Dependencies for the affinity router and the
affinity routing daemon.
Change-Id: Icda72c3594ef7f8f0bc0c33dc03087a4c25529ca
diff --git a/vendor/k8s.io/api/extensions/v1beta1/doc.go b/vendor/k8s.io/api/extensions/v1beta1/doc.go
new file mode 100644
index 0000000..8ce1830
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/doc.go
@@ -0,0 +1,20 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:openapi-gen=true
+
+package v1beta1 // import "k8s.io/api/extensions/v1beta1"
diff --git a/vendor/k8s.io/api/extensions/v1beta1/generated.proto b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
new file mode 100644
index 0000000..efcda7e
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
@@ -0,0 +1,1160 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = 'proto2';
+
+package k8s.io.api.extensions.v1beta1;
+
+import "k8s.io/api/core/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "v1beta1";
+
+// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
+// Deprecated: use AllowedFlexVolume from policy API Group instead.
+message AllowedFlexVolume {
+ // driver is the name of the Flexvolume driver.
+ optional string driver = 1;
+}
+
+// AllowedHostPath defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+// Deprecated: use AllowedHostPath from policy API Group instead.
+message AllowedHostPath {
+ // pathPrefix is the path prefix that the host volume must match.
+ // It does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ optional string pathPrefix = 1;
+
+ // when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.
+ // +optional
+ optional bool readOnly = 2;
+}
+
+// DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for
+// more information.
+// DaemonSet represents the configuration of a daemon set.
+message DaemonSet {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // The desired behavior of this daemon set.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional DaemonSetSpec spec = 2;
+
+ // The current status of this daemon set. This data may be
+ // out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional DaemonSetStatus status = 3;
+}
+
+// DaemonSetCondition describes the state of a DaemonSet at a certain point.
+message DaemonSetCondition {
+ // Type of DaemonSet condition.
+ optional string type = 1;
+
+ // Status of the condition, one of True, False, Unknown.
+ optional string status = 2;
+
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
+
+ // The reason for the condition's last transition.
+ // +optional
+ optional string reason = 4;
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ optional string message = 5;
+}
+
+// DaemonSetList is a collection of daemon sets.
+message DaemonSetList {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // A list of daemon sets.
+ repeated DaemonSet items = 2;
+}
+
+// DaemonSetSpec is the specification of a daemon set.
+message DaemonSetSpec {
+ // A label query over pods that are managed by the daemon set.
+ // Must match in order to be controlled.
+ // If empty, defaulted to labels on Pod template.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 1;
+
+ // An object that describes the pod that will be created.
+ // The DaemonSet will create exactly one copy of this pod on every node
+ // that matches the template's node selector (or on every node if no node
+ // selector is specified).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ optional k8s.io.api.core.v1.PodTemplateSpec template = 2;
+
+ // An update strategy to replace existing DaemonSet pods with new pods.
+ // +optional
+ optional DaemonSetUpdateStrategy updateStrategy = 3;
+
+ // The minimum number of seconds for which a newly created DaemonSet pod should
+ // be ready without any of its container crashing, for it to be considered
+ // available. Defaults to 0 (pod will be considered available as soon as it
+ // is ready).
+ // +optional
+ optional int32 minReadySeconds = 4;
+
+ // DEPRECATED.
+ // A sequence number representing a specific generation of the template.
+ // Populated by the system. It can be set only during the creation.
+ // +optional
+ optional int64 templateGeneration = 5;
+
+ // The number of old history to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // Defaults to 10.
+ // +optional
+ optional int32 revisionHistoryLimit = 6;
+}
+
+// DaemonSetStatus represents the current status of a daemon set.
+message DaemonSetStatus {
+ // The number of nodes that are running at least 1
+ // daemon pod and are supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ optional int32 currentNumberScheduled = 1;
+
+ // The number of nodes that are running the daemon pod, but are
+ // not supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ optional int32 numberMisscheduled = 2;
+
+ // The total number of nodes that should be running the daemon
+ // pod (including nodes correctly running the daemon pod).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ optional int32 desiredNumberScheduled = 3;
+
+ // The number of nodes that should be running the daemon pod and have one
+ // or more of the daemon pod running and ready.
+ optional int32 numberReady = 4;
+
+ // The most recent generation observed by the daemon set controller.
+ // +optional
+ optional int64 observedGeneration = 5;
+
+ // The total number of nodes that are running updated daemon pod
+ // +optional
+ optional int32 updatedNumberScheduled = 6;
+
+ // The number of nodes that should be running the
+ // daemon pod and have one or more of the daemon pod running and
+ // available (ready for at least spec.minReadySeconds)
+ // +optional
+ optional int32 numberAvailable = 7;
+
+ // The number of nodes that should be running the
+ // daemon pod and have none of the daemon pod running and available
+ // (ready for at least spec.minReadySeconds)
+ // +optional
+ optional int32 numberUnavailable = 8;
+
+ // Count of hash collisions for the DaemonSet. The DaemonSet controller
+ // uses this field as a collision avoidance mechanism when it needs to
+ // create the name for the newest ControllerRevision.
+ // +optional
+ optional int32 collisionCount = 9;
+
+ // Represents the latest available observations of a DaemonSet's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ repeated DaemonSetCondition conditions = 10;
+}
+
+message DaemonSetUpdateStrategy {
+ // Type of daemon set update. Can be "RollingUpdate" or "OnDelete".
+ // Default is OnDelete.
+ // +optional
+ optional string type = 1;
+
+ // Rolling update config params. Present only if type = "RollingUpdate".
+ // ---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be. Same as Deployment `strategy.rollingUpdate`.
+ // See https://github.com/kubernetes/kubernetes/issues/35345
+ // +optional
+ optional RollingUpdateDaemonSet rollingUpdate = 2;
+}
+
+// DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for
+// more information.
+// Deployment enables declarative updates for Pods and ReplicaSets.
+message Deployment {
+ // Standard object metadata.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // Specification of the desired behavior of the Deployment.
+ // +optional
+ optional DeploymentSpec spec = 2;
+
+ // Most recently observed status of the Deployment.
+ // +optional
+ optional DeploymentStatus status = 3;
+}
+
+// DeploymentCondition describes the state of a deployment at a certain point.
+message DeploymentCondition {
+ // Type of deployment condition.
+ optional string type = 1;
+
+ // Status of the condition, one of True, False, Unknown.
+ optional string status = 2;
+
+ // The last time this condition was updated.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 6;
+
+ // Last time the condition transitioned from one status to another.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 7;
+
+ // The reason for the condition's last transition.
+ optional string reason = 4;
+
+ // A human readable message indicating details about the transition.
+ optional string message = 5;
+}
+
+// DeploymentList is a list of Deployments.
+message DeploymentList {
+ // Standard list metadata.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // Items is the list of Deployments.
+ repeated Deployment items = 2;
+}
+
+// DEPRECATED.
+// DeploymentRollback stores the information required to rollback a deployment.
+message DeploymentRollback {
+ // Required: This must match the Name of a deployment.
+ optional string name = 1;
+
+ // The annotations to be updated to a deployment
+ // +optional
+ map<string, string> updatedAnnotations = 2;
+
+ // The config of this deployment rollback.
+ optional RollbackConfig rollbackTo = 3;
+}
+
+// DeploymentSpec is the specification of the desired behavior of the Deployment.
+message DeploymentSpec {
+ // Number of desired pods. This is a pointer to distinguish between explicit
+ // zero and not specified. Defaults to 1.
+ // +optional
+ optional int32 replicas = 1;
+
+ // Label selector for pods. Existing ReplicaSets whose pods are
+ // selected by this will be the ones affected by this deployment.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
+
+ // Template describes the pods that will be created.
+ optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
+
+ // The deployment strategy to use to replace existing pods with new ones.
+ // +optional
+ // +patchStrategy=retainKeys
+ optional DeploymentStrategy strategy = 4;
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ optional int32 minReadySeconds = 5;
+
+ // The number of old ReplicaSets to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // This is set to the max value of int32 (i.e. 2147483647) by default, which
+ // means "retaining all old RelicaSets".
+ // +optional
+ optional int32 revisionHistoryLimit = 6;
+
+ // Indicates that the deployment is paused and will not be processed by the
+ // deployment controller.
+ // +optional
+ optional bool paused = 7;
+
+ // DEPRECATED.
+ // The config this deployment is rolling back to. Will be cleared after rollback is done.
+ // +optional
+ optional RollbackConfig rollbackTo = 8;
+
+ // The maximum time in seconds for a deployment to make progress before it
+ // is considered to be failed. The deployment controller will continue to
+ // process failed deployments and a condition with a ProgressDeadlineExceeded
+ // reason will be surfaced in the deployment status. Note that progress will
+ // not be estimated during the time a deployment is paused. This is set to
+ // the max value of int32 (i.e. 2147483647) by default, which means "no deadline".
+ // +optional
+ optional int32 progressDeadlineSeconds = 9;
+}
+
+// DeploymentStatus is the most recently observed status of the Deployment.
+message DeploymentStatus {
+ // The generation observed by the deployment controller.
+ // +optional
+ optional int64 observedGeneration = 1;
+
+ // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+ // +optional
+ optional int32 replicas = 2;
+
+ // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+ // +optional
+ optional int32 updatedReplicas = 3;
+
+ // Total number of ready pods targeted by this deployment.
+ // +optional
+ optional int32 readyReplicas = 7;
+
+ // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+ // +optional
+ optional int32 availableReplicas = 4;
+
+ // Total number of unavailable pods targeted by this deployment. This is the total number of
+ // pods that are still required for the deployment to have 100% available capacity. They may
+ // either be pods that are running but not yet available or pods that still have not been created.
+ // +optional
+ optional int32 unavailableReplicas = 5;
+
+ // Represents the latest available observations of a deployment's current state.
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ repeated DeploymentCondition conditions = 6;
+
+ // Count of hash collisions for the Deployment. The Deployment controller uses this
+ // field as a collision avoidance mechanism when it needs to create the name for the
+ // newest ReplicaSet.
+ // +optional
+ optional int32 collisionCount = 8;
+}
+
+// DeploymentStrategy describes how to replace existing pods with new ones.
+message DeploymentStrategy {
+ // Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
+ // +optional
+ optional string type = 1;
+
+ // Rolling update config params. Present only if DeploymentStrategyType =
+ // RollingUpdate.
+ // ---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be.
+ // +optional
+ optional RollingUpdateDeployment rollingUpdate = 2;
+}
+
+// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use FSGroupStrategyOptions from policy API Group instead.
+message FSGroupStrategyOptions {
+ // rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
+ // +optional
+ optional string rule = 1;
+
+ // ranges are the allowed ranges of fs groups. If you would like to force a single
+ // fs group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ repeated IDRange ranges = 2;
+}
+
+// HTTPIngressPath associates a path regex with a backend. Incoming urls matching
+// the path are forwarded to the backend.
+message HTTPIngressPath {
+ // Path is an extended POSIX regex as defined by IEEE Std 1003.1,
+ // (i.e this follows the egrep/unix syntax, not the perl syntax)
+ // matched against the path of an incoming request. Currently it can
+ // contain characters disallowed from the conventional "path"
+ // part of a URL as defined by RFC 3986. Paths must begin with
+ // a '/'. If unspecified, the path defaults to a catch all sending
+ // traffic to the backend.
+ // +optional
+ optional string path = 1;
+
+ // Backend defines the referenced service endpoint to which the traffic
+ // will be forwarded to.
+ optional IngressBackend backend = 2;
+}
+
+// HTTPIngressRuleValue is a list of http selectors pointing to backends.
+// In the example: http://<host>/<path>?<searchpart> -> backend where
+// where parts of the url correspond to RFC 3986, this resource will be used
+// to match against everything after the last '/' and before the first '?'
+// or '#'.
+message HTTPIngressRuleValue {
+ // A collection of paths that map requests to backends.
+ repeated HTTPIngressPath paths = 1;
+}
+
+// HostPortRange defines a range of host ports that will be enabled by a policy
+// for pods to use. It requires both the start and end to be defined.
+// Deprecated: use HostPortRange from policy API Group instead.
+message HostPortRange {
+ // min is the start of the range, inclusive.
+ optional int32 min = 1;
+
+ // max is the end of the range, inclusive.
+ optional int32 max = 2;
+}
+
+// IDRange provides a min/max of an allowed range of IDs.
+// Deprecated: use IDRange from policy API Group instead.
+message IDRange {
+ // min is the start of the range, inclusive.
+ optional int64 min = 1;
+
+ // max is the end of the range, inclusive.
+ optional int64 max = 2;
+}
+
+// DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock.
+// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
+// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
+// not be included within this rule.
+message IPBlock {
+ // CIDR is a string representing the IP Block
+ // Valid examples are "192.168.1.1/24"
+ optional string cidr = 1;
+
+ // Except is a slice of CIDRs that should not be included within an IP Block
+ // Valid examples are "192.168.1.1/24"
+ // Except values will be rejected if they are outside the CIDR range
+ // +optional
+ repeated string except = 2;
+}
+
+// Ingress is a collection of rules that allow inbound connections to reach the
+// endpoints defined by a backend. An Ingress can be configured to give services
+// externally-reachable urls, load balance traffic, terminate SSL, offer name
+// based virtual hosting etc.
+message Ingress {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // Spec is the desired state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional IngressSpec spec = 2;
+
+ // Status is the current state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional IngressStatus status = 3;
+}
+
+// IngressBackend describes all endpoints for a given service and port.
+message IngressBackend {
+ // Specifies the name of the referenced service.
+ optional string serviceName = 1;
+
+ // Specifies the port of the referenced service.
+ optional k8s.io.apimachinery.pkg.util.intstr.IntOrString servicePort = 2;
+}
+
+// IngressList is a collection of Ingress.
+message IngressList {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // Items is the list of Ingress.
+ repeated Ingress items = 2;
+}
+
+// IngressRule represents the rules mapping the paths under a specified host to
+// the related backend services. Incoming requests are first evaluated for a host
+// match, then routed to the backend associated with the matching IngressRuleValue.
+message IngressRule {
+ // Host is the fully qualified domain name of a network host, as defined
+ // by RFC 3986. Note the following deviations from the "host" part of the
+ // URI as defined in the RFC:
+ // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
+ // IP in the Spec of the parent Ingress.
+ // 2. The `:` delimiter is not respected because ports are not allowed.
+ // Currently the port of an Ingress is implicitly :80 for http and
+ // :443 for https.
+ // Both these may change in the future.
+ // Incoming requests are matched against the host before the IngressRuleValue.
+ // If the host is unspecified, the Ingress routes all traffic based on the
+ // specified IngressRuleValue.
+ // +optional
+ optional string host = 1;
+
+ // IngressRuleValue represents a rule to route requests for this IngressRule.
+ // If unspecified, the rule defaults to a http catch-all. Whether that sends
+ // just traffic matching the host to the default backend or all traffic to the
+ // default backend, is left to the controller fulfilling the Ingress. Http is
+ // currently the only supported IngressRuleValue.
+ // +optional
+ optional IngressRuleValue ingressRuleValue = 2;
+}
+
+// IngressRuleValue represents a rule to apply against incoming requests. If the
+// rule is satisfied, the request is routed to the specified backend. Currently
+// mixing different types of rules in a single Ingress is disallowed, so exactly
+// one of the following must be set.
+message IngressRuleValue {
+ // +optional
+ optional HTTPIngressRuleValue http = 1;
+}
+
+// IngressSpec describes the Ingress the user wishes to exist.
+message IngressSpec {
+ // A default backend capable of servicing requests that don't match any
+ // rule. At least one of 'backend' or 'rules' must be specified. This field
+ // is optional to allow the loadbalancer controller or defaulting logic to
+ // specify a global default.
+ // +optional
+ optional IngressBackend backend = 1;
+
+ // TLS configuration. Currently the Ingress only supports a single TLS
+ // port, 443. If multiple members of this list specify different hosts, they
+ // will be multiplexed on the same port according to the hostname specified
+ // through the SNI TLS extension, if the ingress controller fulfilling the
+ // ingress supports SNI.
+ // +optional
+ repeated IngressTLS tls = 2;
+
+ // A list of host rules used to configure the Ingress. If unspecified, or
+ // no rule matches, all traffic is sent to the default backend.
+ // +optional
+ repeated IngressRule rules = 3;
+}
+
+// IngressStatus describe the current state of the Ingress.
+message IngressStatus {
+ // LoadBalancer contains the current status of the load-balancer.
+ // +optional
+ optional k8s.io.api.core.v1.LoadBalancerStatus loadBalancer = 1;
+}
+
+// IngressTLS describes the transport layer security associated with an Ingress.
+message IngressTLS {
+ // Hosts are a list of hosts included in the TLS certificate. The values in
+ // this list must match the name/s used in the tlsSecret. Defaults to the
+ // wildcard host setting for the loadbalancer controller fulfilling this
+ // Ingress, if left unspecified.
+ // +optional
+ repeated string hosts = 1;
+
+ // SecretName is the name of the secret used to terminate SSL traffic on 443.
+ // Field is left optional to allow SSL routing based on SNI hostname alone.
+ // If the SNI host in a listener conflicts with the "Host" header field used
+ // by an IngressRule, the SNI host is used for termination and value of the
+ // Host header is used for routing.
+ // +optional
+ optional string secretName = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy.
+// NetworkPolicy describes what network traffic is allowed for a set of Pods
+message NetworkPolicy {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // Specification of the desired behavior for this NetworkPolicy.
+ // +optional
+ optional NetworkPolicySpec spec = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule.
+// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
+// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
+// This type is beta-level in 1.8
+message NetworkPolicyEgressRule {
+ // List of destination ports for outgoing traffic.
+ // Each item in this list is combined using a logical OR. If this field is
+ // empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows
+ // traffic only if the traffic matches at least one port in the list.
+ // +optional
+ repeated NetworkPolicyPort ports = 1;
+
+ // List of destinations for outgoing traffic of pods selected for this rule.
+ // Items in this list are combined using a logical OR operation. If this field is
+ // empty or missing, this rule matches all destinations (traffic not restricted by
+ // destination). If this field is present and contains at least one item, this rule
+ // allows traffic only if the traffic matches at least one item in the to list.
+ // +optional
+ repeated NetworkPolicyPeer to = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule.
+// This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.
+message NetworkPolicyIngressRule {
+ // List of ports which should be made accessible on the pods selected for this rule.
+ // Each item in this list is combined using a logical OR.
+ // If this field is empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows traffic
+ // only if the traffic matches at least one port in the list.
+ // +optional
+ repeated NetworkPolicyPort ports = 1;
+
+ // List of sources which should be able to access the pods selected for this rule.
+ // Items in this list are combined using a logical OR operation.
+ // If this field is empty or missing, this rule matches all sources (traffic not restricted by source).
+ // If this field is present and contains at least on item, this rule allows traffic only if the
+ // traffic matches at least one item in the from list.
+ // +optional
+ repeated NetworkPolicyPeer from = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList.
+// Network Policy List is a list of NetworkPolicy objects.
+message NetworkPolicyList {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // Items is a list of schema objects.
+ repeated NetworkPolicy items = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.
+message NetworkPolicyPeer {
+ // This is a label selector which selects Pods. This field follows standard label
+ // selector semantics; if present but empty, it selects all pods.
+ //
+ // If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector podSelector = 1;
+
+ // Selects Namespaces using cluster-scoped labels. This field follows standard label
+ // selector semantics; if present but empty, it selects all namespaces.
+ //
+ // If PodSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 2;
+
+ // IPBlock defines policy on a particular IPBlock. If this field is set then
+ // neither of the other fields can be.
+ // +optional
+ optional IPBlock ipBlock = 3;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.
+message NetworkPolicyPort {
+ // Optional. The protocol (TCP, UDP, or SCTP) which traffic must match.
+ // If not specified, this field defaults to TCP.
+ // +optional
+ optional string protocol = 1;
+
+ // If specified, the port on the given protocol. This can
+ // either be a numerical or named port on a pod. If this field is not provided,
+ // this matches all port names and numbers.
+ // If present, only traffic on the specified protocol AND port
+ // will be matched.
+ // +optional
+ optional k8s.io.apimachinery.pkg.util.intstr.IntOrString port = 2;
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.
+message NetworkPolicySpec {
+ // Selects the pods to which this NetworkPolicy object applies. The array of ingress rules
+ // is applied to any pods selected by this field. Multiple network policies can select the
+ // same set of pods. In this case, the ingress rules for each are combined additively.
+ // This field is NOT optional and follows standard label selector semantics.
+ // An empty podSelector matches all pods in this namespace.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector podSelector = 1;
+
+ // List of ingress rules to be applied to the selected pods.
+ // Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod
+ // OR if the traffic source is the pod's local node,
+ // OR if the traffic matches at least one ingress rule across all of the NetworkPolicy
+ // objects whose podSelector matches the pod.
+ // If this field is empty then this NetworkPolicy does not allow any traffic
+ // (and serves solely to ensure that the pods it selects are isolated by default).
+ // +optional
+ repeated NetworkPolicyIngressRule ingress = 2;
+
+ // List of egress rules to be applied to the selected pods. Outgoing traffic is
+ // allowed if there are no NetworkPolicies selecting the pod (and cluster policy
+ // otherwise allows the traffic), OR if the traffic matches at least one egress rule
+ // across all of the NetworkPolicy objects whose podSelector matches the pod. If
+ // this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
+ // solely to ensure that the pods it selects are isolated by default).
+ // This field is beta-level in 1.8
+ // +optional
+ repeated NetworkPolicyEgressRule egress = 3;
+
+ // List of rule types that the NetworkPolicy relates to.
+ // Valid options are Ingress, Egress, or Ingress,Egress.
+ // If this field is not specified, it will default based on the existence of Ingress or Egress rules;
+ // policies that contain an Egress section are assumed to affect Egress, and all policies
+ // (whether or not they contain an Ingress section) are assumed to affect Ingress.
+ // If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
+ // Likewise, if you want to write a policy that specifies that no egress is allowed,
+ // you must specify a policyTypes value that include "Egress" (since such a policy would not include
+ // an Egress section and would otherwise default to just [ "Ingress" ]).
+ // This field is beta-level in 1.8
+ // +optional
+ repeated string policyTypes = 4;
+}
+
+// PodSecurityPolicy governs the ability to make requests that affect the Security Context
+// that will be applied to a pod and container.
+// Deprecated: use PodSecurityPolicy from policy API Group instead.
+message PodSecurityPolicy {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // spec defines the policy enforced.
+ // +optional
+ optional PodSecurityPolicySpec spec = 2;
+}
+
+// PodSecurityPolicyList is a list of PodSecurityPolicy objects.
+// Deprecated: use PodSecurityPolicyList from policy API Group instead.
+message PodSecurityPolicyList {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // items is a list of schema objects.
+ repeated PodSecurityPolicy items = 2;
+}
+
+// PodSecurityPolicySpec defines the policy enforced.
+// Deprecated: use PodSecurityPolicySpec from policy API Group instead.
+message PodSecurityPolicySpec {
+ // privileged determines if a pod can request to be run as privileged.
+ // +optional
+ optional bool privileged = 1;
+
+ // defaultAddCapabilities is the default set of capabilities that will be added to the container
+ // unless the pod spec specifically drops the capability. You may not list a capability in both
+ // defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
+ // allowed, and need not be included in the allowedCapabilities list.
+ // +optional
+ repeated string defaultAddCapabilities = 2;
+
+ // requiredDropCapabilities are the capabilities that will be dropped from the container. These
+ // are required to be dropped and cannot be added.
+ // +optional
+ repeated string requiredDropCapabilities = 3;
+
+ // allowedCapabilities is a list of capabilities that can be requested to add to the container.
+ // Capabilities in this field may be added at the pod author's discretion.
+ // You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
+ // +optional
+ repeated string allowedCapabilities = 4;
+
+ // volumes is a white list of allowed volume plugins. Empty indicates that
+ // no volumes may be used. To allow all volumes you may use '*'.
+ // +optional
+ repeated string volumes = 5;
+
+ // hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
+ // +optional
+ optional bool hostNetwork = 6;
+
+ // hostPorts determines which host port ranges are allowed to be exposed.
+ // +optional
+ repeated HostPortRange hostPorts = 7;
+
+ // hostPID determines if the policy allows the use of HostPID in the pod spec.
+ // +optional
+ optional bool hostPID = 8;
+
+ // hostIPC determines if the policy allows the use of HostIPC in the pod spec.
+ // +optional
+ optional bool hostIPC = 9;
+
+ // seLinux is the strategy that will dictate the allowable labels that may be set.
+ optional SELinuxStrategyOptions seLinux = 10;
+
+ // runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
+ optional RunAsUserStrategyOptions runAsUser = 11;
+
+ // RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ // If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
+ // RunAsGroup feature gate to be enabled.
+ // +optional
+ optional RunAsGroupStrategyOptions runAsGroup = 22;
+
+ // supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
+ optional SupplementalGroupsStrategyOptions supplementalGroups = 12;
+
+ // fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
+ optional FSGroupStrategyOptions fsGroup = 13;
+
+ // readOnlyRootFilesystem when set to true will force containers to run with a read only root file
+ // system. If the container specifically requests to run with a non-read only root file system
+ // the PSP should deny the pod.
+ // If set to false the container may run with a read only root file system if it wishes but it
+ // will not be forced to.
+ // +optional
+ optional bool readOnlyRootFilesystem = 14;
+
+ // defaultAllowPrivilegeEscalation controls the default setting for whether a
+ // process can gain more privileges than its parent process.
+ // +optional
+ optional bool defaultAllowPrivilegeEscalation = 15;
+
+ // allowPrivilegeEscalation determines if a pod can request to allow
+ // privilege escalation. If unspecified, defaults to true.
+ // +optional
+ optional bool allowPrivilegeEscalation = 16;
+
+ // allowedHostPaths is a white list of allowed host paths. Empty indicates
+ // that all host paths may be used.
+ // +optional
+ repeated AllowedHostPath allowedHostPaths = 17;
+
+ // allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all
+ // Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes
+ // is allowed in the "volumes" field.
+ // +optional
+ repeated AllowedFlexVolume allowedFlexVolumes = 18;
+
+ // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
+ // Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
+ //
+ // Examples:
+ // e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
+ // +optional
+ repeated string allowedUnsafeSysctls = 19;
+
+ // forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
+ //
+ // Examples:
+ // e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
+ // +optional
+ repeated string forbiddenSysctls = 20;
+
+ // AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
+ // Empty or nil indicates that only the DefaultProcMountType may be used.
+ // This requires the ProcMountType feature flag to be enabled.
+ // +optional
+ repeated string allowedProcMountTypes = 21;
+}
+
+// DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for
+// more information.
+// ReplicaSet ensures that a specified number of pod replicas are running at any given time.
+message ReplicaSet {
+ // If the Labels of a ReplicaSet are empty, they are defaulted to
+ // be the same as the Pod(s) that the ReplicaSet manages.
+ // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // Spec defines the specification of the desired behavior of the ReplicaSet.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional ReplicaSetSpec spec = 2;
+
+ // Status is the most recently observed status of the ReplicaSet.
+ // This data may be out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ optional ReplicaSetStatus status = 3;
+}
+
+// ReplicaSetCondition describes the state of a replica set at a certain point.
+message ReplicaSetCondition {
+ // Type of replica set condition.
+ optional string type = 1;
+
+ // Status of the condition, one of True, False, Unknown.
+ optional string status = 2;
+
+ // The last time the condition transitioned from one status to another.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
+
+ // The reason for the condition's last transition.
+ // +optional
+ optional string reason = 4;
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ optional string message = 5;
+}
+
+// ReplicaSetList is a collection of ReplicaSets.
+message ReplicaSetList {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+ // List of ReplicaSets.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+ repeated ReplicaSet items = 2;
+}
+
+// ReplicaSetSpec is the specification of a ReplicaSet.
+message ReplicaSetSpec {
+ // Replicas is the number of desired replicas.
+ // This is a pointer to distinguish between explicit zero and unspecified.
+ // Defaults to 1.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ // +optional
+ optional int32 replicas = 1;
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ optional int32 minReadySeconds = 4;
+
+ // Selector is a label query over pods that should match the replica count.
+ // If the selector is empty, it is defaulted to the labels present on the pod template.
+ // Label keys and values that must match in order to be controlled by this replica set.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
+
+ // Template is the object that describes the pod that will be created if
+ // insufficient replicas are detected.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ // +optional
+ optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
+}
+
+// ReplicaSetStatus represents the current status of a ReplicaSet.
+message ReplicaSetStatus {
+ // Replicas is the most recently oberved number of replicas.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ optional int32 replicas = 1;
+
+ // The number of pods that have labels matching the labels of the pod template of the replicaset.
+ // +optional
+ optional int32 fullyLabeledReplicas = 2;
+
+ // The number of ready replicas for this replica set.
+ // +optional
+ optional int32 readyReplicas = 4;
+
+ // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+ // +optional
+ optional int32 availableReplicas = 5;
+
+ // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
+ // +optional
+ optional int64 observedGeneration = 3;
+
+ // Represents the latest available observations of a replica set's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ repeated ReplicaSetCondition conditions = 6;
+}
+
+// Dummy definition
+message ReplicationControllerDummy {
+}
+
+// DEPRECATED.
+message RollbackConfig {
+ // The revision to rollback to. If set to 0, rollback to the last revision.
+ // +optional
+ optional int64 revision = 1;
+}
+
+// Spec to control the desired behavior of daemon set rolling update.
+message RollingUpdateDaemonSet {
+ // The maximum number of DaemonSet pods that can be unavailable during the
+ // update. Value can be an absolute number (ex: 5) or a percentage of total
+ // number of DaemonSet pods at the start of the update (ex: 10%). Absolute
+ // number is calculated from percentage by rounding up.
+ // This cannot be 0.
+ // Default value is 1.
+ // Example: when this is set to 30%, at most 30% of the total number of nodes
+ // that should be running the daemon pod (i.e. status.desiredNumberScheduled)
+ // can have their pods stopped for an update at any given
+ // time. The update starts by stopping at most 30% of those DaemonSet pods
+ // and then brings up new DaemonSet pods in their place. Once the new pods
+ // are available, it then proceeds onto other DaemonSet pods, thus ensuring
+ // that at least 70% of original number of DaemonSet pods are available at
+ // all times during the update.
+ // +optional
+ optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
+}
+
+// Spec to control the desired behavior of rolling update.
+message RollingUpdateDeployment {
+ // The maximum number of pods that can be unavailable during the update.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // Absolute number is calculated from percentage by rounding down.
+ // This can not be 0 if MaxSurge is 0.
+ // By default, a fixed value of 1 is used.
+ // Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods
+ // immediately when the rolling update starts. Once new pods are ready, old RC
+ // can be scaled down further, followed by scaling up the new RC, ensuring
+ // that the total number of pods available at all times during the update is at
+ // least 70% of desired pods.
+ // +optional
+ optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
+
+ // The maximum number of pods that can be scheduled above the desired number of
+ // pods.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // This can not be 0 if MaxUnavailable is 0.
+ // Absolute number is calculated from percentage by rounding up.
+ // By default, a value of 1 is used.
+ // Example: when this is set to 30%, the new RC can be scaled up immediately when
+ // the rolling update starts, such that the total number of old and new pods do not exceed
+ // 130% of desired pods. Once old pods have been killed,
+ // new RC can be scaled up further, ensuring that total number of pods running
+ // at any time during the update is atmost 130% of desired pods.
+ // +optional
+ optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
+}
+
+// RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.
+message RunAsGroupStrategyOptions {
+ // rule is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ optional string rule = 1;
+
+ // ranges are the allowed ranges of gids that may be used. If you would like to force a single gid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ repeated IDRange ranges = 2;
+}
+
+// RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsUserStrategyOptions from policy API Group instead.
+message RunAsUserStrategyOptions {
+ // rule is the strategy that will dictate the allowable RunAsUser values that may be set.
+ optional string rule = 1;
+
+ // ranges are the allowed ranges of uids that may be used. If you would like to force a single uid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ repeated IDRange ranges = 2;
+}
+
+// SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use SELinuxStrategyOptions from policy API Group instead.
+message SELinuxStrategyOptions {
+ // rule is the strategy that will dictate the allowable labels that may be set.
+ optional string rule = 1;
+
+ // seLinuxOptions required to run as; required for MustRunAs
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ // +optional
+ optional k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 2;
+}
+
+// represents a scaling request for a resource.
+message Scale {
+ // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.
+ // +optional
+ optional ScaleSpec spec = 2;
+
+ // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.
+ // +optional
+ optional ScaleStatus status = 3;
+}
+
+// describes the attributes of a scale subresource
+message ScaleSpec {
+ // desired number of instances for the scaled object.
+ // +optional
+ optional int32 replicas = 1;
+}
+
+// represents the current status of a scale subresource.
+message ScaleStatus {
+ // actual number of observed instances of the scaled object.
+ optional int32 replicas = 1;
+
+ // label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
+ // +optional
+ map<string, string> selector = 2;
+
+ // label selector for pods that should match the replicas count. This is a serializated
+ // version of both map-based and more expressive set-based selectors. This is done to
+ // avoid introspection in the clients. The string will be in the same format as the
+ // query-param syntax. If the target type only supports map-based selectors, both this
+ // field and map-based selector field are populated.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ optional string targetSelector = 3;
+}
+
+// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.
+message SupplementalGroupsStrategyOptions {
+ // rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
+ // +optional
+ optional string rule = 1;
+
+ // ranges are the allowed ranges of supplemental groups. If you would like to force a single
+ // supplemental group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ repeated IDRange ranges = 2;
+}
+
diff --git a/vendor/k8s.io/api/extensions/v1beta1/register.go b/vendor/k8s.io/api/extensions/v1beta1/register.go
new file mode 100644
index 0000000..7625f67
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/register.go
@@ -0,0 +1,66 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "extensions"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+ return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+ // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
+ // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
+ SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+ localSchemeBuilder = &SchemeBuilder
+ AddToScheme = localSchemeBuilder.AddToScheme
+)
+
+// Adds the list of known types to the given scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+ scheme.AddKnownTypes(SchemeGroupVersion,
+ &Deployment{},
+ &DeploymentList{},
+ &DeploymentRollback{},
+ &ReplicationControllerDummy{},
+ &Scale{},
+ &DaemonSetList{},
+ &DaemonSet{},
+ &Ingress{},
+ &IngressList{},
+ &ReplicaSet{},
+ &ReplicaSetList{},
+ &PodSecurityPolicy{},
+ &PodSecurityPolicyList{},
+ &NetworkPolicy{},
+ &NetworkPolicyList{},
+ )
+ // Add the watch version that applies
+ metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+ return nil
+}
diff --git a/vendor/k8s.io/api/extensions/v1beta1/types.go b/vendor/k8s.io/api/extensions/v1beta1/types.go
new file mode 100644
index 0000000..5ba6f95
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/types.go
@@ -0,0 +1,1360 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+ appsv1beta1 "k8s.io/api/apps/v1beta1"
+ "k8s.io/api/core/v1"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/util/intstr"
+)
+
+// describes the attributes of a scale subresource
+type ScaleSpec struct {
+ // desired number of instances for the scaled object.
+ // +optional
+ Replicas int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
+}
+
+// represents the current status of a scale subresource.
+type ScaleStatus struct {
+ // actual number of observed instances of the scaled object.
+ Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"`
+
+ // label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
+ // +optional
+ Selector map[string]string `json:"selector,omitempty" protobuf:"bytes,2,rep,name=selector"`
+
+ // label selector for pods that should match the replicas count. This is a serializated
+ // version of both map-based and more expressive set-based selectors. This is done to
+ // avoid introspection in the clients. The string will be in the same format as the
+ // query-param syntax. If the target type only supports map-based selectors, both this
+ // field and map-based selector field are populated.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ TargetSelector string `json:"targetSelector,omitempty" protobuf:"bytes,3,opt,name=targetSelector"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// represents a scaling request for a resource.
+type Scale struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.
+ // +optional
+ Spec ScaleSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+
+ // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.
+ // +optional
+ Status ScaleStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Dummy definition
+type ReplicationControllerDummy struct {
+ metav1.TypeMeta `json:",inline"`
+}
+
+// +genclient
+// +genclient:method=GetScale,verb=get,subresource=scale,result=Scale
+// +genclient:method=UpdateScale,verb=update,subresource=scale,input=Scale,result=Scale
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for
+// more information.
+// Deployment enables declarative updates for Pods and ReplicaSets.
+type Deployment struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object metadata.
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Specification of the desired behavior of the Deployment.
+ // +optional
+ Spec DeploymentSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+
+ // Most recently observed status of the Deployment.
+ // +optional
+ Status DeploymentStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// DeploymentSpec is the specification of the desired behavior of the Deployment.
+type DeploymentSpec struct {
+ // Number of desired pods. This is a pointer to distinguish between explicit
+ // zero and not specified. Defaults to 1.
+ // +optional
+ Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
+
+ // Label selector for pods. Existing ReplicaSets whose pods are
+ // selected by this will be the ones affected by this deployment.
+ // +optional
+ Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,2,opt,name=selector"`
+
+ // Template describes the pods that will be created.
+ Template v1.PodTemplateSpec `json:"template" protobuf:"bytes,3,opt,name=template"`
+
+ // The deployment strategy to use to replace existing pods with new ones.
+ // +optional
+ // +patchStrategy=retainKeys
+ Strategy DeploymentStrategy `json:"strategy,omitempty" patchStrategy:"retainKeys" protobuf:"bytes,4,opt,name=strategy"`
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,5,opt,name=minReadySeconds"`
+
+ // The number of old ReplicaSets to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // This is set to the max value of int32 (i.e. 2147483647) by default, which
+ // means "retaining all old RelicaSets".
+ // +optional
+ RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty" protobuf:"varint,6,opt,name=revisionHistoryLimit"`
+
+ // Indicates that the deployment is paused and will not be processed by the
+ // deployment controller.
+ // +optional
+ Paused bool `json:"paused,omitempty" protobuf:"varint,7,opt,name=paused"`
+
+ // DEPRECATED.
+ // The config this deployment is rolling back to. Will be cleared after rollback is done.
+ // +optional
+ RollbackTo *RollbackConfig `json:"rollbackTo,omitempty" protobuf:"bytes,8,opt,name=rollbackTo"`
+
+ // The maximum time in seconds for a deployment to make progress before it
+ // is considered to be failed. The deployment controller will continue to
+ // process failed deployments and a condition with a ProgressDeadlineExceeded
+ // reason will be surfaced in the deployment status. Note that progress will
+ // not be estimated during the time a deployment is paused. This is set to
+ // the max value of int32 (i.e. 2147483647) by default, which means "no deadline".
+ // +optional
+ ProgressDeadlineSeconds *int32 `json:"progressDeadlineSeconds,omitempty" protobuf:"varint,9,opt,name=progressDeadlineSeconds"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED.
+// DeploymentRollback stores the information required to rollback a deployment.
+type DeploymentRollback struct {
+ metav1.TypeMeta `json:",inline"`
+ // Required: This must match the Name of a deployment.
+ Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
+ // The annotations to be updated to a deployment
+ // +optional
+ UpdatedAnnotations map[string]string `json:"updatedAnnotations,omitempty" protobuf:"bytes,2,rep,name=updatedAnnotations"`
+ // The config of this deployment rollback.
+ RollbackTo RollbackConfig `json:"rollbackTo" protobuf:"bytes,3,opt,name=rollbackTo"`
+}
+
+// DEPRECATED.
+type RollbackConfig struct {
+ // The revision to rollback to. If set to 0, rollback to the last revision.
+ // +optional
+ Revision int64 `json:"revision,omitempty" protobuf:"varint,1,opt,name=revision"`
+}
+
+const (
+ // DefaultDeploymentUniqueLabelKey is the default key of the selector that is added
+ // to existing RCs (and label key that is added to its pods) to prevent the existing RCs
+ // to select new pods (and old pods being select by new RC).
+ DefaultDeploymentUniqueLabelKey string = "pod-template-hash"
+)
+
+// DeploymentStrategy describes how to replace existing pods with new ones.
+type DeploymentStrategy struct {
+ // Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
+ // +optional
+ Type DeploymentStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=DeploymentStrategyType"`
+
+ // Rolling update config params. Present only if DeploymentStrategyType =
+ // RollingUpdate.
+ //---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be.
+ // +optional
+ RollingUpdate *RollingUpdateDeployment `json:"rollingUpdate,omitempty" protobuf:"bytes,2,opt,name=rollingUpdate"`
+}
+
+type DeploymentStrategyType string
+
+const (
+ // Kill all existing pods before creating new ones.
+ RecreateDeploymentStrategyType DeploymentStrategyType = "Recreate"
+
+ // Replace the old RCs by new one using rolling update i.e gradually scale down the old RCs and scale up the new one.
+ RollingUpdateDeploymentStrategyType DeploymentStrategyType = "RollingUpdate"
+)
+
+// Spec to control the desired behavior of rolling update.
+type RollingUpdateDeployment struct {
+ // The maximum number of pods that can be unavailable during the update.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // Absolute number is calculated from percentage by rounding down.
+ // This can not be 0 if MaxSurge is 0.
+ // By default, a fixed value of 1 is used.
+ // Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods
+ // immediately when the rolling update starts. Once new pods are ready, old RC
+ // can be scaled down further, followed by scaling up the new RC, ensuring
+ // that the total number of pods available at all times during the update is at
+ // least 70% of desired pods.
+ // +optional
+ MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty" protobuf:"bytes,1,opt,name=maxUnavailable"`
+
+ // The maximum number of pods that can be scheduled above the desired number of
+ // pods.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // This can not be 0 if MaxUnavailable is 0.
+ // Absolute number is calculated from percentage by rounding up.
+ // By default, a value of 1 is used.
+ // Example: when this is set to 30%, the new RC can be scaled up immediately when
+ // the rolling update starts, such that the total number of old and new pods do not exceed
+ // 130% of desired pods. Once old pods have been killed,
+ // new RC can be scaled up further, ensuring that total number of pods running
+ // at any time during the update is atmost 130% of desired pods.
+ // +optional
+ MaxSurge *intstr.IntOrString `json:"maxSurge,omitempty" protobuf:"bytes,2,opt,name=maxSurge"`
+}
+
+// DeploymentStatus is the most recently observed status of the Deployment.
+type DeploymentStatus struct {
+ // The generation observed by the deployment controller.
+ // +optional
+ ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`
+
+ // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+ // +optional
+ Replicas int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"`
+
+ // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+ // +optional
+ UpdatedReplicas int32 `json:"updatedReplicas,omitempty" protobuf:"varint,3,opt,name=updatedReplicas"`
+
+ // Total number of ready pods targeted by this deployment.
+ // +optional
+ ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,7,opt,name=readyReplicas"`
+
+ // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+ // +optional
+ AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,4,opt,name=availableReplicas"`
+
+ // Total number of unavailable pods targeted by this deployment. This is the total number of
+ // pods that are still required for the deployment to have 100% available capacity. They may
+ // either be pods that are running but not yet available or pods that still have not been created.
+ // +optional
+ UnavailableReplicas int32 `json:"unavailableReplicas,omitempty" protobuf:"varint,5,opt,name=unavailableReplicas"`
+
+ // Represents the latest available observations of a deployment's current state.
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ Conditions []DeploymentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
+
+ // Count of hash collisions for the Deployment. The Deployment controller uses this
+ // field as a collision avoidance mechanism when it needs to create the name for the
+ // newest ReplicaSet.
+ // +optional
+ CollisionCount *int32 `json:"collisionCount,omitempty" protobuf:"varint,8,opt,name=collisionCount"`
+}
+
+type DeploymentConditionType string
+
+// These are valid conditions of a deployment.
+const (
+ // Available means the deployment is available, ie. at least the minimum available
+ // replicas required are up and running for at least minReadySeconds.
+ DeploymentAvailable DeploymentConditionType = "Available"
+ // Progressing means the deployment is progressing. Progress for a deployment is
+ // considered when a new replica set is created or adopted, and when new pods scale
+ // up or old pods scale down. Progress is not estimated for paused deployments or
+ // when progressDeadlineSeconds is not specified.
+ DeploymentProgressing DeploymentConditionType = "Progressing"
+ // ReplicaFailure is added in a deployment when one of its pods fails to be created
+ // or deleted.
+ DeploymentReplicaFailure DeploymentConditionType = "ReplicaFailure"
+)
+
+// DeploymentCondition describes the state of a deployment at a certain point.
+type DeploymentCondition struct {
+ // Type of deployment condition.
+ Type DeploymentConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=DeploymentConditionType"`
+ // Status of the condition, one of True, False, Unknown.
+ Status v1.ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=k8s.io/api/core/v1.ConditionStatus"`
+ // The last time this condition was updated.
+ LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty" protobuf:"bytes,6,opt,name=lastUpdateTime"`
+ // Last time the condition transitioned from one status to another.
+ LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,7,opt,name=lastTransitionTime"`
+ // The reason for the condition's last transition.
+ Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
+ // A human readable message indicating details about the transition.
+ Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DeploymentList is a list of Deployments.
+type DeploymentList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Items is the list of Deployments.
+ Items []Deployment `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+type DaemonSetUpdateStrategy struct {
+ // Type of daemon set update. Can be "RollingUpdate" or "OnDelete".
+ // Default is OnDelete.
+ // +optional
+ Type DaemonSetUpdateStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"`
+
+ // Rolling update config params. Present only if type = "RollingUpdate".
+ //---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be. Same as Deployment `strategy.rollingUpdate`.
+ // See https://github.com/kubernetes/kubernetes/issues/35345
+ // +optional
+ RollingUpdate *RollingUpdateDaemonSet `json:"rollingUpdate,omitempty" protobuf:"bytes,2,opt,name=rollingUpdate"`
+}
+
+type DaemonSetUpdateStrategyType string
+
+const (
+ // Replace the old daemons by new ones using rolling update i.e replace them on each node one after the other.
+ RollingUpdateDaemonSetStrategyType DaemonSetUpdateStrategyType = "RollingUpdate"
+
+ // Replace the old daemons only when it's killed
+ OnDeleteDaemonSetStrategyType DaemonSetUpdateStrategyType = "OnDelete"
+)
+
+// Spec to control the desired behavior of daemon set rolling update.
+type RollingUpdateDaemonSet struct {
+ // The maximum number of DaemonSet pods that can be unavailable during the
+ // update. Value can be an absolute number (ex: 5) or a percentage of total
+ // number of DaemonSet pods at the start of the update (ex: 10%). Absolute
+ // number is calculated from percentage by rounding up.
+ // This cannot be 0.
+ // Default value is 1.
+ // Example: when this is set to 30%, at most 30% of the total number of nodes
+ // that should be running the daemon pod (i.e. status.desiredNumberScheduled)
+ // can have their pods stopped for an update at any given
+ // time. The update starts by stopping at most 30% of those DaemonSet pods
+ // and then brings up new DaemonSet pods in their place. Once the new pods
+ // are available, it then proceeds onto other DaemonSet pods, thus ensuring
+ // that at least 70% of original number of DaemonSet pods are available at
+ // all times during the update.
+ // +optional
+ MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty" protobuf:"bytes,1,opt,name=maxUnavailable"`
+}
+
+// DaemonSetSpec is the specification of a daemon set.
+type DaemonSetSpec struct {
+ // A label query over pods that are managed by the daemon set.
+ // Must match in order to be controlled.
+ // If empty, defaulted to labels on Pod template.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,1,opt,name=selector"`
+
+ // An object that describes the pod that will be created.
+ // The DaemonSet will create exactly one copy of this pod on every node
+ // that matches the template's node selector (or on every node if no node
+ // selector is specified).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ Template v1.PodTemplateSpec `json:"template" protobuf:"bytes,2,opt,name=template"`
+
+ // An update strategy to replace existing DaemonSet pods with new pods.
+ // +optional
+ UpdateStrategy DaemonSetUpdateStrategy `json:"updateStrategy,omitempty" protobuf:"bytes,3,opt,name=updateStrategy"`
+
+ // The minimum number of seconds for which a newly created DaemonSet pod should
+ // be ready without any of its container crashing, for it to be considered
+ // available. Defaults to 0 (pod will be considered available as soon as it
+ // is ready).
+ // +optional
+ MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,4,opt,name=minReadySeconds"`
+
+ // DEPRECATED.
+ // A sequence number representing a specific generation of the template.
+ // Populated by the system. It can be set only during the creation.
+ // +optional
+ TemplateGeneration int64 `json:"templateGeneration,omitempty" protobuf:"varint,5,opt,name=templateGeneration"`
+
+ // The number of old history to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // Defaults to 10.
+ // +optional
+ RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty" protobuf:"varint,6,opt,name=revisionHistoryLimit"`
+}
+
+// DaemonSetStatus represents the current status of a daemon set.
+type DaemonSetStatus struct {
+ // The number of nodes that are running at least 1
+ // daemon pod and are supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ CurrentNumberScheduled int32 `json:"currentNumberScheduled" protobuf:"varint,1,opt,name=currentNumberScheduled"`
+
+ // The number of nodes that are running the daemon pod, but are
+ // not supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ NumberMisscheduled int32 `json:"numberMisscheduled" protobuf:"varint,2,opt,name=numberMisscheduled"`
+
+ // The total number of nodes that should be running the daemon
+ // pod (including nodes correctly running the daemon pod).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ DesiredNumberScheduled int32 `json:"desiredNumberScheduled" protobuf:"varint,3,opt,name=desiredNumberScheduled"`
+
+ // The number of nodes that should be running the daemon pod and have one
+ // or more of the daemon pod running and ready.
+ NumberReady int32 `json:"numberReady" protobuf:"varint,4,opt,name=numberReady"`
+
+ // The most recent generation observed by the daemon set controller.
+ // +optional
+ ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,5,opt,name=observedGeneration"`
+
+ // The total number of nodes that are running updated daemon pod
+ // +optional
+ UpdatedNumberScheduled int32 `json:"updatedNumberScheduled,omitempty" protobuf:"varint,6,opt,name=updatedNumberScheduled"`
+
+ // The number of nodes that should be running the
+ // daemon pod and have one or more of the daemon pod running and
+ // available (ready for at least spec.minReadySeconds)
+ // +optional
+ NumberAvailable int32 `json:"numberAvailable,omitempty" protobuf:"varint,7,opt,name=numberAvailable"`
+
+ // The number of nodes that should be running the
+ // daemon pod and have none of the daemon pod running and available
+ // (ready for at least spec.minReadySeconds)
+ // +optional
+ NumberUnavailable int32 `json:"numberUnavailable,omitempty" protobuf:"varint,8,opt,name=numberUnavailable"`
+
+ // Count of hash collisions for the DaemonSet. The DaemonSet controller
+ // uses this field as a collision avoidance mechanism when it needs to
+ // create the name for the newest ControllerRevision.
+ // +optional
+ CollisionCount *int32 `json:"collisionCount,omitempty" protobuf:"varint,9,opt,name=collisionCount"`
+
+ // Represents the latest available observations of a DaemonSet's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ Conditions []DaemonSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
+}
+
+type DaemonSetConditionType string
+
+// TODO: Add valid condition types of a DaemonSet.
+
+// DaemonSetCondition describes the state of a DaemonSet at a certain point.
+type DaemonSetCondition struct {
+ // Type of DaemonSet condition.
+ Type DaemonSetConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=DaemonSetConditionType"`
+ // Status of the condition, one of True, False, Unknown.
+ Status v1.ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=k8s.io/api/core/v1.ConditionStatus"`
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
+ // The reason for the condition's last transition.
+ // +optional
+ Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
+ // A human readable message indicating details about the transition.
+ // +optional
+ Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for
+// more information.
+// DaemonSet represents the configuration of a daemon set.
+type DaemonSet struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // The desired behavior of this daemon set.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Spec DaemonSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+
+ // The current status of this daemon set. This data may be
+ // out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Status DaemonSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+const (
+ // DEPRECATED: DefaultDaemonSetUniqueLabelKey is used instead.
+ // DaemonSetTemplateGenerationKey is the key of the labels that is added
+ // to daemon set pods to distinguish between old and new pod templates
+ // during DaemonSet template update.
+ DaemonSetTemplateGenerationKey string = "pod-template-generation"
+
+ // DefaultDaemonSetUniqueLabelKey is the default label key that is added
+ // to existing DaemonSet pods to distinguish between old and new
+ // DaemonSet pods during DaemonSet template updates.
+ DefaultDaemonSetUniqueLabelKey = appsv1beta1.ControllerRevisionHashLabelKey
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DaemonSetList is a collection of daemon sets.
+type DaemonSetList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // A list of daemon sets.
+ Items []DaemonSet `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Ingress is a collection of rules that allow inbound connections to reach the
+// endpoints defined by a backend. An Ingress can be configured to give services
+// externally-reachable urls, load balance traffic, terminate SSL, offer name
+// based virtual hosting etc.
+type Ingress struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Spec is the desired state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Spec IngressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+
+ // Status is the current state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Status IngressStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// IngressList is a collection of Ingress.
+type IngressList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Items is the list of Ingress.
+ Items []Ingress `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// IngressSpec describes the Ingress the user wishes to exist.
+type IngressSpec struct {
+ // A default backend capable of servicing requests that don't match any
+ // rule. At least one of 'backend' or 'rules' must be specified. This field
+ // is optional to allow the loadbalancer controller or defaulting logic to
+ // specify a global default.
+ // +optional
+ Backend *IngressBackend `json:"backend,omitempty" protobuf:"bytes,1,opt,name=backend"`
+
+ // TLS configuration. Currently the Ingress only supports a single TLS
+ // port, 443. If multiple members of this list specify different hosts, they
+ // will be multiplexed on the same port according to the hostname specified
+ // through the SNI TLS extension, if the ingress controller fulfilling the
+ // ingress supports SNI.
+ // +optional
+ TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"`
+
+ // A list of host rules used to configure the Ingress. If unspecified, or
+ // no rule matches, all traffic is sent to the default backend.
+ // +optional
+ Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
+ // TODO: Add the ability to specify load-balancer IP through claims
+}
+
+// IngressTLS describes the transport layer security associated with an Ingress.
+type IngressTLS struct {
+ // Hosts are a list of hosts included in the TLS certificate. The values in
+ // this list must match the name/s used in the tlsSecret. Defaults to the
+ // wildcard host setting for the loadbalancer controller fulfilling this
+ // Ingress, if left unspecified.
+ // +optional
+ Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"`
+ // SecretName is the name of the secret used to terminate SSL traffic on 443.
+ // Field is left optional to allow SSL routing based on SNI hostname alone.
+ // If the SNI host in a listener conflicts with the "Host" header field used
+ // by an IngressRule, the SNI host is used for termination and value of the
+ // Host header is used for routing.
+ // +optional
+ SecretName string `json:"secretName,omitempty" protobuf:"bytes,2,opt,name=secretName"`
+ // TODO: Consider specifying different modes of termination, protocols etc.
+}
+
+// IngressStatus describe the current state of the Ingress.
+type IngressStatus struct {
+ // LoadBalancer contains the current status of the load-balancer.
+ // +optional
+ LoadBalancer v1.LoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"`
+}
+
+// IngressRule represents the rules mapping the paths under a specified host to
+// the related backend services. Incoming requests are first evaluated for a host
+// match, then routed to the backend associated with the matching IngressRuleValue.
+type IngressRule struct {
+ // Host is the fully qualified domain name of a network host, as defined
+ // by RFC 3986. Note the following deviations from the "host" part of the
+ // URI as defined in the RFC:
+ // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
+ // IP in the Spec of the parent Ingress.
+ // 2. The `:` delimiter is not respected because ports are not allowed.
+ // Currently the port of an Ingress is implicitly :80 for http and
+ // :443 for https.
+ // Both these may change in the future.
+ // Incoming requests are matched against the host before the IngressRuleValue.
+ // If the host is unspecified, the Ingress routes all traffic based on the
+ // specified IngressRuleValue.
+ // +optional
+ Host string `json:"host,omitempty" protobuf:"bytes,1,opt,name=host"`
+ // IngressRuleValue represents a rule to route requests for this IngressRule.
+ // If unspecified, the rule defaults to a http catch-all. Whether that sends
+ // just traffic matching the host to the default backend or all traffic to the
+ // default backend, is left to the controller fulfilling the Ingress. Http is
+ // currently the only supported IngressRuleValue.
+ // +optional
+ IngressRuleValue `json:",inline,omitempty" protobuf:"bytes,2,opt,name=ingressRuleValue"`
+}
+
+// IngressRuleValue represents a rule to apply against incoming requests. If the
+// rule is satisfied, the request is routed to the specified backend. Currently
+// mixing different types of rules in a single Ingress is disallowed, so exactly
+// one of the following must be set.
+type IngressRuleValue struct {
+ //TODO:
+ // 1. Consider renaming this resource and the associated rules so they
+ // aren't tied to Ingress. They can be used to route intra-cluster traffic.
+ // 2. Consider adding fields for ingress-type specific global options
+ // usable by a loadbalancer, like http keep-alive.
+
+ // +optional
+ HTTP *HTTPIngressRuleValue `json:"http,omitempty" protobuf:"bytes,1,opt,name=http"`
+}
+
+// HTTPIngressRuleValue is a list of http selectors pointing to backends.
+// In the example: http://<host>/<path>?<searchpart> -> backend where
+// where parts of the url correspond to RFC 3986, this resource will be used
+// to match against everything after the last '/' and before the first '?'
+// or '#'.
+type HTTPIngressRuleValue struct {
+ // A collection of paths that map requests to backends.
+ Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"`
+ // TODO: Consider adding fields for ingress-type specific global
+ // options usable by a loadbalancer, like http keep-alive.
+}
+
+// HTTPIngressPath associates a path regex with a backend. Incoming urls matching
+// the path are forwarded to the backend.
+type HTTPIngressPath struct {
+ // Path is an extended POSIX regex as defined by IEEE Std 1003.1,
+ // (i.e this follows the egrep/unix syntax, not the perl syntax)
+ // matched against the path of an incoming request. Currently it can
+ // contain characters disallowed from the conventional "path"
+ // part of a URL as defined by RFC 3986. Paths must begin with
+ // a '/'. If unspecified, the path defaults to a catch all sending
+ // traffic to the backend.
+ // +optional
+ Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"`
+
+ // Backend defines the referenced service endpoint to which the traffic
+ // will be forwarded to.
+ Backend IngressBackend `json:"backend" protobuf:"bytes,2,opt,name=backend"`
+}
+
+// IngressBackend describes all endpoints for a given service and port.
+type IngressBackend struct {
+ // Specifies the name of the referenced service.
+ ServiceName string `json:"serviceName" protobuf:"bytes,1,opt,name=serviceName"`
+
+ // Specifies the port of the referenced service.
+ ServicePort intstr.IntOrString `json:"servicePort" protobuf:"bytes,2,opt,name=servicePort"`
+}
+
+// +genclient
+// +genclient:method=GetScale,verb=get,subresource=scale,result=Scale
+// +genclient:method=UpdateScale,verb=update,subresource=scale,input=Scale,result=Scale
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for
+// more information.
+// ReplicaSet ensures that a specified number of pod replicas are running at any given time.
+type ReplicaSet struct {
+ metav1.TypeMeta `json:",inline"`
+
+ // If the Labels of a ReplicaSet are empty, they are defaulted to
+ // be the same as the Pod(s) that the ReplicaSet manages.
+ // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Spec defines the specification of the desired behavior of the ReplicaSet.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Spec ReplicaSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+
+ // Status is the most recently observed status of the ReplicaSet.
+ // This data may be out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ Status ReplicaSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ReplicaSetList is a collection of ReplicaSets.
+type ReplicaSetList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // List of ReplicaSets.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+ Items []ReplicaSet `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// ReplicaSetSpec is the specification of a ReplicaSet.
+type ReplicaSetSpec struct {
+ // Replicas is the number of desired replicas.
+ // This is a pointer to distinguish between explicit zero and unspecified.
+ // Defaults to 1.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ // +optional
+ Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,4,opt,name=minReadySeconds"`
+
+ // Selector is a label query over pods that should match the replica count.
+ // If the selector is empty, it is defaulted to the labels present on the pod template.
+ // Label keys and values that must match in order to be controlled by this replica set.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,2,opt,name=selector"`
+
+ // Template is the object that describes the pod that will be created if
+ // insufficient replicas are detected.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ // +optional
+ Template v1.PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"`
+}
+
+// ReplicaSetStatus represents the current status of a ReplicaSet.
+type ReplicaSetStatus struct {
+ // Replicas is the most recently oberved number of replicas.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"`
+
+ // The number of pods that have labels matching the labels of the pod template of the replicaset.
+ // +optional
+ FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"`
+
+ // The number of ready replicas for this replica set.
+ // +optional
+ ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"`
+
+ // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+ // +optional
+ AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"`
+
+ // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
+ // +optional
+ ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"`
+
+ // Represents the latest available observations of a replica set's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ Conditions []ReplicaSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
+}
+
+type ReplicaSetConditionType string
+
+// These are valid conditions of a replica set.
+const (
+ // ReplicaSetReplicaFailure is added in a replica set when one of its pods fails to be created
+ // due to insufficient quota, limit ranges, pod security policy, node selectors, etc. or deleted
+ // due to kubelet being down or finalizers are failing.
+ ReplicaSetReplicaFailure ReplicaSetConditionType = "ReplicaFailure"
+)
+
+// ReplicaSetCondition describes the state of a replica set at a certain point.
+type ReplicaSetCondition struct {
+ // Type of replica set condition.
+ Type ReplicaSetConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=ReplicaSetConditionType"`
+ // Status of the condition, one of True, False, Unknown.
+ Status v1.ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=k8s.io/api/core/v1.ConditionStatus"`
+ // The last time the condition transitioned from one status to another.
+ // +optional
+ LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
+ // The reason for the condition's last transition.
+ // +optional
+ Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
+ // A human readable message indicating details about the transition.
+ // +optional
+ Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
+}
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// PodSecurityPolicy governs the ability to make requests that affect the Security Context
+// that will be applied to a pod and container.
+// Deprecated: use PodSecurityPolicy from policy API Group instead.
+type PodSecurityPolicy struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // spec defines the policy enforced.
+ // +optional
+ Spec PodSecurityPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// PodSecurityPolicySpec defines the policy enforced.
+// Deprecated: use PodSecurityPolicySpec from policy API Group instead.
+type PodSecurityPolicySpec struct {
+ // privileged determines if a pod can request to be run as privileged.
+ // +optional
+ Privileged bool `json:"privileged,omitempty" protobuf:"varint,1,opt,name=privileged"`
+ // defaultAddCapabilities is the default set of capabilities that will be added to the container
+ // unless the pod spec specifically drops the capability. You may not list a capability in both
+ // defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
+ // allowed, and need not be included in the allowedCapabilities list.
+ // +optional
+ DefaultAddCapabilities []v1.Capability `json:"defaultAddCapabilities,omitempty" protobuf:"bytes,2,rep,name=defaultAddCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+ // requiredDropCapabilities are the capabilities that will be dropped from the container. These
+ // are required to be dropped and cannot be added.
+ // +optional
+ RequiredDropCapabilities []v1.Capability `json:"requiredDropCapabilities,omitempty" protobuf:"bytes,3,rep,name=requiredDropCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+ // allowedCapabilities is a list of capabilities that can be requested to add to the container.
+ // Capabilities in this field may be added at the pod author's discretion.
+ // You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
+ // +optional
+ AllowedCapabilities []v1.Capability `json:"allowedCapabilities,omitempty" protobuf:"bytes,4,rep,name=allowedCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+ // volumes is a white list of allowed volume plugins. Empty indicates that
+ // no volumes may be used. To allow all volumes you may use '*'.
+ // +optional
+ Volumes []FSType `json:"volumes,omitempty" protobuf:"bytes,5,rep,name=volumes,casttype=FSType"`
+ // hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
+ // +optional
+ HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,6,opt,name=hostNetwork"`
+ // hostPorts determines which host port ranges are allowed to be exposed.
+ // +optional
+ HostPorts []HostPortRange `json:"hostPorts,omitempty" protobuf:"bytes,7,rep,name=hostPorts"`
+ // hostPID determines if the policy allows the use of HostPID in the pod spec.
+ // +optional
+ HostPID bool `json:"hostPID,omitempty" protobuf:"varint,8,opt,name=hostPID"`
+ // hostIPC determines if the policy allows the use of HostIPC in the pod spec.
+ // +optional
+ HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,9,opt,name=hostIPC"`
+ // seLinux is the strategy that will dictate the allowable labels that may be set.
+ SELinux SELinuxStrategyOptions `json:"seLinux" protobuf:"bytes,10,opt,name=seLinux"`
+ // runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
+ RunAsUser RunAsUserStrategyOptions `json:"runAsUser" protobuf:"bytes,11,opt,name=runAsUser"`
+ // RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ // If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
+ // RunAsGroup feature gate to be enabled.
+ // +optional
+ RunAsGroup *RunAsGroupStrategyOptions `json:"runAsGroup,omitempty" protobuf:"bytes,22,opt,name=runAsGroup"`
+ // supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
+ SupplementalGroups SupplementalGroupsStrategyOptions `json:"supplementalGroups" protobuf:"bytes,12,opt,name=supplementalGroups"`
+ // fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
+ FSGroup FSGroupStrategyOptions `json:"fsGroup" protobuf:"bytes,13,opt,name=fsGroup"`
+ // readOnlyRootFilesystem when set to true will force containers to run with a read only root file
+ // system. If the container specifically requests to run with a non-read only root file system
+ // the PSP should deny the pod.
+ // If set to false the container may run with a read only root file system if it wishes but it
+ // will not be forced to.
+ // +optional
+ ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" protobuf:"varint,14,opt,name=readOnlyRootFilesystem"`
+ // defaultAllowPrivilegeEscalation controls the default setting for whether a
+ // process can gain more privileges than its parent process.
+ // +optional
+ DefaultAllowPrivilegeEscalation *bool `json:"defaultAllowPrivilegeEscalation,omitempty" protobuf:"varint,15,opt,name=defaultAllowPrivilegeEscalation"`
+ // allowPrivilegeEscalation determines if a pod can request to allow
+ // privilege escalation. If unspecified, defaults to true.
+ // +optional
+ AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,16,opt,name=allowPrivilegeEscalation"`
+ // allowedHostPaths is a white list of allowed host paths. Empty indicates
+ // that all host paths may be used.
+ // +optional
+ AllowedHostPaths []AllowedHostPath `json:"allowedHostPaths,omitempty" protobuf:"bytes,17,rep,name=allowedHostPaths"`
+ // allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all
+ // Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes
+ // is allowed in the "volumes" field.
+ // +optional
+ AllowedFlexVolumes []AllowedFlexVolume `json:"allowedFlexVolumes,omitempty" protobuf:"bytes,18,rep,name=allowedFlexVolumes"`
+ // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
+ // Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
+ //
+ // Examples:
+ // e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
+ // +optional
+ AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty" protobuf:"bytes,19,rep,name=allowedUnsafeSysctls"`
+ // forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
+ //
+ // Examples:
+ // e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
+ // +optional
+ ForbiddenSysctls []string `json:"forbiddenSysctls,omitempty" protobuf:"bytes,20,rep,name=forbiddenSysctls"`
+ // AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
+ // Empty or nil indicates that only the DefaultProcMountType may be used.
+ // This requires the ProcMountType feature flag to be enabled.
+ // +optional
+ AllowedProcMountTypes []v1.ProcMountType `json:"allowedProcMountTypes,omitempty" protobuf:"bytes,21,opt,name=allowedProcMountTypes"`
+}
+
+// AllowedHostPath defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+// Deprecated: use AllowedHostPath from policy API Group instead.
+type AllowedHostPath struct {
+ // pathPrefix is the path prefix that the host volume must match.
+ // It does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ PathPrefix string `json:"pathPrefix,omitempty" protobuf:"bytes,1,rep,name=pathPrefix"`
+
+ // when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.
+ // +optional
+ ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"`
+}
+
+// FSType gives strong typing to different file systems that are used by volumes.
+// Deprecated: use FSType from policy API Group instead.
+type FSType string
+
+var (
+ AzureFile FSType = "azureFile"
+ Flocker FSType = "flocker"
+ FlexVolume FSType = "flexVolume"
+ HostPath FSType = "hostPath"
+ EmptyDir FSType = "emptyDir"
+ GCEPersistentDisk FSType = "gcePersistentDisk"
+ AWSElasticBlockStore FSType = "awsElasticBlockStore"
+ GitRepo FSType = "gitRepo"
+ Secret FSType = "secret"
+ NFS FSType = "nfs"
+ ISCSI FSType = "iscsi"
+ Glusterfs FSType = "glusterfs"
+ PersistentVolumeClaim FSType = "persistentVolumeClaim"
+ RBD FSType = "rbd"
+ Cinder FSType = "cinder"
+ CephFS FSType = "cephFS"
+ DownwardAPI FSType = "downwardAPI"
+ FC FSType = "fc"
+ ConfigMap FSType = "configMap"
+ Quobyte FSType = "quobyte"
+ AzureDisk FSType = "azureDisk"
+ All FSType = "*"
+)
+
+// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
+// Deprecated: use AllowedFlexVolume from policy API Group instead.
+type AllowedFlexVolume struct {
+ // driver is the name of the Flexvolume driver.
+ Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"`
+}
+
+// HostPortRange defines a range of host ports that will be enabled by a policy
+// for pods to use. It requires both the start and end to be defined.
+// Deprecated: use HostPortRange from policy API Group instead.
+type HostPortRange struct {
+ // min is the start of the range, inclusive.
+ Min int32 `json:"min" protobuf:"varint,1,opt,name=min"`
+ // max is the end of the range, inclusive.
+ Max int32 `json:"max" protobuf:"varint,2,opt,name=max"`
+}
+
+// SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use SELinuxStrategyOptions from policy API Group instead.
+type SELinuxStrategyOptions struct {
+ // rule is the strategy that will dictate the allowable labels that may be set.
+ Rule SELinuxStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=SELinuxStrategy"`
+ // seLinuxOptions required to run as; required for MustRunAs
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ // +optional
+ SELinuxOptions *v1.SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,2,opt,name=seLinuxOptions"`
+}
+
+// SELinuxStrategy denotes strategy types for generating SELinux options for a
+// Security Context.
+// Deprecated: use SELinuxStrategy from policy API Group instead.
+type SELinuxStrategy string
+
+const (
+ // SELinuxStrategyMustRunAs means that container must have SELinux labels of X applied.
+ // Deprecated: use SELinuxStrategyMustRunAs from policy API Group instead.
+ SELinuxStrategyMustRunAs SELinuxStrategy = "MustRunAs"
+ // SELinuxStrategyRunAsAny means that container may make requests for any SELinux context labels.
+ // Deprecated: use SELinuxStrategyRunAsAny from policy API Group instead.
+ SELinuxStrategyRunAsAny SELinuxStrategy = "RunAsAny"
+)
+
+// RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsUserStrategyOptions from policy API Group instead.
+type RunAsUserStrategyOptions struct {
+ // rule is the strategy that will dictate the allowable RunAsUser values that may be set.
+ Rule RunAsUserStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=RunAsUserStrategy"`
+ // ranges are the allowed ranges of uids that may be used. If you would like to force a single uid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.
+type RunAsGroupStrategyOptions struct {
+ // rule is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ Rule RunAsGroupStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=RunAsGroupStrategy"`
+ // ranges are the allowed ranges of gids that may be used. If you would like to force a single gid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// IDRange provides a min/max of an allowed range of IDs.
+// Deprecated: use IDRange from policy API Group instead.
+type IDRange struct {
+ // min is the start of the range, inclusive.
+ Min int64 `json:"min" protobuf:"varint,1,opt,name=min"`
+ // max is the end of the range, inclusive.
+ Max int64 `json:"max" protobuf:"varint,2,opt,name=max"`
+}
+
+// RunAsUserStrategy denotes strategy types for generating RunAsUser values for a
+// Security Context.
+// Deprecated: use RunAsUserStrategy from policy API Group instead.
+type RunAsUserStrategy string
+
+const (
+ // RunAsUserStrategyMustRunAs means that container must run as a particular uid.
+ // Deprecated: use RunAsUserStrategyMustRunAs from policy API Group instead.
+ RunAsUserStrategyMustRunAs RunAsUserStrategy = "MustRunAs"
+ // RunAsUserStrategyMustRunAsNonRoot means that container must run as a non-root uid.
+ // Deprecated: use RunAsUserStrategyMustRunAsNonRoot from policy API Group instead.
+ RunAsUserStrategyMustRunAsNonRoot RunAsUserStrategy = "MustRunAsNonRoot"
+ // RunAsUserStrategyRunAsAny means that container may make requests for any uid.
+ // Deprecated: use RunAsUserStrategyRunAsAny from policy API Group instead.
+ RunAsUserStrategyRunAsAny RunAsUserStrategy = "RunAsAny"
+)
+
+// RunAsGroupStrategy denotes strategy types for generating RunAsGroup values for a
+// Security Context.
+// Deprecated: use RunAsGroupStrategy from policy API Group instead.
+type RunAsGroupStrategy string
+
+const (
+ // RunAsGroupStrategyMayRunAs means that container does not need to run with a particular gid.
+ // However, when RunAsGroup are specified, they have to fall in the defined range.
+ RunAsGroupStrategyMayRunAs RunAsGroupStrategy = "MayRunAs"
+ // RunAsGroupStrategyMustRunAs means that container must run as a particular gid.
+ // Deprecated: use RunAsGroupStrategyMustRunAs from policy API Group instead.
+ RunAsGroupStrategyMustRunAs RunAsGroupStrategy = "MustRunAs"
+ // RunAsGroupStrategyRunAsAny means that container may make requests for any gid.
+ // Deprecated: use RunAsGroupStrategyRunAsAny from policy API Group instead.
+ RunAsGroupStrategyRunAsAny RunAsGroupStrategy = "RunAsAny"
+)
+
+// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use FSGroupStrategyOptions from policy API Group instead.
+type FSGroupStrategyOptions struct {
+ // rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
+ // +optional
+ Rule FSGroupStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=FSGroupStrategyType"`
+ // ranges are the allowed ranges of fs groups. If you would like to force a single
+ // fs group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// FSGroupStrategyType denotes strategy types for generating FSGroup values for a
+// SecurityContext
+// Deprecated: use FSGroupStrategyType from policy API Group instead.
+type FSGroupStrategyType string
+
+const (
+ // FSGroupStrategyMustRunAs meant that container must have FSGroup of X applied.
+ // Deprecated: use FSGroupStrategyMustRunAs from policy API Group instead.
+ FSGroupStrategyMustRunAs FSGroupStrategyType = "MustRunAs"
+ // FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels.
+ // Deprecated: use FSGroupStrategyRunAsAny from policy API Group instead.
+ FSGroupStrategyRunAsAny FSGroupStrategyType = "RunAsAny"
+)
+
+// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.
+type SupplementalGroupsStrategyOptions struct {
+ // rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
+ // +optional
+ Rule SupplementalGroupsStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=SupplementalGroupsStrategyType"`
+ // ranges are the allowed ranges of supplemental groups. If you would like to force a single
+ // supplemental group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental
+// groups for a SecurityContext.
+// Deprecated: use SupplementalGroupsStrategyType from policy API Group instead.
+type SupplementalGroupsStrategyType string
+
+const (
+ // SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid.
+ // Deprecated: use SupplementalGroupsStrategyMustRunAs from policy API Group instead.
+ SupplementalGroupsStrategyMustRunAs SupplementalGroupsStrategyType = "MustRunAs"
+ // SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid.
+ // Deprecated: use SupplementalGroupsStrategyRunAsAny from policy API Group instead.
+ SupplementalGroupsStrategyRunAsAny SupplementalGroupsStrategyType = "RunAsAny"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// PodSecurityPolicyList is a list of PodSecurityPolicy objects.
+// Deprecated: use PodSecurityPolicyList from policy API Group instead.
+type PodSecurityPolicyList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // items is a list of schema objects.
+ Items []PodSecurityPolicy `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy.
+// NetworkPolicy describes what network traffic is allowed for a set of Pods
+type NetworkPolicy struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Specification of the desired behavior for this NetworkPolicy.
+ // +optional
+ Spec NetworkPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// DEPRECATED 1.9 - This group version of PolicyType is deprecated by networking/v1/PolicyType.
+// Policy Type string describes the NetworkPolicy type
+// This type is beta-level in 1.8
+type PolicyType string
+
+const (
+ // PolicyTypeIngress is a NetworkPolicy that affects ingress traffic on selected pods
+ PolicyTypeIngress PolicyType = "Ingress"
+ // PolicyTypeEgress is a NetworkPolicy that affects egress traffic on selected pods
+ PolicyTypeEgress PolicyType = "Egress"
+)
+
+// DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.
+type NetworkPolicySpec struct {
+ // Selects the pods to which this NetworkPolicy object applies. The array of ingress rules
+ // is applied to any pods selected by this field. Multiple network policies can select the
+ // same set of pods. In this case, the ingress rules for each are combined additively.
+ // This field is NOT optional and follows standard label selector semantics.
+ // An empty podSelector matches all pods in this namespace.
+ PodSelector metav1.LabelSelector `json:"podSelector" protobuf:"bytes,1,opt,name=podSelector"`
+
+ // List of ingress rules to be applied to the selected pods.
+ // Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod
+ // OR if the traffic source is the pod's local node,
+ // OR if the traffic matches at least one ingress rule across all of the NetworkPolicy
+ // objects whose podSelector matches the pod.
+ // If this field is empty then this NetworkPolicy does not allow any traffic
+ // (and serves solely to ensure that the pods it selects are isolated by default).
+ // +optional
+ Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"`
+
+ // List of egress rules to be applied to the selected pods. Outgoing traffic is
+ // allowed if there are no NetworkPolicies selecting the pod (and cluster policy
+ // otherwise allows the traffic), OR if the traffic matches at least one egress rule
+ // across all of the NetworkPolicy objects whose podSelector matches the pod. If
+ // this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
+ // solely to ensure that the pods it selects are isolated by default).
+ // This field is beta-level in 1.8
+ // +optional
+ Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"`
+
+ // List of rule types that the NetworkPolicy relates to.
+ // Valid options are Ingress, Egress, or Ingress,Egress.
+ // If this field is not specified, it will default based on the existence of Ingress or Egress rules;
+ // policies that contain an Egress section are assumed to affect Egress, and all policies
+ // (whether or not they contain an Ingress section) are assumed to affect Ingress.
+ // If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
+ // Likewise, if you want to write a policy that specifies that no egress is allowed,
+ // you must specify a policyTypes value that include "Egress" (since such a policy would not include
+ // an Egress section and would otherwise default to just [ "Ingress" ]).
+ // This field is beta-level in 1.8
+ // +optional
+ PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"`
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule.
+// This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.
+type NetworkPolicyIngressRule struct {
+ // List of ports which should be made accessible on the pods selected for this rule.
+ // Each item in this list is combined using a logical OR.
+ // If this field is empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows traffic
+ // only if the traffic matches at least one port in the list.
+ // +optional
+ Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
+
+ // List of sources which should be able to access the pods selected for this rule.
+ // Items in this list are combined using a logical OR operation.
+ // If this field is empty or missing, this rule matches all sources (traffic not restricted by source).
+ // If this field is present and contains at least on item, this rule allows traffic only if the
+ // traffic matches at least one item in the from list.
+ // +optional
+ From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"`
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule.
+// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
+// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
+// This type is beta-level in 1.8
+type NetworkPolicyEgressRule struct {
+ // List of destination ports for outgoing traffic.
+ // Each item in this list is combined using a logical OR. If this field is
+ // empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows
+ // traffic only if the traffic matches at least one port in the list.
+ // +optional
+ Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
+
+ // List of destinations for outgoing traffic of pods selected for this rule.
+ // Items in this list are combined using a logical OR operation. If this field is
+ // empty or missing, this rule matches all destinations (traffic not restricted by
+ // destination). If this field is present and contains at least one item, this rule
+ // allows traffic only if the traffic matches at least one item in the to list.
+ // +optional
+ To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"`
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.
+type NetworkPolicyPort struct {
+ // Optional. The protocol (TCP, UDP, or SCTP) which traffic must match.
+ // If not specified, this field defaults to TCP.
+ // +optional
+ Protocol *v1.Protocol `json:"protocol,omitempty" protobuf:"bytes,1,opt,name=protocol,casttype=k8s.io/api/core/v1.Protocol"`
+
+ // If specified, the port on the given protocol. This can
+ // either be a numerical or named port on a pod. If this field is not provided,
+ // this matches all port names and numbers.
+ // If present, only traffic on the specified protocol AND port
+ // will be matched.
+ // +optional
+ Port *intstr.IntOrString `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"`
+}
+
+// DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock.
+// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
+// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
+// not be included within this rule.
+type IPBlock struct {
+ // CIDR is a string representing the IP Block
+ // Valid examples are "192.168.1.1/24"
+ CIDR string `json:"cidr" protobuf:"bytes,1,name=cidr"`
+ // Except is a slice of CIDRs that should not be included within an IP Block
+ // Valid examples are "192.168.1.1/24"
+ // Except values will be rejected if they are outside the CIDR range
+ // +optional
+ Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"`
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.
+type NetworkPolicyPeer struct {
+ // This is a label selector which selects Pods. This field follows standard label
+ // selector semantics; if present but empty, it selects all pods.
+ //
+ // If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.
+ // +optional
+ PodSelector *metav1.LabelSelector `json:"podSelector,omitempty" protobuf:"bytes,1,opt,name=podSelector"`
+
+ // Selects Namespaces using cluster-scoped labels. This field follows standard label
+ // selector semantics; if present but empty, it selects all namespaces.
+ //
+ // If PodSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.
+ // +optional
+ NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,2,opt,name=namespaceSelector"`
+
+ // IPBlock defines policy on a particular IPBlock. If this field is set then
+ // neither of the other fields can be.
+ // +optional
+ IPBlock *IPBlock `json:"ipBlock,omitempty" protobuf:"bytes,3,rep,name=ipBlock"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList.
+// Network Policy List is a list of NetworkPolicy objects.
+type NetworkPolicyList struct {
+ metav1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+ // Items is a list of schema objects.
+ Items []NetworkPolicy `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
new file mode 100644
index 0000000..bce6036
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
@@ -0,0 +1,640 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+// This file contains a collection of methods that can be used from go-restful to
+// generate Swagger API documentation for its models. Please read this PR for more
+// information on the implementation: https://github.com/emicklei/go-restful/pull/215
+//
+// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if
+// they are on one line! For multiple line or blocks that you want to ignore use ---.
+// Any context after a --- is ignored.
+//
+// Those methods can be generated by using hack/update-generated-swagger-docs.sh
+
+// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
+var map_AllowedFlexVolume = map[string]string{
+ "": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used. Deprecated: use AllowedFlexVolume from policy API Group instead.",
+ "driver": "driver is the name of the Flexvolume driver.",
+}
+
+func (AllowedFlexVolume) SwaggerDoc() map[string]string {
+ return map_AllowedFlexVolume
+}
+
+var map_AllowedHostPath = map[string]string{
+ "": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined. Deprecated: use AllowedHostPath from policy API Group instead.",
+ "pathPrefix": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`",
+ "readOnly": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.",
+}
+
+func (AllowedHostPath) SwaggerDoc() map[string]string {
+ return map_AllowedHostPath
+}
+
+var map_DaemonSet = map[string]string{
+ "": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.",
+ "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "spec": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+ "status": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+}
+
+func (DaemonSet) SwaggerDoc() map[string]string {
+ return map_DaemonSet
+}
+
+var map_DaemonSetCondition = map[string]string{
+ "": "DaemonSetCondition describes the state of a DaemonSet at a certain point.",
+ "type": "Type of DaemonSet condition.",
+ "status": "Status of the condition, one of True, False, Unknown.",
+ "lastTransitionTime": "Last time the condition transitioned from one status to another.",
+ "reason": "The reason for the condition's last transition.",
+ "message": "A human readable message indicating details about the transition.",
+}
+
+func (DaemonSetCondition) SwaggerDoc() map[string]string {
+ return map_DaemonSetCondition
+}
+
+var map_DaemonSetList = map[string]string{
+ "": "DaemonSetList is a collection of daemon sets.",
+ "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "items": "A list of daemon sets.",
+}
+
+func (DaemonSetList) SwaggerDoc() map[string]string {
+ return map_DaemonSetList
+}
+
+var map_DaemonSetSpec = map[string]string{
+ "": "DaemonSetSpec is the specification of a daemon set.",
+ "selector": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. If empty, defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
+ "template": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template",
+ "updateStrategy": "An update strategy to replace existing DaemonSet pods with new pods.",
+ "minReadySeconds": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).",
+ "templateGeneration": "DEPRECATED. A sequence number representing a specific generation of the template. Populated by the system. It can be set only during the creation.",
+ "revisionHistoryLimit": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.",
+}
+
+func (DaemonSetSpec) SwaggerDoc() map[string]string {
+ return map_DaemonSetSpec
+}
+
+var map_DaemonSetStatus = map[string]string{
+ "": "DaemonSetStatus represents the current status of a daemon set.",
+ "currentNumberScheduled": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/",
+ "numberMisscheduled": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/",
+ "desiredNumberScheduled": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/",
+ "numberReady": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.",
+ "observedGeneration": "The most recent generation observed by the daemon set controller.",
+ "updatedNumberScheduled": "The total number of nodes that are running updated daemon pod",
+ "numberAvailable": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)",
+ "numberUnavailable": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)",
+ "collisionCount": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.",
+ "conditions": "Represents the latest available observations of a DaemonSet's current state.",
+}
+
+func (DaemonSetStatus) SwaggerDoc() map[string]string {
+ return map_DaemonSetStatus
+}
+
+var map_DaemonSetUpdateStrategy = map[string]string{
+ "type": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is OnDelete.",
+ "rollingUpdate": "Rolling update config params. Present only if type = \"RollingUpdate\".",
+}
+
+func (DaemonSetUpdateStrategy) SwaggerDoc() map[string]string {
+ return map_DaemonSetUpdateStrategy
+}
+
+var map_Deployment = map[string]string{
+ "": "DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.",
+ "metadata": "Standard object metadata.",
+ "spec": "Specification of the desired behavior of the Deployment.",
+ "status": "Most recently observed status of the Deployment.",
+}
+
+func (Deployment) SwaggerDoc() map[string]string {
+ return map_Deployment
+}
+
+var map_DeploymentCondition = map[string]string{
+ "": "DeploymentCondition describes the state of a deployment at a certain point.",
+ "type": "Type of deployment condition.",
+ "status": "Status of the condition, one of True, False, Unknown.",
+ "lastUpdateTime": "The last time this condition was updated.",
+ "lastTransitionTime": "Last time the condition transitioned from one status to another.",
+ "reason": "The reason for the condition's last transition.",
+ "message": "A human readable message indicating details about the transition.",
+}
+
+func (DeploymentCondition) SwaggerDoc() map[string]string {
+ return map_DeploymentCondition
+}
+
+var map_DeploymentList = map[string]string{
+ "": "DeploymentList is a list of Deployments.",
+ "metadata": "Standard list metadata.",
+ "items": "Items is the list of Deployments.",
+}
+
+func (DeploymentList) SwaggerDoc() map[string]string {
+ return map_DeploymentList
+}
+
+var map_DeploymentRollback = map[string]string{
+ "": "DEPRECATED. DeploymentRollback stores the information required to rollback a deployment.",
+ "name": "Required: This must match the Name of a deployment.",
+ "updatedAnnotations": "The annotations to be updated to a deployment",
+ "rollbackTo": "The config of this deployment rollback.",
+}
+
+func (DeploymentRollback) SwaggerDoc() map[string]string {
+ return map_DeploymentRollback
+}
+
+var map_DeploymentSpec = map[string]string{
+ "": "DeploymentSpec is the specification of the desired behavior of the Deployment.",
+ "replicas": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.",
+ "selector": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.",
+ "template": "Template describes the pods that will be created.",
+ "strategy": "The deployment strategy to use to replace existing pods with new ones.",
+ "minReadySeconds": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)",
+ "revisionHistoryLimit": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"retaining all old RelicaSets\".",
+ "paused": "Indicates that the deployment is paused and will not be processed by the deployment controller.",
+ "rollbackTo": "DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done.",
+ "progressDeadlineSeconds": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"no deadline\".",
+}
+
+func (DeploymentSpec) SwaggerDoc() map[string]string {
+ return map_DeploymentSpec
+}
+
+var map_DeploymentStatus = map[string]string{
+ "": "DeploymentStatus is the most recently observed status of the Deployment.",
+ "observedGeneration": "The generation observed by the deployment controller.",
+ "replicas": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).",
+ "updatedReplicas": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.",
+ "readyReplicas": "Total number of ready pods targeted by this deployment.",
+ "availableReplicas": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.",
+ "unavailableReplicas": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
+ "conditions": "Represents the latest available observations of a deployment's current state.",
+ "collisionCount": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.",
+}
+
+func (DeploymentStatus) SwaggerDoc() map[string]string {
+ return map_DeploymentStatus
+}
+
+var map_DeploymentStrategy = map[string]string{
+ "": "DeploymentStrategy describes how to replace existing pods with new ones.",
+ "type": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.",
+ "rollingUpdate": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.",
+}
+
+func (DeploymentStrategy) SwaggerDoc() map[string]string {
+ return map_DeploymentStrategy
+}
+
+var map_FSGroupStrategyOptions = map[string]string{
+ "": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use FSGroupStrategyOptions from policy API Group instead.",
+ "rule": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.",
+ "ranges": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.",
+}
+
+func (FSGroupStrategyOptions) SwaggerDoc() map[string]string {
+ return map_FSGroupStrategyOptions
+}
+
+var map_HTTPIngressPath = map[string]string{
+ "": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.",
+ "path": "Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend.",
+ "backend": "Backend defines the referenced service endpoint to which the traffic will be forwarded to.",
+}
+
+func (HTTPIngressPath) SwaggerDoc() map[string]string {
+ return map_HTTPIngressPath
+}
+
+var map_HTTPIngressRuleValue = map[string]string{
+ "": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.",
+ "paths": "A collection of paths that map requests to backends.",
+}
+
+func (HTTPIngressRuleValue) SwaggerDoc() map[string]string {
+ return map_HTTPIngressRuleValue
+}
+
+var map_HostPortRange = map[string]string{
+ "": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined. Deprecated: use HostPortRange from policy API Group instead.",
+ "min": "min is the start of the range, inclusive.",
+ "max": "max is the end of the range, inclusive.",
+}
+
+func (HostPortRange) SwaggerDoc() map[string]string {
+ return map_HostPortRange
+}
+
+var map_IDRange = map[string]string{
+ "": "IDRange provides a min/max of an allowed range of IDs. Deprecated: use IDRange from policy API Group instead.",
+ "min": "min is the start of the range, inclusive.",
+ "max": "max is the end of the range, inclusive.",
+}
+
+func (IDRange) SwaggerDoc() map[string]string {
+ return map_IDRange
+}
+
+var map_IPBlock = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock. IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.",
+ "cidr": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"",
+ "except": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range",
+}
+
+func (IPBlock) SwaggerDoc() map[string]string {
+ return map_IPBlock
+}
+
+var map_Ingress = map[string]string{
+ "": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.",
+ "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "spec": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+ "status": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+}
+
+func (Ingress) SwaggerDoc() map[string]string {
+ return map_Ingress
+}
+
+var map_IngressBackend = map[string]string{
+ "": "IngressBackend describes all endpoints for a given service and port.",
+ "serviceName": "Specifies the name of the referenced service.",
+ "servicePort": "Specifies the port of the referenced service.",
+}
+
+func (IngressBackend) SwaggerDoc() map[string]string {
+ return map_IngressBackend
+}
+
+var map_IngressList = map[string]string{
+ "": "IngressList is a collection of Ingress.",
+ "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "items": "Items is the list of Ingress.",
+}
+
+func (IngressList) SwaggerDoc() map[string]string {
+ return map_IngressList
+}
+
+var map_IngressRule = map[string]string{
+ "": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.",
+ "host": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the\n\t IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.",
+}
+
+func (IngressRule) SwaggerDoc() map[string]string {
+ return map_IngressRule
+}
+
+var map_IngressRuleValue = map[string]string{
+ "": "IngressRuleValue represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. Currently mixing different types of rules in a single Ingress is disallowed, so exactly one of the following must be set.",
+}
+
+func (IngressRuleValue) SwaggerDoc() map[string]string {
+ return map_IngressRuleValue
+}
+
+var map_IngressSpec = map[string]string{
+ "": "IngressSpec describes the Ingress the user wishes to exist.",
+ "backend": "A default backend capable of servicing requests that don't match any rule. At least one of 'backend' or 'rules' must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default.",
+ "tls": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.",
+ "rules": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.",
+}
+
+func (IngressSpec) SwaggerDoc() map[string]string {
+ return map_IngressSpec
+}
+
+var map_IngressStatus = map[string]string{
+ "": "IngressStatus describe the current state of the Ingress.",
+ "loadBalancer": "LoadBalancer contains the current status of the load-balancer.",
+}
+
+func (IngressStatus) SwaggerDoc() map[string]string {
+ return map_IngressStatus
+}
+
+var map_IngressTLS = map[string]string{
+ "": "IngressTLS describes the transport layer security associated with an Ingress.",
+ "hosts": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.",
+ "secretName": "SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.",
+}
+
+func (IngressTLS) SwaggerDoc() map[string]string {
+ return map_IngressTLS
+}
+
+var map_NetworkPolicy = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods",
+ "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "spec": "Specification of the desired behavior for this NetworkPolicy.",
+}
+
+func (NetworkPolicy) SwaggerDoc() map[string]string {
+ return map_NetworkPolicy
+}
+
+var map_NetworkPolicyEgressRule = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule. NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8",
+ "ports": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.",
+ "to": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.",
+}
+
+func (NetworkPolicyEgressRule) SwaggerDoc() map[string]string {
+ return map_NetworkPolicyEgressRule
+}
+
+var map_NetworkPolicyIngressRule = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule. This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.",
+ "ports": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.",
+ "from": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.",
+}
+
+func (NetworkPolicyIngressRule) SwaggerDoc() map[string]string {
+ return map_NetworkPolicyIngressRule
+}
+
+var map_NetworkPolicyList = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList. Network Policy List is a list of NetworkPolicy objects.",
+ "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "items": "Items is a list of schema objects.",
+}
+
+func (NetworkPolicyList) SwaggerDoc() map[string]string {
+ return map_NetworkPolicyList
+}
+
+var map_NetworkPolicyPeer = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.",
+ "podSelector": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.",
+ "namespaceSelector": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.",
+ "ipBlock": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.",
+}
+
+func (NetworkPolicyPeer) SwaggerDoc() map[string]string {
+ return map_NetworkPolicyPeer
+}
+
+var map_NetworkPolicyPort = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.",
+ "protocol": "Optional. The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.",
+ "port": "If specified, the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.",
+}
+
+func (NetworkPolicyPort) SwaggerDoc() map[string]string {
+ return map_NetworkPolicyPort
+}
+
+var map_NetworkPolicySpec = map[string]string{
+ "": "DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.",
+ "podSelector": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.",
+ "ingress": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).",
+ "egress": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8",
+ "policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8",
+}
+
+func (NetworkPolicySpec) SwaggerDoc() map[string]string {
+ return map_NetworkPolicySpec
+}
+
+var map_PodSecurityPolicy = map[string]string{
+ "": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. Deprecated: use PodSecurityPolicy from policy API Group instead.",
+ "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "spec": "spec defines the policy enforced.",
+}
+
+func (PodSecurityPolicy) SwaggerDoc() map[string]string {
+ return map_PodSecurityPolicy
+}
+
+var map_PodSecurityPolicyList = map[string]string{
+ "": "PodSecurityPolicyList is a list of PodSecurityPolicy objects. Deprecated: use PodSecurityPolicyList from policy API Group instead.",
+ "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "items": "items is a list of schema objects.",
+}
+
+func (PodSecurityPolicyList) SwaggerDoc() map[string]string {
+ return map_PodSecurityPolicyList
+}
+
+var map_PodSecurityPolicySpec = map[string]string{
+ "": "PodSecurityPolicySpec defines the policy enforced. Deprecated: use PodSecurityPolicySpec from policy API Group instead.",
+ "privileged": "privileged determines if a pod can request to be run as privileged.",
+ "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.",
+ "requiredDropCapabilities": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.",
+ "allowedCapabilities": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.",
+ "volumes": "volumes is a white list of allowed volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.",
+ "hostNetwork": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.",
+ "hostPorts": "hostPorts determines which host port ranges are allowed to be exposed.",
+ "hostPID": "hostPID determines if the policy allows the use of HostPID in the pod spec.",
+ "hostIPC": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.",
+ "seLinux": "seLinux is the strategy that will dictate the allowable labels that may be set.",
+ "runAsUser": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.",
+ "runAsGroup": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled.",
+ "supplementalGroups": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.",
+ "fsGroup": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
+ "readOnlyRootFilesystem": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.",
+ "defaultAllowPrivilegeEscalation": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
+ "allowPrivilegeEscalation": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.",
+ "allowedHostPaths": "allowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.",
+ "allowedFlexVolumes": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.",
+ "allowedUnsafeSysctls": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.",
+ "forbiddenSysctls": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.",
+ "allowedProcMountTypes": "AllowedProcMountTypes is a whitelist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.",
+}
+
+func (PodSecurityPolicySpec) SwaggerDoc() map[string]string {
+ return map_PodSecurityPolicySpec
+}
+
+var map_ReplicaSet = map[string]string{
+ "": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.",
+ "metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+ "spec": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+ "status": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+}
+
+func (ReplicaSet) SwaggerDoc() map[string]string {
+ return map_ReplicaSet
+}
+
+var map_ReplicaSetCondition = map[string]string{
+ "": "ReplicaSetCondition describes the state of a replica set at a certain point.",
+ "type": "Type of replica set condition.",
+ "status": "Status of the condition, one of True, False, Unknown.",
+ "lastTransitionTime": "The last time the condition transitioned from one status to another.",
+ "reason": "The reason for the condition's last transition.",
+ "message": "A human readable message indicating details about the transition.",
+}
+
+func (ReplicaSetCondition) SwaggerDoc() map[string]string {
+ return map_ReplicaSetCondition
+}
+
+var map_ReplicaSetList = map[string]string{
+ "": "ReplicaSetList is a collection of ReplicaSets.",
+ "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+ "items": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller",
+}
+
+func (ReplicaSetList) SwaggerDoc() map[string]string {
+ return map_ReplicaSetList
+}
+
+var map_ReplicaSetSpec = map[string]string{
+ "": "ReplicaSetSpec is the specification of a ReplicaSet.",
+ "replicas": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
+ "minReadySeconds": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)",
+ "selector": "Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
+ "template": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template",
+}
+
+func (ReplicaSetSpec) SwaggerDoc() map[string]string {
+ return map_ReplicaSetSpec
+}
+
+var map_ReplicaSetStatus = map[string]string{
+ "": "ReplicaSetStatus represents the current status of a ReplicaSet.",
+ "replicas": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
+ "fullyLabeledReplicas": "The number of pods that have labels matching the labels of the pod template of the replicaset.",
+ "readyReplicas": "The number of ready replicas for this replica set.",
+ "availableReplicas": "The number of available replicas (ready for at least minReadySeconds) for this replica set.",
+ "observedGeneration": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.",
+ "conditions": "Represents the latest available observations of a replica set's current state.",
+}
+
+func (ReplicaSetStatus) SwaggerDoc() map[string]string {
+ return map_ReplicaSetStatus
+}
+
+var map_ReplicationControllerDummy = map[string]string{
+ "": "Dummy definition",
+}
+
+func (ReplicationControllerDummy) SwaggerDoc() map[string]string {
+ return map_ReplicationControllerDummy
+}
+
+var map_RollbackConfig = map[string]string{
+ "": "DEPRECATED.",
+ "revision": "The revision to rollback to. If set to 0, rollback to the last revision.",
+}
+
+func (RollbackConfig) SwaggerDoc() map[string]string {
+ return map_RollbackConfig
+}
+
+var map_RollingUpdateDaemonSet = map[string]string{
+ "": "Spec to control the desired behavior of daemon set rolling update.",
+ "maxUnavailable": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.",
+}
+
+func (RollingUpdateDaemonSet) SwaggerDoc() map[string]string {
+ return map_RollingUpdateDaemonSet
+}
+
+var map_RollingUpdateDeployment = map[string]string{
+ "": "Spec to control the desired behavior of rolling update.",
+ "maxUnavailable": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.",
+ "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.",
+}
+
+func (RollingUpdateDeployment) SwaggerDoc() map[string]string {
+ return map_RollingUpdateDeployment
+}
+
+var map_RunAsGroupStrategyOptions = map[string]string{
+ "": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.",
+ "rule": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.",
+ "ranges": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.",
+}
+
+func (RunAsGroupStrategyOptions) SwaggerDoc() map[string]string {
+ return map_RunAsGroupStrategyOptions
+}
+
+var map_RunAsUserStrategyOptions = map[string]string{
+ "": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsUserStrategyOptions from policy API Group instead.",
+ "rule": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.",
+ "ranges": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.",
+}
+
+func (RunAsUserStrategyOptions) SwaggerDoc() map[string]string {
+ return map_RunAsUserStrategyOptions
+}
+
+var map_SELinuxStrategyOptions = map[string]string{
+ "": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use SELinuxStrategyOptions from policy API Group instead.",
+ "rule": "rule is the strategy that will dictate the allowable labels that may be set.",
+ "seLinuxOptions": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
+}
+
+func (SELinuxStrategyOptions) SwaggerDoc() map[string]string {
+ return map_SELinuxStrategyOptions
+}
+
+var map_Scale = map[string]string{
+ "": "represents a scaling request for a resource.",
+ "metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.",
+ "spec": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.",
+ "status": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.",
+}
+
+func (Scale) SwaggerDoc() map[string]string {
+ return map_Scale
+}
+
+var map_ScaleSpec = map[string]string{
+ "": "describes the attributes of a scale subresource",
+ "replicas": "desired number of instances for the scaled object.",
+}
+
+func (ScaleSpec) SwaggerDoc() map[string]string {
+ return map_ScaleSpec
+}
+
+var map_ScaleStatus = map[string]string{
+ "": "represents the current status of a scale subresource.",
+ "replicas": "actual number of observed instances of the scaled object.",
+ "selector": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors",
+ "targetSelector": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
+}
+
+func (ScaleStatus) SwaggerDoc() map[string]string {
+ return map_ScaleStatus
+}
+
+var map_SupplementalGroupsStrategyOptions = map[string]string{
+ "": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.",
+ "rule": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.",
+ "ranges": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.",
+}
+
+func (SupplementalGroupsStrategyOptions) SwaggerDoc() map[string]string {
+ return map_SupplementalGroupsStrategyOptions
+}
+
+// AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
new file mode 100644
index 0000000..8128c07
--- /dev/null
+++ b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
@@ -0,0 +1,1445 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+ corev1 "k8s.io/api/core/v1"
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ runtime "k8s.io/apimachinery/pkg/runtime"
+ intstr "k8s.io/apimachinery/pkg/util/intstr"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedFlexVolume) DeepCopyInto(out *AllowedFlexVolume) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedFlexVolume.
+func (in *AllowedFlexVolume) DeepCopy() *AllowedFlexVolume {
+ if in == nil {
+ return nil
+ }
+ out := new(AllowedFlexVolume)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedHostPath) DeepCopyInto(out *AllowedHostPath) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedHostPath.
+func (in *AllowedHostPath) DeepCopy() *AllowedHostPath {
+ if in == nil {
+ return nil
+ }
+ out := new(AllowedHostPath)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSet) DeepCopyInto(out *DaemonSet) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ in.Status.DeepCopyInto(&out.Status)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSet.
+func (in *DaemonSet) DeepCopy() *DaemonSet {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSet)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DaemonSet) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSetCondition) DeepCopyInto(out *DaemonSetCondition) {
+ *out = *in
+ in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetCondition.
+func (in *DaemonSetCondition) DeepCopy() *DaemonSetCondition {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSetCondition)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSetList) DeepCopyInto(out *DaemonSetList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]DaemonSet, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetList.
+func (in *DaemonSetList) DeepCopy() *DaemonSetList {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSetList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DaemonSetList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSetSpec) DeepCopyInto(out *DaemonSetSpec) {
+ *out = *in
+ if in.Selector != nil {
+ in, out := &in.Selector, &out.Selector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ in.Template.DeepCopyInto(&out.Template)
+ in.UpdateStrategy.DeepCopyInto(&out.UpdateStrategy)
+ if in.RevisionHistoryLimit != nil {
+ in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit
+ *out = new(int32)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetSpec.
+func (in *DaemonSetSpec) DeepCopy() *DaemonSetSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSetSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSetStatus) DeepCopyInto(out *DaemonSetStatus) {
+ *out = *in
+ if in.CollisionCount != nil {
+ in, out := &in.CollisionCount, &out.CollisionCount
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]DaemonSetCondition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetStatus.
+func (in *DaemonSetStatus) DeepCopy() *DaemonSetStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSetStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DaemonSetUpdateStrategy) DeepCopyInto(out *DaemonSetUpdateStrategy) {
+ *out = *in
+ if in.RollingUpdate != nil {
+ in, out := &in.RollingUpdate, &out.RollingUpdate
+ *out = new(RollingUpdateDaemonSet)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DaemonSetUpdateStrategy.
+func (in *DaemonSetUpdateStrategy) DeepCopy() *DaemonSetUpdateStrategy {
+ if in == nil {
+ return nil
+ }
+ out := new(DaemonSetUpdateStrategy)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Deployment) DeepCopyInto(out *Deployment) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ in.Status.DeepCopyInto(&out.Status)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Deployment.
+func (in *Deployment) DeepCopy() *Deployment {
+ if in == nil {
+ return nil
+ }
+ out := new(Deployment)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *Deployment) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentCondition) DeepCopyInto(out *DeploymentCondition) {
+ *out = *in
+ in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
+ in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentCondition.
+func (in *DeploymentCondition) DeepCopy() *DeploymentCondition {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentCondition)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentList) DeepCopyInto(out *DeploymentList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]Deployment, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentList.
+func (in *DeploymentList) DeepCopy() *DeploymentList {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeploymentList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentRollback) DeepCopyInto(out *DeploymentRollback) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ if in.UpdatedAnnotations != nil {
+ in, out := &in.UpdatedAnnotations, &out.UpdatedAnnotations
+ *out = make(map[string]string, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+ out.RollbackTo = in.RollbackTo
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentRollback.
+func (in *DeploymentRollback) DeepCopy() *DeploymentRollback {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentRollback)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeploymentRollback) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) {
+ *out = *in
+ if in.Replicas != nil {
+ in, out := &in.Replicas, &out.Replicas
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Selector != nil {
+ in, out := &in.Selector, &out.Selector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ in.Template.DeepCopyInto(&out.Template)
+ in.Strategy.DeepCopyInto(&out.Strategy)
+ if in.RevisionHistoryLimit != nil {
+ in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit
+ *out = new(int32)
+ **out = **in
+ }
+ if in.RollbackTo != nil {
+ in, out := &in.RollbackTo, &out.RollbackTo
+ *out = new(RollbackConfig)
+ **out = **in
+ }
+ if in.ProgressDeadlineSeconds != nil {
+ in, out := &in.ProgressDeadlineSeconds, &out.ProgressDeadlineSeconds
+ *out = new(int32)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpec.
+func (in *DeploymentSpec) DeepCopy() *DeploymentSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
+ *out = *in
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]DeploymentCondition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.CollisionCount != nil {
+ in, out := &in.CollisionCount, &out.CollisionCount
+ *out = new(int32)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStatus.
+func (in *DeploymentStatus) DeepCopy() *DeploymentStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentStrategy) DeepCopyInto(out *DeploymentStrategy) {
+ *out = *in
+ if in.RollingUpdate != nil {
+ in, out := &in.RollingUpdate, &out.RollingUpdate
+ *out = new(RollingUpdateDeployment)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentStrategy.
+func (in *DeploymentStrategy) DeepCopy() *DeploymentStrategy {
+ if in == nil {
+ return nil
+ }
+ out := new(DeploymentStrategy)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FSGroupStrategyOptions) DeepCopyInto(out *FSGroupStrategyOptions) {
+ *out = *in
+ if in.Ranges != nil {
+ in, out := &in.Ranges, &out.Ranges
+ *out = make([]IDRange, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FSGroupStrategyOptions.
+func (in *FSGroupStrategyOptions) DeepCopy() *FSGroupStrategyOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(FSGroupStrategyOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) {
+ *out = *in
+ out.Backend = in.Backend
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath.
+func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath {
+ if in == nil {
+ return nil
+ }
+ out := new(HTTPIngressPath)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) {
+ *out = *in
+ if in.Paths != nil {
+ in, out := &in.Paths, &out.Paths
+ *out = make([]HTTPIngressPath, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue.
+func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue {
+ if in == nil {
+ return nil
+ }
+ out := new(HTTPIngressRuleValue)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HostPortRange) DeepCopyInto(out *HostPortRange) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPortRange.
+func (in *HostPortRange) DeepCopy() *HostPortRange {
+ if in == nil {
+ return nil
+ }
+ out := new(HostPortRange)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IDRange) DeepCopyInto(out *IDRange) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IDRange.
+func (in *IDRange) DeepCopy() *IDRange {
+ if in == nil {
+ return nil
+ }
+ out := new(IDRange)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IPBlock) DeepCopyInto(out *IPBlock) {
+ *out = *in
+ if in.Except != nil {
+ in, out := &in.Except, &out.Except
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPBlock.
+func (in *IPBlock) DeepCopy() *IPBlock {
+ if in == nil {
+ return nil
+ }
+ out := new(IPBlock)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Ingress) DeepCopyInto(out *Ingress) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ in.Status.DeepCopyInto(&out.Status)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress.
+func (in *Ingress) DeepCopy() *Ingress {
+ if in == nil {
+ return nil
+ }
+ out := new(Ingress)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *Ingress) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressBackend) DeepCopyInto(out *IngressBackend) {
+ *out = *in
+ out.ServicePort = in.ServicePort
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend.
+func (in *IngressBackend) DeepCopy() *IngressBackend {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressBackend)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressList) DeepCopyInto(out *IngressList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]Ingress, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList.
+func (in *IngressList) DeepCopy() *IngressList {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *IngressList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressRule) DeepCopyInto(out *IngressRule) {
+ *out = *in
+ in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule.
+func (in *IngressRule) DeepCopy() *IngressRule {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressRule)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) {
+ *out = *in
+ if in.HTTP != nil {
+ in, out := &in.HTTP, &out.HTTP
+ *out = new(HTTPIngressRuleValue)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue.
+func (in *IngressRuleValue) DeepCopy() *IngressRuleValue {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressRuleValue)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressSpec) DeepCopyInto(out *IngressSpec) {
+ *out = *in
+ if in.Backend != nil {
+ in, out := &in.Backend, &out.Backend
+ *out = new(IngressBackend)
+ **out = **in
+ }
+ if in.TLS != nil {
+ in, out := &in.TLS, &out.TLS
+ *out = make([]IngressTLS, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.Rules != nil {
+ in, out := &in.Rules, &out.Rules
+ *out = make([]IngressRule, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec.
+func (in *IngressSpec) DeepCopy() *IngressSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressStatus) DeepCopyInto(out *IngressStatus) {
+ *out = *in
+ in.LoadBalancer.DeepCopyInto(&out.LoadBalancer)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus.
+func (in *IngressStatus) DeepCopy() *IngressStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IngressTLS) DeepCopyInto(out *IngressTLS) {
+ *out = *in
+ if in.Hosts != nil {
+ in, out := &in.Hosts, &out.Hosts
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS.
+func (in *IngressTLS) DeepCopy() *IngressTLS {
+ if in == nil {
+ return nil
+ }
+ out := new(IngressTLS)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy.
+func (in *NetworkPolicy) DeepCopy() *NetworkPolicy {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicy)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *NetworkPolicy) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) {
+ *out = *in
+ if in.Ports != nil {
+ in, out := &in.Ports, &out.Ports
+ *out = make([]NetworkPolicyPort, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.To != nil {
+ in, out := &in.To, &out.To
+ *out = make([]NetworkPolicyPeer, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule.
+func (in *NetworkPolicyEgressRule) DeepCopy() *NetworkPolicyEgressRule {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicyEgressRule)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) {
+ *out = *in
+ if in.Ports != nil {
+ in, out := &in.Ports, &out.Ports
+ *out = make([]NetworkPolicyPort, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.From != nil {
+ in, out := &in.From, &out.From
+ *out = make([]NetworkPolicyPeer, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule.
+func (in *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicyIngressRule)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]NetworkPolicy, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList.
+func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicyList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *NetworkPolicyList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) {
+ *out = *in
+ if in.PodSelector != nil {
+ in, out := &in.PodSelector, &out.PodSelector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.NamespaceSelector != nil {
+ in, out := &in.NamespaceSelector, &out.NamespaceSelector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.IPBlock != nil {
+ in, out := &in.IPBlock, &out.IPBlock
+ *out = new(IPBlock)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer.
+func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicyPeer)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicyPort) DeepCopyInto(out *NetworkPolicyPort) {
+ *out = *in
+ if in.Protocol != nil {
+ in, out := &in.Protocol, &out.Protocol
+ *out = new(corev1.Protocol)
+ **out = **in
+ }
+ if in.Port != nil {
+ in, out := &in.Port, &out.Port
+ *out = new(intstr.IntOrString)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort.
+func (in *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicyPort)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec) {
+ *out = *in
+ in.PodSelector.DeepCopyInto(&out.PodSelector)
+ if in.Ingress != nil {
+ in, out := &in.Ingress, &out.Ingress
+ *out = make([]NetworkPolicyIngressRule, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.Egress != nil {
+ in, out := &in.Egress, &out.Egress
+ *out = make([]NetworkPolicyEgressRule, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.PolicyTypes != nil {
+ in, out := &in.PolicyTypes, &out.PolicyTypes
+ *out = make([]PolicyType, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec.
+func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec {
+ if in == nil {
+ return nil
+ }
+ out := new(NetworkPolicySpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicy) DeepCopyInto(out *PodSecurityPolicy) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicy.
+func (in *PodSecurityPolicy) DeepCopy() *PodSecurityPolicy {
+ if in == nil {
+ return nil
+ }
+ out := new(PodSecurityPolicy)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PodSecurityPolicy) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicyList) DeepCopyInto(out *PodSecurityPolicyList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]PodSecurityPolicy, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicyList.
+func (in *PodSecurityPolicyList) DeepCopy() *PodSecurityPolicyList {
+ if in == nil {
+ return nil
+ }
+ out := new(PodSecurityPolicyList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PodSecurityPolicyList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicySpec) DeepCopyInto(out *PodSecurityPolicySpec) {
+ *out = *in
+ if in.DefaultAddCapabilities != nil {
+ in, out := &in.DefaultAddCapabilities, &out.DefaultAddCapabilities
+ *out = make([]corev1.Capability, len(*in))
+ copy(*out, *in)
+ }
+ if in.RequiredDropCapabilities != nil {
+ in, out := &in.RequiredDropCapabilities, &out.RequiredDropCapabilities
+ *out = make([]corev1.Capability, len(*in))
+ copy(*out, *in)
+ }
+ if in.AllowedCapabilities != nil {
+ in, out := &in.AllowedCapabilities, &out.AllowedCapabilities
+ *out = make([]corev1.Capability, len(*in))
+ copy(*out, *in)
+ }
+ if in.Volumes != nil {
+ in, out := &in.Volumes, &out.Volumes
+ *out = make([]FSType, len(*in))
+ copy(*out, *in)
+ }
+ if in.HostPorts != nil {
+ in, out := &in.HostPorts, &out.HostPorts
+ *out = make([]HostPortRange, len(*in))
+ copy(*out, *in)
+ }
+ in.SELinux.DeepCopyInto(&out.SELinux)
+ in.RunAsUser.DeepCopyInto(&out.RunAsUser)
+ if in.RunAsGroup != nil {
+ in, out := &in.RunAsGroup, &out.RunAsGroup
+ *out = new(RunAsGroupStrategyOptions)
+ (*in).DeepCopyInto(*out)
+ }
+ in.SupplementalGroups.DeepCopyInto(&out.SupplementalGroups)
+ in.FSGroup.DeepCopyInto(&out.FSGroup)
+ if in.DefaultAllowPrivilegeEscalation != nil {
+ in, out := &in.DefaultAllowPrivilegeEscalation, &out.DefaultAllowPrivilegeEscalation
+ *out = new(bool)
+ **out = **in
+ }
+ if in.AllowPrivilegeEscalation != nil {
+ in, out := &in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation
+ *out = new(bool)
+ **out = **in
+ }
+ if in.AllowedHostPaths != nil {
+ in, out := &in.AllowedHostPaths, &out.AllowedHostPaths
+ *out = make([]AllowedHostPath, len(*in))
+ copy(*out, *in)
+ }
+ if in.AllowedFlexVolumes != nil {
+ in, out := &in.AllowedFlexVolumes, &out.AllowedFlexVolumes
+ *out = make([]AllowedFlexVolume, len(*in))
+ copy(*out, *in)
+ }
+ if in.AllowedUnsafeSysctls != nil {
+ in, out := &in.AllowedUnsafeSysctls, &out.AllowedUnsafeSysctls
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ if in.ForbiddenSysctls != nil {
+ in, out := &in.ForbiddenSysctls, &out.ForbiddenSysctls
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ if in.AllowedProcMountTypes != nil {
+ in, out := &in.AllowedProcMountTypes, &out.AllowedProcMountTypes
+ *out = make([]corev1.ProcMountType, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicySpec.
+func (in *PodSecurityPolicySpec) DeepCopy() *PodSecurityPolicySpec {
+ if in == nil {
+ return nil
+ }
+ out := new(PodSecurityPolicySpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicaSet) DeepCopyInto(out *ReplicaSet) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ in.Status.DeepCopyInto(&out.Status)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSet.
+func (in *ReplicaSet) DeepCopy() *ReplicaSet {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicaSet)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ReplicaSet) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicaSetCondition) DeepCopyInto(out *ReplicaSetCondition) {
+ *out = *in
+ in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetCondition.
+func (in *ReplicaSetCondition) DeepCopy() *ReplicaSetCondition {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicaSetCondition)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicaSetList) DeepCopyInto(out *ReplicaSetList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]ReplicaSet, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetList.
+func (in *ReplicaSetList) DeepCopy() *ReplicaSetList {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicaSetList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ReplicaSetList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicaSetSpec) DeepCopyInto(out *ReplicaSetSpec) {
+ *out = *in
+ if in.Replicas != nil {
+ in, out := &in.Replicas, &out.Replicas
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Selector != nil {
+ in, out := &in.Selector, &out.Selector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ in.Template.DeepCopyInto(&out.Template)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetSpec.
+func (in *ReplicaSetSpec) DeepCopy() *ReplicaSetSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicaSetSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicaSetStatus) DeepCopyInto(out *ReplicaSetStatus) {
+ *out = *in
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]ReplicaSetCondition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaSetStatus.
+func (in *ReplicaSetStatus) DeepCopy() *ReplicaSetStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicaSetStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReplicationControllerDummy) DeepCopyInto(out *ReplicationControllerDummy) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationControllerDummy.
+func (in *ReplicationControllerDummy) DeepCopy() *ReplicationControllerDummy {
+ if in == nil {
+ return nil
+ }
+ out := new(ReplicationControllerDummy)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ReplicationControllerDummy) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RollbackConfig) DeepCopyInto(out *RollbackConfig) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollbackConfig.
+func (in *RollbackConfig) DeepCopy() *RollbackConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(RollbackConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RollingUpdateDaemonSet) DeepCopyInto(out *RollingUpdateDaemonSet) {
+ *out = *in
+ if in.MaxUnavailable != nil {
+ in, out := &in.MaxUnavailable, &out.MaxUnavailable
+ *out = new(intstr.IntOrString)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpdateDaemonSet.
+func (in *RollingUpdateDaemonSet) DeepCopy() *RollingUpdateDaemonSet {
+ if in == nil {
+ return nil
+ }
+ out := new(RollingUpdateDaemonSet)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RollingUpdateDeployment) DeepCopyInto(out *RollingUpdateDeployment) {
+ *out = *in
+ if in.MaxUnavailable != nil {
+ in, out := &in.MaxUnavailable, &out.MaxUnavailable
+ *out = new(intstr.IntOrString)
+ **out = **in
+ }
+ if in.MaxSurge != nil {
+ in, out := &in.MaxSurge, &out.MaxSurge
+ *out = new(intstr.IntOrString)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpdateDeployment.
+func (in *RollingUpdateDeployment) DeepCopy() *RollingUpdateDeployment {
+ if in == nil {
+ return nil
+ }
+ out := new(RollingUpdateDeployment)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RunAsGroupStrategyOptions) DeepCopyInto(out *RunAsGroupStrategyOptions) {
+ *out = *in
+ if in.Ranges != nil {
+ in, out := &in.Ranges, &out.Ranges
+ *out = make([]IDRange, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunAsGroupStrategyOptions.
+func (in *RunAsGroupStrategyOptions) DeepCopy() *RunAsGroupStrategyOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(RunAsGroupStrategyOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RunAsUserStrategyOptions) DeepCopyInto(out *RunAsUserStrategyOptions) {
+ *out = *in
+ if in.Ranges != nil {
+ in, out := &in.Ranges, &out.Ranges
+ *out = make([]IDRange, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunAsUserStrategyOptions.
+func (in *RunAsUserStrategyOptions) DeepCopy() *RunAsUserStrategyOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(RunAsUserStrategyOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SELinuxStrategyOptions) DeepCopyInto(out *SELinuxStrategyOptions) {
+ *out = *in
+ if in.SELinuxOptions != nil {
+ in, out := &in.SELinuxOptions, &out.SELinuxOptions
+ *out = new(corev1.SELinuxOptions)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxStrategyOptions.
+func (in *SELinuxStrategyOptions) DeepCopy() *SELinuxStrategyOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(SELinuxStrategyOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Scale) DeepCopyInto(out *Scale) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ out.Spec = in.Spec
+ in.Status.DeepCopyInto(&out.Status)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scale.
+func (in *Scale) DeepCopy() *Scale {
+ if in == nil {
+ return nil
+ }
+ out := new(Scale)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *Scale) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ScaleSpec) DeepCopyInto(out *ScaleSpec) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleSpec.
+func (in *ScaleSpec) DeepCopy() *ScaleSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(ScaleSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ScaleStatus) DeepCopyInto(out *ScaleStatus) {
+ *out = *in
+ if in.Selector != nil {
+ in, out := &in.Selector, &out.Selector
+ *out = make(map[string]string, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScaleStatus.
+func (in *ScaleStatus) DeepCopy() *ScaleStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(ScaleStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SupplementalGroupsStrategyOptions) DeepCopyInto(out *SupplementalGroupsStrategyOptions) {
+ *out = *in
+ if in.Ranges != nil {
+ in, out := &in.Ranges, &out.Ranges
+ *out = make([]IDRange, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SupplementalGroupsStrategyOptions.
+func (in *SupplementalGroupsStrategyOptions) DeepCopy() *SupplementalGroupsStrategyOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(SupplementalGroupsStrategyOptions)
+ in.DeepCopyInto(out)
+ return out
+}