git subrepo clone (merge) https://github.com/kubernetes-incubator/metrics-server.git metrics-server
subrepo:
subdir: "metrics-server"
merged: "92d8412"
upstream:
origin: "https://github.com/kubernetes-incubator/metrics-server.git"
branch: "master"
commit: "92d8412"
git-subrepo:
version: "0.4.0"
origin: "???"
commit: "???"
diff --git a/metrics-server/vendor/k8s.io/api/authentication/v1/generated.proto b/metrics-server/vendor/k8s.io/api/authentication/v1/generated.proto
new file mode 100644
index 0000000..d20887f
--- /dev/null
+++ b/metrics-server/vendor/k8s.io/api/authentication/v1/generated.proto
@@ -0,0 +1,160 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = 'proto2';
+
+package k8s.io.api.authentication.v1;
+
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "v1";
+
+// BoundObjectReference is a reference to an object that a token is bound to.
+message BoundObjectReference {
+ // Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
+ // +optional
+ optional string kind = 1;
+
+ // API version of the referent.
+ // +optional
+ optional string aPIVersion = 2;
+
+ // Name of the referent.
+ // +optional
+ optional string name = 3;
+
+ // UID of the referent.
+ // +optional
+ optional string uID = 4;
+}
+
+// ExtraValue masks the value so protobuf can generate
+// +protobuf.nullable=true
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+message ExtraValue {
+ // items, if empty, will result in an empty slice
+
+ repeated string items = 1;
+}
+
+// TokenRequest requests a token for a given service account.
+message TokenRequest {
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ optional TokenRequestSpec spec = 2;
+
+ // +optional
+ optional TokenRequestStatus status = 3;
+}
+
+// TokenRequestSpec contains client provided parameters of a token request.
+message TokenRequestSpec {
+ // Audiences are the intendend audiences of the token. A recipient of a
+ // token must identitfy themself with an identifier in the list of
+ // audiences of the token, and otherwise should reject the token. A
+ // token issued for multiple audiences may be used to authenticate
+ // against any of the audiences listed but implies a high degree of
+ // trust between the target audiences.
+ repeated string audiences = 1;
+
+ // ExpirationSeconds is the requested duration of validity of the request. The
+ // token issuer may return a token with a different validity duration so a
+ // client needs to check the 'expiration' field in a response.
+ // +optional
+ optional int64 expirationSeconds = 4;
+
+ // BoundObjectRef is a reference to an object that the token will be bound to.
+ // The token will only be valid for as long as the bound objet exists.
+ // +optional
+ optional BoundObjectReference boundObjectRef = 3;
+}
+
+// TokenRequestStatus is the result of a token request.
+message TokenRequestStatus {
+ // Token is the opaque bearer token.
+ optional string token = 1;
+
+ // ExpirationTimestamp is the time of expiration of the returned token.
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
+}
+
+// TokenReview attempts to authenticate a token to a known user.
+// Note: TokenReview requests may be cached by the webhook token authenticator
+// plugin in the kube-apiserver.
+message TokenReview {
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+ // Spec holds information about the request being evaluated
+ optional TokenReviewSpec spec = 2;
+
+ // Status is filled in by the server and indicates whether the request can be authenticated.
+ // +optional
+ optional TokenReviewStatus status = 3;
+}
+
+// TokenReviewSpec is a description of the token authentication request.
+message TokenReviewSpec {
+ // Token is the opaque bearer token.
+ // +optional
+ optional string token = 1;
+}
+
+// TokenReviewStatus is the result of the token authentication request.
+message TokenReviewStatus {
+ // Authenticated indicates that the token was associated with a known user.
+ // +optional
+ optional bool authenticated = 1;
+
+ // User is the UserInfo associated with the provided token.
+ // +optional
+ optional UserInfo user = 2;
+
+ // Error indicates that the token couldn't be checked
+ // +optional
+ optional string error = 3;
+}
+
+// UserInfo holds the information about the user needed to implement the
+// user.Info interface.
+message UserInfo {
+ // The name that uniquely identifies this user among all active users.
+ // +optional
+ optional string username = 1;
+
+ // A unique value that identifies this user across time. If this user is
+ // deleted and another user by the same name is added, they will have
+ // different UIDs.
+ // +optional
+ optional string uid = 2;
+
+ // The names of groups this user is a part of.
+ // +optional
+ repeated string groups = 3;
+
+ // Any additional information provided by the authenticator.
+ // +optional
+ map<string, ExtraValue> extra = 4;
+}
+