V1.PodSecurityContext (client-java-proto 12.0.2 API)

java.lang.Object
- com.google.protobuf.AbstractMessageLite
- - com.google.protobuf.AbstractMessage
  - - com.google.protobuf.GeneratedMessageV3
    - - io.kubernetes.client.proto.V1.PodSecurityContext

All Implemented Interfaces:: com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1.PodSecurityContextOrBuilder, Serializable

Enclosing class:: V1

public static final class V1.PodSecurityContext
extends com.google.protobuf.GeneratedMessageV3
implements V1.PodSecurityContextOrBuilder

 PodSecurityContext holds pod-level security attributes and common container settings.
 Some fields are also present in container.securityContext.  Field values of
 container.securityContext take precedence over field values of PodSecurityContext.

Protobuf type k8s.io.api.core.v1.PodSecurityContext

See Also:: Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class V1.PodSecurityContext.Builder
PodSecurityContext holds pod-level security attributes and common container settings.
- Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3
  com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage,BuilderType extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageType,BuilderType>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter
- Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite
  com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

Nested Classes
Modifier and Type	Class and Description
`static class`	`V1.PodSecurityContext.Builder` PodSecurityContext holds pod-level security attributes and common container settings.

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`FSGROUP_FIELD_NUMBER`
`static com.google.protobuf.Parser<V1.PodSecurityContext>`	`PARSER` Deprecated.
`static int`	`RUNASGROUP_FIELD_NUMBER`
`static int`	`RUNASNONROOT_FIELD_NUMBER`
`static int`	`RUNASUSER_FIELD_NUMBER`
`static int`	`SELINUXOPTIONS_FIELD_NUMBER`
`static int`	`SUPPLEMENTALGROUPS_FIELD_NUMBER`
`static int`	`SYSCTLS_FIELD_NUMBER`

Fields inherited from class com.google.protobuf.GeneratedMessageV3
alwaysUseFieldBuilders, unknownFields

Fields inherited from class com.google.protobuf.AbstractMessage
memoizedSize

Fields inherited from class com.google.protobuf.AbstractMessageLite
memoizedHashCode

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`equals(Object obj)`
`static V1.PodSecurityContext`	`getDefaultInstance()`
`V1.PodSecurityContext`	`getDefaultInstanceForType()`
`static com.google.protobuf.Descriptors.Descriptor`	`getDescriptor()`
`long`	`getFsGroup()` A special supplemental group that applies to all containers in a pod.
`com.google.protobuf.Parser<V1.PodSecurityContext>`	`getParserForType()`
`long`	`getRunAsGroup()` The GID to run the entrypoint of the container process.
`boolean`	`getRunAsNonRoot()` Indicates that the container must run as a non-root user.
`long`	`getRunAsUser()` The UID to run the entrypoint of the container process.
`V1.SELinuxOptions`	`getSeLinuxOptions()` The SELinux context to be applied to all containers.
`V1.SELinuxOptionsOrBuilder`	`getSeLinuxOptionsOrBuilder()` The SELinux context to be applied to all containers.
`int`	`getSerializedSize()`
`long`	`getSupplementalGroups(int index)` A list of groups applied to the first process run in each container, in addition to the container's primary GID.
`int`	`getSupplementalGroupsCount()` A list of groups applied to the first process run in each container, in addition to the container's primary GID.
`List<Long>`	`getSupplementalGroupsList()` A list of groups applied to the first process run in each container, in addition to the container's primary GID.
`V1.Sysctl`	`getSysctls(int index)` Sysctls hold a list of namespaced sysctls used for the pod.
`int`	`getSysctlsCount()` Sysctls hold a list of namespaced sysctls used for the pod.
`List<V1.Sysctl>`	`getSysctlsList()` Sysctls hold a list of namespaced sysctls used for the pod.
`V1.SysctlOrBuilder`	`getSysctlsOrBuilder(int index)` Sysctls hold a list of namespaced sysctls used for the pod.
`List<? extends V1.SysctlOrBuilder>`	`getSysctlsOrBuilderList()` Sysctls hold a list of namespaced sysctls used for the pod.
`com.google.protobuf.UnknownFieldSet`	`getUnknownFields()`
`boolean`	`hasFsGroup()` A special supplemental group that applies to all containers in a pod.
`int`	`hashCode()`
`boolean`	`hasRunAsGroup()` The GID to run the entrypoint of the container process.
`boolean`	`hasRunAsNonRoot()` Indicates that the container must run as a non-root user.
`boolean`	`hasRunAsUser()` The UID to run the entrypoint of the container process.
`boolean`	`hasSeLinuxOptions()` The SELinux context to be applied to all containers.
`protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable`	`internalGetFieldAccessorTable()`
`boolean`	`isInitialized()`
`static V1.PodSecurityContext.Builder`	`newBuilder()`
`static V1.PodSecurityContext.Builder`	`newBuilder(V1.PodSecurityContext prototype)`
`V1.PodSecurityContext.Builder`	`newBuilderForType()`
`protected V1.PodSecurityContext.Builder`	`newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)`
`static V1.PodSecurityContext`	`parseDelimitedFrom(InputStream input)`
`static V1.PodSecurityContext`	`parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static V1.PodSecurityContext`	`parseFrom(byte[] data)`
`static V1.PodSecurityContext`	`parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static V1.PodSecurityContext`	`parseFrom(ByteBuffer data)`
`static V1.PodSecurityContext`	`parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static V1.PodSecurityContext`	`parseFrom(com.google.protobuf.ByteString data)`
`static V1.PodSecurityContext`	`parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static V1.PodSecurityContext`	`parseFrom(com.google.protobuf.CodedInputStream input)`
`static V1.PodSecurityContext`	`parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static V1.PodSecurityContext`	`parseFrom(InputStream input)`
`static V1.PodSecurityContext`	`parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`static com.google.protobuf.Parser<V1.PodSecurityContext>`	`parser()`
`V1.PodSecurityContext.Builder`	`toBuilder()`
`void`	`writeTo(com.google.protobuf.CodedOutputStream output)`

Methods inherited from class com.google.protobuf.GeneratedMessageV3
canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, hasField, hasOneof, internalGetMapField, makeExtensionsImmutable, mergeFromAndMakeImmutableInternal, mutableCopy, mutableCopy, mutableCopy, mutableCopy, mutableCopy, newBooleanList, newBuilderForType, newDoubleList, newFloatList, newInstance, newIntList, newLongList, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag

Methods inherited from class com.google.protobuf.AbstractMessage
findInitializationErrors, getInitializationErrorString, hashBoolean, hashEnum, hashEnumList, hashFields, hashLong, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite
addAll, addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLite
toByteArray, toByteString, writeDelimitedTo, writeTo

Field Detail

SELINUXOPTIONS_FIELD_NUMBER
```
public static final int SELINUXOPTIONS_FIELD_NUMBER
```
See Also:

Constant Field Values

RUNASUSER_FIELD_NUMBER
```
public static final int RUNASUSER_FIELD_NUMBER
```
See Also:

Constant Field Values

RUNASGROUP_FIELD_NUMBER
```
public static final int RUNASGROUP_FIELD_NUMBER
```
See Also:

Constant Field Values

RUNASNONROOT_FIELD_NUMBER
```
public static final int RUNASNONROOT_FIELD_NUMBER
```
See Also:

Constant Field Values

SUPPLEMENTALGROUPS_FIELD_NUMBER
```
public static final int SUPPLEMENTALGROUPS_FIELD_NUMBER
```
See Also:

Constant Field Values

FSGROUP_FIELD_NUMBER
```
public static final int FSGROUP_FIELD_NUMBER
```
See Also:

Constant Field Values

SYSCTLS_FIELD_NUMBER
```
public static final int SYSCTLS_FIELD_NUMBER
```
See Also:

Constant Field Values

PARSER

@Deprecated
public static final com.google.protobuf.Parser<V1.PodSecurityContext> PARSER

Deprecated.

Method Detail

getUnknownFields
```
public final com.google.protobuf.UnknownFieldSet getUnknownFields()
```
Specified by:

getUnknownFields in interface com.google.protobuf.MessageOrBuilder

Overrides:

getUnknownFields in class com.google.protobuf.GeneratedMessageV3

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable
```
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
```
Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

hasSeLinuxOptions

public boolean hasSeLinuxOptions()

 The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 +optional

optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

Specified by:: hasSeLinuxOptions in interface V1.PodSecurityContextOrBuilder

getSeLinuxOptions

public V1.SELinuxOptions getSeLinuxOptions()

 The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 +optional

optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

Specified by:: getSeLinuxOptions in interface V1.PodSecurityContextOrBuilder

getSeLinuxOptionsOrBuilder

public V1.SELinuxOptionsOrBuilder getSeLinuxOptionsOrBuilder()

 The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 +optional

optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

Specified by:: getSeLinuxOptionsOrBuilder in interface V1.PodSecurityContextOrBuilder

hasRunAsUser

public boolean hasRunAsUser()

 The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 +optional

optional int64 runAsUser = 2;

Specified by:: hasRunAsUser in interface V1.PodSecurityContextOrBuilder

getRunAsUser

public long getRunAsUser()

 The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 +optional

optional int64 runAsUser = 2;

Specified by:: getRunAsUser in interface V1.PodSecurityContextOrBuilder

hasRunAsGroup

public boolean hasRunAsGroup()

 The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 +optional

optional int64 runAsGroup = 6;

Specified by:: hasRunAsGroup in interface V1.PodSecurityContextOrBuilder

getRunAsGroup

public long getRunAsGroup()

 The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 +optional

optional int64 runAsGroup = 6;

Specified by:: getRunAsGroup in interface V1.PodSecurityContextOrBuilder

hasRunAsNonRoot

public boolean hasRunAsNonRoot()

 Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional

optional bool runAsNonRoot = 3;

Specified by:: hasRunAsNonRoot in interface V1.PodSecurityContextOrBuilder

getRunAsNonRoot

public boolean getRunAsNonRoot()

 Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional

optional bool runAsNonRoot = 3;

Specified by:: getRunAsNonRoot in interface V1.PodSecurityContextOrBuilder

getSupplementalGroupsList

public List<Long> getSupplementalGroupsList()

 A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 +optional

repeated int64 supplementalGroups = 4;

Specified by:: getSupplementalGroupsList in interface V1.PodSecurityContextOrBuilder

getSupplementalGroupsCount

public int getSupplementalGroupsCount()

 A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 +optional

repeated int64 supplementalGroups = 4;

Specified by:: getSupplementalGroupsCount in interface V1.PodSecurityContextOrBuilder

getSupplementalGroups

public long getSupplementalGroups(int index)

 A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 +optional

repeated int64 supplementalGroups = 4;

Specified by:: getSupplementalGroups in interface V1.PodSecurityContextOrBuilder

hasFsGroup

public boolean hasFsGroup()

 A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 +optional

optional int64 fsGroup = 5;

Specified by:: hasFsGroup in interface V1.PodSecurityContextOrBuilder

getFsGroup

public long getFsGroup()

 A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 +optional

optional int64 fsGroup = 5;

Specified by:: getFsGroup in interface V1.PodSecurityContextOrBuilder