[VOL-3678] First implementation of the BBSim-sadis-server
Change-Id: I5077a8f861f4cc6af9759f31a4a415042c05eba3
diff --git a/vendor/k8s.io/api/flowcontrol/v1alpha1/generated.proto b/vendor/k8s.io/api/flowcontrol/v1alpha1/generated.proto
new file mode 100644
index 0000000..0801dd6
--- /dev/null
+++ b/vendor/k8s.io/api/flowcontrol/v1alpha1/generated.proto
@@ -0,0 +1,434 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = 'proto2';
+
+package k8s.io.api.flowcontrol.v1alpha1;
+
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "v1alpha1";
+
+// FlowDistinguisherMethod specifies the method of a flow distinguisher.
+message FlowDistinguisherMethod {
+ // `type` is the type of flow distinguisher method
+ // The supported types are "ByUser" and "ByNamespace".
+ // Required.
+ optional string type = 1;
+}
+
+// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with
+// similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".
+message FlowSchema {
+ // `metadata` is the standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // `spec` is the specification of the desired behavior of a FlowSchema.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ optional FlowSchemaSpec spec = 2;
+
+ // `status` is the current status of a FlowSchema.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ optional FlowSchemaStatus status = 3;
+}
+
+// FlowSchemaCondition describes conditions for a FlowSchema.
+message FlowSchemaCondition {
+ // `type` is the type of the condition.
+ // Required.
+ optional string type = 1;
+
+ // `status` is the status of the condition.
+ // Can be True, False, Unknown.
+ // Required.
+ optional string status = 2;
+
+ // `lastTransitionTime` is the last time the condition transitioned from one status to another.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
+
+ // `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ optional string reason = 4;
+
+ // `message` is a human-readable message indicating details about last transition.
+ optional string message = 5;
+}
+
+// FlowSchemaList is a list of FlowSchema objects.
+message FlowSchemaList {
+ // `metadata` is the standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // `items` is a list of FlowSchemas.
+ repeated FlowSchema items = 2;
+}
+
+// FlowSchemaSpec describes how the FlowSchema's specification looks like.
+message FlowSchemaSpec {
+ // `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot
+ // be resolved, the FlowSchema will be ignored and marked as invalid in its status.
+ // Required.
+ optional PriorityLevelConfigurationReference priorityLevelConfiguration = 1;
+
+ // `matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen
+ // FlowSchema is among those with the numerically lowest (which we take to be logically highest)
+ // MatchingPrecedence. Each MatchingPrecedence value must be ranged in [1,10000].
+ // Note that if the precedence is not specified, it will be set to 1000 as default.
+ // +optional
+ optional int32 matchingPrecedence = 2;
+
+ // `distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema.
+ // `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
+ // +optional
+ optional FlowDistinguisherMethod distinguisherMethod = 3;
+
+ // `rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if
+ // at least one member of rules matches the request.
+ // if it is an empty slice, there will be no requests matching the FlowSchema.
+ // +listType=atomic
+ // +optional
+ repeated PolicyRulesWithSubjects rules = 4;
+}
+
+// FlowSchemaStatus represents the current state of a FlowSchema.
+message FlowSchemaStatus {
+ // `conditions` is a list of the current states of FlowSchema.
+ // +listType=map
+ // +listMapKey=type
+ // +optional
+ repeated FlowSchemaCondition conditions = 1;
+}
+
+// GroupSubject holds detailed information for group-kind subject.
+message GroupSubject {
+ // name is the user group that matches, or "*" to match all user groups.
+ // See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some
+ // well-known group names.
+ // Required.
+ optional string name = 1;
+}
+
+// LimitResponse defines how to handle requests that can not be executed right now.
+// +union
+message LimitResponse {
+ // `type` is "Queue" or "Reject".
+ // "Queue" means that requests that can not be executed upon arrival
+ // are held in a queue until they can be executed or a queuing limit
+ // is reached.
+ // "Reject" means that requests that can not be executed upon arrival
+ // are rejected.
+ // Required.
+ // +unionDiscriminator
+ optional string type = 1;
+
+ // `queuing` holds the configuration parameters for queuing.
+ // This field may be non-empty only if `type` is `"Queue"`.
+ // +optional
+ optional QueuingConfiguration queuing = 2;
+}
+
+// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits.
+// It addresses two issues:
+// * How are requests for this priority level limited?
+// * What should be done with requests that exceed the limit?
+message LimitedPriorityLevelConfiguration {
+ // `assuredConcurrencyShares` (ACS) configures the execution
+ // limit, which is a limit on the number of requests of this
+ // priority level that may be exeucting at a given time. ACS must
+ // be a positive number. The server's concurrency limit (SCL) is
+ // divided among the concurrency-controlled priority levels in
+ // proportion to their assured concurrency shares. This produces
+ // the assured concurrency value (ACV) --- the number of requests
+ // that may be executing at a time --- for each such priority
+ // level:
+ //
+ // ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
+ //
+ // bigger numbers of ACS mean more reserved concurrent requests (at the
+ // expense of every other PL).
+ // This field has a default value of 30.
+ // +optional
+ optional int32 assuredConcurrencyShares = 1;
+
+ // `limitResponse` indicates what to do with requests that can not be executed right now
+ optional LimitResponse limitResponse = 2;
+}
+
+// NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the
+// target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member
+// of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
+message NonResourcePolicyRule {
+ // `verbs` is a list of matching verbs and may not be empty.
+ // "*" matches all verbs. If it is present, it must be the only entry.
+ // +listType=set
+ // Required.
+ repeated string verbs = 1;
+
+ // `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty.
+ // For example:
+ // - "/healthz" is legal
+ // - "/hea*" is illegal
+ // - "/hea" is legal but matches nothing
+ // - "/hea/*" also matches nothing
+ // - "/healthz/*" matches all per-component health checks.
+ // "*" matches all non-resource urls. if it is present, it must be the only entry.
+ // +listType=set
+ // Required.
+ repeated string nonResourceURLs = 6;
+}
+
+// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject
+// making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches
+// a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member
+// of resourceRules or nonResourceRules matches the request.
+message PolicyRulesWithSubjects {
+ // subjects is the list of normal user, serviceaccount, or group that this rule cares about.
+ // There must be at least one member in this slice.
+ // A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request.
+ // +listType=atomic
+ // Required.
+ repeated Subject subjects = 1;
+
+ // `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the
+ // target resource.
+ // At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
+ // +listType=atomic
+ // +optional
+ repeated ResourcePolicyRule resourceRules = 2;
+
+ // `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb
+ // and the target non-resource URL.
+ // +listType=atomic
+ // +optional
+ repeated NonResourcePolicyRule nonResourceRules = 3;
+}
+
+// PriorityLevelConfiguration represents the configuration of a priority level.
+message PriorityLevelConfiguration {
+ // `metadata` is the standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // `spec` is the specification of the desired behavior of a "request-priority".
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ optional PriorityLevelConfigurationSpec spec = 2;
+
+ // `status` is the current status of a "request-priority".
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ optional PriorityLevelConfigurationStatus status = 3;
+}
+
+// PriorityLevelConfigurationCondition defines the condition of priority level.
+message PriorityLevelConfigurationCondition {
+ // `type` is the type of the condition.
+ // Required.
+ optional string type = 1;
+
+ // `status` is the status of the condition.
+ // Can be True, False, Unknown.
+ // Required.
+ optional string status = 2;
+
+ // `lastTransitionTime` is the last time the condition transitioned from one status to another.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
+
+ // `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ optional string reason = 4;
+
+ // `message` is a human-readable message indicating details about last transition.
+ optional string message = 5;
+}
+
+// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
+message PriorityLevelConfigurationList {
+ // `metadata` is the standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // `items` is a list of request-priorities.
+ repeated PriorityLevelConfiguration items = 2;
+}
+
+// PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
+message PriorityLevelConfigurationReference {
+ // `name` is the name of the priority level configuration being referenced
+ // Required.
+ optional string name = 1;
+}
+
+// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
+// +union
+message PriorityLevelConfigurationSpec {
+ // `type` indicates whether this priority level is subject to
+ // limitation on request execution. A value of `"Exempt"` means
+ // that requests of this priority level are not subject to a limit
+ // (and thus are never queued) and do not detract from the
+ // capacity made available to other priority levels. A value of
+ // `"Limited"` means that (a) requests of this priority level
+ // _are_ subject to limits and (b) some of the server's limited
+ // capacity is made available exclusively to this priority level.
+ // Required.
+ // +unionDiscriminator
+ optional string type = 1;
+
+ // `limited` specifies how requests are handled for a Limited priority level.
+ // This field must be non-empty if and only if `type` is `"Limited"`.
+ // +optional
+ optional LimitedPriorityLevelConfiguration limited = 2;
+}
+
+// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
+message PriorityLevelConfigurationStatus {
+ // `conditions` is the current state of "request-priority".
+ // +listType=map
+ // +listMapKey=type
+ // +optional
+ repeated PriorityLevelConfigurationCondition conditions = 1;
+}
+
+// QueuingConfiguration holds the configuration parameters for queuing
+message QueuingConfiguration {
+ // `queues` is the number of queues for this priority level. The
+ // queues exist independently at each apiserver. The value must be
+ // positive. Setting it to 1 effectively precludes
+ // shufflesharding and thus makes the distinguisher method of
+ // associated flow schemas irrelevant. This field has a default
+ // value of 64.
+ // +optional
+ optional int32 queues = 1;
+
+ // `handSize` is a small positive number that configures the
+ // shuffle sharding of requests into queues. When enqueuing a request
+ // at this priority level the request's flow identifier (a string
+ // pair) is hashed and the hash value is used to shuffle the list
+ // of queues and deal a hand of the size specified here. The
+ // request is put into one of the shortest queues in that hand.
+ // `handSize` must be no larger than `queues`, and should be
+ // significantly smaller (so that a few heavy flows do not
+ // saturate most of the queues). See the user-facing
+ // documentation for more extensive guidance on setting this
+ // field. This field has a default value of 8.
+ // +optional
+ optional int32 handSize = 2;
+
+ // `queueLengthLimit` is the maximum number of requests allowed to
+ // be waiting in a given queue of this priority level at a time;
+ // excess requests are rejected. This value must be positive. If
+ // not specified, it will be defaulted to 50.
+ // +optional
+ optional int32 queueLengthLimit = 3;
+}
+
+// ResourcePolicyRule is a predicate that matches some resource
+// requests, testing the request's verb and the target resource. A
+// ResourcePolicyRule matches a resource request if and only if: (a)
+// at least one member of verbs matches the request, (b) at least one
+// member of apiGroups matches the request, (c) at least one member of
+// resources matches the request, and (d) least one member of
+// namespaces matches the request.
+message ResourcePolicyRule {
+ // `verbs` is a list of matching verbs and may not be empty.
+ // "*" matches all verbs and, if present, must be the only entry.
+ // +listType=set
+ // Required.
+ repeated string verbs = 1;
+
+ // `apiGroups` is a list of matching API groups and may not be empty.
+ // "*" matches all API groups and, if present, must be the only entry.
+ // +listType=set
+ // Required.
+ repeated string apiGroups = 2;
+
+ // `resources` is a list of matching resources (i.e., lowercase
+ // and plural) with, if desired, subresource. For example, [
+ // "services", "nodes/status" ]. This list may not be empty.
+ // "*" matches all resources and, if present, must be the only entry.
+ // Required.
+ // +listType=set
+ repeated string resources = 3;
+
+ // `clusterScope` indicates whether to match requests that do not
+ // specify a namespace (which happens either because the resource
+ // is not namespaced or the request targets all namespaces).
+ // If this field is omitted or false then the `namespaces` field
+ // must contain a non-empty list.
+ // +optional
+ optional bool clusterScope = 4;
+
+ // `namespaces` is a list of target namespaces that restricts
+ // matches. A request that specifies a target namespace matches
+ // only if either (a) this list contains that target namespace or
+ // (b) this list contains "*". Note that "*" matches any
+ // specified namespace but does not match a request that _does
+ // not specify_ a namespace (see the `clusterScope` field for
+ // that).
+ // This list may be empty, but only if `clusterScope` is true.
+ // +optional
+ // +listType=set
+ repeated string namespaces = 5;
+}
+
+// ServiceAccountSubject holds detailed information for service-account-kind subject.
+message ServiceAccountSubject {
+ // `namespace` is the namespace of matching ServiceAccount objects.
+ // Required.
+ optional string namespace = 1;
+
+ // `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
+ // Required.
+ optional string name = 2;
+}
+
+// Subject matches the originator of a request, as identified by the request authentication system. There are three
+// ways of matching an originator; by user, group, or service account.
+// +union
+message Subject {
+ // Required
+ // +unionDiscriminator
+ optional string kind = 1;
+
+ // +optional
+ optional UserSubject user = 2;
+
+ // +optional
+ optional GroupSubject group = 3;
+
+ // +optional
+ optional ServiceAccountSubject serviceAccount = 4;
+}
+
+// UserSubject holds detailed information for user-kind subject.
+message UserSubject {
+ // `name` is the username that matches, or "*" to match all usernames.
+ // Required.
+ optional string name = 1;
+}
+