1 files changed, 0 insertions, 268 deletions
diff --git a/vendor/k8s.io/api/authorization/v1/types.go b/vendor/k8s.io/api/authorization/v1/types.go
deleted file mode 100644
index 86b05c54e..000000000
--- a/vendor/k8s.io/api/authorization/v1/types.go
+++ /dev/null
@@ -1,268 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	"fmt"
-
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// +genclient
-// +genclient:nonNamespaced
-// +genclient:noVerbs
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// SubjectAccessReview checks whether or not a user or group can perform an action.
-type SubjectAccessReview struct {
-	metav1.TypeMeta `json:",inline"`
-	// +optional
-	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
-
-	// Spec holds information about the request being evaluated
-	Spec SubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
-
-	// Status is filled in by the server and indicates whether the request is allowed or not
-	// +optional
-	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
-}
-
-// +genclient
-// +genclient:nonNamespaced
-// +genclient:noVerbs
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// SelfSubjectAccessReview checks whether or the current user can perform an action.  Not filling in a
-// spec.namespace means "in all namespaces".  Self is a special case, because users should always be able
-// to check whether they can perform an action
-type SelfSubjectAccessReview struct {
-	metav1.TypeMeta `json:",inline"`
-	// +optional
-	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
-
-	// Spec holds information about the request being evaluated.  user and groups must be empty
-	Spec SelfSubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
-
-	// Status is filled in by the server and indicates whether the request is allowed or not
-	// +optional
-	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
-}
-
-// +genclient
-// +genclient:noVerbs
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace.
-// Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions
-// checking.
-type LocalSubjectAccessReview struct {
-	metav1.TypeMeta `json:",inline"`
-	// +optional
-	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
-
-	// Spec holds information about the request being evaluated.  spec.namespace must be equal to the namespace
-	// you made the request against.  If empty, it is defaulted.
-	Spec SubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
-
-	// Status is filled in by the server and indicates whether the request is allowed or not
-	// +optional
-	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
-}
-
-// ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface
-type ResourceAttributes struct {
-	// Namespace is the namespace of the action being requested.  Currently, there is no distinction between no namespace and all namespaces
-	// "" (empty) is defaulted for LocalSubjectAccessReviews
-	// "" (empty) is empty for cluster-scoped resources
-	// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
-	// +optional
-	Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"`
-	// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy.  "*" means all.
-	// +optional
-	Verb string `json:"verb,omitempty" protobuf:"bytes,2,opt,name=verb"`
-	// Group is the API Group of the Resource.  "*" means all.
-	// +optional
-	Group string `json:"group,omitempty" protobuf:"bytes,3,opt,name=group"`
-	// Version is the API Version of the Resource.  "*" means all.
-	// +optional
-	Version string `json:"version,omitempty" protobuf:"bytes,4,opt,name=version"`
-	// Resource is one of the existing resource types.  "*" means all.
-	// +optional
-	Resource string `json:"resource,omitempty" protobuf:"bytes,5,opt,name=resource"`
-	// Subresource is one of the existing resource types.  "" means none.
-	// +optional
-	Subresource string `json:"subresource,omitempty" protobuf:"bytes,6,opt,name=subresource"`
-	// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
-	// +optional
-	Name string `json:"name,omitempty" protobuf:"bytes,7,opt,name=name"`
-}
-
-// NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface
-type NonResourceAttributes struct {
-	// Path is the URL path of the request
-	// +optional
-	Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"`
-	// Verb is the standard HTTP verb
-	// +optional
-	Verb string `json:"verb,omitempty" protobuf:"bytes,2,opt,name=verb"`
-}
-
-// SubjectAccessReviewSpec is a description of the access request.  Exactly one of ResourceAuthorizationAttributes
-// and NonResourceAuthorizationAttributes must be set
-type SubjectAccessReviewSpec struct {
-	// ResourceAuthorizationAttributes describes information for a resource access request
-	// +optional
-	ResourceAttributes *ResourceAttributes `json:"resourceAttributes,omitempty" protobuf:"bytes,1,opt,name=resourceAttributes"`
-	// NonResourceAttributes describes information for a non-resource access request
-	// +optional
-	NonResourceAttributes *NonResourceAttributes `json:"nonResourceAttributes,omitempty" protobuf:"bytes,2,opt,name=nonResourceAttributes"`
-
-	// User is the user you're testing for.
-	// If you specify "User" but not "Groups", then is it interpreted as "What if User were not a member of any groups
-	// +optional
-	User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"`
-	// Groups is the groups you're testing for.
-	// +optional
-	Groups []string `json:"groups,omitempty" protobuf:"bytes,4,rep,name=groups"`
-	// Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
-	// it needs a reflection here.
-	// +optional
-	Extra map[string]ExtraValue `json:"extra,omitempty" protobuf:"bytes,5,rep,name=extra"`
-	// UID information about the requesting user.
-	// +optional
-	UID string `json:"uid,omitempty" protobuf:"bytes,6,opt,name=uid"`
-}
-
-// ExtraValue masks the value so protobuf can generate
-// +protobuf.nullable=true
-// +protobuf.options.(gogoproto.goproto_stringer)=false
-type ExtraValue []string
-
-func (t ExtraValue) String() string {
-	return fmt.Sprintf("%v", []string(t))
-}
-
-// SelfSubjectAccessReviewSpec is a description of the access request.  Exactly one of ResourceAuthorizationAttributes
-// and NonResourceAuthorizationAttributes must be set
-type SelfSubjectAccessReviewSpec struct {
-	// ResourceAuthorizationAttributes describes information for a resource access request
-	// +optional
-	ResourceAttributes *ResourceAttributes `json:"resourceAttributes,omitempty" protobuf:"bytes,1,opt,name=resourceAttributes"`
-	// NonResourceAttributes describes information for a non-resource access request
-	// +optional
-	NonResourceAttributes *NonResourceAttributes `json:"nonResourceAttributes,omitempty" protobuf:"bytes,2,opt,name=nonResourceAttributes"`
-}
-
-// SubjectAccessReviewStatus
-type SubjectAccessReviewStatus struct {
-	// Allowed is required. True if the action would be allowed, false otherwise.
-	Allowed bool `json:"allowed" protobuf:"varint,1,opt,name=allowed"`
-	// Denied is optional. True if the action would be denied, otherwise
-	// false. If both allowed is false and denied is false, then the
-	// authorizer has no opinion on whether to authorize the action. Denied
-	// may not be true if Allowed is true.
-	// +optional
-	Denied bool `json:"denied,omitempty" protobuf:"varint,4,opt,name=denied"`
-	// Reason is optional.  It indicates why a request was allowed or denied.
-	// +optional
-	Reason string `json:"reason,omitempty" protobuf:"bytes,2,opt,name=reason"`
-	// EvaluationError is an indication that some error occurred during the authorization check.
-	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
-	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
-	// +optional
-	EvaluationError string `json:"evaluationError,omitempty" protobuf:"bytes,3,opt,name=evaluationError"`
-}
-
-// +genclient
-// +genclient:nonNamespaced
-// +genclient:noVerbs
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace.
-// The returned list of actions may be incomplete depending on the server's authorization mode,
-// and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions,
-// or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to
-// drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns.
-// SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.
-type SelfSubjectRulesReview struct {
-	metav1.TypeMeta `json:",inline"`
-	// +optional
-	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
-
-	// Spec holds information about the request being evaluated.
-	Spec SelfSubjectRulesReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
-
-	// Status is filled in by the server and indicates the set of actions a user can perform.
-	// +optional
-	Status SubjectRulesReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
-}
-
-type SelfSubjectRulesReviewSpec struct {
-	// Namespace to evaluate rules for. Required.
-	Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"`
-}
-
-// SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on
-// the set of authorizers the server is configured with and any errors experienced during evaluation.
-// Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission,
-// even if that list is incomplete.
-type SubjectRulesReviewStatus struct {
-	// ResourceRules is the list of actions the subject is allowed to perform on resources.
-	// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
-	ResourceRules []ResourceRule `json:"resourceRules" protobuf:"bytes,1,rep,name=resourceRules"`
-	// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
-	// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
-	NonResourceRules []NonResourceRule `json:"nonResourceRules" protobuf:"bytes,2,rep,name=nonResourceRules"`
-	// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
-	// encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
-	Incomplete bool `json:"incomplete" protobuf:"bytes,3,rep,name=incomplete"`
-	// EvaluationError can appear in combination with Rules. It indicates an error occurred during
-	// rule evaluation, such as an authorizer that doesn't support rule evaluation, and that
-	// ResourceRules and/or NonResourceRules may be incomplete.
-	// +optional
-	EvaluationError string `json:"evaluationError,omitempty" protobuf:"bytes,4,opt,name=evaluationError"`
-}
-
-// ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant,
-// may contain duplicates, and possibly be incomplete.
-type ResourceRule struct {
-	// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy.  "*" means all.
-	Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
-
-	// APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of
-	// the enumerated resources in any API group will be allowed.  "*" means all.
-	// +optional
-	APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,2,rep,name=apiGroups"`
-	// Resources is a list of resources this rule applies to.  "*" means all in the specified apiGroups.
-	//  "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
-	// +optional
-	Resources []string `json:"resources,omitempty" protobuf:"bytes,3,rep,name=resources"`
-	// ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.  "*" means all.
-	// +optional
-	ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,4,rep,name=resourceNames"`
-}
-
-// NonResourceRule holds information that describes a rule for the non-resource
-type NonResourceRule struct {
-	// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options.  "*" means all.
-	Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
-
-	// NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full,
-	// final step in the path.  "*" means all.
-	// +optional
-	NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,2,rep,name=nonResourceURLs"`
-}