-
Notifications
You must be signed in to change notification settings - Fork 4.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #8941 from sdminonne/SCC_check_only_API
Merged by openshift-bot
- Loading branch information
Showing
21 changed files
with
1,435 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| // +build !ignore_autogenerated | ||
|
|
||
| // This file was autogenerated by deepcopy-gen. Do not edit it manually! | ||
|
|
||
| package api | ||
|
|
||
| import ( | ||
| api "k8s.io/kubernetes/pkg/api" | ||
| unversioned "k8s.io/kubernetes/pkg/api/unversioned" | ||
| conversion "k8s.io/kubernetes/pkg/conversion" | ||
| ) | ||
|
|
||
| func init() { | ||
| if err := api.Scheme.AddGeneratedDeepCopyFuncs( | ||
| DeepCopy_api_PodSecurityPolicyReview, | ||
| DeepCopy_api_PodSecurityPolicyReviewSpec, | ||
| DeepCopy_api_PodSecurityPolicyReviewStatus, | ||
| DeepCopy_api_PodSecurityPolicySelfSubjectReview, | ||
| DeepCopy_api_PodSecurityPolicySelfSubjectReviewSpec, | ||
| DeepCopy_api_PodSecurityPolicySubjectReview, | ||
| DeepCopy_api_PodSecurityPolicySubjectReviewSpec, | ||
| DeepCopy_api_PodSecurityPolicySubjectReviewStatus, | ||
| DeepCopy_api_ServiceAccountPodSecurityPolicyReviewStatus, | ||
| ); err != nil { | ||
| // if one of the deep copy functions is malformed, detect it immediately. | ||
| panic(err) | ||
| } | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicyReview(in PodSecurityPolicyReview, out *PodSecurityPolicyReview, c *conversion.Cloner) error { | ||
| if err := unversioned.DeepCopy_unversioned_TypeMeta(in.TypeMeta, &out.TypeMeta, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicyReviewSpec(in.Spec, &out.Spec, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicyReviewStatus(in.Status, &out.Status, c); err != nil { | ||
| return err | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicyReviewSpec(in PodSecurityPolicyReviewSpec, out *PodSecurityPolicyReviewSpec, c *conversion.Cloner) error { | ||
| if err := api.DeepCopy_api_PodSpec(in.PodSpec, &out.PodSpec, c); err != nil { | ||
| return err | ||
| } | ||
| if in.ServiceAccountNames != nil { | ||
| in, out := in.ServiceAccountNames, &out.ServiceAccountNames | ||
| *out = make([]string, len(in)) | ||
| copy(*out, in) | ||
| } else { | ||
| out.ServiceAccountNames = nil | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicyReviewStatus(in PodSecurityPolicyReviewStatus, out *PodSecurityPolicyReviewStatus, c *conversion.Cloner) error { | ||
| if in.AllowedServiceAccounts != nil { | ||
| in, out := in.AllowedServiceAccounts, &out.AllowedServiceAccounts | ||
| *out = make([]ServiceAccountPodSecurityPolicyReviewStatus, len(in)) | ||
| for i := range in { | ||
| if err := DeepCopy_api_ServiceAccountPodSecurityPolicyReviewStatus(in[i], &(*out)[i], c); err != nil { | ||
| return err | ||
| } | ||
| } | ||
| } else { | ||
| out.AllowedServiceAccounts = nil | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicySelfSubjectReview(in PodSecurityPolicySelfSubjectReview, out *PodSecurityPolicySelfSubjectReview, c *conversion.Cloner) error { | ||
| if err := unversioned.DeepCopy_unversioned_TypeMeta(in.TypeMeta, &out.TypeMeta, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicySelfSubjectReviewSpec(in.Spec, &out.Spec, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicySubjectReviewStatus(in.Status, &out.Status, c); err != nil { | ||
| return err | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicySelfSubjectReviewSpec(in PodSecurityPolicySelfSubjectReviewSpec, out *PodSecurityPolicySelfSubjectReviewSpec, c *conversion.Cloner) error { | ||
| if err := api.DeepCopy_api_PodSpec(in.PodSpec, &out.PodSpec, c); err != nil { | ||
| return err | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicySubjectReview(in PodSecurityPolicySubjectReview, out *PodSecurityPolicySubjectReview, c *conversion.Cloner) error { | ||
| if err := unversioned.DeepCopy_unversioned_TypeMeta(in.TypeMeta, &out.TypeMeta, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicySubjectReviewSpec(in.Spec, &out.Spec, c); err != nil { | ||
| return err | ||
| } | ||
| if err := DeepCopy_api_PodSecurityPolicySubjectReviewStatus(in.Status, &out.Status, c); err != nil { | ||
| return err | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicySubjectReviewSpec(in PodSecurityPolicySubjectReviewSpec, out *PodSecurityPolicySubjectReviewSpec, c *conversion.Cloner) error { | ||
| if err := api.DeepCopy_api_PodSpec(in.PodSpec, &out.PodSpec, c); err != nil { | ||
| return err | ||
| } | ||
| out.User = in.User | ||
| if in.Groups != nil { | ||
| in, out := in.Groups, &out.Groups | ||
| *out = make([]string, len(in)) | ||
| copy(*out, in) | ||
| } else { | ||
| out.Groups = nil | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_PodSecurityPolicySubjectReviewStatus(in PodSecurityPolicySubjectReviewStatus, out *PodSecurityPolicySubjectReviewStatus, c *conversion.Cloner) error { | ||
| if in.AllowedBy != nil { | ||
| in, out := in.AllowedBy, &out.AllowedBy | ||
| *out = new(api.ObjectReference) | ||
| if err := api.DeepCopy_api_ObjectReference(*in, *out, c); err != nil { | ||
| return err | ||
| } | ||
| } else { | ||
| out.AllowedBy = nil | ||
| } | ||
| out.Reason = in.Reason | ||
| if err := api.DeepCopy_api_PodSpec(in.PodSpec, &out.PodSpec, c); err != nil { | ||
| return err | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| func DeepCopy_api_ServiceAccountPodSecurityPolicyReviewStatus(in ServiceAccountPodSecurityPolicyReviewStatus, out *ServiceAccountPodSecurityPolicyReviewStatus, c *conversion.Cloner) error { | ||
| if err := DeepCopy_api_PodSecurityPolicySubjectReviewStatus(in.PodSecurityPolicySubjectReviewStatus, &out.PodSecurityPolicySubjectReviewStatus, c); err != nil { | ||
| return err | ||
| } | ||
| out.Name = in.Name | ||
| return nil | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| package install | ||
|
|
||
| import ( | ||
| "fmt" | ||
|
|
||
| "github.com/golang/glog" | ||
|
|
||
| kapi "k8s.io/kubernetes/pkg/api" | ||
| "k8s.io/kubernetes/pkg/api/meta" | ||
| "k8s.io/kubernetes/pkg/api/unversioned" | ||
| "k8s.io/kubernetes/pkg/apimachinery" | ||
| "k8s.io/kubernetes/pkg/apimachinery/registered" | ||
| "k8s.io/kubernetes/pkg/runtime" | ||
| "k8s.io/kubernetes/pkg/util/sets" | ||
|
|
||
| "github.com/openshift/origin/pkg/security/api" | ||
| "github.com/openshift/origin/pkg/security/api/v1" | ||
| ) | ||
|
|
||
| const importPrefix = "github.com/openshift/origin/pkg/security/api" | ||
|
|
||
| var accessor = meta.NewAccessor() | ||
|
|
||
| // availableVersions lists all known external versions for this group from most preferred to least preferred | ||
| var availableVersions = []unversioned.GroupVersion{v1.SchemeGroupVersion} | ||
|
|
||
| func init() { | ||
| registered.RegisterVersions(availableVersions) | ||
| externalVersions := []unversioned.GroupVersion{} | ||
| for _, v := range availableVersions { | ||
| if registered.IsAllowedVersion(v) { | ||
| externalVersions = append(externalVersions, v) | ||
| } | ||
| } | ||
| if len(externalVersions) == 0 { | ||
| glog.Infof("No version is registered for group %v", api.GroupName) | ||
| return | ||
| } | ||
|
|
||
| if err := registered.EnableVersions(externalVersions...); err != nil { | ||
| panic(err) | ||
| } | ||
| if err := enableVersions(externalVersions); err != nil { | ||
| panic(err) | ||
| } | ||
| } | ||
|
|
||
| // TODO: enableVersions should be centralized rather than spread in each API | ||
| // group. | ||
| // We can combine registered.RegisterVersions, registered.EnableVersions and | ||
| // registered.RegisterGroup once we have moved enableVersions there. | ||
| func enableVersions(externalVersions []unversioned.GroupVersion) error { | ||
| addVersionsToScheme(externalVersions...) | ||
| preferredExternalVersion := externalVersions[0] | ||
|
|
||
| groupMeta := apimachinery.GroupMeta{ | ||
| GroupVersion: preferredExternalVersion, | ||
| GroupVersions: externalVersions, | ||
| RESTMapper: newRESTMapper(externalVersions), | ||
| SelfLinker: runtime.SelfLinker(accessor), | ||
| InterfacesFor: interfacesFor, | ||
| } | ||
|
|
||
| if err := registered.RegisterGroup(groupMeta); err != nil { | ||
| return err | ||
| } | ||
| kapi.RegisterRESTMapper(groupMeta.RESTMapper) | ||
| return nil | ||
| } | ||
|
|
||
| func addVersionsToScheme(externalVersions ...unversioned.GroupVersion) { | ||
| // add the internal version to Scheme | ||
| api.AddToScheme(kapi.Scheme) | ||
| // add the enabled external versions to Scheme | ||
| for _, v := range externalVersions { | ||
| if !registered.IsEnabledVersion(v) { | ||
| glog.Errorf("Version %s is not enabled, so it will not be added to the Scheme.", v) | ||
| continue | ||
| } | ||
| switch v { | ||
| case v1.SchemeGroupVersion: | ||
| v1.AddToScheme(kapi.Scheme) | ||
| default: | ||
| glog.Errorf("Version %s is not known, so it will not be added to the Scheme.", v) | ||
| continue | ||
| } | ||
| } | ||
| } | ||
|
|
||
| func newRESTMapper(externalVersions []unversioned.GroupVersion) meta.RESTMapper { | ||
| rootScoped := sets.NewString() | ||
| ignoredKinds := sets.NewString() | ||
| return kapi.NewDefaultRESTMapper(externalVersions, interfacesFor, importPrefix, ignoredKinds, rootScoped) | ||
| } | ||
|
|
||
| func interfacesFor(version unversioned.GroupVersion) (*meta.VersionInterfaces, error) { | ||
| switch version { | ||
| case v1.SchemeGroupVersion: | ||
| return &meta.VersionInterfaces{ | ||
| ObjectConvertor: kapi.Scheme, | ||
| MetadataAccessor: accessor, | ||
| }, nil | ||
|
|
||
| default: | ||
| g, _ := registered.Group(api.GroupName) | ||
| return nil, fmt.Errorf("unsupported storage version: %s (valid: %v)", version, g.GroupVersions) | ||
| } | ||
| } |
Oops, something went wrong.