Upgrade k8s package verison (#5358)

* upgrade k8s package version Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> * Script upgrade and code formatting. Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
2022-11-15 14:56:38 +08:00
parent 5f91c1663a
commit 44167aa47a
3106 changed files with 321340 additions and 172080 deletions
--- a/vendor/k8s.io/api/certificates/v1/generated.proto
+++ b/vendor/k8s.io/api/certificates/v1/generated.proto
@@ -27,7 +27,7 @@ import "k8s.io/apimachinery/pkg/runtime/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";

 // Package-wide variables from generator "generated".
-option go_package = "v1";
+option go_package = "k8s.io/api/certificates/v1";

 // CertificateSigningRequest objects provide a mechanism to obtain x509 certificates
 // by submitting a certificate signing request, and having it asynchronously approved and issued.
@@ -44,7 +44,7 @@ message CertificateSigningRequest {
  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;

  // spec contains the certificate request, and is immutable after creation.
-  // Only the request, signerName, and usages fields can be set on creation.
+  // Only the request, signerName, expirationSeconds, and usages fields can be set on creation.
  // Other fields are derived by Kubernetes and cannot be modified by users.
  optional CertificateSigningRequestSpec spec = 2;

@@ -135,6 +135,28 @@ message CertificateSigningRequestSpec {
  //  6. Whether or not requests for CA certificates are allowed.
  optional string signerName = 7;

+  // expirationSeconds is the requested duration of validity of the issued
+  // certificate. The certificate signer may issue a certificate with a different
+  // validity duration so a client must check the delta between the notBefore and
+  // and notAfter fields in the issued certificate to determine the actual duration.
+  //
+  // The v1.22+ in-tree implementations of the well-known Kubernetes signers will
+  // honor this field as long as the requested duration is not greater than the
+  // maximum duration they will honor per the --cluster-signing-duration CLI
+  // flag to the Kubernetes controller manager.
+  //
+  // Certificate signers may not honor this field for various reasons:
+  //
+  //   1. Old signer that is unaware of the field (such as the in-tree
+  //      implementations prior to v1.22)
+  //   2. Signer whose configured maximum is shorter than the requested duration
+  //   3. Signer whose configured minimum is longer than the requested duration
+  //
+  // The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
+  //
+  // +optional
+  optional int32 expirationSeconds = 8;
+
  // usages specifies a set of key usages requested in the issued certificate.
  //
  // Requests for TLS client certificates typically request: "digital signature", "key encipherment", "client auth".