pkg/kube/adapter.go - dubbo-go-pixiu - Git at Google

 //  Copyright Istio Authors
 //
 //  Licensed under the Apache License, Version 2.0 (the "License");
 //  you may not use this file except in compliance with the License.
 //  You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 //  Unless required by applicable law or agreed to in writing, software
 //  distributed under the License is distributed on an "AS IS" BASIS,
 //  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //  See the License for the specific language governing permissions and
 //  limitations under the License.

 package kube

 import (
 	"fmt"
 )

 import (
 	kubeApiAdmissionv1 "k8s.io/api/admission/v1"
 	kubeApiAdmissionv1beta1 "k8s.io/api/admission/v1beta1"
 	authenticationv1 "k8s.io/api/authentication/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
 )

 const (
 	// APIVersion constants
 	admissionAPIV1      = "admission.k8s.io/v1"
 	admissionAPIV1beta1 = "admission.k8s.io/v1beta1"

 	// Operation constants
 	Create  string = "CREATE"
 	Update  string = "UPDATE"
 	Delete  string = "DELETE"
 	Connect string = "CONNECT"
 )

 // AdmissionReview describes an admission review request/response.
 type AdmissionReview struct {
 	// TypeMeta describes an individual object in an API response or request
 	// with strings representing the type of the object and its API schema version.
 	// Structures that are versioned or persisted should inline TypeMeta.
 	metav1.TypeMeta

 	// Request describes the attributes for the admission request.
 	Request *AdmissionRequest `json:"request,omitempty"`

 	// Response describes the attributes for the admission response.
 	Response *AdmissionResponse `json:"response,omitempty"`
 }

 // AdmissionRequest describes the admission.Attributes for the admission request.
 type AdmissionRequest struct {

 	// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
 	// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
 	// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
 	// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
 	UID types.UID `json:"uid"`

 	// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
 	Kind metav1.GroupVersionKind `json:"kind"`

 	// Resource is the fully-qualified resource being requested (for example, v1.pods)
 	Resource metav1.GroupVersionResource `json:"resource"`

 	// SubResource is the subresource being requested, if any (for example, "status" or "scale")
 	SubResource string `json:"subResource,omitempty"`
 	// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
 	// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
 	//
 	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
 	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
 	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
 	// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
 	// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
 	//
 	RequestKind *metav1.GroupVersionKind `json:"requestKind,omitempty"`

 	// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
 	// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
 	//
 	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
 	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
 	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
 	// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
 	// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
 	//
 	RequestResource *metav1.GroupVersionResource `json:"requestResource,omitempty"`

 	// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
 	// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
 	RequestSubResource string `json:"requestSubResource,omitempty"`

 	// UserInfo is information about the requesting user
 	UserInfo authenticationv1.UserInfo `json:"userInfo"`

 	// Name is the name of the object as presented in the request.  On a CREATE operation, the client may omit name and
 	// rely on the server to generate the name.  If that is the case, this field will contain an empty string.
 	Name string `json:"name,omitempty"`

 	// Namespace is the namespace associated with the request (if any).
 	Namespace string `json:"namespace,omitempty"`

 	// Operation is the operation being performed. This may be different than the operation
 	// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
 	Operation string `json:"operation"`

 	// Object is the object from the incoming request.
 	Object runtime.RawExtension `json:"object,omitempty"`

 	// OldObject is the existing object. Only populated for DELETE and UPDATE requests.
 	OldObject runtime.RawExtension `json:"oldObject,omitempty"`

 	// DryRun indicates that modifications will definitely not be persisted for this request.
 	// Defaults to false.
 	DryRun *bool `json:"dryRun,omitempty"`

 	// Options is the operation option structure of the operation being performed.
 	// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
 	// different than the options the caller provided. e.g. for a patch request the performed
 	// Operation might be a CREATE, in which case the Options will a
 	// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
 	Options runtime.RawExtension `json:"options,omitempty"`
 }

 // AdmissionResponse describes an admission response.
 type AdmissionResponse struct {

 	// UID is an identifier for the individual request/response.
 	// This should be copied over from the corresponding AdmissionRequest.
 	UID types.UID `json:"uid"`

 	// Allowed indicates whether or not the admission request was permitted.
 	Allowed bool `json:"allowed"`

 	// Result contains extra details into why an admission request was denied.
 	// This field IS NOT consulted in any way if "Allowed" is "true".
 	Result *metav1.Status `json:"status,omitempty"`

 	// The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
 	Patch []byte `json:"patch,omitempty"`

 	// The type of Patch. Currently we only allow "JSONPatch".
 	PatchType *string `json:"patchType,omitempty"`

 	// AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
 	// MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
 	// admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
 	// the admission webhook to add additional context to the audit log for this request.
 	AuditAnnotations map[string]string `json:"auditAnnotations,omitempty"`

 	// warnings is a list of warning messages to return to the requesting API client.
 	// Warning messages describe a problem the client making the API request should correct or be aware of.
 	// Limit warnings to 120 characters if possible.
 	// Warnings over 256 characters and large numbers of warnings may be truncated.
 	Warnings []string `json:"warnings,omitempty"`
 }

 func AdmissionReviewKubeToAdapter(object runtime.Object) (*AdmissionReview, error) {
 	var typeMeta metav1.TypeMeta
 	var req *AdmissionRequest
 	var resp *AdmissionResponse
 	switch obj := object.(type) {
 	case *kubeApiAdmissionv1beta1.AdmissionReview:
 		typeMeta = obj.TypeMeta
 		arv1beta1Response := obj.Response
 		arv1beta1Request := obj.Request
 		if arv1beta1Response != nil {
 			resp = &AdmissionResponse{
 				UID:      arv1beta1Response.UID,
 				Allowed:  arv1beta1Response.Allowed,
 				Result:   arv1beta1Response.Result,
 				Patch:    arv1beta1Response.Patch,
 				Warnings: arv1beta1Response.Warnings,
 			}
 			if arv1beta1Response.PatchType != nil {
 				patchType := string(*arv1beta1Response.PatchType)
 				resp.PatchType = &patchType
 			}
 		}
 		if arv1beta1Request != nil {
 			req = &AdmissionRequest{
 				UID:       arv1beta1Request.UID,
 				Kind:      arv1beta1Request.Kind,
 				Resource:  arv1beta1Request.Resource,
 				UserInfo:  arv1beta1Request.UserInfo,
 				Name:      arv1beta1Request.Name,
 				Namespace: arv1beta1Request.Namespace,
 				Operation: string(arv1beta1Request.Operation),
 				Object:    arv1beta1Request.Object,
 				OldObject: arv1beta1Request.OldObject,
 			}
 		}

 	case *kubeApiAdmissionv1.AdmissionReview:
 		typeMeta = obj.TypeMeta
 		arv1Response := obj.Response
 		arv1Request := obj.Request
 		if arv1Response != nil {
 			resp = &AdmissionResponse{
 				UID:      arv1Response.UID,
 				Allowed:  arv1Response.Allowed,
 				Result:   arv1Response.Result,
 				Patch:    arv1Response.Patch,
 				Warnings: arv1Response.Warnings,
 			}
 			if arv1Response.PatchType != nil {
 				patchType := string(*arv1Response.PatchType)
 				resp.PatchType = &patchType
 			}
 		}

 		if arv1Request != nil {
 			req = &AdmissionRequest{
 				UID:       arv1Request.UID,
 				Kind:      arv1Request.Kind,
 				Resource:  arv1Request.Resource,
 				UserInfo:  arv1Request.UserInfo,
 				Name:      arv1Request.Name,
 				Namespace: arv1Request.Namespace,
 				Operation: string(arv1Request.Operation),
 				Object:    arv1Request.Object,
 				OldObject: arv1Request.OldObject,
 			}
 		}

 	default:
 		return nil, fmt.Errorf("unsupported type :%v", object.GetObjectKind())
 	}

 	return &AdmissionReview{
 		TypeMeta: typeMeta,
 		Request:  req,
 		Response: resp,
 	}, nil
 }

 func AdmissionReviewAdapterToKube(ar *AdmissionReview, apiVersion string) runtime.Object {
 	var res runtime.Object
 	arRequest := ar.Request
 	arResponse := ar.Response
 	if apiVersion == "" {
 		apiVersion = admissionAPIV1beta1
 	}
 	switch apiVersion {
 	case admissionAPIV1beta1:
 		arv1beta1 := kubeApiAdmissionv1beta1.AdmissionReview{}
 		if arRequest != nil {
 			arv1beta1.Request = &kubeApiAdmissionv1beta1.AdmissionRequest{
 				UID:                arRequest.UID,
 				Kind:               arRequest.Kind,
 				Resource:           arRequest.Resource,
 				SubResource:        arRequest.SubResource,
 				Name:               arRequest.Name,
 				Namespace:          arRequest.Namespace,
 				RequestKind:        arRequest.RequestKind,
 				RequestResource:    arRequest.RequestResource,
 				RequestSubResource: arRequest.RequestSubResource,
 				Operation:          kubeApiAdmissionv1beta1.Operation(arRequest.Operation),
 				UserInfo:           arRequest.UserInfo,
 				Object:             arRequest.Object,
 				OldObject:          arRequest.OldObject,
 				DryRun:             arRequest.DryRun,
 				Options:            arRequest.Options,
 			}
 		}
 		if arResponse != nil {
 			var patchType *kubeApiAdmissionv1beta1.PatchType
 			if arResponse.PatchType != nil {
 				patchType = (*kubeApiAdmissionv1beta1.PatchType)(arResponse.PatchType)
 			}
 			arv1beta1.Response = &kubeApiAdmissionv1beta1.AdmissionResponse{
 				UID:              arResponse.UID,
 				Allowed:          arResponse.Allowed,
 				Result:           arResponse.Result,
 				Patch:            arResponse.Patch,
 				PatchType:        patchType,
 				AuditAnnotations: arResponse.AuditAnnotations,
 				Warnings:         arResponse.Warnings,
 			}
 		}
 		arv1beta1.TypeMeta = ar.TypeMeta
 		res = &arv1beta1
 	case admissionAPIV1:
 		arv1 := kubeApiAdmissionv1.AdmissionReview{}
 		if arRequest != nil {
 			arv1.Request = &kubeApiAdmissionv1.AdmissionRequest{
 				UID:                arRequest.UID,
 				Kind:               arRequest.Kind,
 				Resource:           arRequest.Resource,
 				SubResource:        arRequest.SubResource,
 				Name:               arRequest.Name,
 				Namespace:          arRequest.Namespace,
 				RequestKind:        arRequest.RequestKind,
 				RequestResource:    arRequest.RequestResource,
 				RequestSubResource: arRequest.RequestSubResource,
 				Operation:          kubeApiAdmissionv1.Operation(arRequest.Operation),
 				UserInfo:           arRequest.UserInfo,
 				Object:             arRequest.Object,
 				OldObject:          arRequest.OldObject,
 				DryRun:             arRequest.DryRun,
 				Options:            arRequest.Options,
 			}
 		}
 		if arResponse != nil {
 			var patchType *kubeApiAdmissionv1.PatchType
 			if arResponse.PatchType != nil {
 				patchType = (*kubeApiAdmissionv1.PatchType)(arResponse.PatchType)
 			}
 			arv1.Response = &kubeApiAdmissionv1.AdmissionResponse{
 				UID:              arResponse.UID,
 				Allowed:          arResponse.Allowed,
 				Result:           arResponse.Result,
 				Patch:            arResponse.Patch,
 				PatchType:        patchType,
 				AuditAnnotations: arResponse.AuditAnnotations,
 				Warnings:         arResponse.Warnings,
 			}
 		}
 		arv1.TypeMeta = ar.TypeMeta
 		res = &arv1
 	}
 	return res
 }
	// Copyright Istio Authors
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package kube

	import (
	"fmt"
	)

	import (
	kubeApiAdmissionv1 "k8s.io/api/admission/v1"
	kubeApiAdmissionv1beta1 "k8s.io/api/admission/v1beta1"
	authenticationv1 "k8s.io/api/authentication/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/runtime"
	"k8s.io/apimachinery/pkg/types"
	)

	const (
	// APIVersion constants
	admissionAPIV1 = "admission.k8s.io/v1"
	admissionAPIV1beta1 = "admission.k8s.io/v1beta1"

	// Operation constants
	Create string = "CREATE"
	Update string = "UPDATE"
	Delete string = "DELETE"
	Connect string = "CONNECT"
	)

	// AdmissionReview describes an admission review request/response.
	type AdmissionReview struct {
	// TypeMeta describes an individual object in an API response or request
	// with strings representing the type of the object and its API schema version.
	// Structures that are versioned or persisted should inline TypeMeta.
	metav1.TypeMeta

	// Request describes the attributes for the admission request.
	Request *AdmissionRequest `json:"request,omitempty"`

	// Response describes the attributes for the admission response.
	Response *AdmissionResponse `json:"response,omitempty"`
	}

	// AdmissionRequest describes the admission.Attributes for the admission request.
	type AdmissionRequest struct {

	// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
	// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
	// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
	// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
	UID types.UID `json:"uid"`

	// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
	Kind metav1.GroupVersionKind `json:"kind"`

	// Resource is the fully-qualified resource being requested (for example, v1.pods)
	Resource metav1.GroupVersionResource `json:"resource"`

	// SubResource is the subresource being requested, if any (for example, "status" or "scale")
	SubResource string `json:"subResource,omitempty"`
	// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
	// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
	//
	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
	// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
	// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
	//
	RequestKind *metav1.GroupVersionKind `json:"requestKind,omitempty"`

	// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
	// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
	//
	// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
	// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
	// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
	// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
	// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
	//
	RequestResource *metav1.GroupVersionResource `json:"requestResource,omitempty"`

	// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
	// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
	RequestSubResource string `json:"requestSubResource,omitempty"`

	// UserInfo is information about the requesting user
	UserInfo authenticationv1.UserInfo `json:"userInfo"`

	// Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
	// rely on the server to generate the name. If that is the case, this field will contain an empty string.
	Name string `json:"name,omitempty"`

	// Namespace is the namespace associated with the request (if any).
	Namespace string `json:"namespace,omitempty"`

	// Operation is the operation being performed. This may be different than the operation
	// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
	Operation string `json:"operation"`

	// Object is the object from the incoming request.
	Object runtime.RawExtension `json:"object,omitempty"`

	// OldObject is the existing object. Only populated for DELETE and UPDATE requests.
	OldObject runtime.RawExtension `json:"oldObject,omitempty"`

	// DryRun indicates that modifications will definitely not be persisted for this request.
	// Defaults to false.
	DryRun *bool `json:"dryRun,omitempty"`

	// Options is the operation option structure of the operation being performed.
	// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
	// different than the options the caller provided. e.g. for a patch request the performed
	// Operation might be a CREATE, in which case the Options will a
	// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
	Options runtime.RawExtension `json:"options,omitempty"`
	}

	// AdmissionResponse describes an admission response.
	type AdmissionResponse struct {

	// UID is an identifier for the individual request/response.
	// This should be copied over from the corresponding AdmissionRequest.
	UID types.UID `json:"uid"`

	// Allowed indicates whether or not the admission request was permitted.
	Allowed bool `json:"allowed"`

	// Result contains extra details into why an admission request was denied.
	// This field IS NOT consulted in any way if "Allowed" is "true".
	Result *metav1.Status `json:"status,omitempty"`

	// The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
	Patch []byte `json:"patch,omitempty"`

	// The type of Patch. Currently we only allow "JSONPatch".
	PatchType *string `json:"patchType,omitempty"`

	// AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
	// MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
	// admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
	// the admission webhook to add additional context to the audit log for this request.
	AuditAnnotations map[string]string `json:"auditAnnotations,omitempty"`

	// warnings is a list of warning messages to return to the requesting API client.
	// Warning messages describe a problem the client making the API request should correct or be aware of.
	// Limit warnings to 120 characters if possible.
	// Warnings over 256 characters and large numbers of warnings may be truncated.
	Warnings []string `json:"warnings,omitempty"`
	}

	func AdmissionReviewKubeToAdapter(object runtime.Object) (*AdmissionReview, error) {
	var typeMeta metav1.TypeMeta
	var req *AdmissionRequest
	var resp *AdmissionResponse
	switch obj := object.(type) {
	case *kubeApiAdmissionv1beta1.AdmissionReview:
	typeMeta = obj.TypeMeta
	arv1beta1Response := obj.Response
	arv1beta1Request := obj.Request
	if arv1beta1Response != nil {
	resp = &AdmissionResponse{
	UID: arv1beta1Response.UID,
	Allowed: arv1beta1Response.Allowed,
	Result: arv1beta1Response.Result,
	Patch: arv1beta1Response.Patch,
	Warnings: arv1beta1Response.Warnings,
	}
	if arv1beta1Response.PatchType != nil {
	patchType := string(*arv1beta1Response.PatchType)
	resp.PatchType = &patchType
	}
	}
	if arv1beta1Request != nil {
	req = &AdmissionRequest{
	UID: arv1beta1Request.UID,
	Kind: arv1beta1Request.Kind,
	Resource: arv1beta1Request.Resource,
	UserInfo: arv1beta1Request.UserInfo,
	Name: arv1beta1Request.Name,
	Namespace: arv1beta1Request.Namespace,
	Operation: string(arv1beta1Request.Operation),
	Object: arv1beta1Request.Object,
	OldObject: arv1beta1Request.OldObject,
	}
	}

	case *kubeApiAdmissionv1.AdmissionReview:
	typeMeta = obj.TypeMeta
	arv1Response := obj.Response
	arv1Request := obj.Request
	if arv1Response != nil {
	resp = &AdmissionResponse{
	UID: arv1Response.UID,
	Allowed: arv1Response.Allowed,
	Result: arv1Response.Result,
	Patch: arv1Response.Patch,
	Warnings: arv1Response.Warnings,
	}
	if arv1Response.PatchType != nil {
	patchType := string(*arv1Response.PatchType)
	resp.PatchType = &patchType
	}
	}

	if arv1Request != nil {
	req = &AdmissionRequest{
	UID: arv1Request.UID,
	Kind: arv1Request.Kind,
	Resource: arv1Request.Resource,
	UserInfo: arv1Request.UserInfo,
	Name: arv1Request.Name,
	Namespace: arv1Request.Namespace,
	Operation: string(arv1Request.Operation),
	Object: arv1Request.Object,
	OldObject: arv1Request.OldObject,
	}
	}

	default:
	return nil, fmt.Errorf("unsupported type :%v", object.GetObjectKind())
	}

	return &AdmissionReview{
	TypeMeta: typeMeta,
	Request: req,
	Response: resp,
	}, nil
	}

	func AdmissionReviewAdapterToKube(ar *AdmissionReview, apiVersion string) runtime.Object {
	var res runtime.Object
	arRequest := ar.Request
	arResponse := ar.Response
	if apiVersion == "" {
	apiVersion = admissionAPIV1beta1
	}
	switch apiVersion {
	case admissionAPIV1beta1:
	arv1beta1 := kubeApiAdmissionv1beta1.AdmissionReview{}
	if arRequest != nil {
	arv1beta1.Request = &kubeApiAdmissionv1beta1.AdmissionRequest{
	UID: arRequest.UID,
	Kind: arRequest.Kind,
	Resource: arRequest.Resource,
	SubResource: arRequest.SubResource,
	Name: arRequest.Name,
	Namespace: arRequest.Namespace,
	RequestKind: arRequest.RequestKind,
	RequestResource: arRequest.RequestResource,
	RequestSubResource: arRequest.RequestSubResource,
	Operation: kubeApiAdmissionv1beta1.Operation(arRequest.Operation),
	UserInfo: arRequest.UserInfo,
	Object: arRequest.Object,
	OldObject: arRequest.OldObject,
	DryRun: arRequest.DryRun,
	Options: arRequest.Options,
	}
	}
	if arResponse != nil {
	var patchType *kubeApiAdmissionv1beta1.PatchType
	if arResponse.PatchType != nil {
	patchType = (*kubeApiAdmissionv1beta1.PatchType)(arResponse.PatchType)
	}
	arv1beta1.Response = &kubeApiAdmissionv1beta1.AdmissionResponse{
	UID: arResponse.UID,
	Allowed: arResponse.Allowed,
	Result: arResponse.Result,
	Patch: arResponse.Patch,
	PatchType: patchType,
	AuditAnnotations: arResponse.AuditAnnotations,
	Warnings: arResponse.Warnings,
	}
	}
	arv1beta1.TypeMeta = ar.TypeMeta
	res = &arv1beta1
	case admissionAPIV1:
	arv1 := kubeApiAdmissionv1.AdmissionReview{}
	if arRequest != nil {
	arv1.Request = &kubeApiAdmissionv1.AdmissionRequest{
	UID: arRequest.UID,
	Kind: arRequest.Kind,
	Resource: arRequest.Resource,
	SubResource: arRequest.SubResource,
	Name: arRequest.Name,
	Namespace: arRequest.Namespace,
	RequestKind: arRequest.RequestKind,
	RequestResource: arRequest.RequestResource,
	RequestSubResource: arRequest.RequestSubResource,
	Operation: kubeApiAdmissionv1.Operation(arRequest.Operation),
	UserInfo: arRequest.UserInfo,
	Object: arRequest.Object,
	OldObject: arRequest.OldObject,
	DryRun: arRequest.DryRun,
	Options: arRequest.Options,
	}
	}
	if arResponse != nil {
	var patchType *kubeApiAdmissionv1.PatchType
	if arResponse.PatchType != nil {
	patchType = (*kubeApiAdmissionv1.PatchType)(arResponse.PatchType)
	}
	arv1.Response = &kubeApiAdmissionv1.AdmissionResponse{
	UID: arResponse.UID,
	Allowed: arResponse.Allowed,
	Result: arResponse.Result,
	Patch: arResponse.Patch,
	PatchType: patchType,
	AuditAnnotations: arResponse.AuditAnnotations,
	Warnings: arResponse.Warnings,
	}
	}
	arv1.TypeMeta = ar.TypeMeta
	res = &arv1
	}
	return res
	}