From 7945ae68d0c7cffb070d60ad4d8bfe6ef585c279 Mon Sep 17 00:00:00 2001
From: Chao Xu <xuchao@google.com>
Date: Sun, 19 Nov 2017 13:54:50 -0800
Subject: [PATCH] remove reference to v1alpha1

---
 hack/.golint_failures                         |   8 +-
 hack/update-generated-protobuf-dockerized.sh  |   2 +-
 hack/verify-pkg-names.sh                      |   2 +-
 pkg/api/testing/defaulting_test.go            |  96 +++++++-------
 pkg/apis/admission/BUILD                      |   2 +-
 pkg/apis/admission/install/BUILD              |   2 +-
 pkg/generated/openapi/BUILD                   |   2 +-
 pkg/kubectl/scheme/BUILD                      |   2 +-
 pkg/kubectl/scheme/install.go                 |   2 +-
 staging/BUILD                                 |   2 +-
 .../Godeps/Godeps.json                        |   2 +-
 .../src/k8s.io/apiserver/Godeps/Godeps.json   |   2 +-
 .../configuration/mutating_webhook_manager.go |  18 +--
 .../mutating_webhook_manager_test.go          |   4 +-
 .../validating_webhook_manager.go             |  14 +-
 .../validating_webhook_manager_test.go        |   4 +-
 .../pkg/admission/plugin/webhook/config/BUILD |   2 +-
 .../admission/plugin/webhook/config/client.go |   4 +-
 .../admission/plugin/webhook/mutating/BUILD   |   8 +-
 .../plugin/webhook/mutating/admission.go      |  24 ++--
 .../plugin/webhook/mutating/admission_test.go |  92 ++++++-------
 .../admission/plugin/webhook/namespace/BUILD  |   4 +-
 .../plugin/webhook/namespace/matcher.go       |   4 +-
 .../plugin/webhook/namespace/matcher_test.go  |   4 +-
 .../admission/plugin/webhook/request/BUILD    |   2 +-
 .../plugin/webhook/request/admissionreview.go |  10 +-
 .../pkg/admission/plugin/webhook/rules/BUILD  |   4 +-
 .../admission/plugin/webhook/rules/rules.go   |   8 +-
 .../plugin/webhook/rules/rules_test.go        |   2 +-
 .../admission/plugin/webhook/validating/BUILD |   8 +-
 .../plugin/webhook/validating/admission.go    |  26 ++--
 .../webhook/validating/admission_test.go      |  98 +++++++-------
 .../k8s.io/kube-aggregator/Godeps/Godeps.json |   2 +-
 .../sample-apiserver/Godeps/Godeps.json       |   2 +-
 test/e2e/apimachinery/webhook.go              | 124 +++++++++---------
 test/images/webhook/BUILD                     |   2 +-
 test/images/webhook/README.md                 |   2 +-
 test/images/webhook/main.go                   |  38 +++---
 test/images/webhook/scheme.go                 |   4 +-
 .../etcd/etcd_storage_path_test.go            |   9 +-
 40 files changed, 326 insertions(+), 321 deletions(-)

diff --git a/hack/.golint_failures b/hack/.golint_failures
index c38851278b..5636e8dc16 100644
--- a/hack/.golint_failures
+++ b/hack/.golint_failures
@@ -23,9 +23,10 @@ pkg/api/v1/resource
 pkg/apis/abac
 pkg/apis/abac/latest
 pkg/apis/admission
-pkg/apis/admission/v1alpha1
+pkg/apis/admission/v1beta1
 pkg/apis/admissionregistration
 pkg/apis/admissionregistration/v1alpha1
+pkg/apis/admissionregistration/v1beta1
 pkg/apis/admissionregistration/validation
 pkg/apis/apps
 pkg/apis/apps/validation
@@ -431,8 +432,9 @@ plugin/pkg/scheduler/metrics
 plugin/pkg/scheduler/schedulercache
 plugin/pkg/scheduler/testing
 plugin/pkg/scheduler/util
-staging/src/k8s.io/api/admission/v1alpha1
+staging/src/k8s.io/api/admission/v1beta1
 staging/src/k8s.io/api/admissionregistration/v1alpha1
+staging/src/k8s.io/api/admissionregistration/v1beta1
 staging/src/k8s.io/api/apps/v1
 staging/src/k8s.io/api/apps/v1beta1
 staging/src/k8s.io/api/apps/v1beta2
@@ -625,6 +627,8 @@ staging/src/k8s.io/client-go/kubernetes/fake
 staging/src/k8s.io/client-go/kubernetes/scheme
 staging/src/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1
 staging/src/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/fake
+staging/src/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1
+staging/src/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/fake
 staging/src/k8s.io/client-go/kubernetes/typed/apps/v1
 staging/src/k8s.io/client-go/kubernetes/typed/apps/v1/fake
 staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1
diff --git a/hack/update-generated-protobuf-dockerized.sh b/hack/update-generated-protobuf-dockerized.sh
index b064a6e501..937c83f4ec 100755
--- a/hack/update-generated-protobuf-dockerized.sh
+++ b/hack/update-generated-protobuf-dockerized.sh
@@ -71,7 +71,7 @@ PACKAGES=(
   k8s.io/api/storage/v1beta1
   k8s.io/api/storage/v1
   k8s.io/api/admissionregistration/v1alpha1
-  k8s.io/api/admission/v1alpha1
+  k8s.io/api/admission/v1beta1
   k8s.io/api/networking/v1
   k8s.io/metrics/pkg/apis/metrics/v1alpha1
   k8s.io/metrics/pkg/apis/metrics/v1beta1
diff --git a/hack/verify-pkg-names.sh b/hack/verify-pkg-names.sh
index 7d103da9fb..8fbb09282a 100755
--- a/hack/verify-pkg-names.sh
+++ b/hack/verify-pkg-names.sh
@@ -26,7 +26,7 @@ source "${KUBE_ROOT}/hack/lib/init.sh"
 kube::golang::verify_go_version
 
 cd "${KUBE_ROOT}"
-if git --no-pager grep -E $'^(import |\t)[a-z]+[A-Z_][a-zA-Z]* "[^"]+"$' -- '**/*.go' ':(exclude)vendor/*' ':(exclude)staging/src/k8s.io/client-go/*vendor/*' ':(exclude)staging/src/k8s.io/metrics/*' ':(exclude)pkg/apis/admission/v1alpha1/zz_generated.conversion.go' ':(exclude)staging/src/k8s.io/sample-apiserver/pkg/client/informers/*' ':(exclude)staging/src/k8s.io/code-generator/_examples/*informers/*'; then
+if git --no-pager grep -E $'^(import |\t)[a-z]+[A-Z_][a-zA-Z]* "[^"]+"$' -- '**/*.go' ':(exclude)vendor/*' ':(exclude)staging/src/k8s.io/client-go/*vendor/*' ':(exclude)staging/src/k8s.io/metrics/*' ':(exclude)pkg/apis/admission/v1beta1/zz_generated.conversion.go' ':(exclude)staging/src/k8s.io/sample-apiserver/pkg/client/informers/*' ':(exclude)staging/src/k8s.io/code-generator/_examples/*informers/*'; then
   echo "!!! Some package aliases break go conventions."
   echo "To fix these errors, do not use capitalized or underlined characters"
   echo "in pkg aliases. Refer to https://blog.golang.org/package-names for more info."
diff --git a/pkg/api/testing/defaulting_test.go b/pkg/api/testing/defaulting_test.go
index 9b284d0a48..25ccdbaeca 100644
--- a/pkg/api/testing/defaulting_test.go
+++ b/pkg/api/testing/defaulting_test.go
@@ -95,54 +95,54 @@ func TestDefaulting(t *testing.T) {
 		// This object contains only int fields which currently breaks the defaulting test because
 		// it's pretty stupid. Once we add non integer fields, we should uncomment this.
 		// {Group: "kubeadm.k8s.io", Version: "v1alpha1", Kind: "NodeConfiguration"}:                 {},
-		{Group: "extensions", Version: "v1beta1", Kind: "DaemonSet"}:                                             {},
-		{Group: "extensions", Version: "v1beta1", Kind: "DaemonSetList"}:                                         {},
-		{Group: "apps", Version: "v1beta2", Kind: "DaemonSet"}:                                                   {},
-		{Group: "apps", Version: "v1beta2", Kind: "DaemonSetList"}:                                               {},
-		{Group: "apps", Version: "v1", Kind: "DaemonSet"}:                                                        {},
-		{Group: "apps", Version: "v1", Kind: "DaemonSetList"}:                                                    {},
-		{Group: "extensions", Version: "v1beta1", Kind: "Deployment"}:                                            {},
-		{Group: "extensions", Version: "v1beta1", Kind: "DeploymentList"}:                                        {},
-		{Group: "apps", Version: "v1beta1", Kind: "Deployment"}:                                                  {},
-		{Group: "apps", Version: "v1beta1", Kind: "DeploymentList"}:                                              {},
-		{Group: "apps", Version: "v1beta2", Kind: "Deployment"}:                                                  {},
-		{Group: "apps", Version: "v1beta2", Kind: "DeploymentList"}:                                              {},
-		{Group: "apps", Version: "v1", Kind: "Deployment"}:                                                       {},
-		{Group: "apps", Version: "v1", Kind: "DeploymentList"}:                                                   {},
-		{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicy"}:                                     {},
-		{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicyList"}:                                 {},
-		{Group: "apps", Version: "v1beta2", Kind: "ReplicaSet"}:                                                  {},
-		{Group: "apps", Version: "v1beta2", Kind: "ReplicaSetList"}:                                              {},
-		{Group: "apps", Version: "v1", Kind: "ReplicaSet"}:                                                       {},
-		{Group: "apps", Version: "v1", Kind: "ReplicaSetList"}:                                                   {},
-		{Group: "extensions", Version: "v1beta1", Kind: "ReplicaSet"}:                                            {},
-		{Group: "extensions", Version: "v1beta1", Kind: "ReplicaSetList"}:                                        {},
-		{Group: "extensions", Version: "v1beta1", Kind: "NetworkPolicy"}:                                         {},
-		{Group: "extensions", Version: "v1beta1", Kind: "NetworkPolicyList"}:                                     {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "ClusterRoleBinding"}:                    {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "ClusterRoleBindingList"}:                {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "RoleBinding"}:                           {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "RoleBindingList"}:                       {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "ClusterRoleBinding"}:                     {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "ClusterRoleBindingList"}:                 {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "RoleBinding"}:                            {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "RoleBindingList"}:                        {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "ClusterRoleBinding"}:                          {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "ClusterRoleBindingList"}:                      {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "RoleBinding"}:                                 {},
-		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "RoleBindingList"}:                             {},
-		{Group: "settings.k8s.io", Version: "v1alpha1", Kind: "PodPreset"}:                                       {},
-		{Group: "settings.k8s.io", Version: "v1alpha1", Kind: "PodPresetList"}:                                   {},
-		{Group: "admissionregistration.k8s.io", Version: "v1alpha1", Kind: "ValidatingWebhookConfiguration"}:     {},
-		{Group: "admissionregistration.k8s.io", Version: "v1alpha1", Kind: "ValidatingWebhookConfigurationList"}: {},
-		{Group: "admissionregistration.k8s.io", Version: "v1alpha1", Kind: "MutatingWebhookConfiguration"}:       {},
-		{Group: "admissionregistration.k8s.io", Version: "v1alpha1", Kind: "MutatingWebhookConfigurationList"}:   {},
-		{Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicy"}:                                       {},
-		{Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicyList"}:                                   {},
-		{Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClass"}:                                      {},
-		{Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClassList"}:                                  {},
-		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClass"}:                                           {},
-		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClassList"}:                                       {},
+		{Group: "extensions", Version: "v1beta1", Kind: "DaemonSet"}:                                            {},
+		{Group: "extensions", Version: "v1beta1", Kind: "DaemonSetList"}:                                        {},
+		{Group: "apps", Version: "v1beta2", Kind: "DaemonSet"}:                                                  {},
+		{Group: "apps", Version: "v1beta2", Kind: "DaemonSetList"}:                                              {},
+		{Group: "apps", Version: "v1", Kind: "DaemonSet"}:                                                       {},
+		{Group: "apps", Version: "v1", Kind: "DaemonSetList"}:                                                   {},
+		{Group: "extensions", Version: "v1beta1", Kind: "Deployment"}:                                           {},
+		{Group: "extensions", Version: "v1beta1", Kind: "DeploymentList"}:                                       {},
+		{Group: "apps", Version: "v1beta1", Kind: "Deployment"}:                                                 {},
+		{Group: "apps", Version: "v1beta1", Kind: "DeploymentList"}:                                             {},
+		{Group: "apps", Version: "v1beta2", Kind: "Deployment"}:                                                 {},
+		{Group: "apps", Version: "v1beta2", Kind: "DeploymentList"}:                                             {},
+		{Group: "apps", Version: "v1", Kind: "Deployment"}:                                                      {},
+		{Group: "apps", Version: "v1", Kind: "DeploymentList"}:                                                  {},
+		{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicy"}:                                    {},
+		{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicyList"}:                                {},
+		{Group: "apps", Version: "v1beta2", Kind: "ReplicaSet"}:                                                 {},
+		{Group: "apps", Version: "v1beta2", Kind: "ReplicaSetList"}:                                             {},
+		{Group: "apps", Version: "v1", Kind: "ReplicaSet"}:                                                      {},
+		{Group: "apps", Version: "v1", Kind: "ReplicaSetList"}:                                                  {},
+		{Group: "extensions", Version: "v1beta1", Kind: "ReplicaSet"}:                                           {},
+		{Group: "extensions", Version: "v1beta1", Kind: "ReplicaSetList"}:                                       {},
+		{Group: "extensions", Version: "v1beta1", Kind: "NetworkPolicy"}:                                        {},
+		{Group: "extensions", Version: "v1beta1", Kind: "NetworkPolicyList"}:                                    {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "ClusterRoleBinding"}:                   {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "ClusterRoleBindingList"}:               {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "RoleBinding"}:                          {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1alpha1", Kind: "RoleBindingList"}:                      {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "ClusterRoleBinding"}:                    {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "ClusterRoleBindingList"}:                {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "RoleBinding"}:                           {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1beta1", Kind: "RoleBindingList"}:                       {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "ClusterRoleBinding"}:                         {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "ClusterRoleBindingList"}:                     {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "RoleBinding"}:                                {},
+		{Group: "rbac.authorization.k8s.io", Version: "v1", Kind: "RoleBindingList"}:                            {},
+		{Group: "settings.k8s.io", Version: "v1alpha1", Kind: "PodPreset"}:                                      {},
+		{Group: "settings.k8s.io", Version: "v1alpha1", Kind: "PodPresetList"}:                                  {},
+		{Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "ValidatingWebhookConfiguration"}:     {},
+		{Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "ValidatingWebhookConfigurationList"}: {},
+		{Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfiguration"}:       {},
+		{Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfigurationList"}:   {},
+		{Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicy"}:                                      {},
+		{Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicyList"}:                                  {},
+		{Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClass"}:                                     {},
+		{Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClassList"}:                                 {},
+		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClass"}:                                          {},
+		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClassList"}:                                      {},
 	}
 
 	f := fuzz.New().NilChance(.5).NumElements(1, 1).RandSource(rand.NewSource(1))
diff --git a/pkg/apis/admission/BUILD b/pkg/apis/admission/BUILD
index 4b558bf376..1192fb1fa0 100644
--- a/pkg/apis/admission/BUILD
+++ b/pkg/apis/admission/BUILD
@@ -36,7 +36,7 @@ filegroup(
         ":package-srcs",
         "//pkg/apis/admission/fuzzer:all-srcs",
         "//pkg/apis/admission/install:all-srcs",
-        "//pkg/apis/admission/v1alpha1:all-srcs",
+        "//pkg/apis/admission/v1beta1:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/pkg/apis/admission/install/BUILD b/pkg/apis/admission/install/BUILD
index 0d8f70f8c2..a7f52efeeb 100644
--- a/pkg/apis/admission/install/BUILD
+++ b/pkg/apis/admission/install/BUILD
@@ -12,7 +12,7 @@ go_library(
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/admission:go_default_library",
-        "//pkg/apis/admission/v1alpha1:go_default_library",
+        "//pkg/apis/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/pkg/generated/openapi/BUILD b/pkg/generated/openapi/BUILD
index d6572c428c..4a95b1b3a8 100644
--- a/pkg/generated/openapi/BUILD
+++ b/pkg/generated/openapi/BUILD
@@ -21,7 +21,7 @@ openapi_library(
     tags = ["automanaged"],
     vendor_prefix = openapi_vendor_prefix,
     vendor_targets = [
-        "k8s.io/api/admission/v1alpha1",
+        "k8s.io/api/admission/v1beta1",
         "k8s.io/api/admissionregistration/v1alpha1",
         "k8s.io/api/apps/v1",
         "k8s.io/api/apps/v1beta1",
diff --git a/pkg/kubectl/scheme/BUILD b/pkg/kubectl/scheme/BUILD
index d24b79b1b8..cdd9333404 100644
--- a/pkg/kubectl/scheme/BUILD
+++ b/pkg/kubectl/scheme/BUILD
@@ -9,7 +9,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubectl/scheme",
     visibility = ["//visibility:public"],
     deps = [
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
         "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
diff --git a/pkg/kubectl/scheme/install.go b/pkg/kubectl/scheme/install.go
index fd405aefdc..51d4e16f18 100644
--- a/pkg/kubectl/scheme/install.go
+++ b/pkg/kubectl/scheme/install.go
@@ -17,7 +17,7 @@ limitations under the License.
 package scheme
 
 import (
-	admissionv1alpha1 "k8s.io/api/admission/v1alpha1"
+	admissionv1alpha1 "k8s.io/api/admission/v1beta1"
 	admissionregistrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
 	appsv1 "k8s.io/api/apps/v1"
 	appsv1beta1 "k8s.io/api/apps/v1beta1"
diff --git a/staging/BUILD b/staging/BUILD
index 527d64bae5..94ec045742 100644
--- a/staging/BUILD
+++ b/staging/BUILD
@@ -17,7 +17,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//staging/src/k8s.io/api/admission/v1alpha1:all-srcs",
+        "//staging/src/k8s.io/api/admission/v1beta1:all-srcs",
         "//staging/src/k8s.io/api/admissionregistration/v1alpha1:all-srcs",
         "//staging/src/k8s.io/api/apps/v1:all-srcs",
         "//staging/src/k8s.io/api/apps/v1beta1:all-srcs",
diff --git a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json
index 695ce94530..ecfc02e4f2 100644
--- a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json
+++ b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json
@@ -519,7 +519,7 @@
 			"Rev": "53feefa2559fb8dfa8d81baad31be332c97d6c77"
 		},
 		{
-			"ImportPath": "k8s.io/api/admission/v1alpha1",
+			"ImportPath": "k8s.io/api/admission/v1beta1",
 			"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 		},
 		{
diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json
index 717b1127f6..5db33d9f27 100644
--- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json
+++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json
@@ -767,7 +767,7 @@
 			"Rev": "53feefa2559fb8dfa8d81baad31be332c97d6c77"
 		},
 		{
-			"ImportPath": "k8s.io/api/admission/v1alpha1",
+			"ImportPath": "k8s.io/api/admission/v1beta1",
 			"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 		},
 		{
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go b/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
index 0f5b7bd91c..bf4d0eabf9 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
@@ -23,14 +23,14 @@ import (
 
 	"github.com/golang/glog"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
 type MutatingWebhookConfigurationLister interface {
-	List(opts metav1.ListOptions) (*v1alpha1.MutatingWebhookConfigurationList, error)
+	List(opts metav1.ListOptions) (*v1beta1.MutatingWebhookConfigurationList, error)
 }
 
 // MutatingWebhookConfigurationManager collects the mutating webhook objects so that they can be called.
@@ -57,12 +57,12 @@ func NewMutatingWebhookConfigurationManager(c MutatingWebhookConfigurationLister
 }
 
 // Webhooks returns the merged MutatingWebhookConfiguration.
-func (im *MutatingWebhookConfigurationManager) Webhooks() (*v1alpha1.MutatingWebhookConfiguration, error) {
+func (im *MutatingWebhookConfigurationManager) Webhooks() (*v1beta1.MutatingWebhookConfiguration, error) {
 	configuration, err := im.poller.configuration()
 	if err != nil {
 		return nil, err
 	}
-	mutatingWebhookConfiguration, ok := configuration.(*v1alpha1.MutatingWebhookConfiguration)
+	mutatingWebhookConfiguration, ok := configuration.(*v1beta1.MutatingWebhookConfiguration)
 	if !ok {
 		return nil, fmt.Errorf("expected type %v, got type %v", reflect.TypeOf(mutatingWebhookConfiguration), reflect.TypeOf(configuration))
 	}
@@ -74,10 +74,10 @@ func (im *MutatingWebhookConfigurationManager) Run(stopCh <-chan struct{}) {
 }
 
 func mergeMutatingWebhookConfigurations(
-	list *v1alpha1.MutatingWebhookConfigurationList,
-) *v1alpha1.MutatingWebhookConfiguration {
-	configurations := append([]v1alpha1.MutatingWebhookConfiguration{}, list.Items...)
-	var ret v1alpha1.MutatingWebhookConfiguration
+	list *v1beta1.MutatingWebhookConfigurationList,
+) *v1beta1.MutatingWebhookConfiguration {
+	configurations := append([]v1beta1.MutatingWebhookConfiguration{}, list.Items...)
+	var ret v1beta1.MutatingWebhookConfiguration
 	// The internal order of webhooks for each configuration is provided by the user
 	// but configurations themselves can be in any order. As we are going to run these
 	// webhooks in serial, they are sorted here to have a deterministic order.
@@ -90,7 +90,7 @@ func mergeMutatingWebhookConfigurations(
 
 // byName sorts MutatingWebhookConfiguration by name. These objects are all in
 // cluster namespace (aka no namespace) thus they all have unique names.
-type byName []v1alpha1.MutatingWebhookConfiguration
+type byName []v1beta1.MutatingWebhookConfiguration
 
 func (x byName) Len() int { return len(x) }
 
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager_test.go b/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager_test.go
index 1cbf2d0d13..97333880b0 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager_test.go
@@ -19,7 +19,7 @@ package configuration
 import (
 	"testing"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -27,7 +27,7 @@ import (
 
 type disabledMutatingWebhookConfigLister struct{}
 
-func (l *disabledMutatingWebhookConfigLister) List(options metav1.ListOptions) (*v1alpha1.MutatingWebhookConfigurationList, error) {
+func (l *disabledMutatingWebhookConfigLister) List(options metav1.ListOptions) (*v1beta1.MutatingWebhookConfigurationList, error) {
 	return nil, errors.NewNotFound(schema.GroupResource{Group: "admissionregistration", Resource: "MutatingWebhookConfigurations"}, "")
 }
 func TestMutatingWebhookConfigDisabled(t *testing.T) {
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go b/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
index e3287ce4e5..8f9fd34daa 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
@@ -22,14 +22,14 @@ import (
 
 	"github.com/golang/glog"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
 type ValidatingWebhookConfigurationLister interface {
-	List(opts metav1.ListOptions) (*v1alpha1.ValidatingWebhookConfigurationList, error)
+	List(opts metav1.ListOptions) (*v1beta1.ValidatingWebhookConfigurationList, error)
 }
 
 // ValidatingWebhookConfigurationManager collects the validating webhook objects so that they can be called.
@@ -56,12 +56,12 @@ func NewValidatingWebhookConfigurationManager(c ValidatingWebhookConfigurationLi
 }
 
 // Webhooks returns the merged ValidatingWebhookConfiguration.
-func (im *ValidatingWebhookConfigurationManager) Webhooks() (*v1alpha1.ValidatingWebhookConfiguration, error) {
+func (im *ValidatingWebhookConfigurationManager) Webhooks() (*v1beta1.ValidatingWebhookConfiguration, error) {
 	configuration, err := im.poller.configuration()
 	if err != nil {
 		return nil, err
 	}
-	validatingWebhookConfiguration, ok := configuration.(*v1alpha1.ValidatingWebhookConfiguration)
+	validatingWebhookConfiguration, ok := configuration.(*v1beta1.ValidatingWebhookConfiguration)
 	if !ok {
 		return nil, fmt.Errorf("expected type %v, got type %v", reflect.TypeOf(validatingWebhookConfiguration), reflect.TypeOf(configuration))
 	}
@@ -73,10 +73,10 @@ func (im *ValidatingWebhookConfigurationManager) Run(stopCh <-chan struct{}) {
 }
 
 func mergeValidatingWebhookConfigurations(
-	list *v1alpha1.ValidatingWebhookConfigurationList,
-) *v1alpha1.ValidatingWebhookConfiguration {
+	list *v1beta1.ValidatingWebhookConfigurationList,
+) *v1beta1.ValidatingWebhookConfiguration {
 	configurations := list.Items
-	var ret v1alpha1.ValidatingWebhookConfiguration
+	var ret v1beta1.ValidatingWebhookConfiguration
 	for _, c := range configurations {
 		ret.Webhooks = append(ret.Webhooks, c.Webhooks...)
 	}
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager_test.go b/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager_test.go
index 9467471500..60ba536732 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager_test.go
@@ -19,7 +19,7 @@ package configuration
 import (
 	"testing"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -27,7 +27,7 @@ import (
 
 type disabledValidatingWebhookConfigLister struct{}
 
-func (l *disabledValidatingWebhookConfigLister) List(options metav1.ListOptions) (*v1alpha1.ValidatingWebhookConfigurationList, error) {
+func (l *disabledValidatingWebhookConfigLister) List(options metav1.ListOptions) (*v1beta1.ValidatingWebhookConfigurationList, error) {
 	return nil, errors.NewNotFound(schema.GroupResource{Group: "admissionregistration", Resource: "ValidatingWebhookConfigurations"}, "")
 }
 func TestWebhookConfigDisabled(t *testing.T) {
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
index 1d348eef28..43b1df858b 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
@@ -12,7 +12,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//vendor/github.com/hashicorp/golang-lru:go_default_library",
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/yaml:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
index 3af3a2f2b8..28fac414e1 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
@@ -24,7 +24,7 @@ import (
 	"net/url"
 
 	lru "github.com/hashicorp/golang-lru"
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	webhookerrors "k8s.io/apiserver/pkg/admission/plugin/webhook/errors"
@@ -101,7 +101,7 @@ func (cm *ClientManager) Validate() error {
 
 // HookClient get a RESTClient from the cache, or constructs one based on the
 // webhook configuration.
-func (cm *ClientManager) HookClient(h *v1alpha1.Webhook) (*rest.RESTClient, error) {
+func (cm *ClientManager) HookClient(h *v1beta1.Webhook) (*rest.RESTClient, error) {
 	cacheKey, err := json.Marshal(h.ClientConfig)
 	if err != nil {
 		return nil, err
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
index 440e23b1b7..d94dc0f6b0 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
@@ -11,8 +11,8 @@ go_library(
     deps = [
         "//vendor/github.com/evanphx/json-patch:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -41,8 +41,8 @@ go_test(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating",
     library = ":go_default_library",
     deps = [
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
index 3e71ac3dd8..f944152770 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
@@ -27,8 +27,8 @@ import (
 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/golang/glog"
 
-	admissionv1alpha1 "k8s.io/api/admission/v1alpha1"
-	"k8s.io/api/admissionregistration/v1alpha1"
+	admissionv1beta1 "k8s.io/api/admission/v1beta1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -70,7 +70,7 @@ func Register(plugins *admission.Plugins) {
 // WebhookSource can list dynamic webhook plugins.
 type WebhookSource interface {
 	Run(stopCh <-chan struct{})
-	Webhooks() (*v1alpha1.MutatingWebhookConfiguration, error)
+	Webhooks() (*v1beta1.MutatingWebhookConfiguration, error)
 }
 
 // NewMutatingWebhook returns a generic admission webhook plugin.
@@ -134,7 +134,7 @@ func (a *MutatingWebhook) SetServiceResolver(sr config.ServiceResolver) {
 func (a *MutatingWebhook) SetScheme(scheme *runtime.Scheme) {
 	if scheme != nil {
 		a.clientManager.SetNegotiatedSerializer(serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{
-			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1alpha1.SchemeGroupVersion),
+			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1beta1.SchemeGroupVersion),
 		}))
 		a.convertor.Scheme = scheme
 		a.jsonSerializer = json.NewSerializer(json.DefaultMetaFactory, scheme, scheme, false)
@@ -144,7 +144,7 @@ func (a *MutatingWebhook) SetScheme(scheme *runtime.Scheme) {
 // WantsExternalKubeClientSet defines a function which sets external ClientSet for admission plugins that need it
 func (a *MutatingWebhook) SetExternalKubeClientSet(client clientset.Interface) {
 	a.namespaceMatcher.Client = client
-	a.hookSource = configuration.NewMutatingWebhookConfigurationManager(client.AdmissionregistrationV1alpha1().MutatingWebhookConfigurations())
+	a.hookSource = configuration.NewMutatingWebhookConfigurationManager(client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations())
 }
 
 // SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.
@@ -175,11 +175,11 @@ func (a *MutatingWebhook) ValidateInitialization() error {
 	return nil
 }
 
-func (a *MutatingWebhook) loadConfiguration(attr admission.Attributes) (*v1alpha1.MutatingWebhookConfiguration, error) {
+func (a *MutatingWebhook) loadConfiguration(attr admission.Attributes) (*v1beta1.MutatingWebhookConfiguration, error) {
 	hookConfig, err := a.hookSource.Webhooks()
 	// if Webhook configuration is disabled, fail open
 	if err == configuration.ErrDisabled {
-		return &v1alpha1.MutatingWebhookConfiguration{}, nil
+		return &v1beta1.MutatingWebhookConfiguration{}, nil
 	}
 	if err != nil {
 		e := apierrors.NewServerTimeout(attr.GetResource().GroupResource(), string(attr.GetOperation()), 1)
@@ -203,7 +203,7 @@ func (a *MutatingWebhook) Admit(attr admission.Attributes) error {
 	hooks := hookConfig.Webhooks
 	ctx := context.TODO()
 
-	var relevantHooks []*v1alpha1.Webhook
+	var relevantHooks []*v1beta1.Webhook
 	for i := range hooks {
 		call, err := a.shouldCallHook(&hooks[i], attr)
 		if err != nil {
@@ -246,7 +246,7 @@ func (a *MutatingWebhook) Admit(attr admission.Attributes) error {
 			continue
 		}
 
-		ignoreClientCallFailures := hook.FailurePolicy != nil && *hook.FailurePolicy == v1alpha1.Ignore
+		ignoreClientCallFailures := hook.FailurePolicy != nil && *hook.FailurePolicy == v1beta1.Ignore
 		if callErr, ok := err.(*webhookerrors.ErrCallingWebhook); ok {
 			if ignoreClientCallFailures {
 				glog.Warningf("Failed calling webhook, failing open %v: %v", hook.Name, callErr)
@@ -263,7 +263,7 @@ func (a *MutatingWebhook) Admit(attr admission.Attributes) error {
 }
 
 // TODO: factor into a common place along with the validating webhook version.
-func (a *MutatingWebhook) shouldCallHook(h *v1alpha1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
+func (a *MutatingWebhook) shouldCallHook(h *v1beta1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
 	var matches bool
 	for _, r := range h.Rules {
 		m := rules.Matcher{Rule: r, Attr: attr}
@@ -280,14 +280,14 @@ func (a *MutatingWebhook) shouldCallHook(h *v1alpha1.Webhook, attr admission.Att
 }
 
 // note that callAttrMutatingHook updates attr
-func (a *MutatingWebhook) callAttrMutatingHook(ctx context.Context, h *v1alpha1.Webhook, attr versioned.Attributes) error {
+func (a *MutatingWebhook) callAttrMutatingHook(ctx context.Context, h *v1beta1.Webhook, attr versioned.Attributes) error {
 	// Make the webhook request
 	request := request.CreateAdmissionReview(attr)
 	client, err := a.clientManager.HookClient(h)
 	if err != nil {
 		return &webhookerrors.ErrCallingWebhook{WebhookName: h.Name, Reason: err}
 	}
-	response := &admissionv1alpha1.AdmissionReview{}
+	response := &admissionv1beta1.AdmissionReview{}
 	if err := client.Post().Context(ctx).Body(&request).Do().Into(response); err != nil {
 		return &webhookerrors.ErrCallingWebhook{WebhookName: h.Name, Reason: err}
 	}
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission_test.go
index ae31acc272..203baa9c3f 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission_test.go
@@ -28,8 +28,8 @@ import (
 	"sync/atomic"
 	"testing"
 
-	"k8s.io/api/admission/v1alpha1"
-	registrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admission/v1beta1"
+	registrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -44,11 +44,11 @@ import (
 )
 
 type fakeHookSource struct {
-	hooks []registrationv1alpha1.Webhook
+	hooks []registrationv1beta1.Webhook
 	err   error
 }
 
-func (f *fakeHookSource) Webhooks() (*registrationv1alpha1.MutatingWebhookConfiguration, error) {
+func (f *fakeHookSource) Webhooks() (*registrationv1beta1.MutatingWebhookConfiguration, error) {
 	if f.err != nil {
 		return nil, f.err
 	}
@@ -57,7 +57,7 @@ func (f *fakeHookSource) Webhooks() (*registrationv1alpha1.MutatingWebhookConfig
 			f.hooks[i].NamespaceSelector = &metav1.LabelSelector{}
 		}
 	}
-	return &registrationv1alpha1.MutatingWebhookConfiguration{Webhooks: f.hooks}, nil
+	return &registrationv1beta1.MutatingWebhookConfiguration{Webhooks: f.hooks}, nil
 }
 
 func (f *fakeHookSource) Run(stopCh <-chan struct{}) {}
@@ -90,9 +90,9 @@ func (f fakeNamespaceLister) Get(name string) (*corev1.Namespace, error) {
 }
 
 // ccfgSVC returns a client config using the service reference mechanism.
-func ccfgSVC(urlPath string) registrationv1alpha1.WebhookClientConfig {
-	return registrationv1alpha1.WebhookClientConfig{
-		Service: &registrationv1alpha1.ServiceReference{
+func ccfgSVC(urlPath string) registrationv1beta1.WebhookClientConfig {
+	return registrationv1beta1.WebhookClientConfig{
+		Service: &registrationv1beta1.ServiceReference{
 			Name:      "webhook-test",
 			Namespace: "default",
 			Path:      &urlPath,
@@ -106,11 +106,11 @@ type urlConfigGenerator struct {
 }
 
 // ccfgURL returns a client config using the URL mechanism.
-func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1alpha1.WebhookClientConfig {
+func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1beta1.WebhookClientConfig {
 	u2 := *c.baseURL
 	u2.Path = urlPath
 	urlString := u2.String()
-	return registrationv1alpha1.WebhookClientConfig{
+	return registrationv1beta1.WebhookClientConfig{
 		URL:      &urlString,
 		CABundle: testcerts.CACert,
 	}
@@ -119,7 +119,7 @@ func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1alpha1.Webhook
 // TestAdmit tests that MutatingWebhook#Admit works as expected
 func TestAdmit(t *testing.T) {
 	scheme := runtime.NewScheme()
-	v1alpha1.AddToScheme(scheme)
+	v1beta1.AddToScheme(scheme)
 	corev1.AddToScheme(scheme)
 
 	testServer := newTestServer(t)
@@ -192,26 +192,26 @@ func TestAdmit(t *testing.T) {
 		errorContains string
 	}
 
-	matchEverythingRules := []registrationv1alpha1.RuleWithOperations{{
-		Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.OperationAll},
-		Rule: registrationv1alpha1.Rule{
+	matchEverythingRules := []registrationv1beta1.RuleWithOperations{{
+		Operations: []registrationv1beta1.OperationType{registrationv1beta1.OperationAll},
+		Rule: registrationv1beta1.Rule{
 			APIGroups:   []string{"*"},
 			APIVersions: []string{"*"},
 			Resources:   []string{"*/*"},
 		},
 	}}
 
-	policyFail := registrationv1alpha1.Fail
-	policyIgnore := registrationv1alpha1.Ignore
+	policyFail := registrationv1beta1.Fail
+	policyIgnore := registrationv1beta1.Ignore
 
 	table := map[string]test{
 		"no match": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "nomatch",
 					ClientConfig: ccfgSVC("disallow"),
-					Rules: []registrationv1alpha1.RuleWithOperations{{
-						Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.Create},
+					Rules: []registrationv1beta1.RuleWithOperations{{
+						Operations: []registrationv1beta1.OperationType{registrationv1beta1.Create},
 					}},
 				}},
 			},
@@ -219,7 +219,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & allow": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "allow",
 					ClientConfig: ccfgSVC("allow"),
 					Rules:        matchEverythingRules,
@@ -229,7 +229,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & disallow": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        matchEverythingRules,
@@ -239,7 +239,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & disallow ii": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallowReason",
 					ClientConfig: ccfgSVC("disallowReason"),
 					Rules:        matchEverythingRules,
@@ -249,7 +249,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & disallow & but allowed because namespaceSelector exempt the namespace": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        newMatchEverythingRules(),
@@ -266,7 +266,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & disallow & but allowed because namespaceSelector exempt the namespace ii": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        newMatchEverythingRules(),
@@ -283,7 +283,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & fail (but allow because fail open)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "internalErr A",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         matchEverythingRules,
@@ -304,7 +304,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & fail (but disallow because fail closed on nil)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "internalErr A",
 					ClientConfig: ccfgSVC("internalErr"),
 					Rules:        matchEverythingRules,
@@ -322,7 +322,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & fail (but fail because fail closed)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "internalErr A",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         matchEverythingRules,
@@ -343,7 +343,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & allow (url)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "allow",
 					ClientConfig: ccfgURL("allow"),
 					Rules:        matchEverythingRules,
@@ -353,7 +353,7 @@ func TestAdmit(t *testing.T) {
 		},
 		"match & disallow (url)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgURL("disallow"),
 					Rules:        matchEverythingRules,
@@ -391,7 +391,7 @@ func TestAdmit(t *testing.T) {
 // TestAdmitCachedClient tests that MutatingWebhook#Admit should cache restClient
 func TestAdmitCachedClient(t *testing.T) {
 	scheme := runtime.NewScheme()
-	v1alpha1.AddToScheme(scheme)
+	v1beta1.AddToScheme(scheme)
 	corev1.AddToScheme(scheme)
 
 	testServer := newTestServer(t)
@@ -459,12 +459,12 @@ func TestAdmitCachedClient(t *testing.T) {
 		expectCache bool
 	}
 
-	policyIgnore := registrationv1alpha1.Ignore
+	policyIgnore := registrationv1beta1.Ignore
 	cases := []test{
 		{
 			name: "cache 1",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache1",
 					ClientConfig:  ccfgSVC("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -477,7 +477,7 @@ func TestAdmitCachedClient(t *testing.T) {
 		{
 			name: "cache 2",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache2",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         newMatchEverythingRules(),
@@ -490,7 +490,7 @@ func TestAdmitCachedClient(t *testing.T) {
 		{
 			name: "cache 3",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache3",
 					ClientConfig:  ccfgSVC("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -503,7 +503,7 @@ func TestAdmitCachedClient(t *testing.T) {
 		{
 			name: "cache 4",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache4",
 					ClientConfig:  ccfgURL("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -516,7 +516,7 @@ func TestAdmitCachedClient(t *testing.T) {
 		{
 			name: "cache 5",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache5",
 					ClientConfig:  ccfgURL("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -587,15 +587,15 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("webhook invalid response"))
 	case "/disallow":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: false,
 			},
 		})
 	case "/disallowReason":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: false,
 				Result: &metav1.Status{
 					Message: "you shall not pass",
@@ -604,8 +604,8 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
 		})
 	case "/allow":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: true,
 			},
 		})
@@ -637,10 +637,10 @@ func (c *fakeAuthenticationInfoResolver) ClientConfigFor(server string) (*rest.C
 	return c.restConfig, nil
 }
 
-func newMatchEverythingRules() []registrationv1alpha1.RuleWithOperations {
-	return []registrationv1alpha1.RuleWithOperations{{
-		Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.OperationAll},
-		Rule: registrationv1alpha1.Rule{
+func newMatchEverythingRules() []registrationv1beta1.RuleWithOperations {
+	return []registrationv1beta1.RuleWithOperations{{
+		Operations: []registrationv1beta1.OperationType{registrationv1beta1.OperationAll},
+		Rule: registrationv1beta1.Rule{
 			APIGroups:   []string{"*"},
 			APIVersions: []string{"*"},
 			Resources:   []string{"*/*"},
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
index fabc75c15e..a75286a688 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
@@ -9,7 +9,7 @@ go_library(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/namespace",
     visibility = ["//visibility:public"],
     deps = [
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -27,7 +27,7 @@ go_test(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/namespace",
     library = ":go_default_library",
     deps = [
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher.go
index 48042c5a73..b9157b9ba7 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher.go
@@ -19,7 +19,7 @@ package namespace
 import (
 	"fmt"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -86,7 +86,7 @@ func (m *Matcher) GetNamespaceLabels(attr admission.Attributes) (map[string]stri
 
 // MatchNamespaceSelector decideds whether the request matches the
 // namespaceSelctor of the webhook. Only when they match, the webhook is called.
-func (m *Matcher) MatchNamespaceSelector(h *v1alpha1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
+func (m *Matcher) MatchNamespaceSelector(h *v1beta1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
 	namespaceName := attr.GetNamespace()
 	if len(namespaceName) == 0 && attr.GetResource().Resource != "namespaces" {
 		// If the request is about a cluster scoped resource, and it is not a
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher_test.go
index 8b9889e974..e8f77ba903 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/matcher_test.go
@@ -20,7 +20,7 @@ import (
 	"reflect"
 	"testing"
 
-	registrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
+	registrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -114,7 +114,7 @@ func TestGetNamespaceLabels(t *testing.T) {
 }
 
 func TestExemptClusterScopedResource(t *testing.T) {
-	hook := &registrationv1alpha1.Webhook{
+	hook := &registrationv1beta1.Webhook{
 		NamespaceSelector: &metav1.LabelSelector{},
 	}
 	attr := admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, "", "mock-name", schema.GroupVersionResource{Version: "v1", Resource: "nodes"}, "", admission.Create, nil)
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/BUILD
index 53fc0f5910..036015274f 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/BUILD
@@ -9,7 +9,7 @@ go_library(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/request",
     visibility = ["//visibility:public"],
     deps = [
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/admissionreview.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/admissionreview.go
index cc0b36ed24..5b8a41db29 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/admissionreview.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/request/admissionreview.go
@@ -17,7 +17,7 @@ limitations under the License.
 package request
 
 import (
-	admissionv1alpha1 "k8s.io/api/admission/v1alpha1"
+	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	authenticationv1 "k8s.io/api/authentication/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -26,7 +26,7 @@ import (
 )
 
 // CreateAdmissionReview creates an AdmissionReview for the provided admission.Attributes
-func CreateAdmissionReview(attr admission.Attributes) admissionv1alpha1.AdmissionReview {
+func CreateAdmissionReview(attr admission.Attributes) admissionv1beta1.AdmissionReview {
 	gvk := attr.GetKind()
 	gvr := attr.GetResource()
 	aUserInfo := attr.GetUserInfo()
@@ -42,8 +42,8 @@ func CreateAdmissionReview(attr admission.Attributes) admissionv1alpha1.Admissio
 		userInfo.Extra[key] = authenticationv1.ExtraValue(val)
 	}
 
-	return admissionv1alpha1.AdmissionReview{
-		Request: &admissionv1alpha1.AdmissionRequest{
+	return admissionv1beta1.AdmissionReview{
+		Request: &admissionv1beta1.AdmissionRequest{
 			UID: uuid.NewUUID(),
 			Kind: metav1.GroupVersionKind{
 				Group:   gvk.Group,
@@ -58,7 +58,7 @@ func CreateAdmissionReview(attr admission.Attributes) admissionv1alpha1.Admissio
 			SubResource: attr.GetSubresource(),
 			Name:        attr.GetName(),
 			Namespace:   attr.GetNamespace(),
-			Operation:   admissionv1alpha1.Operation(attr.GetOperation()),
+			Operation:   admissionv1beta1.Operation(attr.GetOperation()),
 			UserInfo:    userInfo,
 			Object: runtime.RawExtension{
 				Object: attr.GetObject(),
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
index 2b05eea012..6152811d13 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
@@ -6,7 +6,7 @@ go_library(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/rules",
     visibility = ["//visibility:public"],
     deps = [
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
     ],
 )
@@ -17,7 +17,7 @@ go_test(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/rules",
     library = ":go_default_library",
     deps = [
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
     ],
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
index d13ea5928e..eb99357569 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
@@ -19,13 +19,13 @@ package rules
 import (
 	"strings"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apiserver/pkg/admission"
 )
 
 // Matcher determines if the Attr matches the Rule.
 type Matcher struct {
-	Rule v1alpha1.RuleWithOperations
+	Rule v1beta1.RuleWithOperations
 	Attr admission.Attributes
 }
 
@@ -61,12 +61,12 @@ func (r *Matcher) version() bool {
 func (r *Matcher) operation() bool {
 	attrOp := r.Attr.GetOperation()
 	for _, op := range r.Rule.Operations {
-		if op == v1alpha1.OperationAll {
+		if op == v1beta1.OperationAll {
 			return true
 		}
 		// The constants are the same such that this is a valid cast (and this
 		// is tested).
-		if op == v1alpha1.OperationType(attrOp) {
+		if op == v1beta1.OperationType(attrOp) {
 			return true
 		}
 	}
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules_test.go
index 40c0f36d63..3418a17086 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules_test.go
@@ -19,7 +19,7 @@ package rules
 import (
 	"testing"
 
-	adreg "k8s.io/api/admissionregistration/v1alpha1"
+	adreg "k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/admission"
 )
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
index cf2890efd4..7ffd52b6d3 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
@@ -10,8 +10,8 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -39,8 +39,8 @@ go_test(
     importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/validating",
     library = ":go_default_library",
     deps = [
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
-        "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
index d3d24d17fb..f68e46fa58 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
@@ -27,8 +27,8 @@ import (
 
 	"github.com/golang/glog"
 
-	admissionv1alpha1 "k8s.io/api/admission/v1alpha1"
-	"k8s.io/api/admissionregistration/v1alpha1"
+	admissionv1beta1 "k8s.io/api/admission/v1beta1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -69,7 +69,7 @@ func Register(plugins *admission.Plugins) {
 // WebhookSource can list dynamic webhook plugins.
 type WebhookSource interface {
 	Run(stopCh <-chan struct{})
-	Webhooks() (*v1alpha1.ValidatingWebhookConfiguration, error)
+	Webhooks() (*v1beta1.ValidatingWebhookConfiguration, error)
 }
 
 // NewValidatingAdmissionWebhook returns a generic admission webhook plugin.
@@ -132,7 +132,7 @@ func (a *ValidatingAdmissionWebhook) SetServiceResolver(sr config.ServiceResolve
 func (a *ValidatingAdmissionWebhook) SetScheme(scheme *runtime.Scheme) {
 	if scheme != nil {
 		a.clientManager.SetNegotiatedSerializer(serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{
-			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1alpha1.SchemeGroupVersion),
+			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1beta1.SchemeGroupVersion),
 		}))
 		a.convertor.Scheme = scheme
 	}
@@ -141,7 +141,7 @@ func (a *ValidatingAdmissionWebhook) SetScheme(scheme *runtime.Scheme) {
 // WantsExternalKubeClientSet defines a function which sets external ClientSet for admission plugins that need it
 func (a *ValidatingAdmissionWebhook) SetExternalKubeClientSet(client clientset.Interface) {
 	a.namespaceMatcher.Client = client
-	a.hookSource = configuration.NewValidatingWebhookConfigurationManager(client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations())
+	a.hookSource = configuration.NewValidatingWebhookConfigurationManager(client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations())
 }
 
 // SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.
@@ -169,11 +169,11 @@ func (a *ValidatingAdmissionWebhook) ValidateInitialization() error {
 	return nil
 }
 
-func (a *ValidatingAdmissionWebhook) loadConfiguration(attr admission.Attributes) (*v1alpha1.ValidatingWebhookConfiguration, error) {
+func (a *ValidatingAdmissionWebhook) loadConfiguration(attr admission.Attributes) (*v1beta1.ValidatingWebhookConfiguration, error) {
 	hookConfig, err := a.hookSource.Webhooks()
 	// if Webhook configuration is disabled, fail open
 	if err == configuration.ErrDisabled {
-		return &v1alpha1.ValidatingWebhookConfiguration{}, nil
+		return &v1beta1.ValidatingWebhookConfiguration{}, nil
 	}
 	if err != nil {
 		e := apierrors.NewServerTimeout(attr.GetResource().GroupResource(), string(attr.GetOperation()), 1)
@@ -197,7 +197,7 @@ func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
 	hooks := hookConfig.Webhooks
 	ctx := context.TODO()
 
-	var relevantHooks []*v1alpha1.Webhook
+	var relevantHooks []*v1beta1.Webhook
 	for i := range hooks {
 		call, err := a.shouldCallHook(&hooks[i], attr)
 		if err != nil {
@@ -236,7 +236,7 @@ func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
 	errCh := make(chan error, len(relevantHooks))
 	wg.Add(len(relevantHooks))
 	for i := range relevantHooks {
-		go func(hook *v1alpha1.Webhook) {
+		go func(hook *v1beta1.Webhook) {
 			defer wg.Done()
 
 			t := time.Now()
@@ -246,7 +246,7 @@ func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
 				return
 			}
 
-			ignoreClientCallFailures := hook.FailurePolicy != nil && *hook.FailurePolicy == v1alpha1.Ignore
+			ignoreClientCallFailures := hook.FailurePolicy != nil && *hook.FailurePolicy == v1beta1.Ignore
 			if callErr, ok := err.(*webhookerrors.ErrCallingWebhook); ok {
 				if ignoreClientCallFailures {
 					glog.Warningf("Failed calling webhook, failing open %v: %v", hook.Name, callErr)
@@ -283,7 +283,7 @@ func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
 }
 
 // TODO: factor into a common place along with the validating webhook version.
-func (a *ValidatingAdmissionWebhook) shouldCallHook(h *v1alpha1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
+func (a *ValidatingAdmissionWebhook) shouldCallHook(h *v1beta1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
 	var matches bool
 	for _, r := range h.Rules {
 		m := rules.Matcher{Rule: r, Attr: attr}
@@ -299,14 +299,14 @@ func (a *ValidatingAdmissionWebhook) shouldCallHook(h *v1alpha1.Webhook, attr ad
 	return a.namespaceMatcher.MatchNamespaceSelector(h, attr)
 }
 
-func (a *ValidatingAdmissionWebhook) callHook(ctx context.Context, h *v1alpha1.Webhook, attr admission.Attributes) error {
+func (a *ValidatingAdmissionWebhook) callHook(ctx context.Context, h *v1beta1.Webhook, attr admission.Attributes) error {
 	// Make the webhook request
 	request := request.CreateAdmissionReview(attr)
 	client, err := a.clientManager.HookClient(h)
 	if err != nil {
 		return &webhookerrors.ErrCallingWebhook{WebhookName: h.Name, Reason: err}
 	}
-	response := &admissionv1alpha1.AdmissionReview{}
+	response := &admissionv1beta1.AdmissionReview{}
 	if err := client.Post().Context(ctx).Body(&request).Do().Into(response); err != nil {
 		return &webhookerrors.ErrCallingWebhook{WebhookName: h.Name, Reason: err}
 	}
diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission_test.go
index 30029b10e1..46ae76d63e 100644
--- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission_test.go
@@ -28,8 +28,8 @@ import (
 	"sync/atomic"
 	"testing"
 
-	"k8s.io/api/admission/v1alpha1"
-	registrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admission/v1beta1"
+	registrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -44,11 +44,11 @@ import (
 )
 
 type fakeHookSource struct {
-	hooks []registrationv1alpha1.Webhook
+	hooks []registrationv1beta1.Webhook
 	err   error
 }
 
-func (f *fakeHookSource) Webhooks() (*registrationv1alpha1.ValidatingWebhookConfiguration, error) {
+func (f *fakeHookSource) Webhooks() (*registrationv1beta1.ValidatingWebhookConfiguration, error) {
 	if f.err != nil {
 		return nil, f.err
 	}
@@ -57,7 +57,7 @@ func (f *fakeHookSource) Webhooks() (*registrationv1alpha1.ValidatingWebhookConf
 			f.hooks[i].NamespaceSelector = &metav1.LabelSelector{}
 		}
 	}
-	return &registrationv1alpha1.ValidatingWebhookConfiguration{Webhooks: f.hooks}, nil
+	return &registrationv1beta1.ValidatingWebhookConfiguration{Webhooks: f.hooks}, nil
 }
 
 func (f *fakeHookSource) Run(stopCh <-chan struct{}) {}
@@ -90,9 +90,9 @@ func (f fakeNamespaceLister) Get(name string) (*corev1.Namespace, error) {
 }
 
 // ccfgSVC returns a client config using the service reference mechanism.
-func ccfgSVC(urlPath string) registrationv1alpha1.WebhookClientConfig {
-	return registrationv1alpha1.WebhookClientConfig{
-		Service: &registrationv1alpha1.ServiceReference{
+func ccfgSVC(urlPath string) registrationv1beta1.WebhookClientConfig {
+	return registrationv1beta1.WebhookClientConfig{
+		Service: &registrationv1beta1.ServiceReference{
 			Name:      "webhook-test",
 			Namespace: "default",
 			Path:      &urlPath,
@@ -106,11 +106,11 @@ type urlConfigGenerator struct {
 }
 
 // ccfgURL returns a client config using the URL mechanism.
-func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1alpha1.WebhookClientConfig {
+func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1beta1.WebhookClientConfig {
 	u2 := *c.baseURL
 	u2.Path = urlPath
 	urlString := u2.String()
-	return registrationv1alpha1.WebhookClientConfig{
+	return registrationv1beta1.WebhookClientConfig{
 		URL:      &urlString,
 		CABundle: testcerts.CACert,
 	}
@@ -119,7 +119,7 @@ func (c urlConfigGenerator) ccfgURL(urlPath string) registrationv1alpha1.Webhook
 // TestValidate tests that ValidatingAdmissionWebhook#Validate works as expected
 func TestValidate(t *testing.T) {
 	scheme := runtime.NewScheme()
-	v1alpha1.AddToScheme(scheme)
+	v1beta1.AddToScheme(scheme)
 	corev1.AddToScheme(scheme)
 
 	testServer := newTestServer(t)
@@ -192,26 +192,26 @@ func TestValidate(t *testing.T) {
 		errorContains string
 	}
 
-	matchEverythingRules := []registrationv1alpha1.RuleWithOperations{{
-		Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.OperationAll},
-		Rule: registrationv1alpha1.Rule{
+	matchEverythingRules := []registrationv1beta1.RuleWithOperations{{
+		Operations: []registrationv1beta1.OperationType{registrationv1beta1.OperationAll},
+		Rule: registrationv1beta1.Rule{
 			APIGroups:   []string{"*"},
 			APIVersions: []string{"*"},
 			Resources:   []string{"*/*"},
 		},
 	}}
 
-	policyFail := registrationv1alpha1.Fail
-	policyIgnore := registrationv1alpha1.Ignore
+	policyFail := registrationv1beta1.Fail
+	policyIgnore := registrationv1beta1.Ignore
 
 	table := map[string]test{
 		"no match": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "nomatch",
 					ClientConfig: ccfgSVC("disallow"),
-					Rules: []registrationv1alpha1.RuleWithOperations{{
-						Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.Create},
+					Rules: []registrationv1beta1.RuleWithOperations{{
+						Operations: []registrationv1beta1.OperationType{registrationv1beta1.Create},
 					}},
 				}},
 			},
@@ -219,7 +219,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & allow": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "allow",
 					ClientConfig: ccfgSVC("allow"),
 					Rules:        matchEverythingRules,
@@ -229,7 +229,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & disallow": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        matchEverythingRules,
@@ -239,7 +239,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & disallow ii": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallowReason",
 					ClientConfig: ccfgSVC("disallowReason"),
 					Rules:        matchEverythingRules,
@@ -249,7 +249,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & disallow & but allowed because namespaceSelector exempt the namespace": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        newMatchEverythingRules(),
@@ -266,7 +266,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & disallow & but allowed because namespaceSelector exempt the namespace ii": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgSVC("disallow"),
 					Rules:        newMatchEverythingRules(),
@@ -283,7 +283,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & fail (but allow because fail open)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "internalErr A",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         matchEverythingRules,
@@ -304,7 +304,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & fail (but disallow because fail closed on nil)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "internalErr A",
 					ClientConfig: ccfgSVC("internalErr"),
 					Rules:        matchEverythingRules,
@@ -322,7 +322,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & fail (but fail because fail closed)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "internalErr A",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         matchEverythingRules,
@@ -343,7 +343,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & allow (url)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "allow",
 					ClientConfig: ccfgURL("allow"),
 					Rules:        matchEverythingRules,
@@ -353,7 +353,7 @@ func TestValidate(t *testing.T) {
 		},
 		"match & disallow (url)": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:         "disallow",
 					ClientConfig: ccfgURL("disallow"),
 					Rules:        matchEverythingRules,
@@ -363,7 +363,7 @@ func TestValidate(t *testing.T) {
 		},
 		"absent response and fail open": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "nilResponse",
 					ClientConfig:  ccfgURL("nilResponse"),
 					FailurePolicy: &policyIgnore,
@@ -374,7 +374,7 @@ func TestValidate(t *testing.T) {
 		},
 		"absent response and fail closed": {
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "nilResponse",
 					ClientConfig:  ccfgURL("nilResponse"),
 					FailurePolicy: &policyFail,
@@ -413,7 +413,7 @@ func TestValidate(t *testing.T) {
 // TestValidateCachedClient tests that ValidatingAdmissionWebhook#Validate should cache restClient
 func TestValidateCachedClient(t *testing.T) {
 	scheme := runtime.NewScheme()
-	v1alpha1.AddToScheme(scheme)
+	v1beta1.AddToScheme(scheme)
 	corev1.AddToScheme(scheme)
 
 	testServer := newTestServer(t)
@@ -481,12 +481,12 @@ func TestValidateCachedClient(t *testing.T) {
 		expectCache bool
 	}
 
-	policyIgnore := registrationv1alpha1.Ignore
+	policyIgnore := registrationv1beta1.Ignore
 	cases := []test{
 		{
 			name: "cache 1",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache1",
 					ClientConfig:  ccfgSVC("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -499,7 +499,7 @@ func TestValidateCachedClient(t *testing.T) {
 		{
 			name: "cache 2",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache2",
 					ClientConfig:  ccfgSVC("internalErr"),
 					Rules:         newMatchEverythingRules(),
@@ -512,7 +512,7 @@ func TestValidateCachedClient(t *testing.T) {
 		{
 			name: "cache 3",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache3",
 					ClientConfig:  ccfgSVC("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -525,7 +525,7 @@ func TestValidateCachedClient(t *testing.T) {
 		{
 			name: "cache 4",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache4",
 					ClientConfig:  ccfgURL("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -538,7 +538,7 @@ func TestValidateCachedClient(t *testing.T) {
 		{
 			name: "cache 5",
 			hookSource: fakeHookSource{
-				hooks: []registrationv1alpha1.Webhook{{
+				hooks: []registrationv1beta1.Webhook{{
 					Name:          "cache5",
 					ClientConfig:  ccfgURL("allow"),
 					Rules:         newMatchEverythingRules(),
@@ -609,15 +609,15 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("webhook invalid response"))
 	case "/disallow":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: false,
 			},
 		})
 	case "/disallowReason":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: false,
 				Result: &metav1.Status{
 					Message: "you shall not pass",
@@ -626,14 +626,14 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
 		})
 	case "/allow":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{
-			Response: &v1alpha1.AdmissionResponse{
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{
+			Response: &v1beta1.AdmissionResponse{
 				Allowed: true,
 			},
 		})
 	case "/nilResposne":
 		w.Header().Set("Content-Type", "application/json")
-		json.NewEncoder(w).Encode(&v1alpha1.AdmissionReview{})
+		json.NewEncoder(w).Encode(&v1beta1.AdmissionReview{})
 	default:
 		http.NotFound(w, r)
 	}
@@ -662,10 +662,10 @@ func (c *fakeAuthenticationInfoResolver) ClientConfigFor(server string) (*rest.C
 	return c.restConfig, nil
 }
 
-func newMatchEverythingRules() []registrationv1alpha1.RuleWithOperations {
-	return []registrationv1alpha1.RuleWithOperations{{
-		Operations: []registrationv1alpha1.OperationType{registrationv1alpha1.OperationAll},
-		Rule: registrationv1alpha1.Rule{
+func newMatchEverythingRules() []registrationv1beta1.RuleWithOperations {
+	return []registrationv1beta1.RuleWithOperations{{
+		Operations: []registrationv1beta1.OperationType{registrationv1beta1.OperationAll},
+		Rule: registrationv1beta1.Rule{
 			APIGroups:   []string{"*"},
 			APIVersions: []string{"*"},
 			Resources:   []string{"*/*"},
diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json
index f247c14d01..17dc183fcb 100644
--- a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json
+++ b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json
@@ -495,7 +495,7 @@
 			"Rev": "53feefa2559fb8dfa8d81baad31be332c97d6c77"
 		},
 		{
-			"ImportPath": "k8s.io/api/admission/v1alpha1",
+			"ImportPath": "k8s.io/api/admission/v1beta1",
 			"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 		},
 		{
diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json
index 84cb089a44..c3c1d73460 100644
--- a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json
+++ b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json
@@ -479,7 +479,7 @@
 			"Rev": "53feefa2559fb8dfa8d81baad31be332c97d6c77"
 		},
 		{
-			"ImportPath": "k8s.io/api/admission/v1alpha1",
+			"ImportPath": "k8s.io/api/admission/v1beta1",
 			"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 		},
 		{
diff --git a/test/e2e/apimachinery/webhook.go b/test/e2e/apimachinery/webhook.go
index 1dbb8879cd..cd7c12c4da 100644
--- a/test/e2e/apimachinery/webhook.go
+++ b/test/e2e/apimachinery/webhook.go
@@ -22,7 +22,7 @@ import (
 	"strings"
 	"time"
 
-	"k8s.io/api/admissionregistration/v1alpha1"
+	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
 	rbacv1beta1 "k8s.io/api/rbac/v1beta1"
@@ -87,9 +87,9 @@ var _ = SIGDescribe("AdmissionWebhook", func() {
 		framework.SkipUnlessServerVersionGTE(serverWebhookVersion, f.ClientSet.Discovery())
 		framework.SkipUnlessProviderIs("gce", "gke", "local")
 
-		_, err := f.ClientSet.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().List(metav1.ListOptions{})
+		_, err := f.ClientSet.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().List(metav1.ListOptions{})
 		if errors.IsNotFound(err) {
-			framework.Skipf("dynamic configuration of webhooks requires the alpha admissionregistration.k8s.io group to be enabled")
+			framework.Skipf("dynamic configuration of webhooks requires the admissionregistration.k8s.io group to be enabled")
 		}
 
 		By("Setting up server cert")
@@ -107,7 +107,7 @@ var _ = SIGDescribe("AdmissionWebhook", func() {
 
 	It("Should be able to deny pod and configmap creation", func() {
 		registerWebhook(f, context)
-		defer client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Delete(webhookConfigName, nil)
+		defer client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Delete(webhookConfigName, nil)
 		testWebhook(f)
 	})
 
@@ -115,19 +115,19 @@ var _ = SIGDescribe("AdmissionWebhook", func() {
 		crdCleanup, dynamicClient := createCRD(f)
 		defer crdCleanup()
 		registerWebhookForCRD(f, context)
-		defer client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Delete(crdWebhookConfigName, nil)
+		defer client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Delete(crdWebhookConfigName, nil)
 		testCRDWebhook(f, dynamicClient)
 	})
 
 	It("Should unconditionally reject operations on fail closed webhook", func() {
 		registerFailClosedWebhook(f, context)
-		defer f.ClientSet.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Delete(webhookFailClosedConfigName, nil)
+		defer f.ClientSet.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Delete(webhookFailClosedConfigName, nil)
 		testFailClosedWebhook(f)
 	})
 
 	It("Should mutate configmap", func() {
 		registerMutatingWebhookForConfigMap(f, context)
-		defer client.AdmissionregistrationV1alpha1().MutatingWebhookConfigurations().Delete(mutatingWebhookConfigName, nil)
+		defer client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Delete(mutatingWebhookConfigName, nil)
 		testMutatingConfigMapWebhook(f)
 	})
 
@@ -135,7 +135,7 @@ var _ = SIGDescribe("AdmissionWebhook", func() {
 		crdCleanup, dynamicClient := createCRD(f)
 		defer crdCleanup()
 		registerMutatingWebhookForCRD(f, context)
-		defer client.AdmissionregistrationV1alpha1().MutatingWebhookConfigurations().Delete(crdMutatingWebhookConfigName, nil)
+		defer client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Delete(crdMutatingWebhookConfigName, nil)
 		testMutatingCRDWebhook(f, dynamicClient)
 	})
 
@@ -298,26 +298,26 @@ func registerWebhook(f *framework.Framework, context *certContext) {
 	namespace := f.Namespace.Name
 	// A webhook that cannot talk to server, with fail-open policy
 	failOpenHook := failingWebhook(namespace, "fail-open.k8s.io")
-	policyIgnore := v1alpha1.Ignore
+	policyIgnore := v1beta1.Ignore
 	failOpenHook.FailurePolicy = &policyIgnore
 
-	_, err := client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Create(&v1alpha1.ValidatingWebhookConfiguration{
+	_, err := client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Create(&v1beta1.ValidatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: webhookConfigName,
 		},
-		Webhooks: []v1alpha1.Webhook{
+		Webhooks: []v1beta1.Webhook{
 			{
 				Name: "deny-unwanted-pod-container-name-and-label.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{""},
 						APIVersions: []string{"v1"},
 						Resources:   []string{"pods"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/pods"),
@@ -327,9 +327,9 @@ func registerWebhook(f *framework.Framework, context *certContext) {
 			},
 			{
 				Name: "deny-unwanted-configmap-data.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create, v1alpha1.Update},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create, v1beta1.Update},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{""},
 						APIVersions: []string{"v1"},
 						Resources:   []string{"configmaps"},
@@ -345,8 +345,8 @@ func registerWebhook(f *framework.Framework, context *certContext) {
 						},
 					},
 				},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/configmaps"),
@@ -371,23 +371,23 @@ func registerMutatingWebhookForConfigMap(f *framework.Framework, context *certCo
 
 	namespace := f.Namespace.Name
 
-	_, err := client.AdmissionregistrationV1alpha1().MutatingWebhookConfigurations().Create(&v1alpha1.MutatingWebhookConfiguration{
+	_, err := client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Create(&v1beta1.MutatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: mutatingWebhookConfigName,
 		},
-		Webhooks: []v1alpha1.Webhook{
+		Webhooks: []v1beta1.Webhook{
 			{
 				Name: "adding-configmap-data-stage-1.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{""},
 						APIVersions: []string{"v1"},
 						Resources:   []string{"configmaps"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/mutating-configmaps"),
@@ -397,16 +397,16 @@ func registerMutatingWebhookForConfigMap(f *framework.Framework, context *certCo
 			},
 			{
 				Name: "adding-configmap-data-stage-2.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{""},
 						APIVersions: []string{"v1"},
 						Resources:   []string{"configmaps"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/mutating-configmaps"),
@@ -516,19 +516,19 @@ func testWebhook(f *framework.Framework) {
 
 // failingWebhook returns a webhook with rule of create configmaps,
 // but with an invalid client config so that server cannot communicate with it
-func failingWebhook(namespace, name string) v1alpha1.Webhook {
-	return v1alpha1.Webhook{
+func failingWebhook(namespace, name string) v1beta1.Webhook {
+	return v1beta1.Webhook{
 		Name: name,
-		Rules: []v1alpha1.RuleWithOperations{{
-			Operations: []v1alpha1.OperationType{v1alpha1.Create},
-			Rule: v1alpha1.Rule{
+		Rules: []v1beta1.RuleWithOperations{{
+			Operations: []v1beta1.OperationType{v1beta1.Create},
+			Rule: v1beta1.Rule{
 				APIGroups:   []string{""},
 				APIVersions: []string{"v1"},
 				Resources:   []string{"configmaps"},
 			},
 		}},
-		ClientConfig: v1alpha1.WebhookClientConfig{
-			Service: &v1alpha1.ServiceReference{
+		ClientConfig: v1beta1.WebhookClientConfig{
+			Service: &v1beta1.ServiceReference{
 				Namespace: namespace,
 				Name:      serviceName,
 				Path:      strPtr("/configmaps"),
@@ -545,7 +545,7 @@ func registerFailClosedWebhook(f *framework.Framework, context *certContext) {
 
 	namespace := f.Namespace.Name
 	// A webhook that cannot talk to server, with fail-closed policy
-	policyFail := v1alpha1.Fail
+	policyFail := v1beta1.Fail
 	hook := failingWebhook(namespace, "fail-closed.k8s.io")
 	hook.FailurePolicy = &policyFail
 	hook.NamespaceSelector = &metav1.LabelSelector{
@@ -558,11 +558,11 @@ func registerFailClosedWebhook(f *framework.Framework, context *certContext) {
 		},
 	}
 
-	_, err := client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Create(&v1alpha1.ValidatingWebhookConfiguration{
+	_, err := client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Create(&v1beta1.ValidatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: webhookFailClosedConfigName,
 		},
-		Webhooks: []v1alpha1.Webhook{
+		Webhooks: []v1beta1.Webhook{
 			// Server cannot talk to this webhook, so it always fails.
 			// Because this webhook is configured fail-closed, request should be rejected after the call fails.
 			hook,
@@ -741,23 +741,23 @@ func registerWebhookForCRD(f *framework.Framework, context *certContext) {
 	By("Registering the crd webhook via the AdmissionRegistration API")
 
 	namespace := f.Namespace.Name
-	_, err := client.AdmissionregistrationV1alpha1().ValidatingWebhookConfigurations().Create(&v1alpha1.ValidatingWebhookConfiguration{
+	_, err := client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Create(&v1beta1.ValidatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: crdWebhookConfigName,
 		},
-		Webhooks: []v1alpha1.Webhook{
+		Webhooks: []v1beta1.Webhook{
 			{
 				Name: "deny-unwanted-crd-data.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{crdAPIGroup},
 						APIVersions: []string{crdAPIVersion},
 						Resources:   []string{crdName + "s"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/crd"),
@@ -778,23 +778,23 @@ func registerMutatingWebhookForCRD(f *framework.Framework, context *certContext)
 	By("Registering the mutating webhook for crd via the AdmissionRegistration API")
 
 	namespace := f.Namespace.Name
-	_, err := client.AdmissionregistrationV1alpha1().MutatingWebhookConfigurations().Create(&v1alpha1.MutatingWebhookConfiguration{
+	_, err := client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Create(&v1beta1.MutatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: crdMutatingWebhookConfigName,
 		},
-		Webhooks: []v1alpha1.Webhook{
+		Webhooks: []v1beta1.Webhook{
 			{
 				Name: "mutate-crd-data-stage-1.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{crdAPIGroup},
 						APIVersions: []string{crdAPIVersion},
 						Resources:   []string{crdName + "s"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/mutating-crd"),
@@ -804,16 +804,16 @@ func registerMutatingWebhookForCRD(f *framework.Framework, context *certContext)
 			},
 			{
 				Name: "mutate-crd-data-stage-2.k8s.io",
-				Rules: []v1alpha1.RuleWithOperations{{
-					Operations: []v1alpha1.OperationType{v1alpha1.Create},
-					Rule: v1alpha1.Rule{
+				Rules: []v1beta1.RuleWithOperations{{
+					Operations: []v1beta1.OperationType{v1beta1.Create},
+					Rule: v1beta1.Rule{
 						APIGroups:   []string{crdAPIGroup},
 						APIVersions: []string{crdAPIVersion},
 						Resources:   []string{crdName + "s"},
 					},
 				}},
-				ClientConfig: v1alpha1.WebhookClientConfig{
-					Service: &v1alpha1.ServiceReference{
+				ClientConfig: v1beta1.WebhookClientConfig{
+					Service: &v1beta1.ServiceReference{
 						Namespace: namespace,
 						Name:      serviceName,
 						Path:      strPtr("/mutating-crd"),
diff --git a/test/images/webhook/BUILD b/test/images/webhook/BUILD
index 07ebfb2ea9..a5f54f2cf1 100644
--- a/test/images/webhook/BUILD
+++ b/test/images/webhook/BUILD
@@ -11,7 +11,7 @@ go_library(
     visibility = ["//visibility:private"],
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/test/images/webhook/README.md b/test/images/webhook/README.md
index 14895d9099..6cbc81b1b5 100644
--- a/test/images/webhook/README.md
+++ b/test/images/webhook/README.md
@@ -38,7 +38,7 @@ the tls client, and the webhook is the tls server.
 The webhook proves its identity by the `serverCert` in the certs.go. The server
 cert is signed by the CA in certs.go. To let the apiserver trust the `caCert`,
 the webhook registers itself with the apiserver via the
-`admissionregistration/v1alpha1/externalAdmissionHook` API, with
+`admissionregistration/v1beta1/externalAdmissionHook` API, with
 `clientConfig.caBundle=caCert`.
 
 For maximum protection, this example webhook requires and verifies the client
diff --git a/test/images/webhook/main.go b/test/images/webhook/main.go
index eecbb26d8f..d487c08caa 100644
--- a/test/images/webhook/main.go
+++ b/test/images/webhook/main.go
@@ -25,7 +25,7 @@ import (
 	"strings"
 
 	"github.com/golang/glog"
-	"k8s.io/api/admission/v1alpha1"
+	"k8s.io/api/admission/v1beta1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,8 +56,8 @@ func (c *Config) addFlags() {
 		"File containing the default x509 private key matching --tls-cert-file.")
 }
 
-func toAdmissionResponse(err error) *v1alpha1.AdmissionResponse {
-	return &v1alpha1.AdmissionResponse{
+func toAdmissionResponse(err error) *v1beta1.AdmissionResponse {
+	return &v1beta1.AdmissionResponse{
 		Result: &metav1.Status{
 			Message: err.Error(),
 		},
@@ -65,7 +65,7 @@ func toAdmissionResponse(err error) *v1alpha1.AdmissionResponse {
 }
 
 // only allow pods to pull images from specific registry.
-func admitPods(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
+func admitPods(ar v1beta1.AdmissionReview) *v1beta1.AdmissionResponse {
 	glog.V(2).Info("admitting pods")
 	podResource := metav1.GroupVersionResource{Group: "", Version: "v1", Resource: "pods"}
 	if ar.Request.Resource != podResource {
@@ -81,7 +81,7 @@ func admitPods(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		glog.Error(err)
 		return toAdmissionResponse(err)
 	}
-	reviewResponse := v1alpha1.AdmissionResponse{}
+	reviewResponse := v1beta1.AdmissionResponse{}
 	reviewResponse.Allowed = true
 
 	var msg string
@@ -104,7 +104,7 @@ func admitPods(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 }
 
 // deny configmaps with specific key-value pair.
-func admitConfigMaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
+func admitConfigMaps(ar v1beta1.AdmissionReview) *v1beta1.AdmissionResponse {
 	glog.V(2).Info("admitting configmaps")
 	configMapResource := metav1.GroupVersionResource{Group: "", Version: "v1", Resource: "configmaps"}
 	if ar.Request.Resource != configMapResource {
@@ -119,7 +119,7 @@ func admitConfigMaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		glog.Error(err)
 		return toAdmissionResponse(err)
 	}
-	reviewResponse := v1alpha1.AdmissionResponse{}
+	reviewResponse := v1beta1.AdmissionResponse{}
 	reviewResponse.Allowed = true
 	for k, v := range configmap.Data {
 		if k == "webhook-e2e-test" && v == "webhook-disallow" {
@@ -132,7 +132,7 @@ func admitConfigMaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 	return &reviewResponse
 }
 
-func mutateConfigmaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
+func mutateConfigmaps(ar v1beta1.AdmissionReview) *v1beta1.AdmissionResponse {
 	glog.V(2).Info("mutating configmaps")
 	configMapResource := metav1.GroupVersionResource{Group: "", Version: "v1", Resource: "configmaps"}
 	if ar.Request.Resource != configMapResource {
@@ -147,7 +147,7 @@ func mutateConfigmaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		glog.Error(err)
 		return toAdmissionResponse(err)
 	}
-	reviewResponse := v1alpha1.AdmissionResponse{}
+	reviewResponse := v1beta1.AdmissionResponse{}
 	reviewResponse.Allowed = true
 	if configmap.Data["mutation-start"] == "yes" {
 		reviewResponse.Patch = []byte(patch1)
@@ -156,13 +156,13 @@ func mutateConfigmaps(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		reviewResponse.Patch = []byte(patch2)
 	}
 
-	pt := v1alpha1.PatchTypeJSONPatch
+	pt := v1beta1.PatchTypeJSONPatch
 	reviewResponse.PatchType = &pt
 
 	return &reviewResponse
 }
 
-func mutateCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
+func mutateCRD(ar v1beta1.AdmissionReview) *v1beta1.AdmissionResponse {
 	glog.V(2).Info("mutating crd")
 	cr := struct {
 		metav1.ObjectMeta
@@ -176,7 +176,7 @@ func mutateCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		return toAdmissionResponse(err)
 	}
 
-	reviewResponse := v1alpha1.AdmissionResponse{}
+	reviewResponse := v1beta1.AdmissionResponse{}
 	reviewResponse.Allowed = true
 
 	if cr.Data["mutation-start"] == "yes" {
@@ -185,12 +185,12 @@ func mutateCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 	if cr.Data["mutation-stage-1"] == "yes" {
 		reviewResponse.Patch = []byte(patch2)
 	}
-	pt := v1alpha1.PatchTypeJSONPatch
+	pt := v1beta1.PatchTypeJSONPatch
 	reviewResponse.PatchType = &pt
 	return &reviewResponse
 }
 
-func admitCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
+func admitCRD(ar v1beta1.AdmissionReview) *v1beta1.AdmissionResponse {
 	glog.V(2).Info("admitting crd")
 	cr := struct {
 		metav1.ObjectMeta
@@ -204,7 +204,7 @@ func admitCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 		return toAdmissionResponse(err)
 	}
 
-	reviewResponse := v1alpha1.AdmissionResponse{}
+	reviewResponse := v1beta1.AdmissionResponse{}
 	reviewResponse.Allowed = true
 	for k, v := range cr.Data {
 		if k == "webhook-e2e-test" && v == "webhook-disallow" {
@@ -217,7 +217,7 @@ func admitCRD(ar v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse {
 	return &reviewResponse
 }
 
-type admitFunc func(v1alpha1.AdmissionReview) *v1alpha1.AdmissionResponse
+type admitFunc func(v1beta1.AdmissionReview) *v1beta1.AdmissionResponse
 
 func serve(w http.ResponseWriter, r *http.Request, admit admitFunc) {
 	var body []byte
@@ -234,8 +234,8 @@ func serve(w http.ResponseWriter, r *http.Request, admit admitFunc) {
 		return
 	}
 
-	var reviewResponse *v1alpha1.AdmissionResponse
-	ar := v1alpha1.AdmissionReview{}
+	var reviewResponse *v1beta1.AdmissionResponse
+	ar := v1beta1.AdmissionReview{}
 	deserializer := codecs.UniversalDeserializer()
 	if _, _, err := deserializer.Decode(body, nil, &ar); err != nil {
 		glog.Error(err)
@@ -244,7 +244,7 @@ func serve(w http.ResponseWriter, r *http.Request, admit admitFunc) {
 		reviewResponse = admit(ar)
 	}
 
-	response := v1alpha1.AdmissionReview{}
+	response := v1beta1.AdmissionReview{}
 	if reviewResponse != nil {
 		response.Response = reviewResponse
 		response.Response.UID = ar.Request.UID
diff --git a/test/images/webhook/scheme.go b/test/images/webhook/scheme.go
index 6827b137d7..7e3d06e7b4 100644
--- a/test/images/webhook/scheme.go
+++ b/test/images/webhook/scheme.go
@@ -17,7 +17,7 @@ limitations under the License.
 package main
 
 import (
-	admissionregistrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
+	admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
@@ -32,5 +32,5 @@ func init() {
 
 func addToScheme(scheme *runtime.Scheme) {
 	corev1.AddToScheme(scheme)
-	admissionregistrationv1alpha1.AddToScheme(scheme)
+	admissionregistrationv1beta1.AddToScheme(scheme)
 }
diff --git a/test/integration/etcd/etcd_storage_path_test.go b/test/integration/etcd/etcd_storage_path_test.go
index 263061095b..1b1b057e3c 100644
--- a/test/integration/etcd/etcd_storage_path_test.go
+++ b/test/integration/etcd/etcd_storage_path_test.go
@@ -388,11 +388,12 @@ var etcdStorageData = map[schema.GroupVersionResource]struct {
 		stub:             `{"metadata":{"name":"ic1"},"initializers":[{"name":"initializer.k8s.io","rules":[{"apiGroups":["group"],"apiVersions":["version"],"resources":["resource"]}],"failurePolicy":"Ignore"}]}`,
 		expectedEtcdPath: "/registry/initializerconfigurations/ic1",
 	},
-	gvr("admissionregistration.k8s.io", "v1alpha1", "validatingwebhookconfigurations"): {
+	// k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1
+	gvr("admissionregistration.k8s.io", "v1beta1", "validatingwebhookconfigurations"): {
 		stub:             `{"metadata":{"name":"hook1","creationTimestamp":null},"webhooks":[{"name":"externaladmissionhook.k8s.io","clientConfig":{"service":{"namespace":"ns","name":"n"},"caBundle":null},"rules":[{"operations":["CREATE"],"apiGroups":["group"],"apiVersions":["version"],"resources":["resource"]}],"failurePolicy":"Ignore"}]}`,
 		expectedEtcdPath: "/registry/validatingwebhookconfigurations/hook1",
 	},
-	gvr("admissionregistration.k8s.io", "v1alpha1", "mutatingwebhookconfigurations"): {
+	gvr("admissionregistration.k8s.io", "v1beta1", "mutatingwebhookconfigurations"): {
 		stub:             `{"metadata":{"name":"hook1","creationTimestamp":null},"webhooks":[{"name":"externaladmissionhook.k8s.io","clientConfig":{"service":{"namespace":"ns","name":"n"},"caBundle":null},"rules":[{"operations":["CREATE"],"apiGroups":["group"],"apiVersions":["version"],"resources":["resource"]}],"failurePolicy":"Ignore"}]}`,
 		expectedEtcdPath: "/registry/mutatingwebhookconfigurations/hook1",
 	},
@@ -486,8 +487,8 @@ var ephemeralWhiteList = createEphemeralWhiteList(
 	gvr("policy", "v1beta1", "evictions"), // not stored in etcd, deals with evicting kapiv1.Pod
 	// --
 
-	// k8s.io/kubernetes/pkg/apis/admission/v1alpha1
-	gvr("admission.k8s.io", "v1alpha1", "admissionreviews"), // not stored in etcd, call out to webhooks.
+	// k8s.io/kubernetes/pkg/apis/admission/v1beta1
+	gvr("admission.k8s.io", "v1beta1", "admissionreviews"), // not stored in etcd, call out to webhooks.
 	// --
 )