Upgrade k8s package verison (#5358)

* upgrade k8s package version Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> * Script upgrade and code formatting. Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
2022-11-15 14:56:38 +08:00
parent 5f91c1663a
commit 44167aa47a
3106 changed files with 321340 additions and 172080 deletions
--- a/vendor/k8s.io/api/certificates/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/certificates/v1beta1/generated.proto
@@ -27,15 +27,16 @@ import "k8s.io/apimachinery/pkg/runtime/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";

 // Package-wide variables from generator "generated".
-option go_package = "v1beta1";
+option go_package = "k8s.io/api/certificates/v1beta1";

 // Describes a certificate signing request
 message CertificateSigningRequest {
  // +optional
  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;

-  // The certificate request itself and any additional information.
-  // +optional
+  // spec contains the certificate request, and is immutable after creation.
+  // Only the request, signerName, expirationSeconds, and usages fields can be set on creation.
+  // Other fields are derived by Kubernetes and cannot be modified by users.
  optional CertificateSigningRequestSpec spec = 2;

  // Derived information about the request.
@@ -80,9 +81,7 @@ message CertificateSigningRequestList {
  repeated CertificateSigningRequest items = 2;
 }

-// This information is immutable after the request is created. Only the Request
-// and Usages fields can be set on creation, other fields are derived by
-// Kubernetes and cannot be modified by users.
+// CertificateSigningRequestSpec contains the certificate request.
 message CertificateSigningRequestSpec {
  // Base64-encoded PKCS#10 CSR data
  // +listType=atomic
@@ -101,6 +100,28 @@ message CertificateSigningRequestSpec {
  // +optional
  optional string signerName = 7;

+  // expirationSeconds is the requested duration of validity of the issued
+  // certificate. The certificate signer may issue a certificate with a different
+  // validity duration so a client must check the delta between the notBefore and
+  // and notAfter fields in the issued certificate to determine the actual duration.
+  //
+  // The v1.22+ in-tree implementations of the well-known Kubernetes signers will
+  // honor this field as long as the requested duration is not greater than the
+  // maximum duration they will honor per the --cluster-signing-duration CLI
+  // flag to the Kubernetes controller manager.
+  //
+  // Certificate signers may not honor this field for various reasons:
+  //
+  //   1. Old signer that is unaware of the field (such as the in-tree
+  //      implementations prior to v1.22)
+  //   2. Signer whose configured maximum is shorter than the requested duration
+  //   3. Signer whose configured minimum is longer than the requested duration
+  //
+  // The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
+  //
+  // +optional
+  optional int32 expirationSeconds = 8;
+
  // allowedUsages specifies a set of usage contexts the key will be
  // valid for.
  // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3