use istio client-go library instead of knative (#1661)

use istio client-go library instead of knative
bump kubernetes dependency version
change code coverage to codecov

vendor/istio.io/client-go/pkg/apis/authentication/v1alpha1/doc.gen.go

@@ -0,0 +1,6 @@
+// Code generated by kubetype-gen. DO NOT EDIT.
+
+// Package has auto-generated kube type wrappers for raw types.
+// +k8s:openapi-gen=true
+// +k8s:deepcopy-gen=package
+package v1alpha1

vendor/istio.io/client-go/pkg/apis/authentication/v1alpha1/register.gen.go

@@ -0,0 +1,37 @@
+// Code generated by kubetype-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	schema "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+var (
+	// Package-wide variables from generator "register".
+	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+	SchemeBuilder      = runtime.NewSchemeBuilder(addKnownTypes)
+	localSchemeBuilder = &SchemeBuilder
+	AddToScheme        = localSchemeBuilder.AddToScheme
+)
+
+const (
+	// Package-wide consts from generator "register".
+	GroupName = "authentication.istio.io"
+)
+
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&MeshPolicy{},
+		&MeshPolicyList{},
+		&Policy{},
+		&PolicyList{},
+	)
+	v1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}

vendor/istio.io/client-go/pkg/apis/authentication/v1alpha1/types.gen.go

@@ -0,0 +1,217 @@
+// Code generated by kubetype-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	authenticationv1alpha1 "istio.io/api/authentication/v1alpha1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+//
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Policy defines what authentication methods can be accepted on workload(s),
+// and if authenticated, which method/certificate will set the request principal
+// (i.e request.auth.principal attribute).
+//
+// Authentication policy is composed of 2-part authentication:
+// - peer: verify caller service credentials. This part will set source.user
+// (peer identity).
+// - origin: verify the origin credentials. This part will set request.auth.user
+// (origin identity), as well as other attributes like request.auth.presenter,
+// request.auth.audiences and raw claims. Note that the identity could be
+// end-user, service account, device etc.
+//
+// Last but not least, the principal binding rule defines which identity (peer
+// or origin) should be used as principal. By default, it uses peer.
+//
+// Examples:
+//
+// Policy to enable mTLS for all services in namespace frod. The policy name must be
+// `default`, and it contains no rule for `targets`.
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: default
+//   namespace: frod
+// spec:
+//   peers:
+//   - mtls:
+// ```
+// Policy to disable mTLS for "productpage" service
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: productpage-mTLS-disable
+//   namespace: frod
+// spec:
+//   targets:
+//   - name: productpage
+// ```
+// Policy to require mTLS for peer authentication, and JWT for origin authentication
+// for productpage:9000 except the path '/health_check' . Principal is set from origin identity.
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: productpage-mTLS-with-JWT
+//   namespace: frod
+// spec:
+//   targets:
+//   - name: productpage
+//     ports:
+//     - number: 9000
+//   peers:
+//   - mtls:
+//   origins:
+//   - jwt:
+//       issuer: "https://securetoken.google.com"
+//       audiences:
+//       - "productpage"
+//       jwksUri: "https://www.googleapis.com/oauth2/v1/certs"
+//       jwtHeaders:
+//       - "x-goog-iap-jwt-assertion"
+//       triggerRules:
+//       - excludedPaths:
+//         - exact: /health_check
+//   principalBinding: USE_ORIGIN
+// ```
+//
+// <!-- go code generation tags
+// +kubetype-gen
+// +kubetype-gen:groupVersion=authentication.istio.io/v1alpha1
+// +kubetype-gen:kubeType=Policy
+// +kubetype-gen:kubeType=MeshPolicy
+// +kubetype-gen:MeshPolicy:tag=genclient:nonNamespaced
+// +genclient
+// +k8s:deepcopy-gen=true
+// -->
+type Policy struct {
+	v1.TypeMeta `json:",inline"`
+	// +optional
+	v1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec defines the implementation of this definition.
+	// +optional
+	Spec authenticationv1alpha1.Policy `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// PolicyList is a collection of Policies.
+type PolicyList struct {
+	v1.TypeMeta `json:",inline"`
+	// +optional
+	v1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	Items       []Policy `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+//
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Policy defines what authentication methods can be accepted on workload(s),
+// and if authenticated, which method/certificate will set the request principal
+// (i.e request.auth.principal attribute).
+//
+// Authentication policy is composed of 2-part authentication:
+// - peer: verify caller service credentials. This part will set source.user
+// (peer identity).
+// - origin: verify the origin credentials. This part will set request.auth.user
+// (origin identity), as well as other attributes like request.auth.presenter,
+// request.auth.audiences and raw claims. Note that the identity could be
+// end-user, service account, device etc.
+//
+// Last but not least, the principal binding rule defines which identity (peer
+// or origin) should be used as principal. By default, it uses peer.
+//
+// Examples:
+//
+// Policy to enable mTLS for all services in namespace frod. The policy name must be
+// `default`, and it contains no rule for `targets`.
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: default
+//   namespace: frod
+// spec:
+//   peers:
+//   - mtls:
+// ```
+// Policy to disable mTLS for "productpage" service
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: productpage-mTLS-disable
+//   namespace: frod
+// spec:
+//   targets:
+//   - name: productpage
+// ```
+// Policy to require mTLS for peer authentication, and JWT for origin authentication
+// for productpage:9000 except the path '/health_check' . Principal is set from origin identity.
+//
+// ```yaml
+// apiVersion: authentication.istio.io/v1alpha1
+// kind: Policy
+// metadata:
+//   name: productpage-mTLS-with-JWT
+//   namespace: frod
+// spec:
+//   targets:
+//   - name: productpage
+//     ports:
+//     - number: 9000
+//   peers:
+//   - mtls:
+//   origins:
+//   - jwt:
+//       issuer: "https://securetoken.google.com"
+//       audiences:
+//       - "productpage"
+//       jwksUri: "https://www.googleapis.com/oauth2/v1/certs"
+//       jwtHeaders:
+//       - "x-goog-iap-jwt-assertion"
+//       triggerRules:
+//       - excludedPaths:
+//         - exact: /health_check
+//   principalBinding: USE_ORIGIN
+// ```
+//
+// <!-- go code generation tags
+// +kubetype-gen
+// +kubetype-gen:groupVersion=authentication.istio.io/v1alpha1
+// +kubetype-gen:kubeType=Policy
+// +kubetype-gen:kubeType=MeshPolicy
+// +kubetype-gen:MeshPolicy:tag=genclient:nonNamespaced
+// +genclient
+// +k8s:deepcopy-gen=true
+// -->
+type MeshPolicy struct {
+	v1.TypeMeta `json:",inline"`
+	// +optional
+	v1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec defines the implementation of this definition.
+	// +optional
+	Spec authenticationv1alpha1.Policy `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// MeshPolicyList is a collection of MeshPolicies.
+type MeshPolicyList struct {
+	v1.TypeMeta `json:",inline"`
+	// +optional
+	v1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	Items       []MeshPolicy `json:"items" protobuf:"bytes,2,rep,name=items"`
+}

vendor/istio.io/client-go/pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.gen.go

@@ -0,0 +1,129 @@
+// +build !ignore_autogenerated
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshPolicy) DeepCopyInto(out *MeshPolicy) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshPolicy.
+func (in *MeshPolicy) DeepCopy() *MeshPolicy {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshPolicy)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *MeshPolicy) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MeshPolicyList) DeepCopyInto(out *MeshPolicyList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]MeshPolicy, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MeshPolicyList.
+func (in *MeshPolicyList) DeepCopy() *MeshPolicyList {
+	if in == nil {
+		return nil
+	}
+	out := new(MeshPolicyList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *MeshPolicyList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Policy) DeepCopyInto(out *Policy) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
+func (in *Policy) DeepCopy() *Policy {
+	if in == nil {
+		return nil
+	}
+	out := new(Policy)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *Policy) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PolicyList) DeepCopyInto(out *PolicyList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]Policy, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
+func (in *PolicyList) DeepCopy() *PolicyList {
+	if in == nil {
+		return nil
+	}
+	out := new(PolicyList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PolicyList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}