DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update dependencies to K8s 1.8

Browse source
This commit is contained in:
Nick Sardo 2017-09-29 10:12:14 -07:00
parent ba6c89672d
commit 6a59f4c9a2
1114 changed files with 160955 additions and 262845 deletions
Download patch file Download diff file Expand all files Collapse all files

25
vendor/k8s.io/api/networking/v1/BUILD generated vendored
View file

@ -1,7 +1,5 @@
package(default_visibility = ["//visibility:public"])
licenses(["notice"])
load(
"@io_bazel_rules_go//go:def.bzl",
"go_library",
@ -13,21 +11,36 @@ go_library(
"doc.go",
"generated.pb.go",
"register.go",
"types.generated.go",
"types.go",
"types_swagger_doc_generated.go",
"zz_generated.deepcopy.go",
],
tags = ["automanaged"],
deps = [
"//vendor/github.com/gogo/protobuf/proto:go_default_library",
"//vendor/github.com/ugorji/go/codec:go_default_library",
"//vendor/k8s.io/api/core/v1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
],
)
filegroup(
name = "package-srcs",
srcs = glob(["**"]),
tags = ["automanaged"],
visibility = ["//visibility:private"],
)
filegroup(
name = "all-srcs",
srcs = [":package-srcs"],
tags = ["automanaged"],
)
filegroup(
name = "go_default_library_protos",
srcs = ["generated.proto"],
visibility = ["//visibility:public"],
)

630
vendor/k8s.io/api/networking/v1/generated.pb.go generated vendored
View file

@ -25,7 +25,9 @@ limitations under the License.
k8s.io/kubernetes/vendor/k8s.io/api/networking/v1/generated.proto
It has these top-level messages:
IPBlock
NetworkPolicy
NetworkPolicyEgressRule
NetworkPolicyIngressRule
NetworkPolicyList
NetworkPolicyPeer
@ -60,40 +62,87 @@ var _ = math.Inf
// proto package needs to be updated.
const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
func (m *IPBlock) Reset() { *m = IPBlock{} }
func (*IPBlock) ProtoMessage() {}
func (*IPBlock) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
func (m *NetworkPolicy) Reset() { *m = NetworkPolicy{} }
func (*NetworkPolicy) ProtoMessage() {}
func (*NetworkPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
func (*NetworkPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
func (m *NetworkPolicyEgressRule) Reset() { *m = NetworkPolicyEgressRule{} }
func (*NetworkPolicyEgressRule) ProtoMessage() {}
func (*NetworkPolicyEgressRule) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
func (m *NetworkPolicyIngressRule) Reset() { *m = NetworkPolicyIngressRule{} }
func (*NetworkPolicyIngressRule) ProtoMessage() {}
func (*NetworkPolicyIngressRule) Descriptor() ([]byte, []int) {
return fileDescriptorGenerated, []int{1}
return fileDescriptorGenerated, []int{3}
}
func (m *NetworkPolicyList) Reset() { *m = NetworkPolicyList{} }
func (*NetworkPolicyList) ProtoMessage() {}
func (*NetworkPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
func (*NetworkPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
func (m *NetworkPolicyPeer) Reset() { *m = NetworkPolicyPeer{} }
func (*NetworkPolicyPeer) ProtoMessage() {}
func (*NetworkPolicyPeer) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
func (*NetworkPolicyPeer) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
func (m *NetworkPolicyPort) Reset() { *m = NetworkPolicyPort{} }
func (*NetworkPolicyPort) ProtoMessage() {}
func (*NetworkPolicyPort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
func (*NetworkPolicyPort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
func (m *NetworkPolicySpec) Reset() { *m = NetworkPolicySpec{} }
func (*NetworkPolicySpec) ProtoMessage() {}
func (*NetworkPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
func (*NetworkPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
func init() {
proto.RegisterType((*IPBlock)(nil), "k8s.io.api.networking.v1.IPBlock")
proto.RegisterType((*NetworkPolicy)(nil), "k8s.io.api.networking.v1.NetworkPolicy")
proto.RegisterType((*NetworkPolicyEgressRule)(nil), "k8s.io.api.networking.v1.NetworkPolicyEgressRule")
proto.RegisterType((*NetworkPolicyIngressRule)(nil), "k8s.io.api.networking.v1.NetworkPolicyIngressRule")
proto.RegisterType((*NetworkPolicyList)(nil), "k8s.io.api.networking.v1.NetworkPolicyList")
proto.RegisterType((*NetworkPolicyPeer)(nil), "k8s.io.api.networking.v1.NetworkPolicyPeer")
proto.RegisterType((*NetworkPolicyPort)(nil), "k8s.io.api.networking.v1.NetworkPolicyPort")
proto.RegisterType((*NetworkPolicySpec)(nil), "k8s.io.api.networking.v1.NetworkPolicySpec")
}
func (m *IPBlock) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
n, err := m.MarshalTo(dAtA)
if err != nil {
return nil, err
}
return dAtA[:n], nil
}
func (m *IPBlock) MarshalTo(dAtA []byte) (int, error) {
var i int
_ = i
var l int
_ = l
dAtA[i] = 0xa
i++
i = encodeVarintGenerated(dAtA, i, uint64(len(m.CIDR)))
i += copy(dAtA[i:], m.CIDR)
if len(m.Except) > 0 {
for _, s := range m.Except {
dAtA[i] = 0x12
i++
l = len(s)
for l >= 1<<7 {
dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
l >>= 7
i++
}
dAtA[i] = uint8(l)
i++
i += copy(dAtA[i:], s)
}
}
return i, nil
}
func (m *NetworkPolicy) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@ -128,6 +177,48 @@ func (m *NetworkPolicy) MarshalTo(dAtA []byte) (int, error) {
return i, nil
}
func (m *NetworkPolicyEgressRule) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
n, err := m.MarshalTo(dAtA)
if err != nil {
return nil, err
}
return dAtA[:n], nil
}
func (m *NetworkPolicyEgressRule) MarshalTo(dAtA []byte) (int, error) {
var i int
_ = i
var l int
_ = l
if len(m.Ports) > 0 {
for _, msg := range m.Ports {
dAtA[i] = 0xa
i++
i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
n, err := msg.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n
}
}
if len(m.To) > 0 {
for _, msg := range m.To {
dAtA[i] = 0x12
i++
i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
n, err := msg.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n
}
}
return i, nil
}
func (m *NetworkPolicyIngressRule) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@ -243,6 +334,16 @@ func (m *NetworkPolicyPeer) MarshalTo(dAtA []byte) (int, error) {
}
i += n5
}
if m.IPBlock != nil {
dAtA[i] = 0x1a
i++
i = encodeVarintGenerated(dAtA, i, uint64(m.IPBlock.Size()))
n6, err := m.IPBlock.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n6
}
return i, nil
}
@ -271,11 +372,11 @@ func (m *NetworkPolicyPort) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x12
i++
i = encodeVarintGenerated(dAtA, i, uint64(m.Port.Size()))
n6, err := m.Port.MarshalTo(dAtA[i:])
n7, err := m.Port.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n6
i += n7
}
return i, nil
}
@ -298,11 +399,11 @@ func (m *NetworkPolicySpec) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0xa
i++
i = encodeVarintGenerated(dAtA, i, uint64(m.PodSelector.Size()))
n7, err := m.PodSelector.MarshalTo(dAtA[i:])
n8, err := m.PodSelector.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n7
i += n8
if len(m.Ingress) > 0 {
for _, msg := range m.Ingress {
dAtA[i] = 0x12
@ -315,6 +416,33 @@ func (m *NetworkPolicySpec) MarshalTo(dAtA []byte) (int, error) {
i += n
}
}
if len(m.Egress) > 0 {
for _, msg := range m.Egress {
dAtA[i] = 0x1a
i++
i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
n, err := msg.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n
}
}
if len(m.PolicyTypes) > 0 {
for _, s := range m.PolicyTypes {
dAtA[i] = 0x22
i++
l = len(s)
for l >= 1<<7 {
dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
l >>= 7
i++
}
dAtA[i] = uint8(l)
i++
i += copy(dAtA[i:], s)
}
}
return i, nil
}
@ -345,6 +473,20 @@ func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
dAtA[offset] = uint8(v)
return offset + 1
}
func (m *IPBlock) Size() (n int) {
var l int
_ = l
l = len(m.CIDR)
n += 1 + l + sovGenerated(uint64(l))
if len(m.Except) > 0 {
for _, s := range m.Except {
l = len(s)
n += 1 + l + sovGenerated(uint64(l))
}
}
return n
}
func (m *NetworkPolicy) Size() (n int) {
var l int
_ = l
@ -355,6 +497,24 @@ func (m *NetworkPolicy) Size() (n int) {
return n
}
func (m *NetworkPolicyEgressRule) Size() (n int) {
var l int
_ = l
if len(m.Ports) > 0 {
for _, e := range m.Ports {
l = e.Size()
n += 1 + l + sovGenerated(uint64(l))
}
}
if len(m.To) > 0 {
for _, e := range m.To {
l = e.Size()
n += 1 + l + sovGenerated(uint64(l))
}
}
return n
}
func (m *NetworkPolicyIngressRule) Size() (n int) {
var l int
_ = l
@ -398,6 +558,10 @@ func (m *NetworkPolicyPeer) Size() (n int) {
l = m.NamespaceSelector.Size()
n += 1 + l + sovGenerated(uint64(l))
}
if m.IPBlock != nil {
l = m.IPBlock.Size()
n += 1 + l + sovGenerated(uint64(l))
}
return n
}
@ -426,6 +590,18 @@ func (m *NetworkPolicySpec) Size() (n int) {
n += 1 + l + sovGenerated(uint64(l))
}
}
if len(m.Egress) > 0 {
for _, e := range m.Egress {
l = e.Size()
n += 1 + l + sovGenerated(uint64(l))
}
}
if len(m.PolicyTypes) > 0 {
for _, s := range m.PolicyTypes {
l = len(s)
n += 1 + l + sovGenerated(uint64(l))
}
}
return n
}
@ -442,6 +618,17 @@ func sovGenerated(x uint64) (n int) {
func sozGenerated(x uint64) (n int) {
return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
}
func (this *IPBlock) String() string {
if this == nil {
return "nil"
}
s := strings.Join([]string{`&IPBlock{`,
`CIDR:` + fmt.Sprintf("%v", this.CIDR) + `,`,
`Except:` + fmt.Sprintf("%v", this.Except) + `,`,
`}`,
}, "")
return s
}
func (this *NetworkPolicy) String() string {
if this == nil {
return "nil"
@ -453,6 +640,17 @@ func (this *NetworkPolicy) String() string {
}, "")
return s
}
func (this *NetworkPolicyEgressRule) String() string {
if this == nil {
return "nil"
}
s := strings.Join([]string{`&NetworkPolicyEgressRule{`,
`Ports:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Ports), "NetworkPolicyPort", "NetworkPolicyPort", 1), `&`, ``, 1) + `,`,
`To:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.To), "NetworkPolicyPeer", "NetworkPolicyPeer", 1), `&`, ``, 1) + `,`,
`}`,
}, "")
return s
}
func (this *NetworkPolicyIngressRule) String() string {
if this == nil {
return "nil"
@ -482,6 +680,7 @@ func (this *NetworkPolicyPeer) String() string {
s := strings.Join([]string{`&NetworkPolicyPeer{`,
`PodSelector:` + strings.Replace(fmt.Sprintf("%v", this.PodSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
`NamespaceSelector:` + strings.Replace(fmt.Sprintf("%v", this.NamespaceSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
`IPBlock:` + strings.Replace(fmt.Sprintf("%v", this.IPBlock), "IPBlock", "IPBlock", 1) + `,`,
`}`,
}, "")
return s
@ -504,6 +703,8 @@ func (this *NetworkPolicySpec) String() string {
s := strings.Join([]string{`&NetworkPolicySpec{`,
`PodSelector:` + strings.Replace(strings.Replace(this.PodSelector.String(), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1), `&`, ``, 1) + `,`,
`Ingress:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Ingress), "NetworkPolicyIngressRule", "NetworkPolicyIngressRule", 1), `&`, ``, 1) + `,`,
`Egress:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Egress), "NetworkPolicyEgressRule", "NetworkPolicyEgressRule", 1), `&`, ``, 1) + `,`,
`PolicyTypes:` + fmt.Sprintf("%v", this.PolicyTypes) + `,`,
`}`,
}, "")
return s
@ -516,6 +717,114 @@ func valueToStringGenerated(v interface{}) string {
pv := reflect.Indirect(rv).Interface()
return fmt.Sprintf("*%v", pv)
}
func (m *IPBlock) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
preIndex := iNdEx
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
fieldNum := int32(wire >> 3)
wireType := int(wire & 0x7)
if wireType == 4 {
return fmt.Errorf("proto: IPBlock: wiretype end group for non-group")
}
if fieldNum <= 0 {
return fmt.Errorf("proto: IPBlock: illegal tag %d (wire type %d)", fieldNum, wire)
}
switch fieldNum {
case 1:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field CIDR", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + intStringLen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.CIDR = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 2:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Except", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + intStringLen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Except = append(m.Except, string(dAtA[iNdEx:postIndex]))
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
if err != nil {
return err
}
if skippy < 0 {
return ErrInvalidLengthGenerated
}
if (iNdEx + skippy) > l {
return io.ErrUnexpectedEOF
}
iNdEx += skippy
}
}
if iNdEx > l {
return io.ErrUnexpectedEOF
}
return nil
}
func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
@ -626,6 +935,118 @@ func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
}
return nil
}
func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
preIndex := iNdEx
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
fieldNum := int32(wire >> 3)
wireType := int(wire & 0x7)
if wireType == 4 {
return fmt.Errorf("proto: NetworkPolicyEgressRule: wiretype end group for non-group")
}
if fieldNum <= 0 {
return fmt.Errorf("proto: NetworkPolicyEgressRule: illegal tag %d (wire type %d)", fieldNum, wire)
}
switch fieldNum {
case 1:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + msglen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Ports = append(m.Ports, NetworkPolicyPort{})
if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
case 2:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field To", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + msglen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.To = append(m.To, NetworkPolicyPeer{})
if err := m.To[len(m.To)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
if err != nil {
return err
}
if skippy < 0 {
return ErrInvalidLengthGenerated
}
if (iNdEx + skippy) > l {
return io.ErrUnexpectedEOF
}
iNdEx += skippy
}
}
if iNdEx > l {
return io.ErrUnexpectedEOF
}
return nil
}
func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
@ -944,6 +1365,39 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 3:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field IPBlock", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + msglen
if postIndex > l {
return io.ErrUnexpectedEOF
}
if m.IPBlock == nil {
m.IPBlock = &IPBlock{}
}
if err := m.IPBlock.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
@ -1168,6 +1622,66 @@ func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 3:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Egress", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + msglen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Egress = append(m.Egress, NetworkPolicyEgressRule{})
if err := m.Egress[len(m.Egress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
case 4:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field PolicyTypes", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + intStringLen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.PolicyTypes = append(m.PolicyTypes, PolicyType(dAtA[iNdEx:postIndex]))
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
@ -1299,47 +1813,57 @@ func init() {
}
var fileDescriptorGenerated = []byte{
// 670 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0x4d, 0x4f, 0xdb, 0x4a,
0x14, 0x8d, 0xf3, 0x40, 0xe4, 0x0d, 0x0f, 0xf1, 0xf0, 0xd3, 0x93, 0x22, 0x2a, 0x39, 0xc8, 0x9b,
0x52, 0x21, 0x66, 0x1a, 0xa8, 0xaa, 0x6e, 0xeb, 0x45, 0x2b, 0x24, 0x3e, 0x22, 0xb3, 0xab, 0x5a,
0xa9, 0x13, 0xe7, 0x62, 0x86, 0xc4, 0x33, 0xd6, 0xcc, 0x24, 0x85, 0x5d, 0x7f, 0x42, 0x7f, 0x48,
0xff, 0x41, 0x17, 0xed, 0x92, 0x25, 0x4b, 0x56, 0x51, 0x71, 0x7f, 0x43, 0x37, 0x5d, 0x55, 0x63,
0x3b, 0x71, 0x88, 0x89, 0x1a, 0xaa, 0xee, 0x98, 0xeb, 0x73, 0xce, 0xbd, 0x87, 0x73, 0x6f, 0xd0,
0xf3, 0xee, 0x33, 0x85, 0x99, 0x20, 0xdd, 0x7e, 0x1b, 0x24, 0x07, 0x0d, 0x8a, 0x0c, 0x80, 0x77,
0x84, 0x24, 0xf9, 0x07, 0x1a, 0x33, 0xc2, 0x41, 0xbf, 0x13, 0xb2, 0xcb, 0x78, 0x48, 0x06, 0x4d,
0x12, 0x02, 0x07, 0x49, 0x35, 0x74, 0x70, 0x2c, 0x85, 0x16, 0x76, 0x3d, 0x43, 0x62, 0x1a, 0x33,
0x5c, 0x20, 0xf1, 0xa0, 0xb9, 0xbe, 0x1d, 0x32, 0x7d, 0xda, 0x6f, 0xe3, 0x40, 0x44, 0x24, 0x14,
0xa1, 0x20, 0x29, 0xa1, 0xdd, 0x3f, 0x49, 0x5f, 0xe9, 0x23, 0xfd, 0x2b, 0x13, 0x5a, 0x77, 0x27,
0x5a, 0x06, 0x42, 0xc2, 0x1d, 0xcd, 0xd6, 0xb7, 0x27, 0x30, 0x70, 0xae, 0x81, 0x2b, 0x26, 0xb8,
0x22, 0x83, 0x66, 0x1b, 0x34, 0x2d, 0xc3, 0x1f, 0x4d, 0xc0, 0x63, 0xd1, 0x63, 0xc1, 0xc5, 0x4c,
0xe8, 0x93, 0x02, 0x1a, 0xd1, 0xe0, 0x94, 0x71, 0x90, 0x17, 0x24, 0xee, 0x86, 0xa6, 0xa0, 0x48,
0x04, 0x9a, 0xde, 0x35, 0x0f, 0x99, 0xc5, 0x92, 0x7d, 0xae, 0x59, 0x04, 0x25, 0xc2, 0xd3, 0x5f,
0x11, 0x54, 0x70, 0x0a, 0x11, 0x2d, 0xf1, 0x76, 0x67, 0xf1, 0xfa, 0x9a, 0xf5, 0x08, 0xe3, 0x5a,
0x69, 0x39, 0x4d, 0x72, 0xbf, 0x58, 0x68, 0xe5, 0x30, 0x8b, 0xa4, 0x95, 0xba, 0xb7, 0xdf, 0xa2,
0x9a, 0xb1, 0xd2, 0xa1, 0x9a, 0xd6, 0xad, 0x0d, 0x6b, 0x73, 0x79, 0xe7, 0x31, 0x2e, 0xf2, 0x1b,
0x2b, 0xe3, 0xb8, 0x1b, 0x9a, 0x82, 0xc2, 0x06, 0x8d, 0x07, 0x4d, 0x7c, 0xd4, 0x3e, 0x83, 0x40,
0x1f, 0x80, 0xa6, 0x9e, 0x7d, 0x39, 0x6c, 0x54, 0x92, 0x61, 0x03, 0x15, 0x35, 0x7f, 0xac, 0x6a,
0x1f, 0xa0, 0x05, 0x15, 0x43, 0x50, 0xaf, 0xa6, 0xea, 0x5b, 0x78, 0xd6, 0x76, 0xe0, 0x5b, 0x83,
0x1d, 0xc7, 0x10, 0x78, 0xff, 0xe4, 0xc2, 0x0b, 0xe6, 0xe5, 0xa7, 0x32, 0xee, 0x27, 0x0b, 0xd5,
0x6f, 0x21, 0xf7, 0x78, 0x28, 0x41, 0x29, 0xbf, 0xdf, 0x03, 0xbb, 0x85, 0x16, 0x63, 0x21, 0xb5,
0xaa, 0x5b, 0x1b, 0x7f, 0xdd, 0xa3, 0x59, 0x4b, 0x48, 0xed, 0xad, 0xe4, 0xcd, 0x16, 0xcd, 0x4b,
0xf9, 0x99, 0x90, 0x99, 0xfe, 0x44, 0x8a, 0xa8, 0x5e, 0xbd, 0x9f, 0x20, 0x80, 0x2c, 0xa6, 0x7f,
0x21, 0x45, 0xe4, 0xa7, 0x32, 0xee, 0x67, 0x0b, 0xad, 0xdd, 0x42, 0xee, 0x33, 0xa5, 0xed, 0xd7,
0xa5, 0x10, 0xf0, 0x7c, 0x21, 0x18, 0x76, 0x1a, 0xc1, 0xbf, 0x79, 0xaf, 0xda, 0xa8, 0x32, 0x11,
0xc0, 0x3e, 0x5a, 0x64, 0x1a, 0x22, 0x95, 0x7b, 0x78, 0x38, 0xa7, 0x87, 0xe2, 0x1f, 0xb2, 0x67,
0xd8, 0x7e, 0x26, 0xe2, 0x7e, 0x9f, 0x76, 0x60, 0xbc, 0xda, 0x27, 0x68, 0x39, 0x16, 0x9d, 0x63,
0xe8, 0x41, 0xa0, 0x85, 0xcc, 0x4d, 0xec, 0xce, 0x69, 0x82, 0xb6, 0xa1, 0x37, 0xa2, 0x7a, 0xab,
0xc9, 0xb0, 0xb1, 0xdc, 0x2a, 0xb4, 0xfc, 0x49, 0x61, 0xfb, 0x1c, 0xad, 0x71, 0x1a, 0x81, 0x8a,
0x69, 0x00, 0xe3, 0x6e, 0xd5, 0xdf, 0xef, 0xf6, 0x7f, 0x32, 0x6c, 0xac, 0x1d, 0x4e, 0x2b, 0xfa,
0xe5, 0x26, 0xee, 0xc7, 0x92, 0x6f, 0x21, 0xb5, 0xfd, 0x12, 0xd5, 0xd2, 0xcb, 0x0a, 0x44, 0x2f,
0x35, 0xfd, 0xb7, 0xb7, 0x65, 0x52, 0x68, 0xe5, 0xb5, 0x1f, 0xc3, 0xc6, 0x83, 0xf2, 0x8f, 0x18,
0x1e, 0x7d, 0xf6, 0xc7, 0x64, 0xfb, 0x10, 0x2d, 0x98, 0x85, 0xcb, 0xbd, 0xcc, 0xbe, 0x41, 0x73,
0xdd, 0x38, 0xbb, 0x6e, 0xbc, 0xc7, 0xf5, 0x91, 0x3c, 0xd6, 0x92, 0xf1, 0xd0, 0xab, 0x99, 0x45,
0x33, 0x23, 0xf9, 0xa9, 0x8e, 0x3b, 0x9c, 0x1e, 0xd7, 0x9c, 0x90, 0x7d, 0xf6, 0xc7, 0x62, 0xfa,
0x2f, 0x5f, 0x8e, 0xd9, 0x51, 0xbd, 0x41, 0x4b, 0x2c, 0x3b, 0xcd, 0x7c, 0xf1, 0x76, 0xe6, 0x5c,
0xbc, 0x89, 0x83, 0xf6, 0x56, 0xf3, 0x36, 0x4b, 0xa3, 0xe2, 0x48, 0xd3, 0xdb, 0xbc, 0xbc, 0x71,
0x2a, 0x57, 0x37, 0x4e, 0xe5, 0xfa, 0xc6, 0xa9, 0xbc, 0x4f, 0x1c, 0xeb, 0x32, 0x71, 0xac, 0xab,
0xc4, 0xb1, 0xae, 0x13, 0xc7, 0xfa, 0x9a, 0x38, 0xd6, 0x87, 0x6f, 0x4e, 0xe5, 0x55, 0x75, 0xd0,
0xfc, 0x19, 0x00, 0x00, 0xff, 0xff, 0x75, 0x6b, 0xae, 0xb3, 0xd3, 0x06, 0x00, 0x00,
// 829 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x55, 0x4d, 0x6f, 0x1b, 0x45,
0x18, 0xf6, 0x3a, 0xce, 0x47, 0x27, 0x94, 0x92, 0x41, 0x08, 0x2b, 0x88, 0x75, 0xd8, 0x0b, 0x41,
0x55, 0x67, 0x71, 0x8b, 0x10, 0x37, 0xc4, 0x42, 0x29, 0x96, 0x9a, 0xc4, 0x9a, 0xf4, 0x02, 0x02,
0x89, 0xf5, 0xfa, 0xcd, 0x66, 0x6a, 0xef, 0xce, 0x6a, 0x66, 0x6c, 0x92, 0x1b, 0x3f, 0x81, 0x1f,
0xc2, 0x91, 0x1b, 0x87, 0x72, 0xcc, 0xb1, 0xc7, 0x9e, 0x56, 0x64, 0xf9, 0x17, 0x39, 0xa1, 0x99,
0x1d, 0x7b, 0xfd, 0x51, 0x0b, 0xb7, 0xa2, 0x37, 0xcf, 0x3b, 0xcf, 0xf3, 0xbc, 0x1f, 0xf3, 0xf8,
0x5d, 0xf4, 0xd5, 0xe0, 0x0b, 0x49, 0x18, 0xf7, 0x07, 0xa3, 0x1e, 0x88, 0x14, 0x14, 0x48, 0x7f,
0x0c, 0x69, 0x9f, 0x0b, 0xdf, 0x5e, 0x84, 0x19, 0xf3, 0x53, 0x50, 0xbf, 0x70, 0x31, 0x60, 0x69,
0xec, 0x8f, 0xdb, 0x7e, 0x0c, 0x29, 0x88, 0x50, 0x41, 0x9f, 0x64, 0x82, 0x2b, 0x8e, 0x9b, 0x25,
0x92, 0x84, 0x19, 0x23, 0x15, 0x92, 0x8c, 0xdb, 0xfb, 0xf7, 0x62, 0xa6, 0xce, 0x47, 0x3d, 0x12,
0xf1, 0xc4, 0x8f, 0x79, 0xcc, 0x7d, 0x43, 0xe8, 0x8d, 0xce, 0xcc, 0xc9, 0x1c, 0xcc, 0xaf, 0x52,
0x68, 0xdf, 0x9b, 0x49, 0x19, 0x71, 0x01, 0x2f, 0x49, 0xb6, 0x7f, 0x6f, 0x06, 0x03, 0x17, 0x0a,
0x52, 0xc9, 0x78, 0x2a, 0xfd, 0x71, 0xbb, 0x07, 0x2a, 0x5c, 0x86, 0x7f, 0x32, 0x03, 0xcf, 0xf8,
0x90, 0x45, 0x97, 0x2b, 0xa1, 0x9f, 0x55, 0xd0, 0x24, 0x8c, 0xce, 0x59, 0x0a, 0xe2, 0xd2, 0xcf,
0x06, 0xb1, 0x0e, 0x48, 0x3f, 0x01, 0x15, 0xbe, 0xac, 0x1e, 0x7f, 0x15, 0x4b, 0x8c, 0x52, 0xc5,
0x12, 0x58, 0x22, 0x7c, 0xfe, 0x5f, 0x04, 0x19, 0x9d, 0x43, 0x12, 0x2e, 0xf1, 0x1e, 0xac, 0xe2,
0x8d, 0x14, 0x1b, 0xfa, 0x2c, 0x55, 0x52, 0x89, 0x45, 0x92, 0x77, 0x82, 0xb6, 0x3b, 0xdd, 0x60,
0xc8, 0xa3, 0x01, 0x3e, 0x40, 0x8d, 0x88, 0xf5, 0x45, 0xd3, 0x39, 0x70, 0x0e, 0x6f, 0x05, 0x6f,
0x5d, 0xe5, 0xad, 0x5a, 0x91, 0xb7, 0x1a, 0x5f, 0x77, 0xbe, 0xa1, 0xd4, 0xdc, 0x60, 0x0f, 0x6d,
0xc1, 0x45, 0x04, 0x99, 0x6a, 0xd6, 0x0f, 0x36, 0x0e, 0x6f, 0x05, 0xa8, 0xc8, 0x5b, 0x5b, 0x0f,
0x4d, 0x84, 0xda, 0x1b, 0xef, 0x2f, 0x07, 0xdd, 0x3e, 0x2e, 0xdf, 0xb8, 0x6b, 0xc6, 0x89, 0x7f,
0x46, 0x3b, 0x7a, 0x36, 0xfd, 0x50, 0x85, 0x46, 0x7b, 0xf7, 0xfe, 0xa7, 0xa4, 0x32, 0xc4, 0xb4,
0x54, 0x92, 0x0d, 0x62, 0x1d, 0x90, 0x44, 0xa3, 0xc9, 0xb8, 0x4d, 0x4e, 0x7a, 0x4f, 0x21, 0x52,
0x47, 0xa0, 0xc2, 0x00, 0xdb, 0x6a, 0x50, 0x15, 0xa3, 0x53, 0x55, 0x7c, 0x84, 0x1a, 0x32, 0x83,
0xa8, 0x59, 0x37, 0xea, 0x77, 0xc9, 0x2a, 0xbb, 0x91, 0xb9, 0xc2, 0x4e, 0x33, 0x88, 0xaa, 0x36,
0xf5, 0x89, 0x1a, 0x19, 0xef, 0x0f, 0x07, 0xbd, 0x3f, 0x87, 0x7c, 0x18, 0x0b, 0x90, 0x92, 0x8e,
0x86, 0x80, 0xbb, 0x68, 0x33, 0xe3, 0x42, 0xc9, 0xa6, 0x73, 0xb0, 0xf1, 0x0a, 0xb9, 0xba, 0x5c,
0xa8, 0xe0, 0xb6, 0xcd, 0xb5, 0xa9, 0x4f, 0x92, 0x96, 0x42, 0xf8, 0x11, 0xaa, 0x2b, 0x6e, 0x06,
0xfa, 0x0a, 0x72, 0x00, 0x22, 0x40, 0x56, 0xae, 0xfe, 0x84, 0xd3, 0xba, 0xe2, 0xde, 0x9f, 0x0e,
0x6a, 0xce, 0xa1, 0x3a, 0xe9, 0x9b, 0xac, 0xfb, 0x08, 0x35, 0xce, 0x04, 0x4f, 0x5e, 0xa7, 0xf2,
0xe9, 0xd0, 0xbf, 0x15, 0x3c, 0xa1, 0x46, 0xc6, 0x7b, 0xe6, 0xa0, 0xbd, 0x39, 0xe4, 0x63, 0x26,
0x15, 0xfe, 0x71, 0xc9, 0x3b, 0x64, 0x3d, 0xef, 0x68, 0xb6, 0x71, 0xce, 0x3b, 0x36, 0xd7, 0xce,
0x24, 0x32, 0xe3, 0x9b, 0xc7, 0x68, 0x93, 0x29, 0x48, 0xa4, 0xed, 0xe1, 0xe3, 0x35, 0x7b, 0xa8,
0x06, 0xd2, 0xd1, 0x6c, 0x5a, 0x8a, 0x78, 0xcf, 0xea, 0x0b, 0x1d, 0xe8, 0x5e, 0xf1, 0x19, 0xda,
0xcd, 0x78, 0xff, 0x14, 0x86, 0x10, 0x29, 0x2e, 0x6c, 0x13, 0x0f, 0xd6, 0x6c, 0x22, 0xec, 0xc1,
0x70, 0x42, 0x0d, 0xee, 0x14, 0x79, 0x6b, 0xb7, 0x5b, 0x69, 0xd1, 0x59, 0x61, 0x7c, 0x81, 0xf6,
0xd2, 0x30, 0x01, 0x99, 0x85, 0x11, 0x4c, 0xb3, 0xd5, 0x5f, 0x3f, 0xdb, 0x7b, 0x45, 0xde, 0xda,
0x3b, 0x5e, 0x54, 0xa4, 0xcb, 0x49, 0xf0, 0x77, 0x68, 0x9b, 0x65, 0x66, 0x85, 0x34, 0x37, 0x4c,
0xbe, 0x8f, 0x56, 0xcf, 0xd1, 0xee, 0x9a, 0x60, 0xb7, 0xc8, 0x5b, 0x93, 0xc5, 0x43, 0x27, 0x74,
0xef, 0xf7, 0x45, 0x0f, 0x68, 0xc3, 0xe1, 0x47, 0x68, 0xc7, 0xec, 0xaa, 0x88, 0x0f, 0xed, 0x6e,
0xba, 0xab, 0xdf, 0xb3, 0x6b, 0x63, 0x37, 0x79, 0xeb, 0x83, 0xe5, 0xcf, 0x02, 0x99, 0x5c, 0xd3,
0x29, 0x19, 0x1f, 0xa3, 0x86, 0xb6, 0xae, 0x9d, 0xca, 0xea, 0x25, 0xa4, 0xf7, 0x25, 0x29, 0xf7,
0x25, 0xe9, 0xa4, 0xea, 0x44, 0x9c, 0x2a, 0xc1, 0xd2, 0x38, 0xd8, 0xd1, 0x96, 0xd5, 0x25, 0x51,
0xa3, 0xe3, 0xdd, 0x2c, 0x3e, 0xb8, 0xde, 0x21, 0xf8, 0xe9, 0xff, 0xf6, 0xe0, 0xef, 0x5a, 0x9b,
0xad, 0x7e, 0xf4, 0x9f, 0xd0, 0x36, 0x2b, 0xff, 0xe4, 0xd6, 0xc2, 0xf7, 0xd7, 0xb4, 0xf0, 0xcc,
0x6a, 0x08, 0xee, 0xd8, 0x34, 0xdb, 0x93, 0xe0, 0x44, 0x13, 0x7f, 0x8f, 0xb6, 0xa0, 0x54, 0xdf,
0x30, 0xea, 0xed, 0x35, 0xd5, 0xab, 0x7d, 0x19, 0xbc, 0x6d, 0xc5, 0xb7, 0x6c, 0xcc, 0x0a, 0xe2,
0x2f, 0xf5, 0x94, 0x34, 0xf6, 0xc9, 0x65, 0x06, 0xb2, 0xd9, 0x30, 0xdf, 0x93, 0x0f, 0xcb, 0x66,
0xa7, 0xe1, 0x9b, 0xbc, 0x85, 0xaa, 0x23, 0x9d, 0x65, 0x04, 0x87, 0x57, 0xd7, 0x6e, 0xed, 0xf9,
0xb5, 0x5b, 0x7b, 0x71, 0xed, 0xd6, 0x7e, 0x2d, 0x5c, 0xe7, 0xaa, 0x70, 0x9d, 0xe7, 0x85, 0xeb,
0xbc, 0x28, 0x5c, 0xe7, 0xef, 0xc2, 0x75, 0x7e, 0xfb, 0xc7, 0xad, 0xfd, 0x50, 0x1f, 0xb7, 0xff,
0x0d, 0x00, 0x00, 0xff, 0xff, 0x48, 0x47, 0x24, 0xc9, 0xc1, 0x08, 0x00, 0x00,
}

63
vendor/k8s.io/api/networking/v1/generated.proto generated vendored
View file

@ -32,6 +32,21 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
// not be included within this rule.
message IPBlock {
// CIDR is a string representing the IP Block
// Valid examples are "192.168.1.1/24"
optional string cidr = 1;
// Except is a slice of CIDRs that should not be included within an IP Block
// Valid examples are "192.168.1.1/24"
// Except values will be rejected if they are outside the CIDR range
// +optional
repeated string except = 2;
}
// NetworkPolicy describes what network traffic is allowed for a set of Pods
message NetworkPolicy {
// Standard object's metadata.
@ -44,6 +59,27 @@ message NetworkPolicy {
optional NetworkPolicySpec spec = 2;
}
// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
// This type is beta-level in 1.8
message NetworkPolicyEgressRule {
// List of destination ports for outgoing traffic.
// Each item in this list is combined using a logical OR. If this field is
// empty or missing, this rule matches all ports (traffic not restricted by port).
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
repeated NetworkPolicyPort ports = 1;
// List of destinations for outgoing traffic of pods selected for this rule.
// Items in this list are combined using a logical OR operation. If this field is
// empty or missing, this rule matches all destinations (traffic not restricted by
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
repeated NetworkPolicyPeer to = 2;
}
// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods
// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.
message NetworkPolicyIngressRule {
@ -89,6 +125,10 @@ message NetworkPolicyPeer {
// selector semantics. If present but empty, this selector selects all namespaces.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 2;
// IPBlock defines policy on a particular IPBlock
// +optional
optional IPBlock ipBlock = 3;
}
// NetworkPolicyPort describes a port to allow traffic on
@ -123,5 +163,28 @@ message NetworkPolicySpec {
// solely to ensure that the pods it selects are isolated by default)
// +optional
repeated NetworkPolicyIngressRule ingress = 2;
// List of egress rules to be applied to the selected pods. Outgoing traffic is
// allowed if there are no NetworkPolicies selecting the pod (and cluster policy
// otherwise allows the traffic), OR if the traffic matches at least one egress rule
// across all of the NetworkPolicy objects whose podSelector matches the pod. If
// this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
repeated NetworkPolicyEgressRule egress = 3;
// List of rule types that the NetworkPolicy relates to.
// Valid options are Ingress, Egress, or Ingress,Egress.
// If this field is not specified, it will default based on the existence of Ingress or Egress rules;
// policies that contain an Egress section are assumed to affect Egress, and all policies
// (whether or not they contain an Ingress section) are assumed to affect Ingress.
// If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
// Likewise, if you want to write a policy that specifies that no egress is allowed,
// you must specify a policyTypes value that include "Egress" (since such a policy would not include
// an Egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
repeated string policyTypes = 4;
}

2322
vendor/k8s.io/api/networking/v1/types.generated.go generated vendored
View file

File diff suppressed because it is too large Load diff

73
vendor/k8s.io/api/networking/v1/types.go generated vendored
View file

@ -38,6 +38,17 @@ type NetworkPolicy struct {
Spec NetworkPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
}
// Policy Type string describes the NetworkPolicy type
// This type is beta-level in 1.8
type PolicyType string
const (
// PolicyTypeIngress is a NetworkPolicy that affects ingress traffic on selected pods
PolicyTypeIngress PolicyType = "Ingress"
// PolicyTypeEgress is a NetworkPolicy that affects egress traffic on selected pods
PolicyTypeEgress PolicyType = "Egress"
)
// NetworkPolicySpec provides the specification of a NetworkPolicy
type NetworkPolicySpec struct {
// Selects the pods to which this NetworkPolicy object applies. The array of
@ -57,6 +68,29 @@ type NetworkPolicySpec struct {
// solely to ensure that the pods it selects are isolated by default)
// +optional
Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"`
// List of egress rules to be applied to the selected pods. Outgoing traffic is
// allowed if there are no NetworkPolicies selecting the pod (and cluster policy
// otherwise allows the traffic), OR if the traffic matches at least one egress rule
// across all of the NetworkPolicy objects whose podSelector matches the pod. If
// this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"`
// List of rule types that the NetworkPolicy relates to.
// Valid options are Ingress, Egress, or Ingress,Egress.
// If this field is not specified, it will default based on the existence of Ingress or Egress rules;
// policies that contain an Egress section are assumed to affect Egress, and all policies
// (whether or not they contain an Ingress section) are assumed to affect Ingress.
// If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
// Likewise, if you want to write a policy that specifies that no egress is allowed,
// you must specify a policyTypes value that include "Egress" (since such a policy would not include
// an Egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"`
}
// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods
@ -79,6 +113,27 @@ type NetworkPolicyIngressRule struct {
From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"`
}
// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
// This type is beta-level in 1.8
type NetworkPolicyEgressRule struct {
// List of destination ports for outgoing traffic.
// Each item in this list is combined using a logical OR. If this field is
// empty or missing, this rule matches all ports (traffic not restricted by port).
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
// List of destinations for outgoing traffic of pods selected for this rule.
// Items in this list are combined using a logical OR operation. If this field is
// empty or missing, this rule matches all destinations (traffic not restricted by
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"`
}
// NetworkPolicyPort describes a port to allow traffic on
type NetworkPolicyPort struct {
// The protocol (TCP or UDP) which traffic must match. If not specified, this
@ -92,6 +147,20 @@ type NetworkPolicyPort struct {
Port *intstr.IntOrString `json:"port,omitempty" protobuf:"bytes,2,opt,name=port"`
}
// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
// not be included within this rule.
type IPBlock struct {
// CIDR is a string representing the IP Block
// Valid examples are "192.168.1.1/24"
CIDR string `json:"cidr" protobuf:"bytes,1,name=cidr"`
// Except is a slice of CIDRs that should not be included within an IP Block
// Valid examples are "192.168.1.1/24"
// Except values will be rejected if they are outside the CIDR range
// +optional
Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"`
}
// NetworkPolicyPeer describes a peer to allow traffic from. Exactly one of its fields
// must be specified.
type NetworkPolicyPeer struct {
@ -106,6 +175,10 @@ type NetworkPolicyPeer struct {
// selector semantics. If present but empty, this selector selects all namespaces.
// +optional
NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,2,opt,name=namespaceSelector"`
// IPBlock defines policy on a particular IPBlock
// +optional
IPBlock *IPBlock `json:"ipBlock,omitempty" protobuf:"bytes,3,rep,name=ipBlock"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

23
vendor/k8s.io/api/networking/v1/types_swagger_doc_generated.go generated vendored
View file

@ -27,6 +27,16 @@ package v1
// Those methods can be generated by using hack/update-generated-swagger-docs.sh
// AUTO-GENERATED FUNCTIONS START HERE
var map_IPBlock = map[string]string{
"": "IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.",
"cidr": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"",
"except": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range",
}
func (IPBlock) SwaggerDoc() map[string]string {
return map_IPBlock
}
var map_NetworkPolicy = map[string]string{
"": "NetworkPolicy describes what network traffic is allowed for a set of Pods",
"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
@ -37,6 +47,16 @@ func (NetworkPolicy) SwaggerDoc() map[string]string {
return map_NetworkPolicy
}
var map_NetworkPolicyEgressRule = map[string]string{
"": "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8",
"ports": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.",
"to": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.",
}
func (NetworkPolicyEgressRule) SwaggerDoc() map[string]string {
return map_NetworkPolicyEgressRule
}
var map_NetworkPolicyIngressRule = map[string]string{
"": "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.",
"ports": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.",
@ -61,6 +81,7 @@ var map_NetworkPolicyPeer = map[string]string{
"": "NetworkPolicyPeer describes a peer to allow traffic from. Exactly one of its fields must be specified.",
"podSelector": "This is a label selector which selects Pods in this namespace. This field follows standard label selector semantics. If present but empty, this selector selects all pods in this namespace.",
"namespaceSelector": "Selects Namespaces using cluster scoped-labels. This matches all pods in all namespaces selected by this label selector. This field follows standard label selector semantics. If present but empty, this selector selects all namespaces.",
"ipBlock": "IPBlock defines policy on a particular IPBlock",
}
func (NetworkPolicyPeer) SwaggerDoc() map[string]string {
@ -81,6 +102,8 @@ var map_NetworkPolicySpec = map[string]string{
"": "NetworkPolicySpec provides the specification of a NetworkPolicy",
"podSelector": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.",
"ingress": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)",
"egress": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8",
"policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8",
}
func (NetworkPolicySpec) SwaggerDoc() map[string]string {

141
vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go generated vendored
View file

@ -29,19 +29,28 @@ import (
reflect "reflect"
)
// Deprecated: register deep-copy functions.
func init() {
SchemeBuilder.Register(RegisterDeepCopies)
}
// Deprecated: RegisterDeepCopies adds deep-copy functions to the given scheme. Public
// RegisterDeepCopies adds deep-copy functions to the given scheme. Public
// to allow building arbitrary schemes.
//
// Deprecated: deepcopy registration will go away when static deepcopy is fully implemented.
func RegisterDeepCopies(scheme *runtime.Scheme) error {
return scheme.AddGeneratedDeepCopyFuncs(
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*IPBlock).DeepCopyInto(out.(*IPBlock))
return nil
}, InType: reflect.TypeOf(&IPBlock{})},
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*NetworkPolicy).DeepCopyInto(out.(*NetworkPolicy))
return nil
}, InType: reflect.TypeOf(&NetworkPolicy{})},
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*NetworkPolicyEgressRule).DeepCopyInto(out.(*NetworkPolicyEgressRule))
return nil
}, InType: reflect.TypeOf(&NetworkPolicyEgressRule{})},
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*NetworkPolicyIngressRule).DeepCopyInto(out.(*NetworkPolicyIngressRule))
return nil
@ -65,6 +74,27 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
)
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *IPBlock) DeepCopyInto(out *IPBlock) {
*out = *in
if in.Except != nil {
in, out := &in.Except, &out.Except
*out = make([]string, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPBlock.
func (in *IPBlock) DeepCopy() *IPBlock {
if in == nil {
return nil
}
out := new(IPBlock)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) {
*out = *in
@ -74,25 +104,55 @@ func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) {
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy.
func (x *NetworkPolicy) DeepCopy() *NetworkPolicy {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy.
func (in *NetworkPolicy) DeepCopy() *NetworkPolicy {
if in == nil {
return nil
}
out := new(NetworkPolicy)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (x *NetworkPolicy) DeepCopyObject() runtime.Object {
if c := x.DeepCopy(); c != nil {
func (in *NetworkPolicy) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
} else {
return nil
}
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) {
*out = *in
if in.Ports != nil {
in, out := &in.Ports, &out.Ports
*out = make([]NetworkPolicyPort, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.To != nil {
in, out := &in.To, &out.To
*out = make([]NetworkPolicyPeer, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule.
func (in *NetworkPolicyEgressRule) DeepCopy() *NetworkPolicyEgressRule {
if in == nil {
return nil
}
out := new(NetworkPolicyEgressRule)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) {
*out = *in
@ -113,13 +173,13 @@ func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule)
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule.
func (x *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule.
func (in *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule {
if in == nil {
return nil
}
out := new(NetworkPolicyIngressRule)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}
@ -138,19 +198,19 @@ func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) {
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList.
func (x *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList.
func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
if in == nil {
return nil
}
out := new(NetworkPolicyList)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (x *NetworkPolicyList) DeepCopyObject() runtime.Object {
if c := x.DeepCopy(); c != nil {
func (in *NetworkPolicyList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
} else {
return nil
@ -178,16 +238,25 @@ func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) {
(*in).DeepCopyInto(*out)
}
}
if in.IPBlock != nil {
in, out := &in.IPBlock, &out.IPBlock
if *in == nil {
*out = nil
} else {
*out = new(IPBlock)
(*in).DeepCopyInto(*out)
}
}
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer.
func (x *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer.
func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer {
if in == nil {
return nil
}
out := new(NetworkPolicyPeer)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}
@ -215,13 +284,13 @@ func (in *NetworkPolicyPort) DeepCopyInto(out *NetworkPolicyPort) {
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort.
func (x *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort.
func (in *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort {
if in == nil {
return nil
}
out := new(NetworkPolicyPort)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}
@ -236,15 +305,27 @@ func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.Egress != nil {
in, out := &in.Egress, &out.Egress
*out = make([]NetworkPolicyEgressRule, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.PolicyTypes != nil {
in, out := &in.PolicyTypes, &out.PolicyTypes
*out = make([]PolicyType, len(*in))
copy(*out, *in)
}
return
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec.
func (x *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec {
if x == nil {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec.
func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec {
if in == nil {
return nil
}
out := new(NetworkPolicySpec)
x.DeepCopyInto(out)
in.DeepCopyInto(out)
return out
}