chore: make k8s api import aliases consistent (#3950)

* chore: make kyverno api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * chore: make apimachinery api import aliases consistent Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
2024-12-14 11:57:48 +00:00 · 2022-05-17 16:14:31 +02:00 · 2022-05-17 16:14:31 +02:00 · 666bcb3c15
commit 666bcb3c15
parent b3e227dbaf
16 changed files with 139 additions and 135 deletions
--- a/.golangci.yml
+++ b/.golangci.yml
@ -49,3 +49,7 @@ linters-settings:
    alias:
      - pkg: github.com/kyverno/kyverno/api/(\w+)/(v[\w\d]+)
        alias: $1$2
+      - pkg: k8s.io/apimachinery/pkg/apis/(\w+)/(v[\w\d]+)
+        alias: $1$2
+      - pkg: k8s.io/api/(\w+)/(v[\w\d]+)
+        alias: $1$2
--- a/cmd/initContainer/main.go
+++ b/cmd/initContainer/main.go
@ -20,7 +20,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/signal"
 	"github.com/kyverno/kyverno/pkg/tls"
 	"github.com/kyverno/kyverno/pkg/utils"
-	coord "k8s.io/api/coordination/v1"
+	coordinationv1 "k8s.io/api/coordination/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@ -193,7 +193,7 @@ func acquireLeader(ctx context.Context, kubeClient kubernetes.Interface) error {
 		os.Exit(0)
 	}

-	lease := coord.Lease{
+	lease := coordinationv1.Lease{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: "kyvernopre-lock",
 		},
--- a/pkg/background/common/resource.go
+++ b/pkg/background/common/resource.go
@ -8,7 +8,7 @@ import (
 	kyvernov1beta1 "github.com/kyverno/kyverno/api/kyverno/v1beta1"
 	"github.com/kyverno/kyverno/pkg/common"
 	dclient "github.com/kyverno/kyverno/pkg/dclient"
-	v1 "k8s.io/api/admission/v1"
+	admissionv1 "k8s.io/api/admission/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 )
@ -22,7 +22,7 @@ func GetResource(client dclient.Interface, urSpec kyvernov1beta1.UpdateRequestSp
 		}
 		resource, err := client.GetResource(resourceSpec.APIVersion, resourceSpec.Kind, resourceSpec.Namespace, resourceSpec.Name)
 		if err != nil {
-			if urSpec.Type == kyvernov1beta1.Mutate && errors.IsNotFound(err) && urSpec.Context.AdmissionRequestInfo.Operation == v1.Delete {
+			if urSpec.Type == kyvernov1beta1.Mutate && errors.IsNotFound(err) && urSpec.Context.AdmissionRequestInfo.Operation == admissionv1.Delete {
 				log.V(4).Info("trigger resource does not exist for mutateExisting rule", "operation", urSpec.Context.AdmissionRequestInfo.Operation)
 				return nil, nil
 			}
--- a/pkg/common/common.go
+++ b/pkg/common/common.go
@ -12,7 +12,7 @@ import (
 	dclient "github.com/kyverno/kyverno/pkg/dclient"
 	enginutils "github.com/kyverno/kyverno/pkg/engine/utils"
 	"github.com/pkg/errors"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	listerv1 "k8s.io/client-go/listers/core/v1"
 	"sigs.k8s.io/controller-runtime/pkg/log"
@ -39,7 +39,7 @@ func GetNamespaceSelectorsFromNamespaceLister(kind, namespaceOfResource string,
 }

 // GetNamespaceLabels - from namespace obj
-func GetNamespaceLabels(namespaceObj *v1.Namespace, logger logr.Logger) map[string]string {
+func GetNamespaceLabels(namespaceObj *corev1.Namespace, logger logr.Logger) map[string]string {
 	namespaceObj.Kind = "Namespace"
 	namespaceRaw, err := json.Marshal(namespaceObj)
 	if err != nil {
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -8,7 +8,7 @@ import (

 	wildcard "github.com/kyverno/go-wildcard"
 	osutils "github.com/kyverno/kyverno/pkg/utils/os"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
@ -121,7 +121,7 @@ type Configuration interface {
 	// GetWebhooks returns the webhook configs
 	GetWebhooks() []WebhookConfig
 	// Load loads configuration from a configmap
-	Load(cm *v1.ConfigMap)
+	Load(cm *corev1.ConfigMap)
 }

 // configuration stores the configuration
@ -212,7 +212,7 @@ func (cd *configuration) GetWebhooks() []WebhookConfig {
 	return cd.webhooks
 }

-func (cd *configuration) Load(cm *v1.ConfigMap) {
+func (cd *configuration) Load(cm *corev1.ConfigMap) {
 	reconcilePolicyReport, updateWebhook := true, true
 	if cm != nil {
 		logger.Info("load config", "name", cm.Name, "namespace", cm.Namespace)
@ -231,7 +231,7 @@ func (cd *configuration) Load(cm *v1.ConfigMap) {
 	}
 }

-func (cd *configuration) load(cm *v1.ConfigMap) (reconcilePolicyReport, updateWebhook bool) {
+func (cd *configuration) load(cm *corev1.ConfigMap) (reconcilePolicyReport, updateWebhook bool) {
 	logger := logger.WithValues("name", cm.Name, "namespace", cm.Namespace)
 	if cm.Data == nil {
 		logger.V(4).Info("configuration: No data defined in ConfigMap")
--- a/pkg/controllers/certmanager/controller.go
+++ b/pkg/controllers/certmanager/controller.go
@ -8,7 +8,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/common"
 	"github.com/kyverno/kyverno/pkg/config"
 	"github.com/kyverno/kyverno/pkg/tls"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	informerv1 "k8s.io/client-go/informers/core/v1"
 	listersv1 "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
@ -44,15 +44,15 @@ func NewController(secretInformer informerv1.SecretInformer, certRenewer *tls.Ce
 }

 func (m *controller) addSecretFunc(obj interface{}) {
-	secret := obj.(*v1.Secret)
+	secret := obj.(*corev1.Secret)
 	if secret.GetNamespace() == config.KyvernoNamespace() && secret.GetName() == tls.GenerateTLSPairSecretName() {
 		m.secretQueue <- true
 	}
 }

 func (m *controller) updateSecretFunc(oldObj interface{}, newObj interface{}) {
-	old := oldObj.(*v1.Secret)
-	new := newObj.(*v1.Secret)
+	old := oldObj.(*corev1.Secret)
+	new := newObj.(*corev1.Secret)
 	if new.GetNamespace() == config.KyvernoNamespace() && new.GetName() == tls.GenerateTLSPairSecretName() {
 		if !reflect.DeepEqual(old.DeepCopy().Data, new.DeepCopy().Data) {
 			m.secretQueue <- true
@ -66,7 +66,7 @@ func (m *controller) GetTLSPemPair() ([]byte, []byte, error) {
 	if err != nil {
 		return nil, nil, err
 	}
-	return secret.Data[v1.TLSCertKey], secret.Data[v1.TLSPrivateKeyKey], nil
+	return secret.Data[corev1.TLSCertKey], secret.Data[corev1.TLSPrivateKeyKey], nil
 }

 func (m *controller) renewCertificates() error {
@ -89,7 +89,7 @@ func (m *controller) GetCAPem() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	result := secret.Data[v1.TLSCertKey]
+	result := secret.Data[corev1.TLSCertKey]
 	if len(result) == 0 {
 		result = secret.Data[tls.RootCAKey]
 	}
--- a/pkg/event/controller.go
+++ b/pkg/event/controller.go
@ -8,7 +8,7 @@ import (
 	kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
 	kyvernolister "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1"
 	client "github.com/kyverno/kyverno/pkg/dclient"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	errors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@ -86,7 +86,7 @@ func initRecorder(client client.Interface, eventSource Source, log logr.Logger)
 	)
 	recorder := eventBroadcaster.NewRecorder(
 		scheme.Scheme,
-		v1.EventSource{
+		corev1.EventSource{
 			Component: eventSource.String(),
 		},
 	)
@ -203,9 +203,9 @@ func (gen *Generator) syncHandler(key Info) error {
 	}

 	// set the event type based on reason
-	eventType := v1.EventTypeWarning
+	eventType := corev1.EventTypeWarning
 	if key.Reason == PolicyApplied.String() {
-		eventType = v1.EventTypeNormal
+		eventType = corev1.EventTypeNormal
 	}

 	// based on the source of event generation, use different event recorders
--- a/pkg/openapi/crdSync.go
+++ b/pkg/openapi/crdSync.go
@ -12,7 +12,7 @@ import (
 	client "github.com/kyverno/kyverno/pkg/dclient"
 	"github.com/pkg/errors"
 	"gopkg.in/yaml.v3"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	runtimeSchema "k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/wait"
@ -91,7 +91,7 @@ func (c *crdSync) sync() {
 		Group:    "apiextensions.k8s.io",
 		Version:  "v1",
 		Resource: "customresourcedefinitions",
-	}).List(context.TODO(), v1.ListOptions{})
+	}).List(context.TODO(), metav1.ListOptions{})
 	if err != nil {
 		log.Log.Error(err, "could not fetch crd's from server")
 		return
--- a/pkg/policy/policy_controller.go
+++ b/pkg/policy/policy_controller.go
@ -26,7 +26,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/metrics"
 	"github.com/kyverno/kyverno/pkg/policyreport"
 	"github.com/kyverno/kyverno/pkg/utils"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@ -126,7 +126,7 @@ func NewPolicyController(
 		pInformer:          pInformer,
 		npInformer:         npInformer,
 		eventGen:           eventGen,
-		eventRecorder:      eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "policy_controller"}),
+		eventRecorder:      eventBroadcaster.NewRecorder(scheme.Scheme, corev1.EventSource{Component: "policy_controller"}),
 		queue:              workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "policy"),
 		configHandler:      configHandler,
 		prGenerator:        prGenerator,
--- a/pkg/policyreport/builder.go
+++ b/pkg/policyreport/builder.go
@ -15,7 +15,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/engine"
 	"github.com/kyverno/kyverno/pkg/engine/response"
 	"github.com/kyverno/kyverno/pkg/version"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@ -165,7 +165,7 @@ func (builder *requestBuilder) buildRCRResult(policy string, resource response.R

 	result := policyreportv1alpha2.PolicyReportResult{
 		Policy: policy,
-		Resources: []v1.ObjectReference{
+		Resources: []corev1.ObjectReference{
 			{
 				Kind:       resource.Kind,
 				Namespace:  resource.Namespace,
--- a/pkg/policyreport/reportcontroller.go
+++ b/pkg/policyreport/reportcontroller.go
@ -19,7 +19,7 @@ import (
 	dclient "github.com/kyverno/kyverno/pkg/dclient"
 	kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
 	"github.com/kyverno/kyverno/pkg/version"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@ -534,7 +534,7 @@ func (g *ReportGenerator) aggregateReports(namespace string) (
 				return nil, nil, fmt.Errorf("unable to get namespace %s: %v", namespace, err)
 			}
 			// Namespace is deleted, create a fake ns to clean up RCRs
-			ns = new(v1.Namespace)
+			ns = new(corev1.Namespace)
 			ns.SetName(namespace)
 			now := metav1.Now()
 			ns.SetDeletionTimestamp(&now)
@ -554,7 +554,7 @@ func (g *ReportGenerator) aggregateReports(namespace string) (
 	return report, aggregatedRequests, nil
 }

-func mergeRequests(ns, kyvernoNs *v1.Namespace, requestsGeneral interface{}) (*unstructured.Unstructured, interface{}, error) {
+func mergeRequests(ns, kyvernoNs *corev1.Namespace, requestsGeneral interface{}) (*unstructured.Unstructured, interface{}, error) {
 	results := []policyreportv1alpha2.PolicyReportResult{}

 	if requests, ok := requestsGeneral.([]*kyvernov1alpha2.ClusterReportChangeRequest); ok {
@ -615,7 +615,7 @@ func mergeRequests(ns, kyvernoNs *v1.Namespace, requestsGeneral interface{}) (*u
 	return nil, nil, nil
 }

-func setReport(reportUnstructured *unstructured.Unstructured, ns, kyvernoNs *v1.Namespace) {
+func setReport(reportUnstructured *unstructured.Unstructured, ns, kyvernoNs *corev1.Namespace) {
 	reportUnstructured.SetAPIVersion(policyreportv1alpha2.SchemeGroupVersion.String())
 	reportUnstructured.SetLabels(LabelSelector.MatchLabels)

--- a/pkg/tls/reader.go
+++ b/pkg/tls/reader.go
@ -5,7 +5,7 @@ import (

 	"github.com/kyverno/kyverno/pkg/config"
 	"github.com/pkg/errors"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
 )
@ -20,7 +20,7 @@ func ReadRootCASecret(client kubernetes.Interface) ([]byte, error) {
 		return nil, err
 	}
 	// try "tls.crt"
-	result := stlsca.Data[v1.TLSCertKey]
+	result := stlsca.Data[corev1.TLSCertKey]
 	// if not there, try old "rootCA.crt"
 	if len(result) == 0 {
 		result = stlsca.Data[RootCAKey]
--- a/pkg/tls/utils.go
+++ b/pkg/tls/utils.go
@ -8,7 +8,7 @@ import (

 	"github.com/kyverno/kyverno/pkg/config"
 	appsv1 "k8s.io/api/apps/v1"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 )

 func privateKeyToPem(rsaKey *rsa.PrivateKey) []byte {
@ -97,7 +97,7 @@ func IsKyvernoInRollingUpdate(deploy *appsv1.Deployment) bool {
 	return false
 }

-func IsSecretManagedByKyverno(secret *v1.Secret) bool {
+func IsSecretManagedByKyverno(secret *corev1.Secret) bool {
 	if secret != nil {
 		labels := secret.GetLabels()
 		if labels == nil {
--- a/pkg/webhookconfig/common.go
+++ b/pkg/webhookconfig/common.go
@ -9,7 +9,7 @@ import (

 	"github.com/kyverno/kyverno/pkg/config"
 	"github.com/kyverno/kyverno/pkg/tls"
-	admregapi "k8s.io/api/admissionregistration/v1"
+	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
@ -22,15 +22,15 @@ const (
 )

 var (
-	noneOnDryRun = admregapi.SideEffectClassNoneOnDryRun
-	never        = admregapi.NeverReinvocationPolicy
-	ifNeeded     = admregapi.IfNeededReinvocationPolicy
-	policyRule   = admregapi.Rule{
+	noneOnDryRun = admissionregistrationv1.SideEffectClassNoneOnDryRun
+	never        = admissionregistrationv1.NeverReinvocationPolicy
+	ifNeeded     = admissionregistrationv1.IfNeededReinvocationPolicy
+	policyRule   = admissionregistrationv1.Rule{
 		Resources:   []string{"clusterpolicies/*", "policies/*"},
 		APIGroups:   []string{"kyverno.io"},
 		APIVersions: []string{"v1"},
 	}
-	verifyRule = admregapi.Rule{
+	verifyRule = admissionregistrationv1.Rule{
 		Resources:   []string{"leases"},
 		APIGroups:   []string{"coordination.k8s.io"},
 		APIVersions: []string{"v1"},
@ -40,9 +40,9 @@ var (
 			"app.kubernetes.io/name": kyvernoValue,
 		},
 	}
-	update       = []admregapi.OperationType{admregapi.Update}
-	createUpdate = []admregapi.OperationType{admregapi.Create, admregapi.Update}
-	all          = []admregapi.OperationType{admregapi.Create, admregapi.Update, admregapi.Delete, admregapi.Connect}
+	update       = []admissionregistrationv1.OperationType{admissionregistrationv1.Update}
+	createUpdate = []admissionregistrationv1.OperationType{admissionregistrationv1.Create, admissionregistrationv1.Update}
+	all          = []admissionregistrationv1.OperationType{admissionregistrationv1.Create, admissionregistrationv1.Update, admissionregistrationv1.Delete, admissionregistrationv1.Connect}
 )

 func (wrc *Register) readCaData() []byte {
@ -116,18 +116,18 @@ func (wrc *Register) constructOwner() metav1.OwnerReference {

 // webhook utils

-func generateRules(rule admregapi.Rule, operationTypes []admregapi.OperationType) []admregapi.RuleWithOperations {
-	if !reflect.DeepEqual(rule, admregapi.Rule{}) {
-		return []admregapi.RuleWithOperations{{Operations: operationTypes, Rule: rule}}
+func generateRules(rule admissionregistrationv1.Rule, operationTypes []admissionregistrationv1.OperationType) []admissionregistrationv1.RuleWithOperations {
+	if !reflect.DeepEqual(rule, admissionregistrationv1.Rule{}) {
+		return []admissionregistrationv1.RuleWithOperations{{Operations: operationTypes, Rule: rule}}
 	}
 	return nil
 }

-func generateDebugMutatingWebhook(name, url string, caData []byte, timeoutSeconds int32, rule admregapi.Rule, operationTypes []admregapi.OperationType, failurePolicy admregapi.FailurePolicyType) admregapi.MutatingWebhook {
-	return admregapi.MutatingWebhook{
+func generateDebugMutatingWebhook(name, url string, caData []byte, timeoutSeconds int32, rule admissionregistrationv1.Rule, operationTypes []admissionregistrationv1.OperationType, failurePolicy admissionregistrationv1.FailurePolicyType) admissionregistrationv1.MutatingWebhook {
+	return admissionregistrationv1.MutatingWebhook{
 		ReinvocationPolicy: &never,
 		Name:               name,
-		ClientConfig: admregapi.WebhookClientConfig{
+		ClientConfig: admissionregistrationv1.WebhookClientConfig{
 			URL:      &url,
 			CABundle: caData,
 		},
@ -139,10 +139,10 @@ func generateDebugMutatingWebhook(name, url string, caData []byte, timeoutSecond
 	}
 }

-func generateDebugValidatingWebhook(name, url string, caData []byte, timeoutSeconds int32, rule admregapi.Rule, operationTypes []admregapi.OperationType, failurePolicy admregapi.FailurePolicyType) admregapi.ValidatingWebhook {
-	return admregapi.ValidatingWebhook{
+func generateDebugValidatingWebhook(name, url string, caData []byte, timeoutSeconds int32, rule admissionregistrationv1.Rule, operationTypes []admissionregistrationv1.OperationType, failurePolicy admissionregistrationv1.FailurePolicyType) admissionregistrationv1.ValidatingWebhook {
+	return admissionregistrationv1.ValidatingWebhook{
 		Name: name,
-		ClientConfig: admregapi.WebhookClientConfig{
+		ClientConfig: admissionregistrationv1.WebhookClientConfig{
 			URL:      &url,
 			CABundle: caData,
 		},
@ -154,12 +154,12 @@ func generateDebugValidatingWebhook(name, url string, caData []byte, timeoutSeco
 	}
 }

-func generateMutatingWebhook(name, servicePath string, caData []byte, timeoutSeconds int32, rule admregapi.Rule, operationTypes []admregapi.OperationType, failurePolicy admregapi.FailurePolicyType) admregapi.MutatingWebhook {
-	return admregapi.MutatingWebhook{
+func generateMutatingWebhook(name, servicePath string, caData []byte, timeoutSeconds int32, rule admissionregistrationv1.Rule, operationTypes []admissionregistrationv1.OperationType, failurePolicy admissionregistrationv1.FailurePolicyType) admissionregistrationv1.MutatingWebhook {
+	return admissionregistrationv1.MutatingWebhook{
 		ReinvocationPolicy: &ifNeeded,
 		Name:               name,
-		ClientConfig: admregapi.WebhookClientConfig{
-			Service: &admregapi.ServiceReference{
+		ClientConfig: admissionregistrationv1.WebhookClientConfig{
+			Service: &admissionregistrationv1.ServiceReference{
 				Namespace: config.KyvernoNamespace(),
 				Name:      config.KyvernoServiceName(),
 				Path:      &servicePath,
@ -174,11 +174,11 @@ func generateMutatingWebhook(name, servicePath string, caData []byte, timeoutSec
 	}
 }

-func generateValidatingWebhook(name, servicePath string, caData []byte, timeoutSeconds int32, rule admregapi.Rule, operationTypes []admregapi.OperationType, failurePolicy admregapi.FailurePolicyType) admregapi.ValidatingWebhook {
-	return admregapi.ValidatingWebhook{
+func generateValidatingWebhook(name, servicePath string, caData []byte, timeoutSeconds int32, rule admissionregistrationv1.Rule, operationTypes []admissionregistrationv1.OperationType, failurePolicy admissionregistrationv1.FailurePolicyType) admissionregistrationv1.ValidatingWebhook {
+	return admissionregistrationv1.ValidatingWebhook{
 		Name: name,
-		ClientConfig: admregapi.WebhookClientConfig{
-			Service: &admregapi.ServiceReference{
+		ClientConfig: admissionregistrationv1.WebhookClientConfig{
+			Service: &admissionregistrationv1.ServiceReference{
 				Namespace: config.KyvernoNamespace(),
 				Name:      config.KyvernoServiceName(),
 				Path:      &servicePath,
@ -219,42 +219,42 @@ func getPolicyValidatingWebhookConfigName(serverIP string) string {
 	return config.PolicyValidatingWebhookConfigurationName
 }

-func constructPolicyValidatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.ValidatingWebhookConfiguration {
+func constructPolicyValidatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.ValidatingWebhookConfiguration {
 	name, path := config.PolicyValidatingWebhookName, config.PolicyValidatingWebhookServicePath
-	return &admregapi.ValidatingWebhookConfiguration{
+	return &admissionregistrationv1.ValidatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.PolicyValidatingWebhookConfigurationName, owner),
-		Webhooks: []admregapi.ValidatingWebhook{
-			generateValidatingWebhook(name, path, caData, timeoutSeconds, policyRule, createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.ValidatingWebhook{
+			generateValidatingWebhook(name, path, caData, timeoutSeconds, policyRule, createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 }

-func constructDebugPolicyValidatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.ValidatingWebhookConfiguration {
+func constructDebugPolicyValidatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.ValidatingWebhookConfiguration {
 	name, url := config.PolicyValidatingWebhookName, fmt.Sprintf("https://%s%s", serverIP, config.PolicyValidatingWebhookServicePath)
-	return &admregapi.ValidatingWebhookConfiguration{
+	return &admissionregistrationv1.ValidatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.PolicyValidatingWebhookConfigurationDebugName, owner),
-		Webhooks: []admregapi.ValidatingWebhook{
-			generateDebugValidatingWebhook(name, url, caData, timeoutSeconds, policyRule, createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.ValidatingWebhook{
+			generateDebugValidatingWebhook(name, url, caData, timeoutSeconds, policyRule, createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 }

-func constructPolicyMutatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructPolicyMutatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, path := config.PolicyMutatingWebhookName, config.PolicyMutatingWebhookServicePath
-	return &admregapi.MutatingWebhookConfiguration{
+	return &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.PolicyMutatingWebhookConfigurationName, owner),
-		Webhooks: []admregapi.MutatingWebhook{
-			generateMutatingWebhook(name, path, caData, timeoutSeconds, policyRule, createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.MutatingWebhook{
+			generateMutatingWebhook(name, path, caData, timeoutSeconds, policyRule, createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 }

-func constructDebugPolicyMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructDebugPolicyMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, url := config.PolicyMutatingWebhookName, fmt.Sprintf("https://%s%s", serverIP, config.PolicyMutatingWebhookServicePath)
-	return &admregapi.MutatingWebhookConfiguration{
+	return &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.PolicyMutatingWebhookConfigurationDebugName, owner),
-		Webhooks: []admregapi.MutatingWebhook{
-			generateDebugMutatingWebhook(name, url, caData, timeoutSeconds, policyRule, createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.MutatingWebhook{
+			generateDebugMutatingWebhook(name, url, caData, timeoutSeconds, policyRule, createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 }
@ -275,69 +275,69 @@ func getResourceValidatingWebhookConfigName(serverIP string) string {
 	return config.ValidatingWebhookConfigurationName
 }

-func defaultResourceWebhookRule(autoUpdate bool) admregapi.Rule {
+func defaultResourceWebhookRule(autoUpdate bool) admissionregistrationv1.Rule {
 	if autoUpdate {
-		return admregapi.Rule{}
+		return admissionregistrationv1.Rule{}
 	}
-	return admregapi.Rule{
+	return admissionregistrationv1.Rule{
 		APIGroups:   []string{"*"},
 		APIVersions: []string{"*"},
 		Resources:   []string{"*/*"},
 	}
 }

-func constructDefaultDebugMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructDefaultDebugMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, url := config.MutatingWebhookName, fmt.Sprintf("https://%s%s", serverIP, config.MutatingWebhookServicePath)
-	webhook := &admregapi.MutatingWebhookConfiguration{
+	webhook := &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.MutatingWebhookConfigurationDebugName, owner),
-		Webhooks: []admregapi.MutatingWebhook{
-			generateDebugMutatingWebhook(name+"-ignore", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.MutatingWebhook{
+			generateDebugMutatingWebhook(name+"-ignore", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 	if autoUpdate {
-		webhook.Webhooks = append(webhook.Webhooks, generateDebugMutatingWebhook(name+"-fail", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admregapi.Fail))
+		webhook.Webhooks = append(webhook.Webhooks, generateDebugMutatingWebhook(name+"-fail", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admissionregistrationv1.Fail))
 	}
 	return webhook
 }

-func constructDefaultMutatingWebhookConfig(caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructDefaultMutatingWebhookConfig(caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, path := config.MutatingWebhookName, config.MutatingWebhookServicePath
-	webhook := &admregapi.MutatingWebhookConfiguration{
+	webhook := &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.MutatingWebhookConfigurationName, owner),
-		Webhooks: []admregapi.MutatingWebhook{
-			generateMutatingWebhook(name+"-ignore", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.MutatingWebhook{
+			generateMutatingWebhook(name+"-ignore", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admissionregistrationv1.Ignore),
 		},
 	}
 	if autoUpdate {
-		webhook.Webhooks = append(webhook.Webhooks, generateMutatingWebhook(name+"-fail", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admregapi.Fail))
+		webhook.Webhooks = append(webhook.Webhooks, generateMutatingWebhook(name+"-fail", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), createUpdate, admissionregistrationv1.Fail))
 	}
 	return webhook
 }

-func constructDefaultDebugValidatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admregapi.ValidatingWebhookConfiguration {
+func constructDefaultDebugValidatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admissionregistrationv1.ValidatingWebhookConfiguration {
 	name, url := config.ValidatingWebhookName, fmt.Sprintf("https://%s%s", serverIP, config.ValidatingWebhookServicePath)
-	webhook := &admregapi.ValidatingWebhookConfiguration{
+	webhook := &admissionregistrationv1.ValidatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.ValidatingWebhookConfigurationDebugName, owner),
-		Webhooks: []admregapi.ValidatingWebhook{
-			generateDebugValidatingWebhook(name+"-ignore", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.ValidatingWebhook{
+			generateDebugValidatingWebhook(name+"-ignore", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admissionregistrationv1.Ignore),
 		},
 	}
 	if autoUpdate {
-		webhook.Webhooks = append(webhook.Webhooks, generateDebugValidatingWebhook(name+"-fail", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admregapi.Fail))
+		webhook.Webhooks = append(webhook.Webhooks, generateDebugValidatingWebhook(name+"-fail", url, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admissionregistrationv1.Fail))
 	}
 	return webhook
 }

-func constructDefaultValidatingWebhookConfig(caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admregapi.ValidatingWebhookConfiguration {
+func constructDefaultValidatingWebhookConfig(caData []byte, timeoutSeconds int32, autoUpdate bool, owner metav1.OwnerReference) *admissionregistrationv1.ValidatingWebhookConfiguration {
 	name, path := config.ValidatingWebhookName, config.ValidatingWebhookServicePath
-	webhook := &admregapi.ValidatingWebhookConfiguration{
+	webhook := &admissionregistrationv1.ValidatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.ValidatingWebhookConfigurationName, owner),
-		Webhooks: []admregapi.ValidatingWebhook{
-			generateValidatingWebhook(name+"-ignore", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admregapi.Ignore),
+		Webhooks: []admissionregistrationv1.ValidatingWebhook{
+			generateValidatingWebhook(name+"-ignore", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admissionregistrationv1.Ignore),
 		},
 	}
 	if autoUpdate {
-		webhook.Webhooks = append(webhook.Webhooks, generateValidatingWebhook(name+"-fail", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admregapi.Fail))
+		webhook.Webhooks = append(webhook.Webhooks, generateValidatingWebhook(name+"-fail", path, caData, timeoutSeconds, defaultResourceWebhookRule(autoUpdate), all, admissionregistrationv1.Fail))
 	}
 	return webhook
 }
@ -351,22 +351,22 @@ func getVerifyMutatingWebhookConfigName(serverIP string) string {
 	return config.VerifyMutatingWebhookConfigurationName
 }

-func constructVerifyMutatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructVerifyMutatingWebhookConfig(caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, path := config.VerifyMutatingWebhookName, config.VerifyMutatingWebhookServicePath
-	webhook := generateMutatingWebhook(name, path, caData, timeoutSeconds, verifyRule, update, admregapi.Ignore)
+	webhook := generateMutatingWebhook(name, path, caData, timeoutSeconds, verifyRule, update, admissionregistrationv1.Ignore)
 	webhook.ObjectSelector = vertifyObjectSelector
-	return &admregapi.MutatingWebhookConfiguration{
+	return &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.VerifyMutatingWebhookConfigurationName, owner),
-		Webhooks:   []admregapi.MutatingWebhook{webhook},
+		Webhooks:   []admissionregistrationv1.MutatingWebhook{webhook},
 	}
 }

-func constructDebugVerifyMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admregapi.MutatingWebhookConfiguration {
+func constructDebugVerifyMutatingWebhookConfig(serverIP string, caData []byte, timeoutSeconds int32, owner metav1.OwnerReference) *admissionregistrationv1.MutatingWebhookConfiguration {
 	name, url := config.VerifyMutatingWebhookName, fmt.Sprintf("https://%s%s", serverIP, config.VerifyMutatingWebhookServicePath)
-	webhook := generateDebugMutatingWebhook(name, url, caData, timeoutSeconds, verifyRule, update, admregapi.Ignore)
+	webhook := generateDebugMutatingWebhook(name, url, caData, timeoutSeconds, verifyRule, update, admissionregistrationv1.Ignore)
 	webhook.ObjectSelector = vertifyObjectSelector
-	return &admregapi.MutatingWebhookConfiguration{
+	return &admissionregistrationv1.MutatingWebhookConfiguration{
 		ObjectMeta: generateObjectMeta(config.VerifyMutatingWebhookConfigurationDebugName, owner),
-		Webhooks:   []admregapi.MutatingWebhook{webhook},
+		Webhooks:   []admissionregistrationv1.MutatingWebhook{webhook},
 	}
 }
--- a/pkg/webhookconfig/configmanager.go
+++ b/pkg/webhookconfig/configmanager.go
@ -19,7 +19,7 @@ import (
 	"github.com/kyverno/kyverno/pkg/utils"
 	kubeutils "github.com/kyverno/kyverno/pkg/utils/kube"
 	"github.com/pkg/errors"
-	admregapi "k8s.io/api/admissionregistration/v1"
+	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@ -216,14 +216,14 @@ func (m *webhookConfigManager) deletePolicy(obj interface{}) {

 func (m *webhookConfigManager) deleteMutatingWebhook(obj interface{}) {
 	m.log.WithName("deleteMutatingWebhook").Info("resource webhook configuration was deleted, recreating...")
-	webhook, ok := obj.(*admregapi.MutatingWebhookConfiguration)
+	webhook, ok := obj.(*admissionregistrationv1.MutatingWebhookConfiguration)
 	if !ok {
 		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
 		if !ok {
 			m.log.Info("Couldn't get object from tombstone", "obj", obj)
 			return
 		}
-		webhook, ok = tombstone.Obj.(*admregapi.MutatingWebhookConfiguration)
+		webhook, ok = tombstone.Obj.(*admissionregistrationv1.MutatingWebhookConfiguration)
 		if !ok {
 			m.log.Info("tombstone contained object that is not a MutatingWebhookConfiguration", "obj", obj)
 			return
@ -236,14 +236,14 @@ func (m *webhookConfigManager) deleteMutatingWebhook(obj interface{}) {

 func (m *webhookConfigManager) deleteValidatingWebhook(obj interface{}) {
 	m.log.WithName("deleteMutatingWebhook").Info("resource webhook configuration was deleted, recreating...")
-	webhook, ok := obj.(*admregapi.ValidatingWebhookConfiguration)
+	webhook, ok := obj.(*admissionregistrationv1.ValidatingWebhookConfiguration)
 	if !ok {
 		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
 		if !ok {
 			m.log.Info("Couldn't get object from tombstone", "obj", obj)
 			return
 		}
-		webhook, ok = tombstone.Obj.(*admregapi.ValidatingWebhookConfiguration)
+		webhook, ok = tombstone.Obj.(*admissionregistrationv1.ValidatingWebhookConfiguration)
 		if !ok {
 			m.log.Info("tombstone contained object that is not a ValidatingWebhookConfiguration", "obj", obj)
 			return
@ -480,11 +480,11 @@ func (m *webhookConfigManager) updateMutatingWebhookConfiguration(webhookName st
 	for i := range resourceWebhook.Webhooks {
 		newWebhook := webhooksMap[webhookKey(kindMutating, string(*resourceWebhook.Webhooks[i].FailurePolicy))]
 		if newWebhook == nil || newWebhook.isEmpty() {
-			resourceWebhook.Webhooks[i].Rules = []admregapi.RuleWithOperations{}
+			resourceWebhook.Webhooks[i].Rules = []admissionregistrationv1.RuleWithOperations{}
 		} else {
 			resourceWebhook.Webhooks[i].TimeoutSeconds = &newWebhook.maxWebhookTimeout
-			resourceWebhook.Webhooks[i].Rules = []admregapi.RuleWithOperations{
-				newWebhook.buildRuleWithOperations(admregapi.Create, admregapi.Update, admregapi.Delete),
+			resourceWebhook.Webhooks[i].Rules = []admissionregistrationv1.RuleWithOperations{
+				newWebhook.buildRuleWithOperations(admissionregistrationv1.Create, admissionregistrationv1.Update, admissionregistrationv1.Delete),
 			}
 		}
 	}
@ -507,11 +507,11 @@ func (m *webhookConfigManager) updateValidatingWebhookConfiguration(webhookName
 	for i := range resourceWebhook.Webhooks {
 		newWebhook := webhooksMap[webhookKey(kindValidating, string(*resourceWebhook.Webhooks[i].FailurePolicy))]
 		if newWebhook == nil || newWebhook.isEmpty() {
-			resourceWebhook.Webhooks[i].Rules = []admregapi.RuleWithOperations{}
+			resourceWebhook.Webhooks[i].Rules = []admissionregistrationv1.RuleWithOperations{}
 		} else {
 			resourceWebhook.Webhooks[i].TimeoutSeconds = &newWebhook.maxWebhookTimeout
-			resourceWebhook.Webhooks[i].Rules = []admregapi.RuleWithOperations{
-				newWebhook.buildRuleWithOperations(admregapi.Create, admregapi.Update, admregapi.Delete, admregapi.Connect),
+			resourceWebhook.Webhooks[i].Rules = []admissionregistrationv1.RuleWithOperations{
+				newWebhook.buildRuleWithOperations(admissionregistrationv1.Create, admissionregistrationv1.Update, admissionregistrationv1.Delete, admissionregistrationv1.Connect),
 			}
 		}
 	}
@ -572,9 +572,9 @@ type webhook struct {
 	resources         sets.String
 }

-func (wh *webhook) buildRuleWithOperations(ops ...admregapi.OperationType) admregapi.RuleWithOperations {
-	return admregapi.RuleWithOperations{
-		Rule: admregapi.Rule{
+func (wh *webhook) buildRuleWithOperations(ops ...admissionregistrationv1.OperationType) admissionregistrationv1.RuleWithOperations {
+	return admissionregistrationv1.RuleWithOperations{
+		Rule: admissionregistrationv1.Rule{
 			APIGroups:   wh.groups.List(),
 			APIVersions: wh.versions.List(),
 			Resources:   wh.resources.List(),
--- a/pkg/webhookconfig/registration.go
+++ b/pkg/webhookconfig/registration.go
@ -16,7 +16,7 @@ import (
 	client "github.com/kyverno/kyverno/pkg/dclient"
 	"github.com/kyverno/kyverno/pkg/utils"
 	"github.com/pkg/errors"
-	admregapi "k8s.io/api/admissionregistration/v1"
+	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
 	errorsapi "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	adminformers "k8s.io/client-go/informers/admissionregistration/v1"
@ -268,7 +268,7 @@ func (wrc *Register) ValidateWebhookConfigurations(namespace, name string) error
 	return json.Unmarshal([]byte(webhooks), &webhookCfgs)
 }

-func (wrc *Register) createMutatingWebhookConfiguration(config *admregapi.MutatingWebhookConfiguration) error {
+func (wrc *Register) createMutatingWebhookConfiguration(config *admissionregistrationv1.MutatingWebhookConfiguration) error {
 	logger := wrc.log.WithValues("kind", kindMutating, "name", config.Name)
 	if _, err := wrc.kubeClient.AdmissionregistrationV1().MutatingWebhookConfigurations().Create(context.TODO(), config, metav1.CreateOptions{}); err != nil {
 		if errorsapi.IsAlreadyExists(err) {
@ -282,7 +282,7 @@ func (wrc *Register) createMutatingWebhookConfiguration(config *admregapi.Mutati
 	return nil
 }

-func (wrc *Register) createValidatingWebhookConfiguration(config *admregapi.ValidatingWebhookConfiguration) error {
+func (wrc *Register) createValidatingWebhookConfiguration(config *admissionregistrationv1.ValidatingWebhookConfiguration) error {
 	logger := wrc.log.WithValues("kind", kindValidating, "name", config.Name)
 	if _, err := wrc.kubeClient.AdmissionregistrationV1().ValidatingWebhookConfigurations().Create(context.TODO(), config, metav1.CreateOptions{}); err != nil {
 		if errorsapi.IsAlreadyExists(err) {
@ -298,7 +298,7 @@ func (wrc *Register) createValidatingWebhookConfiguration(config *admregapi.Vali

 func (wrc *Register) createResourceMutatingWebhookConfiguration(caData []byte) error {
 	owner := wrc.constructOwner()
-	var config *admregapi.MutatingWebhookConfiguration
+	var config *admissionregistrationv1.MutatingWebhookConfiguration
 	if wrc.serverIP != "" {
 		config = constructDefaultDebugMutatingWebhookConfig(wrc.serverIP, caData, wrc.timeoutSeconds, wrc.autoUpdateWebhooks, owner)
 	} else {
@ -309,7 +309,7 @@ func (wrc *Register) createResourceMutatingWebhookConfiguration(caData []byte) e

 func (wrc *Register) createResourceValidatingWebhookConfiguration(caData []byte) error {
 	owner := wrc.constructOwner()
-	var config *admregapi.ValidatingWebhookConfiguration
+	var config *admissionregistrationv1.ValidatingWebhookConfiguration
 	if wrc.serverIP != "" {
 		config = constructDefaultDebugValidatingWebhookConfig(wrc.serverIP, caData, wrc.timeoutSeconds, wrc.autoUpdateWebhooks, owner)
 	} else {
@ -320,7 +320,7 @@ func (wrc *Register) createResourceValidatingWebhookConfiguration(caData []byte)

 func (wrc *Register) createPolicyValidatingWebhookConfiguration(caData []byte) error {
 	owner := wrc.constructOwner()
-	var config *admregapi.ValidatingWebhookConfiguration
+	var config *admissionregistrationv1.ValidatingWebhookConfiguration
 	if wrc.serverIP != "" {
 		config = constructDebugPolicyValidatingWebhookConfig(wrc.serverIP, caData, wrc.timeoutSeconds, owner)
 	} else {
@ -331,7 +331,7 @@ func (wrc *Register) createPolicyValidatingWebhookConfiguration(caData []byte) e

 func (wrc *Register) createPolicyMutatingWebhookConfiguration(caData []byte) error {
 	owner := wrc.constructOwner()
-	var config *admregapi.MutatingWebhookConfiguration
+	var config *admissionregistrationv1.MutatingWebhookConfiguration
 	if wrc.serverIP != "" {
 		config = constructDebugPolicyMutatingWebhookConfig(wrc.serverIP, caData, wrc.timeoutSeconds, owner)
 	} else {
@ -342,7 +342,7 @@ func (wrc *Register) createPolicyMutatingWebhookConfiguration(caData []byte) err

 func (wrc *Register) createVerifyMutatingWebhookConfiguration(caData []byte) error {
 	owner := wrc.constructOwner()
-	var config *admregapi.MutatingWebhookConfiguration
+	var config *admissionregistrationv1.MutatingWebhookConfiguration
 	if wrc.serverIP != "" {
 		config = constructDebugVerifyMutatingWebhookConfig(wrc.serverIP, caData, wrc.timeoutSeconds, owner)
 	} else {
@ -429,19 +429,19 @@ func (wrc *Register) updateResourceMutatingWebhookConfiguration(webhookCfg confi

 // updateMutatingWebhookConfiguration updates an existing MutatingWebhookConfiguration with the rules provided by
 // the targetConfig. If the targetConfig doesn't provide any rules, the existing rules will be preserved.
-func (wrc *Register) updateMutatingWebhookConfiguration(targetConfig *admregapi.MutatingWebhookConfiguration) error {
+func (wrc *Register) updateMutatingWebhookConfiguration(targetConfig *admissionregistrationv1.MutatingWebhookConfiguration) error {
 	// Fetch the existing webhook.
 	currentConfiguration, err := wrc.mwcLister.Get(targetConfig.Name)
 	if err != nil {
 		return fmt.Errorf("failed to get %s %s: %v", kindMutating, targetConfig.Name, err)
 	}
 	// Create a map of the target webhooks.
-	targetWebhooksMap := make(map[string]admregapi.MutatingWebhook)
+	targetWebhooksMap := make(map[string]admissionregistrationv1.MutatingWebhook)
 	for _, w := range targetConfig.Webhooks {
 		targetWebhooksMap[w.Name] = w
 	}
 	// Update the webhooks.
-	newWebhooks := make([]admregapi.MutatingWebhook, 0)
+	newWebhooks := make([]admissionregistrationv1.MutatingWebhook, 0)
 	for _, w := range currentConfiguration.Webhooks {
 		target, exist := targetWebhooksMap[w.Name]
 		if !exist {
@ -473,19 +473,19 @@ func (wrc *Register) updateMutatingWebhookConfiguration(targetConfig *admregapi.

 // updateValidatingWebhookConfiguration updates an existing ValidatingWebhookConfiguration with the rules provided by
 // the targetConfig. If the targetConfig doesn't provide any rules, the existing rules will be preserved.
-func (wrc *Register) updateValidatingWebhookConfiguration(targetConfig *admregapi.ValidatingWebhookConfiguration) error {
+func (wrc *Register) updateValidatingWebhookConfiguration(targetConfig *admissionregistrationv1.ValidatingWebhookConfiguration) error {
 	// Fetch the existing webhook.
 	currentConfiguration, err := wrc.vwcLister.Get(targetConfig.Name)
 	if err != nil {
 		return fmt.Errorf("failed to get %s %s: %v", kindValidating, targetConfig.Name, err)
 	}
 	// Create a map of the target webhooks.
-	targetWebhooksMap := make(map[string]admregapi.ValidatingWebhook)
+	targetWebhooksMap := make(map[string]admissionregistrationv1.ValidatingWebhook)
 	for _, w := range targetConfig.Webhooks {
 		targetWebhooksMap[w.Name] = w
 	}
 	// Update the webhooks.
-	newWebhooks := make([]admregapi.ValidatingWebhook, 0)
+	newWebhooks := make([]admissionregistrationv1.ValidatingWebhook, 0)
 	for _, w := range currentConfiguration.Webhooks {
 		target, exist := targetWebhooksMap[w.Name]
 		if !exist {