vendor/k8s.io/api/admission/v1beta1/generated.proto - cloudstack-kubernetes-provider - Git at Google

 /*
 Copyright The Kubernetes Authors.

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */


 // This file was autogenerated by go-to-protobuf. Do not edit it manually!

 syntax = 'proto2';

 package k8s.io.api.admission.v1beta1;

 import "k8s.io/api/authentication/v1/generated.proto";
 import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";

 // Package-wide variables from generator "generated".
 option go_package = "v1beta1";

 // AdmissionRequest describes the admission.Attributes for the admission request.
 message AdmissionRequest {
   // UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
   // otherwise identical (parallel requests, requests when earlier requests did not modify etc)
   // The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
   // It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
   optional string uid = 1;

   // Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
   optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind kind = 2;

   // Resource is the fully-qualified resource being requested (for example, v1.pods)
   optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource resource = 3;

   // SubResource is the subresource being requested, if any (for example, "status" or "scale")
   // +optional
   optional string subResource = 4;

   // RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
   // If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
   //
   // For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
   // `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
   // an API request to apps/v1beta1 deployments would be converted and sent to the webhook
   // with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
   // and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
   //
   // See documentation for the "matchPolicy" field in the webhook configuration type for more details.
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind requestKind = 13;

   // RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
   // If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
   //
   // For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
   // `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
   // an API request to apps/v1beta1 deployments would be converted and sent to the webhook
   // with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
   // and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
   //
   // See documentation for the "matchPolicy" field in the webhook configuration type.
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource requestResource = 14;

   // RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
   // If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
   // See documentation for the "matchPolicy" field in the webhook configuration type.
   // +optional
   optional string requestSubResource = 15;

   // Name is the name of the object as presented in the request.  On a CREATE operation, the client may omit name and
   // rely on the server to generate the name.  If that is the case, this method will return the empty string.
   // +optional
   optional string name = 5;

   // Namespace is the namespace associated with the request (if any).
   // +optional
   optional string namespace = 6;

   // Operation is the operation being performed. This may be different than the operation
   // requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
   optional string operation = 7;

   // UserInfo is information about the requesting user
   optional k8s.io.api.authentication.v1.UserInfo userInfo = 8;

   // Object is the object from the incoming request prior to default values being applied
   // +optional
   optional k8s.io.apimachinery.pkg.runtime.RawExtension object = 9;

   // OldObject is the existing object. Only populated for UPDATE requests.
   // +optional
   optional k8s.io.apimachinery.pkg.runtime.RawExtension oldObject = 10;

   // DryRun indicates that modifications will definitely not be persisted for this request.
   // Defaults to false.
   // +optional
   optional bool dryRun = 11;

   // Options is the operation option structure of the operation being performed.
   // e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
   // different than the options the caller provided. e.g. for a patch request the performed
   // Operation might be a CREATE, in which case the Options will a
   // `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
   // +optional
   optional k8s.io.apimachinery.pkg.runtime.RawExtension options = 12;
 }

 // AdmissionResponse describes an admission response.
 message AdmissionResponse {
   // UID is an identifier for the individual request/response.
   // This should be copied over from the corresponding AdmissionRequest.
   optional string uid = 1;

   // Allowed indicates whether or not the admission request was permitted.
   optional bool allowed = 2;

   // Result contains extra details into why an admission request was denied.
   // This field IS NOT consulted in any way if "Allowed" is "true".
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 3;

   // The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
   // +optional
   optional bytes patch = 4;

   // The type of Patch. Currently we only allow "JSONPatch".
   // +optional
   optional string patchType = 5;

   // AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
   // MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
   // admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
   // the admission webhook to add additional context to the audit log for this request.
   // +optional
   map<string, string> auditAnnotations = 6;
 }

 // AdmissionReview describes an admission review request/response.
 message AdmissionReview {
   // Request describes the attributes for the admission request.
   // +optional
   optional AdmissionRequest request = 1;

   // Response describes the attributes for the admission response.
   // +optional
   optional AdmissionResponse response = 2;
 }
	/*
	Copyright The Kubernetes Authors.

	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	*/


	// This file was autogenerated by go-to-protobuf. Do not edit it manually!

	syntax = 'proto2';

	package k8s.io.api.admission.v1beta1;

	import "k8s.io/api/authentication/v1/generated.proto";
	import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
	import "k8s.io/apimachinery/pkg/runtime/generated.proto";
	import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";

	// Package-wide variables from generator "generated".
	option go_package = "v1beta1";

	// AdmissionRequest describes the admission.Attributes for the admission request.
	message AdmissionRequest {
	// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
	// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
	// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
	// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
	optional string uid = 1;

	// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
	optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind kind = 2;

	// Resource is the fully-qualified resource being requested (for example, v1.pods)
	optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource resource = 3;

	// SubResource is the subresource being requested, if any (for example, "status" or "scale")
	// +optional
	optional string subResource = 4;

	// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
	// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
	//
	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
	// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
	// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
	//
	// See documentation for the "matchPolicy" field in the webhook configuration type for more details.
	// +optional
	optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind requestKind = 13;

	// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
	// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
	//
	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
	// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
	// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
	//
	// See documentation for the "matchPolicy" field in the webhook configuration type.
	// +optional
	optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource requestResource = 14;

	// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
	// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
	// See documentation for the "matchPolicy" field in the webhook configuration type.
	// +optional
	optional string requestSubResource = 15;

	// Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
	// rely on the server to generate the name. If that is the case, this method will return the empty string.
	// +optional
	optional string name = 5;

	// Namespace is the namespace associated with the request (if any).
	// +optional
	optional string namespace = 6;

	// Operation is the operation being performed. This may be different than the operation
	// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
	optional string operation = 7;

	// UserInfo is information about the requesting user
	optional k8s.io.api.authentication.v1.UserInfo userInfo = 8;

	// Object is the object from the incoming request prior to default values being applied
	// +optional
	optional k8s.io.apimachinery.pkg.runtime.RawExtension object = 9;

	// OldObject is the existing object. Only populated for UPDATE requests.
	// +optional
	optional k8s.io.apimachinery.pkg.runtime.RawExtension oldObject = 10;

	// DryRun indicates that modifications will definitely not be persisted for this request.
	// Defaults to false.
	// +optional
	optional bool dryRun = 11;

	// Options is the operation option structure of the operation being performed.
	// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
	// different than the options the caller provided. e.g. for a patch request the performed
	// Operation might be a CREATE, in which case the Options will a
	// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
	// +optional
	optional k8s.io.apimachinery.pkg.runtime.RawExtension options = 12;
	}

	// AdmissionResponse describes an admission response.
	message AdmissionResponse {
	// UID is an identifier for the individual request/response.
	// This should be copied over from the corresponding AdmissionRequest.
	optional string uid = 1;

	// Allowed indicates whether or not the admission request was permitted.
	optional bool allowed = 2;

	// Result contains extra details into why an admission request was denied.
	// This field IS NOT consulted in any way if "Allowed" is "true".
	// +optional
	optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 3;

	// The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
	// +optional
	optional bytes patch = 4;

	// The type of Patch. Currently we only allow "JSONPatch".
	// +optional
	optional string patchType = 5;

	// AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
	// MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
	// admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
	// the admission webhook to add additional context to the audit log for this request.
	// +optional
	map<string, string> auditAnnotations = 6;
	}

	// AdmissionReview describes an admission review request/response.
	message AdmissionReview {
	// Request describes the attributes for the admission request.
	// +optional
	optional AdmissionRequest request = 1;

	// Response describes the attributes for the admission response.
	// +optional
	optional AdmissionResponse response = 2;
	}