kubernetes
diff --git a/‎content/en/docs/reference/config-api/apiserver-admission.v1.md
Lines changed: 2 additions & 2 deletions b/‎content/en/docs/reference/config-api/apiserver-admission.v1.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎content/en/docs/reference/config-api/apiserver-audit.v1.md
Lines changed: 8 additions & 8 deletions b/‎content/en/docs/reference/config-api/apiserver-audit.v1.md
Lines changed: 8 additions & 8 deletions
diff --git a/‎content/en/docs/reference/config-api/apiserver-config.v1alpha1.md
Lines changed: 72 additions & 5 deletions b/‎content/en/docs/reference/config-api/apiserver-config.v1alpha1.md
Lines changed: 72 additions & 5 deletions
diff --git a/‎content/en/docs/reference/config-api/apiserver-config.v1beta1.md
Lines changed: 72 additions & 5 deletions b/‎content/en/docs/reference/config-api/apiserver-config.v1beta1.md
Lines changed: 72 additions & 5 deletions
diff --git a/‎content/en/docs/reference/config-api/client-authentication.v1.md
Lines changed: 1 addition & 1 deletion b/‎content/en/docs/reference/config-api/client-authentication.v1.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/en/docs/reference/config-api/client-authentication.v1beta1.md
Lines changed: 1 addition & 1 deletion b/‎content/en/docs/reference/config-api/client-authentication.v1beta1.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/en/docs/reference/config-api/imagepolicy.v1alpha1.md
Lines changed: 1 addition & 1 deletion b/‎content/en/docs/reference/config-api/imagepolicy.v1alpha1.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md
Lines changed: 0 additions & 30 deletions b/‎content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md
Lines changed: 0 additions & 30 deletions
@@ -152,7 +152,7 @@ requested. e.g. a patch can result in either a CREATE or UPDATE Operation.</p>
 </td>
 </tr>
 <tr><td><code>userInfo</code> <B>[Required]</B><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
 </td>
 <td>
    <p>UserInfo is information about the requesting user</p>
@@ -226,7 +226,7 @@ This must be copied over from the corresponding AdmissionRequest.</p>
 </td>
 </tr>
 <tr><td><code>status</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#status-v1-meta"><code>meta/v1.Status</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#status-v1-meta"><code>meta/v1.Status</code></a>
 </td>
 <td>
    <p>Result contains extra details into why an admission request was denied.
 
@@ -71,14 +71,14 @@ For non-resource requests, this is the lower-cased HTTP method.</p>
 </td>
 </tr>
 <tr><td><code>user</code> <B>[Required]</B><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
 </td>
 <td>
    <p>Authenticated user information.</p>
 </td>
 </tr>
 <tr><td><code>impersonatedUser</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#userinfo-v1-authentication-k8s-io"><code>authentication/v1.UserInfo</code></a>
 </td>
 <td>
    <p>Impersonated user information.</p>
@@ -116,7 +116,7 @@ Does not apply for List-type requests, or non-resource requests.</p>
 </td>
 </tr>
 <tr><td><code>responseStatus</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#status-v1-meta"><code>meta/v1.Status</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#status-v1-meta"><code>meta/v1.Status</code></a>
 </td>
 <td>
    <p>The response status, populated even when the ResponseObject is not a Status type.
@@ -144,14 +144,14 @@ at Response Level.</p>
 </td>
 </tr>
 <tr><td><code>requestReceivedTimestamp</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
 </td>
 <td>
    <p>Time the request reached the apiserver.</p>
 </td>
 </tr>
 <tr><td><code>stageTimestamp</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#microtime-v1-meta"><code>meta/v1.MicroTime</code></a>
 </td>
 <td>
    <p>Time the request reached current audit stage.</p>
@@ -188,7 +188,7 @@ should be short. Annotations are included in the Metadata level.</p>
 
 
 <tr><td><code>metadata</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
 </td>
 <td>
    <span class="text-muted">No description provided.</span></td>
@@ -223,7 +223,7 @@ categories are logged.</p>
 
 
 <tr><td><code>metadata</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
 </td>
 <td>
    <p>ObjectMeta is included for interoperability with API infrastructure.</p>
@@ -278,7 +278,7 @@ in a rule will override the global default.</p>
 
 
 <tr><td><code>metadata</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#listmeta-v1-meta"><code>meta/v1.ListMeta</code></a>
 </td>
 <td>
    <span class="text-muted">No description provided.</span></td>
 
@@ -119,10 +119,17 @@ JWT authenticator will attempt to cryptographically validate the token.</p>
 &quot;iss&quot;: &quot;https://issuer.example.com&quot;,
 &quot;aud&quot;: [&quot;audience&quot;],
 &quot;exp&quot;: 1234567890,
-&quot;&lt;username claim&gt;&quot;: &quot;username&quot;
+&quot;<!-- raw HTML omitted -->&quot;: &quot;username&quot;
 }</p>
 </td>
 </tr>
+<tr><td><code>anonymous</code> <B>[Required]</B><br/>
+<a href="#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig"><code>AnonymousAuthConfig</code></a>
+</td>
+<td>
+   <p>If present --anonymous-auth must not be set</p>
+</td>
+</tr>
 </tbody>
 </table>
 
@@ -245,6 +252,66 @@ configuration. If present, it will be used instead of the path to the configurat
 </tbody>
 </table>
 
+## `AnonymousAuthCondition`     {#apiserver-k8s-io-v1alpha1-AnonymousAuthCondition}
+    
+
+**Appears in:**
+
+- [AnonymousAuthConfig](#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig)
+
+
+<p>AnonymousAuthCondition describes the condition under which anonymous auth
+should be enabled.</p>
+
+
+<table class="table">
+<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
+<tbody>
+    
+  
+<tr><td><code>path</code> <B>[Required]</B><br/>
+<code>string</code>
+</td>
+<td>
+   <p>Path for which anonymous auth is enabled.</p>
+</td>
+</tr>
+</tbody>
+</table>
+
+## `AnonymousAuthConfig`     {#apiserver-k8s-io-v1alpha1-AnonymousAuthConfig}
+    
+
+**Appears in:**
+
+- [AuthenticationConfiguration](#apiserver-k8s-io-v1alpha1-AuthenticationConfiguration)
+
+
+<p>AnonymousAuthConfig provides the configuration for the anonymous authenticator.</p>
+
+
+<table class="table">
+<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
+<tbody>
+    
+  
+<tr><td><code>enabled</code> <B>[Required]</B><br/>
+<code>bool</code>
+</td>
+<td>
+   <span class="text-muted">No description provided.</span></td>
+</tr>
+<tr><td><code>conditions</code> <B>[Required]</B><br/>
+<a href="#apiserver-k8s-io-v1alpha1-AnonymousAuthCondition"><code>[]AnonymousAuthCondition</code></a>
+</td>
+<td>
+   <p>If set, anonymous auth is only allowed if the request meets one of the
+conditions.</p>
+</td>
+</tr>
+</tbody>
+</table>
+
 ## `AudienceMatchPolicyType`     {#apiserver-k8s-io-v1alpha1-AudienceMatchPolicyType}
 
 (Alias of `string`)
@@ -331,7 +398,7 @@ The claim's value must be a singular string.
 Same as the --oidc-username-claim and --oidc-username-prefix flags.
 If username.expression is set, the expression must produce a string value.
 If username.expression uses 'claims.email', then 'claims.email_verified' must be used in
-username.expression or extra[&ast;].valueExpression or claimValidationRules[&ast;].expression.
+username.expression or extra[<em>].valueExpression or claimValidationRules[</em>].expression.
 An example claim validation rule expression that matches the validation automatically
 applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true)'.</p>
 <p>In the flag based approach, the --oidc-username-claim and --oidc-username-prefix are optional. If --oidc-username-claim is not set,
@@ -341,8 +408,8 @@ For prefix:
 (1) --oidc-username-prefix=&quot;-&quot;, no prefix was added to the username. For the same behavior using authentication config,
 set username.prefix=&quot;&quot;
 (2) --oidc-username-prefix=&quot;&quot; and  --oidc-username-claim != &quot;email&quot;, prefix was &quot;&lt;value of --oidc-issuer-url&gt;#&quot;. For the same
-behavior using authentication config, set username.prefix=&quot;&lt;value of issuer.url&gt;#&quot;
-(3) --oidc-username-prefix=&quot;&lt;value&gt;&quot;. For the same behavior using authentication config, set username.prefix=&quot;&lt;value&gt;&quot;</p>
+behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->#&quot;
+(3) --oidc-username-prefix=&quot;<!-- raw HTML omitted -->&quot;. For the same behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->&quot;</p>
 </td>
 </tr>
 <tr><td><code>groups</code><br/>
@@ -1202,4 +1269,4 @@ the contents would be converted to the v1 version before evaluating the CEL expr
 </tr>
 </tbody>
 </table>
-  
+  
@@ -95,10 +95,17 @@ JWT authenticator will attempt to cryptographically validate the token.</p>
 &quot;iss&quot;: &quot;https://issuer.example.com&quot;,
 &quot;aud&quot;: [&quot;audience&quot;],
 &quot;exp&quot;: 1234567890,
-&quot;&lt;username claim&gt;&quot;: &quot;username&quot;
+&quot;<!-- raw HTML omitted -->&quot;: &quot;username&quot;
 }</p>
 </td>
 </tr>
+<tr><td><code>anonymous</code> <B>[Required]</B><br/>
+<a href="#apiserver-k8s-io-v1beta1-AnonymousAuthConfig"><code>AnonymousAuthConfig</code></a>
+</td>
+<td>
+   <p>If present --anonymous-auth must not be set</p>
+</td>
+</tr>
 </tbody>
 </table>
 
@@ -178,6 +185,66 @@ Must be at least one.</p>
 </tbody>
 </table>
 
+## `AnonymousAuthCondition`     {#apiserver-k8s-io-v1beta1-AnonymousAuthCondition}
+    
+
+**Appears in:**
+
+- [AnonymousAuthConfig](#apiserver-k8s-io-v1beta1-AnonymousAuthConfig)
+
+
+<p>AnonymousAuthCondition describes the condition under which anonymous auth
+should be enabled.</p>
+
+
+<table class="table">
+<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
+<tbody>
+    
+  
+<tr><td><code>path</code> <B>[Required]</B><br/>
+<code>string</code>
+</td>
+<td>
+   <p>Path for which anonymous auth is enabled.</p>
+</td>
+</tr>
+</tbody>
+</table>
+
+## `AnonymousAuthConfig`     {#apiserver-k8s-io-v1beta1-AnonymousAuthConfig}
+    
+
+**Appears in:**
+
+- [AuthenticationConfiguration](#apiserver-k8s-io-v1beta1-AuthenticationConfiguration)
+
+
+<p>AnonymousAuthConfig provides the configuration for the anonymous authenticator.</p>
+
+
+<table class="table">
+<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
+<tbody>
+    
+  
+<tr><td><code>enabled</code> <B>[Required]</B><br/>
+<code>bool</code>
+</td>
+<td>
+   <span class="text-muted">No description provided.</span></td>
+</tr>
+<tr><td><code>conditions</code> <B>[Required]</B><br/>
+<a href="#apiserver-k8s-io-v1beta1-AnonymousAuthCondition"><code>[]AnonymousAuthCondition</code></a>
+</td>
+<td>
+   <p>If set, anonymous auth is only allowed if the request meets one of the
+conditions.</p>
+</td>
+</tr>
+</tbody>
+</table>
+
 ## `AudienceMatchPolicyType`     {#apiserver-k8s-io-v1beta1-AudienceMatchPolicyType}
 
 (Alias of `string`)
@@ -264,7 +331,7 @@ The claim's value must be a singular string.
 Same as the --oidc-username-claim and --oidc-username-prefix flags.
 If username.expression is set, the expression must produce a string value.
 If username.expression uses 'claims.email', then 'claims.email_verified' must be used in
-username.expression or extra[&ast;].valueExpression or claimValidationRules[&ast;].expression.
+username.expression or extra[<em>].valueExpression or claimValidationRules[</em>].expression.
 An example claim validation rule expression that matches the validation automatically
 applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true)'.</p>
 <p>In the flag based approach, the --oidc-username-claim and --oidc-username-prefix are optional. If --oidc-username-claim is not set,
@@ -274,8 +341,8 @@ For prefix:
 (1) --oidc-username-prefix=&quot;-&quot;, no prefix was added to the username. For the same behavior using authentication config,
 set username.prefix=&quot;&quot;
 (2) --oidc-username-prefix=&quot;&quot; and  --oidc-username-claim != &quot;email&quot;, prefix was &quot;&lt;value of --oidc-issuer-url&gt;#&quot;. For the same
-behavior using authentication config, set username.prefix=&quot;&lt;value of issuer.url&gt;#&quot;
-(3) --oidc-username-prefix=&quot;&lt;value&gt;&quot;. For the same behavior using authentication config, set username.prefix=&quot;&lt;value&gt;&quot;</p>
+behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->#&quot;
+(3) --oidc-username-prefix=&quot;<!-- raw HTML omitted -->&quot;. For the same behavior using authentication config, set username.prefix=&quot;<!-- raw HTML omitted -->&quot;</p>
 </td>
 </tr>
 <tr><td><code>groups</code><br/>
@@ -1135,4 +1202,4 @@ the contents would be converted to the v1 version before evaluating the CEL expr
 </tr>
 </tbody>
 </table>
-  
+  
@@ -205,7 +205,7 @@ itself should at least be protected via file permissions.</p>
 
 
 <tr><td><code>expirationTimestamp</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
 </td>
 <td>
    <p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>
 
@@ -205,7 +205,7 @@ itself should at least be protected via file permissions.</p>
 
 
 <tr><td><code>expirationTimestamp</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#time-v1-meta"><code>meta/v1.Time</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#time-v1-meta"><code>meta/v1.Time</code></a>
 </td>
 <td>
    <p>ExpirationTimestamp indicates a time when the provided credentials expire.</p>
 
@@ -28,7 +28,7 @@ auto_generated: true
 
 
 <tr><td><code>metadata</code><br/>
-<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
+<a href="https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#objectmeta-v1-meta"><code>meta/v1.ObjectMeta</code></a>
 </td>
 <td>
    <p>Standard object's metadata.
 
@@ -1256,13 +1256,6 @@ Larger number = more responsive HPA processing, but more CPU (and network) load.
 pods in horizontal pod autoscaler.</p>
 </td>
 </tr>
-<tr><td><code>HorizontalPodAutoscalerUpscaleForbiddenWindow</code> <B>[Required]</B><br/>
-<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
-</td>
-<td>
-   <p>HorizontalPodAutoscalerUpscaleForbiddenWindow is a period after which next upscale allowed.</p>
-</td>
-</tr>
 <tr><td><code>HorizontalPodAutoscalerDownscaleStabilizationWindow</code> <B>[Required]</B><br/>
 <a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
 </td>
@@ -1271,13 +1264,6 @@ pods in horizontal pod autoscaler.</p>
 backwards and not scale down below any recommendation it made during that period.</p>
 </td>
 </tr>
-<tr><td><code>HorizontalPodAutoscalerDownscaleForbiddenWindow</code> <B>[Required]</B><br/>
-<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
-</td>
-<td>
-   <p>HorizontalPodAutoscalerDownscaleForbiddenWindow is a period after which next downscale allowed.</p>
-</td>
-</tr>
 <tr><td><code>HorizontalPodAutoscalerTolerance</code> <B>[Required]</B><br/>
 <code>float64</code>
 </td>
@@ -1556,22 +1542,6 @@ and persistent volume claims.</p>
    <p>volumeConfiguration holds configuration for volume related features.</p>
 </td>
 </tr>
-<tr><td><code>VolumeHostCIDRDenylist</code> <B>[Required]</B><br/>
-<code>[]string</code>
-</td>
-<td>
-   <p>DEPRECATED: VolumeHostCIDRDenylist is a list of CIDRs that should not be reachable by the
-controller from plugins.</p>
-</td>
-</tr>
-<tr><td><code>VolumeHostAllowLocalLoopback</code> <B>[Required]</B><br/>
-<code>bool</code>
-</td>
-<td>
-   <p>DEPRECATED: VolumeHostAllowLocalLoopback indicates if local loopback hosts (127.0.0.1, etc)
-should be allowed from plugins.</p>
-</td>
-</tr>
 </tbody>
 </table>