update dependencies (#6267)
Signed-off-by: hongming <coder.scala@gmail.com>
This commit is contained in:
hongming
32
vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto
generated
vendored
32
vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto
generated
vendored
@@ -48,11 +48,11 @@ message Event {
|
||||
optional string verb = 5;
|
||||
|
||||
// Authenticated user information.
|
||||
optional k8s.io.api.authentication.v1.UserInfo user = 6;
|
||||
optional .k8s.io.api.authentication.v1.UserInfo user = 6;
|
||||
|
||||
// Impersonated user information.
|
||||
// +optional
|
||||
optional k8s.io.api.authentication.v1.UserInfo impersonatedUser = 7;
|
||||
optional .k8s.io.api.authentication.v1.UserInfo impersonatedUser = 7;
|
||||
|
||||
// Source IPs, from where the request originated and intermediate proxies.
|
||||
// The source IPs are listed from (in order):
|
||||
@@ -62,6 +62,7 @@ message Event {
|
||||
// IP in the list up to here (X-Forwarded-For or X-Real-Ip).
|
||||
// Note: All but the last IP can be arbitrarily set by the client.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string sourceIPs = 8;
|
||||
|
||||
// UserAgent records the user agent string reported by the client.
|
||||
@@ -78,28 +79,28 @@ message Event {
|
||||
// For successful responses, this will only include the Code and StatusSuccess.
|
||||
// For non-status type error responses, this will be auto-populated with the error Message.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status responseStatus = 10;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.Status responseStatus = 10;
|
||||
|
||||
// API object from the request, in JSON format. The RequestObject is recorded as-is in the request
|
||||
// (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or
|
||||
// merging. It is an external versioned object type, and may not be a valid object on its own.
|
||||
// Omitted for non-resource requests. Only logged at Request Level and higher.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.runtime.Unknown requestObject = 11;
|
||||
optional .k8s.io.apimachinery.pkg.runtime.Unknown requestObject = 11;
|
||||
|
||||
// API object returned in the response, in JSON. The ResponseObject is recorded after conversion
|
||||
// to the external type, and serialized as JSON. Omitted for non-resource requests. Only logged
|
||||
// at Response Level.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.runtime.Unknown responseObject = 12;
|
||||
optional .k8s.io.apimachinery.pkg.runtime.Unknown responseObject = 12;
|
||||
|
||||
// Time the request reached the apiserver.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime requestReceivedTimestamp = 13;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime requestReceivedTimestamp = 13;
|
||||
|
||||
// Time the request reached current audit stage.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 14;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 14;
|
||||
|
||||
// Annotations is an unstructured key value map stored with an audit event that may be set by
|
||||
// plugins invoked in the request serving chain, including authentication, authorization and
|
||||
@@ -114,7 +115,7 @@ message Event {
|
||||
// EventList is a list of audit Events.
|
||||
message EventList {
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
||||
|
||||
repeated Event items = 2;
|
||||
}
|
||||
@@ -140,12 +141,14 @@ message GroupResources {
|
||||
//
|
||||
// An empty list implies all resources and subresources in this API groups apply.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string resources = 2;
|
||||
|
||||
// ResourceNames is a list of resource instance names that the policy matches.
|
||||
// Using this field requires Resources to be specified.
|
||||
// An empty list implies that every instance of the resource is matched.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string resourceNames = 3;
|
||||
}
|
||||
|
||||
@@ -184,17 +187,19 @@ message ObjectReference {
|
||||
message Policy {
|
||||
// ObjectMeta is included for interoperability with API infrastructure.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
|
||||
|
||||
// Rules specify the audit Level a request should be recorded at.
|
||||
// A request may match multiple rules, in which case the FIRST matching rule is used.
|
||||
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
|
||||
// PolicyRules are strictly ordered.
|
||||
// +listType=atomic
|
||||
repeated PolicyRule rules = 2;
|
||||
|
||||
// OmitStages is a list of stages for which no events are created. Note that this can also
|
||||
// be specified per rule in which case the union of both are omitted.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string omitStages = 3;
|
||||
|
||||
// OmitManagedFields indicates whether to omit the managed fields of the request
|
||||
@@ -210,7 +215,7 @@ message Policy {
|
||||
// PolicyList is a list of audit Policies.
|
||||
message PolicyList {
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
||||
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
||||
|
||||
repeated Policy items = 2;
|
||||
}
|
||||
@@ -224,27 +229,32 @@ message PolicyRule {
|
||||
// The users (by authenticated user name) this rule applies to.
|
||||
// An empty list implies every user.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string users = 2;
|
||||
|
||||
// The user groups this rule applies to. A user is considered matching
|
||||
// if it is a member of any of the UserGroups.
|
||||
// An empty list implies every user group.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string userGroups = 3;
|
||||
|
||||
// The verbs that match this rule.
|
||||
// An empty list implies every verb.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string verbs = 4;
|
||||
|
||||
// Resources that this rule matches. An empty list implies all kinds in all API groups.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated GroupResources resources = 5;
|
||||
|
||||
// Namespaces that this rule matches.
|
||||
// The empty string "" matches non-namespaced resources.
|
||||
// An empty list implies every namespace.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string namespaces = 6;
|
||||
|
||||
// NonResourceURLs is a set of URL paths that should be audited.
|
||||
@@ -253,12 +263,14 @@ message PolicyRule {
|
||||
// - `/metrics` - Log requests for apiserver metrics
|
||||
// - `/healthz*` - Log all health checks
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string nonResourceURLs = 7;
|
||||
|
||||
// OmitStages is a list of stages for which no events are created. Note that this can also
|
||||
// be specified policy wide in which case the union of both are omitted.
|
||||
// An empty list means no restrictions will apply.
|
||||
// +optional
|
||||
// +listType=atomic
|
||||
repeated string omitStages = 8;
|
||||
|
||||
// OmitManagedFields indicates whether to omit the managed fields of the request
|
||||
|
||||
Reference in New Issue
Block a user