DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update godeps

Browse source
This commit is contained in:
Prashanth Balasubramanian 2016-06-21 11:58:43 -07:00
parent 423433bc5f
commit 701c5a0e30
482 changed files with 86915 additions and 19741 deletions
Download patch file Download diff file Expand all files Collapse all files

151
vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/generated.proto generated vendored
View file

@ -235,6 +235,16 @@ message ExportOptions {
optional bool exact = 2;
}
// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
message FSGroupStrategyOptions {
// Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
optional string rule = 1;
// Ranges are the allowed ranges of fs groups. If you would like to force a single
// fs group then supply a single range with the same start and end.
repeated IDRange ranges = 2;
}
// HTTPIngressPath associates a path regex with a backend. Incoming urls matching
// the path are forwarded to the backend.
message HTTPIngressPath {
@ -615,6 +625,93 @@ message ListOptions {
optional int64 timeoutSeconds = 5;
}
message NetworkPolicy {
// Standard object's metadata.
// More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
optional k8s.io.kubernetes.pkg.api.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior for this NetworkPolicy.
optional NetworkPolicySpec spec = 2;
}
// This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.
message NetworkPolicyIngressRule {
// List of ports which should be made accessible on the pods selected for this rule.
// Each item in this list is combined using a logical OR.
// If this field is not provided, this rule matches all ports (traffic not restricted by port).
// If this field is empty, this rule matches no ports (no traffic matches).
// If this field is present and contains at least one item, then this rule allows traffic
// only if the traffic matches at least one port in the list.
// TODO: Update this to be a pointer to slice as soon as auto-generation supports it.
repeated NetworkPolicyPort ports = 1;
// List of sources which should be able to access the pods selected for this rule.
// Items in this list are combined using a logical OR operation.
// If this field is not provided, this rule matches all sources (traffic not restricted by source).
// If this field is empty, this rule matches no sources (no traffic matches).
// If this field is present and contains at least on item, this rule allows traffic only if the
// traffic matches at least one item in the from list.
// TODO: Update this to be a pointer to slice as soon as auto-generation supports it.
repeated NetworkPolicyPeer from = 2;
}
// Network Policy List is a list of NetworkPolicy objects.
message NetworkPolicyList {
// Standard list metadata.
// More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
optional k8s.io.kubernetes.pkg.api.unversioned.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated NetworkPolicy items = 2;
}
message NetworkPolicyPeer {
// This is a label selector which selects Pods in this namespace.
// This field follows standard label selector semantics.
// If not provided, this selector selects no pods.
// If present but empty, this selector selects all pods in this namespace.
optional LabelSelector podSelector = 1;
// Selects Namespaces using cluster scoped-labels. This
// matches all pods in all namespaces selected by this label selector.
// This field follows standard label selector semantics.
// If omitted, this selector selects no namespaces.
// If present but empty, this selector selects all namespaces.
optional LabelSelector namespaceSelector = 2;
}
message NetworkPolicyPort {
// Optional. The protocol (TCP or UDP) which traffic must match.
// If not specified, this field defaults to TCP.
optional string protocol = 1;
// If specified, the port on the given protocol. This can
// either be a numerical or named port on a pod. If this field is not provided,
// this matches all port names and numbers.
// If present, only traffic on the specified protocol AND port
// will be matched.
optional k8s.io.kubernetes.pkg.util.intstr.IntOrString port = 2;
}
message NetworkPolicySpec {
// Selects the pods to which this NetworkPolicy object applies. The array of ingress rules
// is applied to any pods selected by this field. Multiple network policies can select the
// same set of pods. In this case, the ingress rules for each are combined additively.
// This field is NOT optional and follows standard label selector semantics.
// An empty podSelector matches all pods in this namespace.
optional LabelSelector podSelector = 1;
// List of ingress rules to be applied to the selected pods.
// Traffic is allowed to a pod if namespace.networkPolicy.ingress.isolation is undefined and cluster policy allows it,
// OR if the traffic source is the pod's local node,
// OR if the traffic matches at least one ingress rule across all of the NetworkPolicy
// objects whose podSelector matches the pod.
// If this field is empty then this NetworkPolicy does not affect ingress isolation.
// If this field is present and contains at least one rule, this policy allows any traffic
// which matches at least one of the ingress rules in this list.
repeated NetworkPolicyIngressRule ingress = 2;
}
// Pod Security Policy governs the ability to make requests that affect the Security Context
// that will be applied to a pod and container.
message PodSecurityPolicy {
@ -641,30 +738,54 @@ message PodSecurityPolicySpec {
// privileged determines if a pod can request to be run as privileged.
optional bool privileged = 1;
// capabilities is a list of capabilities that can be added.
repeated string capabilities = 2;
// DefaultAddCapabilities is the default set of capabilities that will be added to the container
// unless the pod spec specifically drops the capability. You may not list a capabiility in both
// DefaultAddCapabilities and RequiredDropCapabilities.
repeated string defaultAddCapabilities = 2;
// RequiredDropCapabilities are the capabilities that will be dropped from the container. These
// are required to be dropped and cannot be added.
repeated string requiredDropCapabilities = 3;
// AllowedCapabilities is a list of capabilities that can be requested to add to the container.
// Capabilities in this field may be added at the pod author's discretion.
// You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.
repeated string allowedCapabilities = 4;
// volumes is a white list of allowed volume plugins. Empty indicates that all plugins
// may be used.
repeated string volumes = 3;
repeated string volumes = 5;
// hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
optional bool hostNetwork = 4;
optional bool hostNetwork = 6;
// hostPorts determines which host port ranges are allowed to be exposed.
repeated HostPortRange hostPorts = 5;
repeated HostPortRange hostPorts = 7;
// hostPID determines if the policy allows the use of HostPID in the pod spec.
optional bool hostPID = 6;
optional bool hostPID = 8;
// hostIPC determines if the policy allows the use of HostIPC in the pod spec.
optional bool hostIPC = 7;
optional bool hostIPC = 9;
// seLinux is the strategy that will dictate the allowable labels that may be set.
optional SELinuxStrategyOptions seLinux = 8;
optional SELinuxStrategyOptions seLinux = 10;
// runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
optional RunAsUserStrategyOptions runAsUser = 9;
optional RunAsUserStrategyOptions runAsUser = 11;
// SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
optional SupplementalGroupsStrategyOptions supplementalGroups = 12;
// FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.
optional FSGroupStrategyOptions fsGroup = 13;
// ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file
// system. If the container specifically requests to run with a non-read only root file system
// the PSP should deny the pod.
// If set to false the container may run with a read only root file system if it wishes but it
// will not be forced to.
optional bool readOnlyRootFilesystem = 14;
}
// ReplicaSet represents the configuration of a ReplicaSet.
@ -823,7 +944,7 @@ message ScaleStatus {
// SubresourceReference contains enough information to let you inspect or modify the referred subresource.
message SubresourceReference {
// Kind of the referent; More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
// Kind of the referent; More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds
optional string kind = 1;
// Name of the referent; More info: http://releases.k8s.io/HEAD/docs/user-guide/identifiers.md#names
@ -836,6 +957,16 @@ message SubresourceReference {
optional string subresource = 4;
}
// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
message SupplementalGroupsStrategyOptions {
// Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
optional string rule = 1;
// Ranges are the allowed ranges of supplemental groups. If you would like to force a single
// supplemental group then supply a single range with the same start and end.
repeated IDRange ranges = 2;
}
// A ThirdPartyResource is a generic representation of a resource, it is used by add-ons and plugins to add new resource
// types to the API. It consists of one or more Versions of the api.
message ThirdPartyResource {