@@ -20204,6 +20204,10 @@

       "type": "object",

       "description": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4"

      },

+     "stringData": {

+      "type": "object",

+      "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API."

+     },

      "type": {

       "type": "string",

       "description": "Used to facilitate programmatic handling of secret data."

@@ -25325,6 +25325,10 @@

       "type": "object",

       "description": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4"

      },

+     "stringData": {

+      "type": "object",

+      "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API."

+     },

      "type": {

       "type": "string",

       "description": "Used to facilitate programmatic handling of secret data."

@@ -20200,6 +20200,10 @@

       "type": "object",

       "description": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4"

      },

+     "stringData": {

+      "type": "object",

+      "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API."

+     },

      "type": {

       "type": "string",

       "description": "Used to facilitate programmatic handling of secret data."

@@ -43,6 +43,7 @@ func addConversionFuncs(scheme *runtime.Scheme) {

 		Convert_v1_Pod_To_api_Pod,

 		Convert_v1_PodSpec_To_api_PodSpec,

 		Convert_v1_ReplicationControllerSpec_To_api_ReplicationControllerSpec,

+		Convert_v1_Secret_To_api_Secret,

 		Convert_v1_ServiceSpec_To_api_ServiceSpec,

 		Convert_v1_ResourceList_To_api_ResourceList,

@@ -619,6 +620,24 @@ func Convert_api_ServiceSpec_To_v1_ServiceSpec(in *api.ServiceSpec, out *Service

 	return nil

 }

+func Convert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversion.Scope) error {

+	if err := autoConvert_v1_Secret_To_api_Secret(in, out, s); err != nil {

+		return err

+	}

+

+	// StringData overwrites Data

+	if len(in.StringData) > 0 {

+		if out.Data == nil {

+			out.Data = map[string][]byte{}

+		}

+		for k, v := range in.StringData {

+			out.Data[k] = []byte(v)

+		}

+	}

+

+	return nil

+}

+

 func Convert_v1_ServiceSpec_To_api_ServiceSpec(in *ServiceSpec, out *api.ServiceSpec, s conversion.Scope) error {

 	if err := autoConvert_v1_ServiceSpec_To_api_ServiceSpec(in, out, s); err != nil {

 		return err

@@ -5782,10 +5782,6 @@ func autoConvert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversi

 	return nil

 }

-func Convert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversion.Scope) error {

-	return autoConvert_v1_Secret_To_api_Secret(in, out, s)

-}

-

 func autoConvert_api_Secret_To_v1_Secret(in *api.Secret, out *Secret, s conversion.Scope) error {

 	if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {

 		return err

@@ -2860,6 +2860,15 @@ func DeepCopy_v1_Secret(in Secret, out *Secret, c *conversion.Cloner) error {

 	} else {

 		out.Data = nil

 	}

+	if in.StringData != nil {

+		in, out := in.StringData, &out.StringData

+		*out = make(map[string]string)

+		for key, val := range in {

+			(*out)[key] = val

+		}

+	} else {

+		out.StringData = nil

+	}

 	out.Type = in.Type

 	return nil

 }

@@ -6972,6 +6972,23 @@ func (m *Secret) MarshalTo(data []byte) (int, error) {

 	i++

 	i = encodeVarintGenerated(data, i, uint64(len(m.Type)))

 	i += copy(data[i:], m.Type)

+	if len(m.StringData) > 0 {

+		for k := range m.StringData {

+			data[i] = 0x22

+			i++

+			v := m.StringData[k]

+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))

+			i = encodeVarintGenerated(data, i, uint64(mapSize))

+			data[i] = 0xa

+			i++

+			i = encodeVarintGenerated(data, i, uint64(len(k)))

+			i += copy(data[i:], k)

+			data[i] = 0x12

+			i++

+			i = encodeVarintGenerated(data, i, uint64(len(v)))

+			i += copy(data[i:], v)

+		}

+	}

 	return i, nil

 }

@@ -10532,6 +10549,14 @@ func (m *Secret) Size() (n int) {

 	}

 	l = len(m.Type)

 	n += 1 + l + sovGenerated(uint64(l))

+	if len(m.StringData) > 0 {

+		for k, v := range m.StringData {

+			_ = k

+			_ = v

+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))

+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))

+		}

+	}

 	return n

 }

@@ -32593,6 +32618,117 @@ func (m *Secret) Unmarshal(data []byte) error {

 			}

 			m.Type = SecretType(data[iNdEx:postIndex])

 			iNdEx = postIndex

+		case 4:

+			if wireType != 2 {

+				return fmt.Errorf("proto: wrong wireType = %d for field StringData", wireType)

+			}

+			var msglen int

+			for shift := uint(0); ; shift += 7 {

+				if shift >= 64 {

+					return ErrIntOverflowGenerated

+				}

+				if iNdEx >= l {

+					return io.ErrUnexpectedEOF

+				}

+				b := data[iNdEx]

+				iNdEx++

+				msglen |= (int(b) & 0x7F) << shift

+				if b < 0x80 {

+					break

+				}

+			}

+			if msglen < 0 {

+				return ErrInvalidLengthGenerated

+			}

+			postIndex := iNdEx + msglen

+			if postIndex > l {

+				return io.ErrUnexpectedEOF

+			}

+			var keykey uint64

+			for shift := uint(0); ; shift += 7 {

+				if shift >= 64 {

+					return ErrIntOverflowGenerated

+				}

+				if iNdEx >= l {

+					return io.ErrUnexpectedEOF

+				}

+				b := data[iNdEx]

+				iNdEx++

+				keykey |= (uint64(b) & 0x7F) << shift

+				if b < 0x80 {

+					break

+				}

+			}

+			var stringLenmapkey uint64

+			for shift := uint(0); ; shift += 7 {

+				if shift >= 64 {

+					return ErrIntOverflowGenerated

+				}

+				if iNdEx >= l {

+					return io.ErrUnexpectedEOF

+				}

+				b := data[iNdEx]

+				iNdEx++

+				stringLenmapkey |= (uint64(b) & 0x7F) << shift

+				if b < 0x80 {

+					break

+				}

+			}

+			intStringLenmapkey := int(stringLenmapkey)

+			if intStringLenmapkey < 0 {

+				return ErrInvalidLengthGenerated

+			}

+			postStringIndexmapkey := iNdEx + intStringLenmapkey

+			if postStringIndexmapkey > l {

+				return io.ErrUnexpectedEOF

+			}

+			mapkey := string(data[iNdEx:postStringIndexmapkey])

+			iNdEx = postStringIndexmapkey

+			var valuekey uint64

+			for shift := uint(0); ; shift += 7 {

+				if shift >= 64 {

+					return ErrIntOverflowGenerated

+				}

+				if iNdEx >= l {

+					return io.ErrUnexpectedEOF

+				}

+				b := data[iNdEx]

+				iNdEx++

+				valuekey |= (uint64(b) & 0x7F) << shift

+				if b < 0x80 {

+					break

+				}

+			}

+			var stringLenmapvalue uint64

+			for shift := uint(0); ; shift += 7 {

+				if shift >= 64 {

+					return ErrIntOverflowGenerated

+				}

+				if iNdEx >= l {

+					return io.ErrUnexpectedEOF

+				}

+				b := data[iNdEx]

+				iNdEx++

+				stringLenmapvalue |= (uint64(b) & 0x7F) << shift

+				if b < 0x80 {

+					break

+				}

+			}

+			intStringLenmapvalue := int(stringLenmapvalue)

+			if intStringLenmapvalue < 0 {

+				return ErrInvalidLengthGenerated

+			}

+			postStringIndexmapvalue := iNdEx + intStringLenmapvalue

+			if postStringIndexmapvalue > l {

+				return io.ErrUnexpectedEOF

+			}

+			mapvalue := string(data[iNdEx:postStringIndexmapvalue])

+			iNdEx = postStringIndexmapvalue

+			if m.StringData == nil {

+				m.StringData = make(map[string]string)

+			}

+			m.StringData[mapkey] = mapvalue

+			iNdEx = postIndex

 		default:

 			iNdEx = preIndex

 			skippy, err := skipGenerated(data[iNdEx:])

@@ -2547,6 +2547,13 @@ message Secret {

   // Described in https://tools.ietf.org/html/rfc4648#section-4

   map<string, bytes> data = 2;

+  // stringData allows specifying non-binary secret data in string form.

+  // It is provided as a write-only convenience method.

+  // All keys and values are merged into the data field on write, overwriting any existing values.

+  // It is never output when reading from the API.

+  // +genconversion=false

+  map<string, string> stringData = 4;

+

   // Used to facilitate programmatic handling of secret data.

   optional string type = 3;

 }

@@ -3103,6 +3103,13 @@ type Secret struct {

 	// Described in https://tools.ietf.org/html/rfc4648#section-4

 	Data map[string][]byte `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"`

+	// stringData allows specifying non-binary secret data in string form.

+	// It is provided as a write-only convenience method.

+	// All keys and values are merged into the data field on write, overwriting any existing values.

+	// It is never output when reading from the API.

+	// +genconversion=false

+	StringData map[string]string `json:"stringData,omitempty" protobuf:"bytes,4,rep,name=stringData"`

+

 	// Used to facilitate programmatic handling of secret data.

 	Type SecretType `json:"type,omitempty" protobuf:"bytes,3,opt,name=type,casttype=SecretType"`

 }

@@ -1548,10 +1548,11 @@ func (SELinuxOptions) SwaggerDoc() map[string]string {

 }

 var map_Secret = map[string]string{

-	"":         "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.",

-	"metadata": "Standard object's metadata. More info: http://releases.k8s.io/release-1.3/docs/devel/api-conventions.md#metadata",

-	"data":     "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4",

-	"type":     "Used to facilitate programmatic handling of secret data.",

+	"":           "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.",

+	"metadata":   "Standard object's metadata. More info: http://releases.k8s.io/release-1.3/docs/devel/api-conventions.md#metadata",

+	"data":       "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4",

+	"stringData": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.",

+	"type":       "Used to facilitate programmatic handling of secret data.",

 }

 func (Secret) SwaggerDoc() map[string]string {