Class V1SecurityContext

java.lang.Object
io.micronaut.kubernetes.client.openapi.model.V1SecurityContext

@Generated("io.micronaut.openapi.generator.JavaMicronautClientCodegen") public class V1SecurityContext extends Object
SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.
  • Field Details

  • Constructor Details

    • V1SecurityContext

      public V1SecurityContext()
  • Method Details

    • getAllowPrivilegeEscalation

      public Boolean getAllowPrivilegeEscalation()
      AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the allowPrivilegeEscalation property value
    • setAllowPrivilegeEscalation

      public void setAllowPrivilegeEscalation(Boolean allowPrivilegeEscalation)
      Set the allowPrivilegeEscalation property value
    • allowPrivilegeEscalation

      public V1SecurityContext allowPrivilegeEscalation(Boolean allowPrivilegeEscalation)
      Set allowPrivilegeEscalation in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getCapabilities

      public V1Capabilities getCapabilities()
      Returns:
      the capabilities property value
    • setCapabilities

      public void setCapabilities(V1Capabilities capabilities)
      Set the capabilities property value
    • capabilities

      public V1SecurityContext capabilities(V1Capabilities capabilities)
      Set capabilities in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getPrivileged

      public Boolean getPrivileged()
      Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the privileged property value
    • setPrivileged

      public void setPrivileged(Boolean privileged)
      Set the privileged property value
    • privileged

      public V1SecurityContext privileged(Boolean privileged)
      Set privileged in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getProcMount

      public String getProcMount()
      procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the procMount property value
    • setProcMount

      public void setProcMount(String procMount)
      Set the procMount property value
    • procMount

      public V1SecurityContext procMount(String procMount)
      Set procMount in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getReadOnlyRootFilesystem

      public Boolean getReadOnlyRootFilesystem()
      Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the readOnlyRootFilesystem property value
    • setReadOnlyRootFilesystem

      public void setReadOnlyRootFilesystem(Boolean readOnlyRootFilesystem)
      Set the readOnlyRootFilesystem property value
    • readOnlyRootFilesystem

      public V1SecurityContext readOnlyRootFilesystem(Boolean readOnlyRootFilesystem)
      Set readOnlyRootFilesystem in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getRunAsGroup

      public Long getRunAsGroup()
      The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the runAsGroup property value
    • setRunAsGroup

      public void setRunAsGroup(Long runAsGroup)
      Set the runAsGroup property value
    • runAsGroup

      public V1SecurityContext runAsGroup(Long runAsGroup)
      Set runAsGroup in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getRunAsNonRoot

      public Boolean getRunAsNonRoot()
      Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
      Returns:
      the runAsNonRoot property value
    • setRunAsNonRoot

      public void setRunAsNonRoot(Boolean runAsNonRoot)
      Set the runAsNonRoot property value
    • runAsNonRoot

      public V1SecurityContext runAsNonRoot(Boolean runAsNonRoot)
      Set runAsNonRoot in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getRunAsUser

      public Long getRunAsUser()
      The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
      Returns:
      the runAsUser property value
    • setRunAsUser

      public void setRunAsUser(Long runAsUser)
      Set the runAsUser property value
    • runAsUser

      public V1SecurityContext runAsUser(Long runAsUser)
      Set runAsUser in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getSeLinuxOptions

      public V1SELinuxOptions getSeLinuxOptions()
      Returns:
      the seLinuxOptions property value
    • setSeLinuxOptions

      public void setSeLinuxOptions(V1SELinuxOptions seLinuxOptions)
      Set the seLinuxOptions property value
    • seLinuxOptions

      public V1SecurityContext seLinuxOptions(V1SELinuxOptions seLinuxOptions)
      Set seLinuxOptions in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getSeccompProfile

      public V1SeccompProfile getSeccompProfile()
      Returns:
      the seccompProfile property value
    • setSeccompProfile

      public void setSeccompProfile(V1SeccompProfile seccompProfile)
      Set the seccompProfile property value
    • seccompProfile

      public V1SecurityContext seccompProfile(V1SeccompProfile seccompProfile)
      Set seccompProfile in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • getWindowsOptions

      public V1WindowsSecurityContextOptions getWindowsOptions()
      Returns:
      the windowsOptions property value
    • setWindowsOptions

      public void setWindowsOptions(V1WindowsSecurityContextOptions windowsOptions)
      Set the windowsOptions property value
    • windowsOptions

      public V1SecurityContext windowsOptions(V1WindowsSecurityContextOptions windowsOptions)
      Set windowsOptions in a chainable fashion.
      Returns:
      The same instance of V1SecurityContext for chaining.
    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object
    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object
    • toString

      public String toString()
      Overrides:
      toString in class Object