// or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to
// drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns.
// SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.
message SelfSubjectRulesReview {
  // Standard list metadata.

		}
		return c, err
	})

	// CreateSingleUseGrpcTunnel() unfortunately couples dial and connection contexts. Because of that,
	// we cannot use ctx just for dialing and control the connection lifetime separately.
	// See https://github.com/kubernetes-sigs/apiserver-network-proxy/issues/357.
	tunnelCtx := context.TODO()
	tunnel, err := client.CreateSingleUseGrpcTunnel(tunnelCtx, udsName, dialOption,
		grpc.WithBlock(),

  //  4. Required, permitted, or forbidden key usages / extended key usages.
  //  5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin.
  //  6. Whether or not requests for CA certificates are allowed.
  optional string signerName = 7;

// AllocationResult contains attributes of an allocated resource.
message AllocationResult {
  // ResourceHandles contain the state associated with an allocation that
  // should be maintained throughout the lifetime of a claim. Each
  // ResourceHandle contains data that should be passed to a specific kubelet
  // plugin once it lands on a node. This data is returned by the driver

	// The config client should not make any assumptions about revisions and rely only on
	// exact equality to implement optimistic concurrency of read-write operations.
	//
	// The lifetime of an object of a particular revision depends on the underlying data store.
	// The data store may compactify old revisions in the interest of storage optimization.
	//

import org.jetbrains.kotlin.analysis.api.fir.KaFirSession
import org.jetbrains.kotlin.analysis.api.fir.unwrapSafeCall
import org.jetbrains.kotlin.analysis.api.fir.utils.unwrap
import org.jetbrains.kotlin.analysis.api.lifetime.KaLifetimeToken
import org.jetbrains.kotlin.analysis.api.types.KaErrorType
import org.jetbrains.kotlin.analysis.api.types.KaFunctionalType
import org.jetbrains.kotlin.analysis.api.types.KaType

// or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to
// drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns.
// SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.
type SelfSubjectRulesReview struct {
	metav1.TypeMeta `json:",inline"`

	//  4. Required, permitted, or forbidden key usages / extended key usages.
	//  5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin.
	//  6. Whether or not requests for CA certificates are allowed.
	SignerName string `json:"signerName" protobuf:"bytes,7,opt,name=signerName"`

database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/...

  // If no system-wide time zone database can be found a bundled version of the database is used instead.
  // If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host
  // configuration, the controller will stop creating new new Jobs and will create a system event with the
  // reason UnknownTimeZone.