Replace godep with dep

vendor/k8s.io/apiserver/pkg/server/storage/BUILD

@@ -0,0 +1,64 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+    "go_test",
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "resource_config_test.go",
+        "storage_factory_test.go",
+    ],
+    library = ":go_default_library",
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/example:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/example/install:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/example/v1:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
+    ],
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "resource_config.go",
+        "resource_encoding_config.go",
+        "storage_codec.go",
+        "storage_factory.go",
+    ],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/recognizer:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/features:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)

vendor/k8s.io/apiserver/pkg/server/storage/doc.go

@@ -0,0 +1,18 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package storage contains the plumbing to setup the etcd storage of the apiserver.
+package storage

vendor/k8s.io/apiserver/pkg/server/storage/resource_config.go

@@ -0,0 +1,185 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/sets"
+)
+
+// APIResourceConfigSource is the interface to determine which versions and resources are enabled
+type APIResourceConfigSource interface {
+	AnyVersionOfResourceEnabled(resource schema.GroupResource) bool
+	ResourceEnabled(resource schema.GroupVersionResource) bool
+	AllResourcesForVersionEnabled(version schema.GroupVersion) bool
+	AnyResourcesForVersionEnabled(version schema.GroupVersion) bool
+	AnyResourcesForGroupEnabled(group string) bool
+}
+
+// Specifies the overrides for various API group versions.
+// This can be used to enable/disable entire group versions or specific resources.
+type GroupVersionResourceConfig struct {
+	// Whether to enable or disable this entire group version.  This dominates any enablement check.
+	// Enable=true means the group version is enabled, and EnabledResources/DisabledResources are considered.
+	// Enable=false means the group version is disabled, and EnabledResources/DisabledResources are not considered.
+	Enable bool
+
+	// DisabledResources lists the resources that are specifically disabled for a group/version
+	// DisabledResources trumps EnabledResources
+	DisabledResources sets.String
+
+	// EnabledResources lists the resources that should be enabled by default.  This is a little
+	// unusual, but we need it for compatibility with old code for now.  An empty set means
+	// enable all, a non-empty set means that all other resources are disabled.
+	EnabledResources sets.String
+}
+
+var _ APIResourceConfigSource = &ResourceConfig{}
+
+type ResourceConfig struct {
+	GroupVersionResourceConfigs map[schema.GroupVersion]*GroupVersionResourceConfig
+}
+
+func NewResourceConfig() *ResourceConfig {
+	return &ResourceConfig{GroupVersionResourceConfigs: map[schema.GroupVersion]*GroupVersionResourceConfig{}}
+}
+
+func NewGroupVersionResourceConfig() *GroupVersionResourceConfig {
+	return &GroupVersionResourceConfig{Enable: true, DisabledResources: sets.String{}, EnabledResources: sets.String{}}
+}
+
+// DisableVersions disables the versions entirely.  No resources (even those whitelisted in EnabledResources) will be enabled
+func (o *ResourceConfig) DisableVersions(versions ...schema.GroupVersion) {
+	for _, version := range versions {
+		_, versionExists := o.GroupVersionResourceConfigs[version]
+		if !versionExists {
+			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
+		}
+
+		o.GroupVersionResourceConfigs[version].Enable = false
+	}
+}
+
+func (o *ResourceConfig) EnableVersions(versions ...schema.GroupVersion) {
+	for _, version := range versions {
+		_, versionExists := o.GroupVersionResourceConfigs[version]
+		if !versionExists {
+			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
+		}
+
+		o.GroupVersionResourceConfigs[version].Enable = true
+	}
+}
+
+func (o *ResourceConfig) DisableResources(resources ...schema.GroupVersionResource) {
+	for _, resource := range resources {
+		version := resource.GroupVersion()
+		_, versionExists := o.GroupVersionResourceConfigs[version]
+		if !versionExists {
+			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
+		}
+
+		o.GroupVersionResourceConfigs[version].DisabledResources.Insert(resource.Resource)
+	}
+}
+
+func (o *ResourceConfig) EnableResources(resources ...schema.GroupVersionResource) {
+	for _, resource := range resources {
+		version := resource.GroupVersion()
+		_, versionExists := o.GroupVersionResourceConfigs[version]
+		if !versionExists {
+			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
+		}
+
+		o.GroupVersionResourceConfigs[version].EnabledResources.Insert(resource.Resource)
+		o.GroupVersionResourceConfigs[version].DisabledResources.Delete(resource.Resource)
+	}
+}
+
+// AnyResourcesForVersionEnabled only considers matches based on exactly group/resource lexical matching.  This means that
+// resource renames across versions are NOT considered to be the same resource by this method. You'll need to manually check
+// using the ResourceEnabled function.
+func (o *ResourceConfig) AnyVersionOfResourceEnabled(resource schema.GroupResource) bool {
+	for version := range o.GroupVersionResourceConfigs {
+		if version.Group != resource.Group {
+			continue
+		}
+
+		if o.ResourceEnabled(version.WithResource(resource.Resource)) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func (o *ResourceConfig) ResourceEnabled(resource schema.GroupVersionResource) bool {
+	versionOverride, versionExists := o.GroupVersionResourceConfigs[resource.GroupVersion()]
+	if !versionExists {
+		return false
+	}
+	if !versionOverride.Enable {
+		return false
+	}
+
+	if versionOverride.DisabledResources.Has(resource.Resource) {
+		return false
+	}
+
+	if len(versionOverride.EnabledResources) > 0 {
+		return versionOverride.EnabledResources.Has(resource.Resource)
+	}
+
+	return true
+}
+
+func (o *ResourceConfig) AllResourcesForVersionEnabled(version schema.GroupVersion) bool {
+	versionOverride, versionExists := o.GroupVersionResourceConfigs[version]
+	if !versionExists {
+		return false
+	}
+	if !versionOverride.Enable {
+		return false
+	}
+
+	if len(versionOverride.EnabledResources) == 0 && len(versionOverride.DisabledResources) == 0 {
+		return true
+	}
+
+	return false
+}
+
+func (o *ResourceConfig) AnyResourcesForVersionEnabled(version schema.GroupVersion) bool {
+	versionOverride, versionExists := o.GroupVersionResourceConfigs[version]
+	if !versionExists {
+		return false
+	}
+
+	return versionOverride.Enable
+}
+
+func (o *ResourceConfig) AnyResourcesForGroupEnabled(group string) bool {
+	for version := range o.GroupVersionResourceConfigs {
+		if version.Group == group {
+			if o.AnyResourcesForVersionEnabled(version) {
+				return true
+			}
+		}
+	}
+
+	return false
+}

vendor/k8s.io/apiserver/pkg/server/storage/resource_config_test.go

@@ -0,0 +1,160 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"testing"
+
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+func TestDisabledVersion(t *testing.T) {
+	g1v1 := schema.GroupVersion{Group: "group1", Version: "version1"}
+	g1v2 := schema.GroupVersion{Group: "group1", Version: "version2"}
+	g2v1 := schema.GroupVersion{Group: "group2", Version: "version1"}
+	g3v1 := schema.GroupVersion{Group: "group3", Version: "version1"}
+
+	resourceType := "the-resource"
+	disabledResourceType := "the-disabled-resource"
+
+	config := NewResourceConfig()
+
+	config.DisableVersions(g1v1)
+	config.EnableVersions(g1v2, g3v1)
+	config.EnableResources(g1v1.WithResource(resourceType), g2v1.WithResource(resourceType))
+	config.DisableResources(g1v2.WithResource(disabledResourceType))
+
+	expectedEnabledResources := []schema.GroupVersionResource{
+		g1v2.WithResource(resourceType),
+		g2v1.WithResource(resourceType),
+	}
+	expectedDisabledResources := []schema.GroupVersionResource{
+		g1v1.WithResource(resourceType), g1v1.WithResource(disabledResourceType),
+		g1v2.WithResource(disabledResourceType),
+		g2v1.WithResource(disabledResourceType),
+	}
+
+	for _, expectedResource := range expectedEnabledResources {
+		if !config.ResourceEnabled(expectedResource) {
+			t.Errorf("expected enabled for %v, from %v", expectedResource, config)
+		}
+	}
+	for _, expectedResource := range expectedDisabledResources {
+		if config.ResourceEnabled(expectedResource) {
+			t.Errorf("expected disabled for %v, from %v", expectedResource, config)
+		}
+	}
+
+	if e, a := false, config.AnyResourcesForVersionEnabled(g1v1); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+	if e, a := false, config.AllResourcesForVersionEnabled(g1v1); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+	if e, a := true, config.AnyResourcesForVersionEnabled(g1v2); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+	if e, a := false, config.AllResourcesForVersionEnabled(g1v2); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+	if e, a := true, config.AnyResourcesForVersionEnabled(g3v1); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+	if e, a := true, config.AllResourcesForVersionEnabled(g3v1); e != a {
+		t.Errorf("expected %v, got %v", e, a)
+	}
+
+	expectedEnabledAnyVersionResources := []schema.GroupResource{
+		{Group: "group1", Resource: resourceType},
+	}
+	expectedDisabledAnyResources := []schema.GroupResource{
+		{Group: "group1", Resource: disabledResourceType},
+	}
+
+	for _, expectedResource := range expectedEnabledAnyVersionResources {
+		if !config.AnyVersionOfResourceEnabled(expectedResource) {
+			t.Errorf("expected enabled for %v, from %v", expectedResource, config)
+		}
+	}
+	for _, expectedResource := range expectedDisabledAnyResources {
+		if config.AnyVersionOfResourceEnabled(expectedResource) {
+			t.Errorf("expected disabled for %v, from %v", expectedResource, config)
+		}
+	}
+
+}
+
+func TestAnyResourcesForGroupEnabled(t *testing.T) {
+	tests := []struct {
+		name      string
+		creator   func() APIResourceConfigSource
+		testGroup string
+
+		expectedResult bool
+	}{
+		{
+			name: "empty",
+			creator: func() APIResourceConfigSource {
+				return NewResourceConfig()
+			},
+			testGroup: "one",
+
+			expectedResult: false,
+		},
+		{
+			name: "present, but disabled",
+			creator: func() APIResourceConfigSource {
+				ret := NewResourceConfig()
+				ret.DisableVersions(schema.GroupVersion{Group: "one", Version: "version1"})
+				return ret
+			},
+			testGroup: "one",
+
+			expectedResult: false,
+		},
+		{
+			name: "present, and one version enabled",
+			creator: func() APIResourceConfigSource {
+				ret := NewResourceConfig()
+				ret.DisableVersions(schema.GroupVersion{Group: "one", Version: "version1"})
+				ret.EnableVersions(schema.GroupVersion{Group: "one", Version: "version2"})
+				return ret
+			},
+			testGroup: "one",
+
+			expectedResult: true,
+		},
+		{
+			name: "present, and one resource",
+			creator: func() APIResourceConfigSource {
+				ret := NewResourceConfig()
+				ret.DisableVersions(schema.GroupVersion{Group: "one", Version: "version1"})
+				ret.EnableResources(schema.GroupVersionResource{Group: "one", Version: "version2", Resource: "foo"})
+				return ret
+			},
+			testGroup: "one",
+
+			expectedResult: true,
+		},
+	}
+
+	for _, tc := range tests {
+		if e, a := tc.expectedResult, tc.creator().AnyResourcesForGroupEnabled(tc.testGroup); e != a {
+			t.Errorf("%s: expected %v, got %v", tc.name, e, a)
+		}
+	}
+}

vendor/k8s.io/apiserver/pkg/server/storage/resource_encoding_config.go

@@ -0,0 +1,119 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"k8s.io/apimachinery/pkg/apimachinery/registered"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+type ResourceEncodingConfig interface {
+	// StorageEncoding returns the serialization format for the resource.
+	// TODO this should actually return a GroupVersionKind since you can logically have multiple "matching" Kinds
+	// For now, it returns just the GroupVersion for consistency with old behavior
+	StorageEncodingFor(schema.GroupResource) (schema.GroupVersion, error)
+
+	// InMemoryEncodingFor returns the groupVersion for the in memory representation the storage should convert to.
+	InMemoryEncodingFor(schema.GroupResource) (schema.GroupVersion, error)
+}
+
+type DefaultResourceEncodingConfig struct {
+	groups   map[string]*GroupResourceEncodingConfig
+	registry *registered.APIRegistrationManager
+}
+
+type GroupResourceEncodingConfig struct {
+	DefaultExternalEncoding   schema.GroupVersion
+	ExternalResourceEncodings map[string]schema.GroupVersion
+
+	DefaultInternalEncoding   schema.GroupVersion
+	InternalResourceEncodings map[string]schema.GroupVersion
+}
+
+var _ ResourceEncodingConfig = &DefaultResourceEncodingConfig{}
+
+func NewDefaultResourceEncodingConfig(registry *registered.APIRegistrationManager) *DefaultResourceEncodingConfig {
+	return &DefaultResourceEncodingConfig{groups: map[string]*GroupResourceEncodingConfig{}, registry: registry}
+}
+
+func newGroupResourceEncodingConfig(defaultEncoding, defaultInternalVersion schema.GroupVersion) *GroupResourceEncodingConfig {
+	return &GroupResourceEncodingConfig{
+		DefaultExternalEncoding: defaultEncoding, ExternalResourceEncodings: map[string]schema.GroupVersion{},
+		DefaultInternalEncoding: defaultInternalVersion, InternalResourceEncodings: map[string]schema.GroupVersion{},
+	}
+}
+
+func (o *DefaultResourceEncodingConfig) SetVersionEncoding(group string, externalEncodingVersion, internalVersion schema.GroupVersion) {
+	_, groupExists := o.groups[group]
+	if !groupExists {
+		o.groups[group] = newGroupResourceEncodingConfig(externalEncodingVersion, internalVersion)
+	}
+
+	o.groups[group].DefaultExternalEncoding = externalEncodingVersion
+	o.groups[group].DefaultInternalEncoding = internalVersion
+}
+
+func (o *DefaultResourceEncodingConfig) SetResourceEncoding(resourceBeingStored schema.GroupResource, externalEncodingVersion, internalVersion schema.GroupVersion) {
+	group := resourceBeingStored.Group
+	_, groupExists := o.groups[group]
+	if !groupExists {
+		o.groups[group] = newGroupResourceEncodingConfig(externalEncodingVersion, internalVersion)
+	}
+
+	o.groups[group].ExternalResourceEncodings[resourceBeingStored.Resource] = externalEncodingVersion
+	o.groups[group].InternalResourceEncodings[resourceBeingStored.Resource] = internalVersion
+}
+
+func (o *DefaultResourceEncodingConfig) StorageEncodingFor(resource schema.GroupResource) (schema.GroupVersion, error) {
+	groupMeta, err := o.registry.Group(resource.Group)
+	if err != nil {
+		return schema.GroupVersion{}, err
+	}
+
+	groupEncoding, groupExists := o.groups[resource.Group]
+
+	if !groupExists {
+		// return the most preferred external version for the group
+		return groupMeta.GroupVersion, nil
+	}
+
+	resourceOverride, resourceExists := groupEncoding.ExternalResourceEncodings[resource.Resource]
+	if !resourceExists {
+		return groupEncoding.DefaultExternalEncoding, nil
+	}
+
+	return resourceOverride, nil
+}
+
+func (o *DefaultResourceEncodingConfig) InMemoryEncodingFor(resource schema.GroupResource) (schema.GroupVersion, error) {
+	if _, err := o.registry.Group(resource.Group); err != nil {
+		return schema.GroupVersion{}, err
+	}
+
+	groupEncoding, groupExists := o.groups[resource.Group]
+	if !groupExists {
+		return schema.GroupVersion{Group: resource.Group, Version: runtime.APIVersionInternal}, nil
+	}
+
+	resourceOverride, resourceExists := groupEncoding.InternalResourceEncodings[resource.Resource]
+	if !resourceExists {
+		return groupEncoding.DefaultInternalEncoding, nil
+	}
+
+	return resourceOverride, nil
+}

vendor/k8s.io/apiserver/pkg/server/storage/storage_codec.go

@@ -0,0 +1,108 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"fmt"
+	"mime"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/runtime/serializer/recognizer"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+
+	"github.com/golang/glog"
+)
+
+// StorageCodecConfig are the arguments passed to newStorageCodecFn
+type StorageCodecConfig struct {
+	StorageMediaType  string
+	StorageSerializer runtime.StorageSerializer
+	StorageVersion    schema.GroupVersion
+	MemoryVersion     schema.GroupVersion
+	Config            storagebackend.Config
+
+	EncoderDecoratorFn func(runtime.Encoder) runtime.Encoder
+	DecoderDecoratorFn func([]runtime.Decoder) []runtime.Decoder
+}
+
+// NewStorageCodec assembles a storage codec for the provided storage media type, the provided serializer, and the requested
+// storage and memory versions.
+func NewStorageCodec(opts StorageCodecConfig) (runtime.Codec, error) {
+	mediaType, _, err := mime.ParseMediaType(opts.StorageMediaType)
+	if err != nil {
+		return nil, fmt.Errorf("%q is not a valid mime-type", opts.StorageMediaType)
+	}
+
+	if opts.Config.Type == storagebackend.StorageTypeETCD2 && mediaType != "application/json" {
+		glog.Warningf(`storage type %q does not support media type %q, using "application/json"`, storagebackend.StorageTypeETCD2, mediaType)
+		mediaType = "application/json"
+	}
+
+	serializer, ok := runtime.SerializerInfoForMediaType(opts.StorageSerializer.SupportedMediaTypes(), mediaType)
+	if !ok {
+		return nil, fmt.Errorf("unable to find serializer for %q", mediaType)
+	}
+
+	s := serializer.Serializer
+
+	// make sure the selected encoder supports string data
+	if !serializer.EncodesAsText && opts.Config.Type == storagebackend.StorageTypeETCD2 {
+		return nil, fmt.Errorf("storage type %q does not support binary media type %q", storagebackend.StorageTypeETCD2, mediaType)
+	}
+
+	// Give callers the opportunity to wrap encoders and decoders.  For decoders, each returned decoder will
+	// be passed to the recognizer so that multiple decoders are available.
+	var encoder runtime.Encoder = s
+	if opts.EncoderDecoratorFn != nil {
+		encoder = opts.EncoderDecoratorFn(encoder)
+	}
+	decoders := []runtime.Decoder{
+		// selected decoder as the primary
+		s,
+		// universal deserializer as a fallback
+		opts.StorageSerializer.UniversalDeserializer(),
+		// base64-wrapped universal deserializer as a last resort.
+		// this allows reading base64-encoded protobuf, which should only exist if etcd2+protobuf was used at some point.
+		// data written that way could exist in etcd2, or could have been migrated to etcd3.
+		// TODO: flag this type of data if we encounter it, require migration (read to decode, write to persist using a supported encoder), and remove in 1.8
+		runtime.NewBase64Serializer(nil, opts.StorageSerializer.UniversalDeserializer()),
+	}
+	if opts.DecoderDecoratorFn != nil {
+		decoders = opts.DecoderDecoratorFn(decoders)
+	}
+
+	// Ensure the storage receives the correct version.
+	encoder = opts.StorageSerializer.EncoderForVersion(
+		encoder,
+		runtime.NewMultiGroupVersioner(
+			opts.StorageVersion,
+			schema.GroupKind{Group: opts.StorageVersion.Group},
+			schema.GroupKind{Group: opts.MemoryVersion.Group},
+		),
+	)
+	decoder := opts.StorageSerializer.DecoderToVersion(
+		recognizer.NewDecoder(decoders...),
+		runtime.NewMultiGroupVersioner(
+			opts.MemoryVersion,
+			schema.GroupKind{Group: opts.MemoryVersion.Group},
+			schema.GroupKind{Group: opts.StorageVersion.Group},
+		),
+	)
+
+	return runtime.NewCodec(encoder, decoder), nil
+}

vendor/k8s.io/apiserver/pkg/server/storage/storage_factory.go

@@ -0,0 +1,353 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"io/ioutil"
+	"strings"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apiserver/pkg/features"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+	"k8s.io/apiserver/pkg/storage/value"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+)
+
+// Backend describes the storage servers, the information here should be enough
+// for health validations.
+type Backend struct {
+	// the url of storage backend like: https://etcd.domain:2379
+	Server string
+	// the required tls config
+	TLSConfig *tls.Config
+}
+
+// StorageFactory is the interface to locate the storage for a given GroupResource
+type StorageFactory interface {
+	// New finds the storage destination for the given group and resource. It will
+	// return an error if the group has no storage destination configured.
+	NewConfig(groupResource schema.GroupResource) (*storagebackend.Config, error)
+
+	// ResourcePrefix returns the overridden resource prefix for the GroupResource
+	// This allows for cohabitation of resources with different native types and provides
+	// centralized control over the shape of etcd directories
+	ResourcePrefix(groupResource schema.GroupResource) string
+
+	// Backends gets all backends for all registered storage destinations.
+	// Used for getting all instances for health validations.
+	Backends() []Backend
+}
+
+// DefaultStorageFactory takes a GroupResource and returns back its storage interface.  This result includes:
+// 1. Merged etcd config, including: auth, server locations, prefixes
+// 2. Resource encodings for storage: group,version,kind to store as
+// 3. Cohabitating default: some resources like hpa are exposed through multiple APIs.  They must agree on 1 and 2
+type DefaultStorageFactory struct {
+	// StorageConfig describes how to create a storage backend in general.
+	// Its authentication information will be used for every storage.Interface returned.
+	StorageConfig storagebackend.Config
+
+	Overrides map[schema.GroupResource]groupResourceOverrides
+
+	DefaultResourcePrefixes map[schema.GroupResource]string
+
+	// DefaultMediaType is the media type used to store resources. If it is not set, "application/json" is used.
+	DefaultMediaType string
+
+	// DefaultSerializer is used to create encoders and decoders for the storage.Interface.
+	DefaultSerializer runtime.StorageSerializer
+
+	// ResourceEncodingConfig describes how to encode a particular GroupVersionResource
+	ResourceEncodingConfig ResourceEncodingConfig
+
+	// APIResourceConfigSource indicates whether the *storage* is enabled, NOT the API
+	// This is discrete from resource enablement because those are separate concerns.  How this source is configured
+	// is left to the caller.
+	APIResourceConfigSource APIResourceConfigSource
+
+	// newStorageCodecFn exists to be overwritten for unit testing.
+	newStorageCodecFn func(opts StorageCodecConfig) (codec runtime.Codec, err error)
+}
+
+type groupResourceOverrides struct {
+	// etcdLocation contains the list of "special" locations that are used for particular GroupResources
+	// These are merged on top of the StorageConfig when requesting the storage.Interface for a given GroupResource
+	etcdLocation []string
+	// etcdPrefix is the base location for a GroupResource.
+	etcdPrefix string
+	// etcdResourcePrefix is the location to use to store a particular type under the `etcdPrefix` location
+	// If empty, the default mapping is used.  If the default mapping doesn't contain an entry, it will use
+	// the ToLowered name of the resource, not including the group.
+	etcdResourcePrefix string
+	// mediaType is the desired serializer to choose. If empty, the default is chosen.
+	mediaType string
+	// serializer contains the list of "special" serializers for a GroupResource.  Resource=* means for the entire group
+	serializer runtime.StorageSerializer
+	// cohabitatingResources keeps track of which resources must be stored together.  This happens when we have multiple ways
+	// of exposing one set of concepts.  autoscaling.HPA and extensions.HPA as a for instance
+	// The order of the slice matters!  It is the priority order of lookup for finding a storage location
+	cohabitatingResources []schema.GroupResource
+	// encoderDecoratorFn is optional and may wrap the provided encoder prior to being serialized.
+	encoderDecoratorFn func(runtime.Encoder) runtime.Encoder
+	// decoderDecoratorFn is optional and may wrap the provided decoders (can add new decoders). The order of
+	// returned decoders will be priority for attempt to decode.
+	decoderDecoratorFn func([]runtime.Decoder) []runtime.Decoder
+	// transformer is optional and shall encrypt that resource at rest.
+	transformer value.Transformer
+	// disablePaging will prevent paging on the provided resource.
+	disablePaging bool
+}
+
+// Apply overrides the provided config and options if the override has a value in that position
+func (o groupResourceOverrides) Apply(config *storagebackend.Config, options *StorageCodecConfig) {
+	if len(o.etcdLocation) > 0 {
+		config.ServerList = o.etcdLocation
+	}
+	if len(o.etcdPrefix) > 0 {
+		config.Prefix = o.etcdPrefix
+	}
+
+	if len(o.mediaType) > 0 {
+		options.StorageMediaType = o.mediaType
+	}
+	if o.serializer != nil {
+		options.StorageSerializer = o.serializer
+	}
+	if o.encoderDecoratorFn != nil {
+		options.EncoderDecoratorFn = o.encoderDecoratorFn
+	}
+	if o.decoderDecoratorFn != nil {
+		options.DecoderDecoratorFn = o.decoderDecoratorFn
+	}
+	if o.transformer != nil {
+		config.Transformer = o.transformer
+	}
+	if o.disablePaging {
+		config.Paging = false
+	}
+}
+
+var _ StorageFactory = &DefaultStorageFactory{}
+
+const AllResources = "*"
+
+// specialDefaultResourcePrefixes are prefixes compiled into Kubernetes.
+// TODO: move out of this package, it is not generic
+var specialDefaultResourcePrefixes = map[schema.GroupResource]string{
+	{Group: "", Resource: "replicationControllers"}:        "controllers",
+	{Group: "", Resource: "replicationcontrollers"}:        "controllers",
+	{Group: "", Resource: "endpoints"}:                     "services/endpoints",
+	{Group: "", Resource: "nodes"}:                         "minions",
+	{Group: "", Resource: "services"}:                      "services/specs",
+	{Group: "extensions", Resource: "ingresses"}:           "ingress",
+	{Group: "extensions", Resource: "podsecuritypolicies"}: "podsecuritypolicy",
+}
+
+func NewDefaultStorageFactory(config storagebackend.Config, defaultMediaType string, defaultSerializer runtime.StorageSerializer, resourceEncodingConfig ResourceEncodingConfig, resourceConfig APIResourceConfigSource) *DefaultStorageFactory {
+	config.Paging = utilfeature.DefaultFeatureGate.Enabled(features.APIListChunking)
+	if len(defaultMediaType) == 0 {
+		defaultMediaType = runtime.ContentTypeJSON
+	}
+	return &DefaultStorageFactory{
+		StorageConfig:           config,
+		Overrides:               map[schema.GroupResource]groupResourceOverrides{},
+		DefaultMediaType:        defaultMediaType,
+		DefaultSerializer:       defaultSerializer,
+		ResourceEncodingConfig:  resourceEncodingConfig,
+		APIResourceConfigSource: resourceConfig,
+		DefaultResourcePrefixes: specialDefaultResourcePrefixes,
+
+		newStorageCodecFn: NewStorageCodec,
+	}
+}
+
+func (s *DefaultStorageFactory) SetEtcdLocation(groupResource schema.GroupResource, location []string) {
+	overrides := s.Overrides[groupResource]
+	overrides.etcdLocation = location
+	s.Overrides[groupResource] = overrides
+}
+
+func (s *DefaultStorageFactory) SetEtcdPrefix(groupResource schema.GroupResource, prefix string) {
+	overrides := s.Overrides[groupResource]
+	overrides.etcdPrefix = prefix
+	s.Overrides[groupResource] = overrides
+}
+
+// SetDisableAPIListChunking allows a specific resource to disable paging at the storage layer, to prevent
+// exposure of key names in continuations. This may be overriden by feature gates.
+func (s *DefaultStorageFactory) SetDisableAPIListChunking(groupResource schema.GroupResource) {
+	overrides := s.Overrides[groupResource]
+	overrides.disablePaging = true
+	s.Overrides[groupResource] = overrides
+}
+
+// SetResourceEtcdPrefix sets the prefix for a resource, but not the base-dir.  You'll end up in `etcdPrefix/resourceEtcdPrefix`.
+func (s *DefaultStorageFactory) SetResourceEtcdPrefix(groupResource schema.GroupResource, prefix string) {
+	overrides := s.Overrides[groupResource]
+	overrides.etcdResourcePrefix = prefix
+	s.Overrides[groupResource] = overrides
+}
+
+func (s *DefaultStorageFactory) SetSerializer(groupResource schema.GroupResource, mediaType string, serializer runtime.StorageSerializer) {
+	overrides := s.Overrides[groupResource]
+	overrides.mediaType = mediaType
+	overrides.serializer = serializer
+	s.Overrides[groupResource] = overrides
+}
+
+func (s *DefaultStorageFactory) SetTransformer(groupResource schema.GroupResource, transformer value.Transformer) {
+	overrides := s.Overrides[groupResource]
+	overrides.transformer = transformer
+	s.Overrides[groupResource] = overrides
+}
+
+// AddCohabitatingResources links resources together the order of the slice matters!  its the priority order of lookup for finding a storage location
+func (s *DefaultStorageFactory) AddCohabitatingResources(groupResources ...schema.GroupResource) {
+	for _, groupResource := range groupResources {
+		overrides := s.Overrides[groupResource]
+		overrides.cohabitatingResources = groupResources
+		s.Overrides[groupResource] = overrides
+	}
+}
+
+func (s *DefaultStorageFactory) AddSerializationChains(encoderDecoratorFn func(runtime.Encoder) runtime.Encoder, decoderDecoratorFn func([]runtime.Decoder) []runtime.Decoder, groupResources ...schema.GroupResource) {
+	for _, groupResource := range groupResources {
+		overrides := s.Overrides[groupResource]
+		overrides.encoderDecoratorFn = encoderDecoratorFn
+		overrides.decoderDecoratorFn = decoderDecoratorFn
+		s.Overrides[groupResource] = overrides
+	}
+}
+
+func getAllResourcesAlias(resource schema.GroupResource) schema.GroupResource {
+	return schema.GroupResource{Group: resource.Group, Resource: AllResources}
+}
+
+func (s *DefaultStorageFactory) getStorageGroupResource(groupResource schema.GroupResource) schema.GroupResource {
+	for _, potentialStorageResource := range s.Overrides[groupResource].cohabitatingResources {
+		if s.APIResourceConfigSource.AnyVersionOfResourceEnabled(potentialStorageResource) {
+			return potentialStorageResource
+		}
+	}
+
+	return groupResource
+}
+
+// New finds the storage destination for the given group and resource. It will
+// return an error if the group has no storage destination configured.
+func (s *DefaultStorageFactory) NewConfig(groupResource schema.GroupResource) (*storagebackend.Config, error) {
+	chosenStorageResource := s.getStorageGroupResource(groupResource)
+
+	// operate on copy
+	storageConfig := s.StorageConfig
+	codecConfig := StorageCodecConfig{
+		StorageMediaType:  s.DefaultMediaType,
+		StorageSerializer: s.DefaultSerializer,
+	}
+
+	if override, ok := s.Overrides[getAllResourcesAlias(chosenStorageResource)]; ok {
+		override.Apply(&storageConfig, &codecConfig)
+	}
+	if override, ok := s.Overrides[chosenStorageResource]; ok {
+		override.Apply(&storageConfig, &codecConfig)
+	}
+
+	var err error
+	codecConfig.StorageVersion, err = s.ResourceEncodingConfig.StorageEncodingFor(chosenStorageResource)
+	if err != nil {
+		return nil, err
+	}
+	codecConfig.MemoryVersion, err = s.ResourceEncodingConfig.InMemoryEncodingFor(groupResource)
+	if err != nil {
+		return nil, err
+	}
+	codecConfig.Config = storageConfig
+
+	storageConfig.Codec, err = s.newStorageCodecFn(codecConfig)
+	if err != nil {
+		return nil, err
+	}
+	glog.V(3).Infof("storing %v in %v, reading as %v from %#v", groupResource, codecConfig.StorageVersion, codecConfig.MemoryVersion, codecConfig.Config)
+
+	return &storageConfig, nil
+}
+
+// Backends returns all backends for all registered storage destinations.
+// Used for getting all instances for health validations.
+func (s *DefaultStorageFactory) Backends() []Backend {
+	servers := sets.NewString(s.StorageConfig.ServerList...)
+
+	for _, overrides := range s.Overrides {
+		servers.Insert(overrides.etcdLocation...)
+	}
+
+	tlsConfig := &tls.Config{
+		InsecureSkipVerify: true,
+	}
+	if len(s.StorageConfig.CertFile) > 0 && len(s.StorageConfig.KeyFile) > 0 {
+		cert, err := tls.LoadX509KeyPair(s.StorageConfig.CertFile, s.StorageConfig.KeyFile)
+		if err != nil {
+			glog.Errorf("failed to load key pair while getting backends: %s", err)
+		} else {
+			tlsConfig.Certificates = []tls.Certificate{cert}
+		}
+	}
+	if len(s.StorageConfig.CAFile) > 0 {
+		if caCert, err := ioutil.ReadFile(s.StorageConfig.CAFile); err != nil {
+			glog.Errorf("failed to read ca file while getting backends: %s", err)
+		} else {
+			caPool := x509.NewCertPool()
+			caPool.AppendCertsFromPEM(caCert)
+			tlsConfig.RootCAs = caPool
+			tlsConfig.InsecureSkipVerify = false
+		}
+	}
+
+	backends := []Backend{}
+	for server := range servers {
+		backends = append(backends, Backend{
+			Server:    server,
+			TLSConfig: tlsConfig,
+		})
+	}
+	return backends
+}
+
+func (s *DefaultStorageFactory) ResourcePrefix(groupResource schema.GroupResource) string {
+	chosenStorageResource := s.getStorageGroupResource(groupResource)
+	groupOverride := s.Overrides[getAllResourcesAlias(chosenStorageResource)]
+	exactResourceOverride := s.Overrides[chosenStorageResource]
+
+	etcdResourcePrefix := s.DefaultResourcePrefixes[chosenStorageResource]
+	if len(groupOverride.etcdResourcePrefix) > 0 {
+		etcdResourcePrefix = groupOverride.etcdResourcePrefix
+	}
+	if len(exactResourceOverride.etcdResourcePrefix) > 0 {
+		etcdResourcePrefix = exactResourceOverride.etcdResourcePrefix
+	}
+	if len(etcdResourcePrefix) == 0 {
+		etcdResourcePrefix = strings.ToLower(chosenStorageResource.Resource)
+	}
+
+	return etcdResourcePrefix
+}

vendor/k8s.io/apiserver/pkg/server/storage/storage_factory_test.go

@@ -0,0 +1,175 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"os"
+	"reflect"
+	"testing"
+
+	"k8s.io/apimachinery/pkg/apimachinery/announced"
+	"k8s.io/apimachinery/pkg/apimachinery/registered"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
+	"k8s.io/apiserver/pkg/apis/example"
+	exampleinstall "k8s.io/apiserver/pkg/apis/example/install"
+	examplev1 "k8s.io/apiserver/pkg/apis/example/v1"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+)
+
+var (
+	v1GroupVersion = schema.GroupVersion{Group: "", Version: "v1"}
+
+	registry       = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
+	announce       = make(announced.APIGroupFactoryRegistry)
+	scheme         = runtime.NewScheme()
+	codecs         = serializer.NewCodecFactory(scheme)
+	parameterCodec = runtime.NewParameterCodec(scheme)
+)
+
+func init() {
+	metav1.AddToGroupVersion(scheme, metav1.SchemeGroupVersion)
+	scheme.AddUnversionedTypes(v1GroupVersion,
+		&metav1.Status{},
+		&metav1.APIVersions{},
+		&metav1.APIGroupList{},
+		&metav1.APIGroup{},
+		&metav1.APIResourceList{},
+	)
+
+	exampleinstall.Install(announce, registry, scheme)
+}
+
+type fakeNegotiater struct {
+	serializer, streamSerializer runtime.Serializer
+	framer                       runtime.Framer
+	types, streamTypes           []string
+}
+
+func (n *fakeNegotiater) SupportedMediaTypes() []runtime.SerializerInfo {
+	var out []runtime.SerializerInfo
+	for _, s := range n.types {
+		info := runtime.SerializerInfo{Serializer: n.serializer, MediaType: s, EncodesAsText: true}
+		for _, t := range n.streamTypes {
+			if t == s {
+				info.StreamSerializer = &runtime.StreamSerializerInfo{
+					EncodesAsText: true,
+					Framer:        n.framer,
+					Serializer:    n.streamSerializer,
+				}
+			}
+		}
+		out = append(out, info)
+	}
+	return out
+}
+
+func (n *fakeNegotiater) UniversalDeserializer() runtime.Decoder {
+	return n.serializer
+}
+
+func (n *fakeNegotiater) EncoderForVersion(serializer runtime.Encoder, gv runtime.GroupVersioner) runtime.Encoder {
+	return n.serializer
+}
+
+func (n *fakeNegotiater) DecoderToVersion(serializer runtime.Decoder, gv runtime.GroupVersioner) runtime.Decoder {
+	return n.serializer
+}
+
+func TestConfigurableStorageFactory(t *testing.T) {
+	ns := &fakeNegotiater{types: []string{"test/test"}}
+	f := NewDefaultStorageFactory(storagebackend.Config{}, "test/test", ns, NewDefaultResourceEncodingConfig(registry), NewResourceConfig())
+	f.AddCohabitatingResources(example.Resource("test"), schema.GroupResource{Resource: "test2", Group: "2"})
+	called := false
+	testEncoderChain := func(e runtime.Encoder) runtime.Encoder {
+		called = true
+		return e
+	}
+	f.AddSerializationChains(testEncoderChain, nil, example.Resource("test"))
+	f.SetEtcdLocation(example.Resource("*"), []string{"/server2"})
+	f.SetEtcdPrefix(example.Resource("test"), "/prefix_for_test")
+
+	config, err := f.NewConfig(example.Resource("test"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	if config.Prefix != "/prefix_for_test" || !reflect.DeepEqual(config.ServerList, []string{"/server2"}) {
+		t.Errorf("unexpected config %#v", config)
+	}
+	if !called {
+		t.Errorf("expected encoder chain to be called")
+	}
+}
+
+func TestUpdateEtcdOverrides(t *testing.T) {
+	registry := registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
+	announced := make(announced.APIGroupFactoryRegistry)
+	exampleinstall.Install(announced, registry, scheme)
+
+	testCases := []struct {
+		resource schema.GroupResource
+		servers  []string
+	}{
+		{
+			resource: schema.GroupResource{Group: example.GroupName, Resource: "resource"},
+			servers:  []string{"http://127.0.0.1:10000"},
+		},
+		{
+			resource: schema.GroupResource{Group: example.GroupName, Resource: "resource"},
+			servers:  []string{"http://127.0.0.1:10000", "http://127.0.0.1:20000"},
+		},
+		{
+			resource: schema.GroupResource{Group: example.GroupName, Resource: "resource"},
+			servers:  []string{"http://127.0.0.1:10000"},
+		},
+	}
+
+	defaultEtcdLocation := []string{"http://127.0.0.1"}
+	for i, test := range testCases {
+		defaultConfig := storagebackend.Config{
+			Prefix:     "/registry",
+			ServerList: defaultEtcdLocation,
+			Copier:     scheme,
+		}
+		storageFactory := NewDefaultStorageFactory(defaultConfig, "", codecs, NewDefaultResourceEncodingConfig(registry), NewResourceConfig())
+		storageFactory.SetEtcdLocation(test.resource, test.servers)
+
+		var err error
+		config, err := storageFactory.NewConfig(test.resource)
+		if err != nil {
+			t.Errorf("%d: unexpected error %v", i, err)
+			continue
+		}
+		if !reflect.DeepEqual(config.ServerList, test.servers) {
+			t.Errorf("%d: expected %v, got %v", i, test.servers, config.ServerList)
+			continue
+		}
+
+		config, err = storageFactory.NewConfig(schema.GroupResource{Group: examplev1.GroupName, Resource: "unlikely"})
+		if err != nil {
+			t.Errorf("%d: unexpected error %v", i, err)
+			continue
+		}
+		if !reflect.DeepEqual(config.ServerList, defaultEtcdLocation) {
+			t.Errorf("%d: expected %v, got %v", i, defaultEtcdLocation, config.ServerList)
+			continue
+		}
+
+	}
+}