@@ -14,7 +14,7 @@ import (

 // IsBuildPod returns true if a pod is a pod generated for a Build

 func IsBuildPod(a admission.Attributes) bool {

-	if a.GetResource() != kapi.Resource("pods") {

+	if a.GetResource().GroupResource() != kapi.Resource("pods") {

 		return false

 	}

 	if len(a.GetSubresource()) != 0 {

@@ -44,12 +44,12 @@ var (

 )

 func (a *buildByStrategy) Admit(attr admission.Attributes) error {

-	if resource := attr.GetResource(); resource != buildsResource && resource != buildConfigsResource {

+	if resource := attr.GetResource().GroupResource(); resource != buildsResource && resource != buildConfigsResource {

 		return nil

 	}

 	// Explicitly exclude the builds/details subresource because it's only

 	// updating commit info and cannot change build type.

-	if attr.GetResource() == buildsResource && attr.GetSubresource() == "details" {

+	if attr.GetResource().GroupResource() == buildsResource && attr.GetSubresource() == "details" {

 		return nil

 	}

 	switch obj := attr.GetObject().(type) {

@@ -136,7 +136,7 @@ func (a *buildByStrategy) checkBuildConfigAuthorization(buildConfig *buildapi.Bu

 }

 func (a *buildByStrategy) checkBuildRequestAuthorization(req *buildapi.BuildRequest, attr admission.Attributes) error {

-	switch attr.GetResource() {

+	switch attr.GetResource().GroupResource() {

 	case buildsResource:

 		build, err := a.client.Builds(attr.GetNamespace()).Get(req.Name)

 		if err != nil {

@@ -147,7 +147,7 @@ func TestBuildAdmission(t *testing.T) {

 			client := fakeClient(test.expectedResource, test.reviewResponse, test.responseObject)

 			c := NewBuildByStrategy()

 			c.(oadmission.WantsOpenshiftClient).SetOpenshiftClient(client)

-			attrs := admission.NewAttributesRecord(test.object, test.kind, "default", "name", test.resource, test.subResource, op, fakeUser())

+			attrs := admission.NewAttributesRecord(test.object, test.kind.WithVersion("version"), "default", "name", test.resource.WithVersion("version"), test.subResource, op, fakeUser())

 			err := c.Admit(attrs)

 			if err != nil && test.expectAccept {

 				t.Errorf("%s: unexpected error: %v", test.name, err)

@@ -72,10 +72,10 @@ func (p *TestPod) GetBuild(t *testing.T) *buildapi.Build {

 func (p *TestPod) ToAttributes() admission.Attributes {

 	return admission.NewAttributesRecord((*kapi.Pod)(p),

-		kapi.Kind("Pod"),

+		kapi.Kind("Pod").WithVersion("version"),

 		"default",

 		"TestPod",

-		kapi.Resource("pods"),

+		kapi.Resource("pods").WithVersion("version"),

 		"",

 		admission.Create,

 		nil)

@@ -130,7 +130,7 @@ func (bs *SourceBuildStrategy) canRunAsRoot(build *buildapi.Build) bool {

 		},

 	}

 	userInfo := serviceaccount.UserInfo(build.Namespace, build.Spec.ServiceAccount, "")

-	attrs := admission.NewAttributesRecord(pod, kapi.Kind("Pod"), pod.Namespace, pod.Name, kapi.Resource("pods"), "", admission.Create, userInfo)

+	attrs := admission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion(""), pod.Namespace, pod.Name, kapi.Resource("pods").WithVersion(""), "", admission.Create, userInfo)

 	err := bs.AdmissionControl.Admit(attrs)

 	if err != nil {

 		glog.V(2).Infof("Admit for root user returned error: %v", err)

@@ -59,7 +59,7 @@ func (e *lifecycle) Admit(a admission.Attributes) (err error) {

 	if err != nil {

 		return err

 	}

-	mapping, err := groupMeta.RESTMapper.RESTMapping(a.GetKind())

+	mapping, err := groupMeta.RESTMapper.RESTMapping(a.GetKind().GroupKind())

 	if err != nil {

 		glog.V(4).Infof("Ignoring life-cycle enforcement for resource %v; no associated default version and kind could be found.", a.GetResource())

 		return nil

@@ -93,7 +93,7 @@ func (e *lifecycle) Admit(a admission.Attributes) (err error) {

 	}

 	if namespace.Status.Phase == kapi.NamespaceTerminating && !e.creatableResources.Has(strings.ToLower(a.GetResource().Resource)) {

-		return apierrors.NewForbidden(a.GetResource(), name, fmt.Errorf("Namespace %s is terminating", a.GetNamespace()))

+		return apierrors.NewForbidden(a.GetResource().GroupResource(), name, fmt.Errorf("Namespace %s is terminating", a.GetNamespace()))

 	}

 	// in case of concurrency issues, we will retry this logic

@@ -152,5 +152,5 @@ var (

 )

 func isSubjectAccessReview(a admission.Attributes) bool {

-	return a.GetKind() == sar || a.GetKind() == lsar

+	return a.GetKind().GroupKind() == sar || a.GetKind().GroupKind() == lsar

 }

@@ -35,7 +35,7 @@ func TestIgnoreThatWhichCannotBeKnown(t *testing.T) {

 	handler := &lifecycle{}

 	unknown := &UnknownObject{}

-	err := handler.Admit(admission.NewAttributesRecord(unknown, kapi.Kind("kind"), "namespace", "name", kapi.Resource("resource"), "subresource", "CREATE", nil))

+	err := handler.Admit(admission.NewAttributesRecord(unknown, kapi.Kind("kind").WithVersion("version"), "namespace", "name", kapi.Resource("resource").WithVersion("version"), "subresource", "CREATE", nil))

 	if err != nil {

 		t.Errorf("Admission control should not error if it finds an object it knows nothing about %v", err)

 	}

@@ -76,7 +76,7 @@ func TestAdmissionExists(t *testing.T) {

 			Phase: buildapi.BuildPhaseNew,

 		},

 	}

-	err := handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build"), "namespace", "name", kapi.Resource("builds"), "", "CREATE", nil))

+	err := handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build").WithVersion("version"), "namespace", "name", kapi.Resource("builds").WithVersion("version"), "", "CREATE", nil))

 	if err == nil {

 		t.Errorf("Expected an error because namespace does not exist")

 	}

@@ -124,7 +124,7 @@ func TestAdmissionLifecycle(t *testing.T) {

 			Phase: buildapi.BuildPhaseNew,

 		},

 	}

-	err := handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build"), build.Namespace, "name", kapi.Resource("builds"), "", "CREATE", nil))

+	err := handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build").WithVersion("version"), build.Namespace, "name", kapi.Resource("builds").WithVersion("version"), "", "CREATE", nil))

 	if err != nil {

 		t.Errorf("Unexpected error returned from admission handler: %v", err)

 	}

@@ -134,19 +134,19 @@ func TestAdmissionLifecycle(t *testing.T) {

 	store.Add(namespaceObj)

 	// verify create operations in the namespace cause an error

-	err = handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build"), build.Namespace, "name", kapi.Resource("builds"), "", "CREATE", nil))

+	err = handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build").WithVersion("version"), build.Namespace, "name", kapi.Resource("builds").WithVersion("version"), "", "CREATE", nil))

 	if err == nil {

 		t.Errorf("Expected error rejecting creates in a namespace when it is terminating")

 	}

 	// verify update operations in the namespace can proceed

-	err = handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build"), build.Namespace, "name", kapi.Resource("builds"), "", "UPDATE", nil))

+	err = handler.Admit(admission.NewAttributesRecord(build, kapi.Kind("Build").WithVersion("version"), build.Namespace, "name", kapi.Resource("builds").WithVersion("version"), "", "UPDATE", nil))

 	if err != nil {

 		t.Errorf("Unexpected error returned from admission handler: %v", err)

 	}

 	// verify delete operations in the namespace can proceed

-	err = handler.Admit(admission.NewAttributesRecord(nil, kapi.Kind("Build"), build.Namespace, "name", kapi.Resource("builds"), "", "DELETE", nil))

+	err = handler.Admit(admission.NewAttributesRecord(nil, kapi.Kind("Build").WithVersion("version"), build.Namespace, "name", kapi.Resource("builds").WithVersion("version"), "", "DELETE", nil))

 	if err != nil {

 		t.Errorf("Unexpected error returned from admission handler: %v", err)

 	}

@@ -200,7 +200,7 @@ func TestSAR(t *testing.T) {

 	}

 	for k, v := range tests {

-		err := handler.Admit(admission.NewAttributesRecord(nil, kapi.Kind(v.kind), "foo", "name", kapi.Resource(v.resource), "", "CREATE", nil))

+		err := handler.Admit(admission.NewAttributesRecord(nil, kapi.Kind(v.kind).WithVersion("version"), "foo", "name", kapi.Resource(v.resource).WithVersion("version"), "", "CREATE", nil))

 		if err != nil {

 			t.Errorf("Unexpected error for %s returned from admission handler: %v", k, err)

 		}

@@ -32,7 +32,7 @@ var _ = oadmission.Validator(&podNodeEnvironment{})

 // Admit enforces that pod and its project node label selectors matches at least a node in the cluster.

 func (p *podNodeEnvironment) Admit(a admission.Attributes) (err error) {

-	resource := a.GetResource()

+	resource := a.GetResource().GroupResource()

 	if resource != kapi.Resource("pods") {

 		return nil

 	}

@@ -113,7 +113,7 @@ func TestPodAdmission(t *testing.T) {

 		}

 		pod.Spec = kapi.PodSpec{NodeSelector: test.podNodeSelector}

-		err := handler.Admit(admission.NewAttributesRecord(pod, kapi.Kind("Pod"), "namespace", project.ObjectMeta.Name, kapi.Resource("pods"), "", admission.Create, nil))

+		err := handler.Admit(admission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion("version"), "namespace", project.ObjectMeta.Name, kapi.Resource("pods").WithVersion("version"), "", admission.Create, nil))

 		if test.admit && err != nil {

 			t.Errorf("Test: %s, expected no error but got: %s", test.testName, err)

 		} else if !test.admit && err == nil {

@@ -68,7 +68,7 @@ func (o *projectRequestLimit) Admit(a admission.Attributes) (err error) {

 	if o.config == nil {

 		return nil

 	}

-	if a.GetResource() != projectapi.Resource("projectrequests") {

+	if a.GetResource().GroupResource() != projectapi.Resource("projectrequests") {

 		return nil

 	}

 	if _, isProjectRequest := a.GetObject().(*projectapi.ProjectRequest); !isProjectRequest {

@@ -281,10 +281,10 @@ func TestAdmit(t *testing.T) {

 		}

 		err = reqLimit.Admit(admission.NewAttributesRecord(

 			&projectapi.ProjectRequest{},

-			projectapi.Kind("ProjectRequest"),

+			projectapi.Kind("ProjectRequest").WithVersion("version"),

 			"foo",

 			"name",

-			projectapi.Resource("projectrequests"),

+			projectapi.Resource("projectrequests").WithVersion("version"),

 			"",

 			"CREATE",

 			&user.DefaultInfo{Name: tc.user}))

@@ -141,7 +141,7 @@ func (a *clusterResourceOverridePlugin) Validate() error {

 // TODO this will need to update when we have pod requests/limits

 func (a *clusterResourceOverridePlugin) Admit(attr admission.Attributes) error {

 	glog.V(6).Infof("%s admission controller is invoked", api.PluginName)

-	if a.config == nil || attr.GetResource() != kapi.Resource("pods") || attr.GetSubresource() != "" {

+	if a.config == nil || attr.GetResource().GroupResource() != kapi.Resource("pods") || attr.GetSubresource() != "" {

 		return nil // not applicable

 	}

 	pod, ok := attr.GetObject().(*kapi.Pod)

@@ -227,7 +227,7 @@ func TestLimitRequestAdmission(t *testing.T) {

 			continue

 		}

 		c.(*clusterResourceOverridePlugin).SetProjectCache(fakeProjectCache(test.namespace))

-		attrs := admission.NewAttributesRecord(test.object, unversioned.GroupKind{}, test.namespace.Name, "name", kapi.Resource("pods"), "", admission.Create, fakeUser())

+		attrs := admission.NewAttributesRecord(test.object, unversioned.GroupVersionKind{}, test.namespace.Name, "name", kapi.Resource("pods").WithVersion("version"), "", admission.Create, fakeUser())

 		if err := c.Admit(attrs); err != nil {

 			t.Errorf("%s: admission controller should not return error", test.name)

 		}

@@ -67,7 +67,7 @@ var _ = oadmission.Validator(&runOnceDuration{})

 func (a *runOnceDuration) Admit(attributes admission.Attributes) error {

 	switch {

 	case a.config == nil,

-		attributes.GetResource() != kapi.Resource("pods"),

+		attributes.GetResource().GroupResource() != kapi.Resource("pods"),

 		len(attributes.GetSubresource()) > 0:

 		return nil

 	}

@@ -137,7 +137,7 @@ func TestRunOnceDurationAdmit(t *testing.T) {

 		runOnceDuration := NewRunOnceDuration(tc.config)

 		runOnceDuration.(oadmission.WantsProjectCache).SetProjectCache(testCache(tc.projectAnnotations))

 		pod := tc.pod

-		attrs := admission.NewAttributesRecord(pod, kapi.Kind("Pod"), "default", "test", kapi.Resource("pods"), "", admission.Create, nil)

+		attrs := admission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion("version"), "default", "test", kapi.Resource("pods").WithVersion("version"), "", admission.Create, nil)

 		err := runOnceDuration.Admit(attrs)

 		if err != nil {

 			t.Errorf("%s: unexpected admission error: %v", tc.name, err)

@@ -112,7 +112,7 @@ func (o *podNodeConstraints) Admit(attr admission.Attributes) error {

 		attr.GetSubresource() != "":

 		return nil

 	}

-	shouldCheck, err := shouldCheckResource(attr.GetResource(), attr.GetKind())

+	shouldCheck, err := shouldCheckResource(attr.GetResource().GroupResource(), attr.GetKind().GroupKind())

 	if err != nil {

 		return err

 	}

@@ -120,7 +120,7 @@ func (o *podNodeConstraints) Admit(attr admission.Attributes) error {

 		return nil

 	}

 	// Only check Create operation on pods

-	if attr.GetResource() == kapi.Resource("pods") && attr.GetOperation() != admission.Create {

+	if attr.GetResource().GroupResource() == kapi.Resource("pods") && attr.GetOperation() != admission.Create {

 		return nil

 	}

 	ps, err := o.getPodSpec(attr)

@@ -199,7 +199,7 @@ func (o *podNodeConstraints) checkPodsBindAccess(attr admission.Attributes) (boo

 		Resource: "pods/binding",

 		APIGroup: kapi.GroupName,

 	}

-	if attr.GetResource() == kapi.Resource("pods") {

+	if attr.GetResource().GroupResource() == kapi.Resource("pods") {

 		authzAttr.ResourceName = attr.GetName()

 	}

 	allow, _, err := o.authorizer.Authorize(ctx, authzAttr)

@@ -111,7 +111,7 @@ func TestPodNodeConstraints(t *testing.T) {

 			checkAdmitError(t, err, expectedError, errPrefix)

 			continue

 		}

-		attrs := admission.NewAttributesRecord(tc.resource, kapi.Kind("Pod"), ns, "test", kapi.Resource("pods"), "", admission.Create, tc.userinfo)

+		attrs := admission.NewAttributesRecord(tc.resource, kapi.Kind("Pod").WithVersion("version"), ns, "test", kapi.Resource("pods").WithVersion("version"), "", admission.Create, tc.userinfo)

 		if tc.expectedErrorMsg != "" {

 			expectedError = admission.NewForbidden(attrs, fmt.Errorf(tc.expectedErrorMsg))

 		}

@@ -131,7 +131,7 @@ func TestPodNodeConstraintsPodUpdate(t *testing.T) {

 		checkAdmitError(t, err, expectedError, errPrefix)

 		return

 	}

-	attrs := admission.NewAttributesRecord(nodeNamePod(), kapi.Kind("Pod"), ns, "test", kapi.Resource("pods"), "", admission.Update, serviceaccount.UserInfo("", "", ""))

+	attrs := admission.NewAttributesRecord(nodeNamePod(), kapi.Kind("Pod").WithVersion("version"), ns, "test", kapi.Resource("pods").WithVersion("version"), "", admission.Update, serviceaccount.UserInfo("", "", ""))

 	err = prc.Admit(attrs)

 	checkAdmitError(t, err, expectedError, errPrefix)

 }

@@ -147,7 +147,7 @@ func TestPodNodeConstraintsNonHandledResources(t *testing.T) {

 		checkAdmitError(t, err, expectedError, errPrefix)

 		return

 	}

-	attrs := admission.NewAttributesRecord(resourceQuota(), kapi.Kind("ResourceQuota"), ns, "test", kapi.Resource("resourcequotas"), "", admission.Create, serviceaccount.UserInfo("", "", ""))

+	attrs := admission.NewAttributesRecord(resourceQuota(), kapi.Kind("ResourceQuota").WithVersion("version"), ns, "test", kapi.Resource("resourcequotas").WithVersion("version"), "", admission.Create, serviceaccount.UserInfo("", "", ""))

 	err = prc.Admit(attrs)

 	checkAdmitError(t, err, expectedError, errPrefix)

 }

@@ -253,7 +253,7 @@ func TestPodNodeConstraintsResources(t *testing.T) {

 						checkAdmitError(t, err, expectedError, errPrefix)

 						continue

 					}

-					attrs := admission.NewAttributesRecord(tr.resource(tp.nodeselector), tr.kind, ns, "test", tr.groupresource, "", top.operation, tc.userinfo)

+					attrs := admission.NewAttributesRecord(tr.resource(tp.nodeselector), tr.kind.WithVersion("version"), ns, "test", tr.groupresource.WithVersion("version"), "", top.operation, tc.userinfo)

 					if tp.expectedErrorMsg != "" {

 						expectedError = admission.NewForbidden(attrs, fmt.Errorf(tp.expectedErrorMsg))

 					}

@@ -95,7 +95,7 @@ func (a *constraint) Stop() {

 //     with the validated SCC.  If we don't find any reject the pod and give all errors from the

 //     failed attempts.

 func (c *constraint) Admit(a kadmission.Attributes) error {

-	if a.GetResource() != kapi.Resource("pods") {

+	if a.GetResource().GroupResource() != kapi.Resource("pods") {

 		return nil

 	}

@@ -133,7 +133,7 @@ func testSCCAdmit(testCaseName string, sccs []*kapi.SecurityContextConstraints,

 	plugin := NewTestAdmission(store, tc)

-	attrs := kadmission.NewAttributesRecord(pod, kapi.Kind("Pod"), "namespace", "", kapi.Resource("pods"), "", kadmission.Create, &user.DefaultInfo{})

+	attrs := kadmission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion("version"), "namespace", "", kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})

 	err := plugin.Admit(attrs)

 	if shouldPass && err != nil {

@@ -374,7 +374,7 @@ func TestAdmit(t *testing.T) {

 	}

 	for k, v := range testCases {

-		attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod"), "namespace", "", kapi.Resource("pods"), "", kadmission.Create, &user.DefaultInfo{})

+		attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod").WithVersion("version"), "namespace", "", kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})

 		err := p.Admit(attrs)

 		if v.shouldAdmit && err != nil {

@@ -448,7 +448,7 @@ func TestAdmit(t *testing.T) {

 	for k, v := range testCases {

 		if !v.shouldAdmit {

-			attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod"), "namespace", "", kapi.Resource("pods"), "", kadmission.Create, &user.DefaultInfo{})

+			attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod").WithVersion("version"), "namespace", "", kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})

 			err := p.Admit(attrs)

 			if err != nil {

 				t.Errorf("Expected %s to pass with escalated scc but got error %v", k, err)

@@ -823,7 +823,7 @@ func TestCreateProvidersFromConstraints(t *testing.T) {

 		scc := v.scc()

 		// create the providers, this method only needs the namespace

-		attributes := kadmission.NewAttributesRecord(nil, kapi.Kind("Pod"), v.namespace.Name, "", kapi.Resource("pods"), "", kadmission.Create, nil)

+		attributes := kadmission.NewAttributesRecord(nil, kapi.Kind("Pod").WithVersion("version"), v.namespace.Name, "", kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, nil)

 		_, errs := admit.createProvidersFromConstraints(attributes.GetNamespace(), []*kapi.SecurityContextConstraints{scc})

 		if !reflect.DeepEqual(scc, v.scc()) {

@@ -1465,7 +1465,7 @@ func TestAdmitWithPrioritizedSCC(t *testing.T) {

 // testSCCAdmission is a helper to admit the pod and ensure it was validated against the expected

 // SCC.

 func testSCCAdmission(pod *kapi.Pod, plugin kadmission.Interface, expectedSCC string, t *testing.T) {

-	attrs := kadmission.NewAttributesRecord(pod, kapi.Kind("Pod"), "namespace", "", kapi.Resource("pods"), "", kadmission.Create, &user.DefaultInfo{})

+	attrs := kadmission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion("version"), "namespace", "", kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})

 	err := plugin.Admit(attrs)

 	if err != nil {

 		t.Errorf("error admitting pod: %v", err)

@@ -28,7 +28,7 @@ func (d *sccExecRestrictions) Admit(a admission.Attributes) (err error) {

 	if a.GetOperation() != admission.Connect {

 		return nil

 	}

-	if a.GetResource() != kapi.Resource("pods") {

+	if a.GetResource().GroupResource() != kapi.Resource("pods") {

 		return nil

 	}

 	if a.GetSubresource() != "attach" && a.GetSubresource() != "exec" {

@@ -42,7 +42,7 @@ func (d *sccExecRestrictions) Admit(a admission.Attributes) (err error) {

 	// TODO, if we want to actually limit who can use which service account, then we'll need to add logic here to make sure that

 	// we're allowed to use the SA the pod is using.  Otherwise, user-A creates pod and user-B (who can't use the SA) can exec into it.

-	createAttributes := admission.NewAttributesRecord(pod, kapi.Kind("Pod"), a.GetNamespace(), a.GetName(), a.GetResource(), a.GetSubresource(), admission.Create, a.GetUserInfo())

+	createAttributes := admission.NewAttributesRecord(pod, kapi.Kind("Pod").WithVersion(""), a.GetNamespace(), a.GetName(), a.GetResource(), a.GetSubresource(), admission.Create, a.GetUserInfo())

 	if err := d.constraintAdmission.Admit(createAttributes); err != nil {

 		return admission.NewForbidden(a, err)

 	}

@@ -90,7 +90,7 @@ func TestExecAdmit(t *testing.T) {

 		// create the admission plugin

 		p := NewSCCExecRestrictions(tc)

-		attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod"), "namespace", "pod-name", kapi.Resource(v.resource), v.subresource, v.operation, &user.DefaultInfo{})

+		attrs := kadmission.NewAttributesRecord(v.pod, kapi.Kind("Pod").WithVersion("version"), "namespace", "pod-name", kapi.Resource(v.resource).WithVersion("version"), v.subresource, v.operation, &user.DefaultInfo{})

 		err := p.Admit(attrs)

 		if v.shouldAdmit && err != nil {

@@ -74,7 +74,7 @@ func (s networkSlice) Contains(ip net.IP) bool {

 // Admit determines if the service should be admitted based on the configured network CIDR.

 func (r *externalIPRanger) Admit(a kadmission.Attributes) error {

-	if a.GetResource() != kapi.Resource("services") {

+	if a.GetResource().GroupResource() != kapi.Resource("services") {

 		return nil

 	}

@@ -104,7 +104,7 @@ func (r *externalIPRanger) Admit(a kadmission.Attributes) error {

 		}

 	}

 	if len(errs) > 0 {

-		return apierrs.NewInvalid(a.GetKind(), a.GetName(), errs)

+		return apierrs.NewInvalid(a.GetKind().GroupKind(), a.GetName(), errs)

 	}

 	return nil

 }

@@ -161,7 +161,7 @@ func TestAdmission(t *testing.T) {

 		svc.Spec.ExternalIPs = test.externalIPs

 		handler := NewExternalIPRanger(test.rejects, test.admits)

-		err := handler.Admit(admission.NewAttributesRecord(svc, kapi.Kind("Service"), "namespace", svc.ObjectMeta.Name, kapi.Resource("services"), "", test.op, nil))

+		err := handler.Admit(admission.NewAttributesRecord(svc, kapi.Kind("Service").WithVersion("version"), "namespace", svc.ObjectMeta.Name, kapi.Resource("services").WithVersion("version"), "", test.op, nil))

 		if test.admit && err != nil {

 			t.Errorf("%s: expected no error but got: %s", test.testName, err)

 		} else if !test.admit && err == nil {