetFilter(taints []v1.Taint, fn func(*v1.Taint) bool) []v1.Taint { - res := []v1.Taint{} - - for _, taint := range taints { - if fn(&taint) { - res = append(res, taint) - } - } - - return res -} - -// CheckTaintValidation checks if the given taint is valid. -// Returns error if the given taint is invalid. -func CheckTaintValidation(taint v1.Taint) error { - if errs := validation.IsQualifiedName(taint.Key); len(errs) > 0 { - return fmt.Errorf("invalid taint key: %s", strings.Join(errs, "; ")) - } - if taint.Value != "" { - if errs := validation.IsValidLabelValue(taint.Value); len(errs) > 0 { - return fmt.Errorf("invalid taint value: %s", strings.Join(errs, "; ")) - } - } - if taint.Effect != "" { - if err := validateTaintEffect(taint.Effect); err != nil { - return err - } - } - - return nil -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 5a92e6d91..68a940c3b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -29,9 +29,6 @@ github.com/coreos/go-systemd/v22/journal # github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc ## explicit github.com/davecgh/go-spew/spew -# github.com/distribution/reference v0.6.0 -## explicit; go 1.20 -github.com/distribution/reference # github.com/emicklei/go-restful/v3 v3.12.2 ## explicit; go 1.13 github.com/emicklei/go-restful/v3 @@ -158,9 +155,6 @@ github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 ## explicit github.com/munnerz/goautoneg -# github.com/opencontainers/go-digest v1.0.0 -## explicit; go 1.13 -github.com/opencontainers/go-digest # github.com/openshift/api v0.0.0-20251214014457-bfa868a22401 ## explicit; go 1.24.0 github.com/openshift/api/build/v1 @@ -245,9 +239,6 @@ github.com/prometheus/common/model github.com/prometheus/procfs github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util -# github.com/robfig/cron/v3 v3.0.1 -## explicit; go 1.12 -github.com/robfig/cron/v3 # github.com/sirupsen/logrus v1.9.3 ## explicit; go 1.13 github.com/sirupsen/logrus @@ -641,9 +632,6 @@ k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 k8s.io/api/storagemigration/v1beta1 -# k8s.io/apiextensions-apiserver v0.35.0 -## explicit; go 1.25.0 -k8s.io/apiextensions-apiserver/pkg/features # k8s.io/apimachinery v0.35.0 ## explicit; go 1.25.0 k8s.io/apimachinery/pkg/api/equality @@ -1225,7 +1213,6 @@ k8s.io/client-go/util/consistencydetector k8s.io/client-go/util/flowcontrol k8s.io/client-go/util/homedir k8s.io/client-go/util/keyutil -k8s.io/client-go/util/retry k8s.io/client-go/util/watchlist k8s.io/client-go/util/workqueue # k8s.io/component-base v0.35.0 @@ -1257,17 +1244,10 @@ k8s.io/component-base/tracing k8s.io/component-base/tracing/api/v1 k8s.io/component-base/version k8s.io/component-base/zpages/features -# k8s.io/component-helpers v0.35.0 -## explicit; go 1.25.0 -k8s.io/component-helpers/node/util/sysctl -k8s.io/component-helpers/resource -k8s.io/component-helpers/scheduling/corev1 -k8s.io/component-helpers/scheduling/corev1/nodeaffinity # k8s.io/controller-manager v0.35.0 ## explicit; go 1.25.0 k8s.io/controller-manager/app k8s.io/controller-manager/pkg/clientbuilder -k8s.io/controller-manager/pkg/features k8s.io/controller-manager/pkg/informerfactory # k8s.io/klog/v2 v2.130.1 ## explicit; go 1.18 @@ -1308,36 +1288,6 @@ k8s.io/kube-openapi/pkg/validation/errors k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson -# k8s.io/kubelet v0.35.0 -## explicit; go 1.25.0 -k8s.io/kubelet/pkg/apis -# k8s.io/kubernetes v1.35.0 -## explicit; go 1.25.0 -k8s.io/kubernetes/pkg/api/legacyscheme -k8s.io/kubernetes/pkg/api/service -k8s.io/kubernetes/pkg/api/servicecidr -k8s.io/kubernetes/pkg/api/v1/pod -k8s.io/kubernetes/pkg/api/v1/service -k8s.io/kubernetes/pkg/apis/apps -k8s.io/kubernetes/pkg/apis/autoscaling -k8s.io/kubernetes/pkg/apis/certificates -k8s.io/kubernetes/pkg/apis/core -k8s.io/kubernetes/pkg/apis/core/helper -k8s.io/kubernetes/pkg/apis/core/helper/qos -k8s.io/kubernetes/pkg/apis/core/install -k8s.io/kubernetes/pkg/apis/core/pods -k8s.io/kubernetes/pkg/apis/core/v1 -k8s.io/kubernetes/pkg/apis/core/v1/helper -k8s.io/kubernetes/pkg/apis/core/validation -k8s.io/kubernetes/pkg/capabilities -k8s.io/kubernetes/pkg/controller -k8s.io/kubernetes/pkg/features -k8s.io/kubernetes/pkg/fieldpath -k8s.io/kubernetes/pkg/registry/core/service/allocator -k8s.io/kubernetes/pkg/registry/core/service/ipallocator -k8s.io/kubernetes/pkg/util/hash -k8s.io/kubernetes/pkg/util/parsers -k8s.io/kubernetes/pkg/util/taints # k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 ## explicit; go 1.18 k8s.io/utils/buffer