Class V1beta1PodCertificateRequestSpec

java.lang.Object
io.micronaut.kubernetes.client.openapi.model.V1beta1PodCertificateRequestSpec
@Generated("io.micronaut.openapi.generator.JavaMicronautClientCodegen") public class V1beta1PodCertificateRequestSpec extends Object
PodCertificateRequestSpec describes the certificate request. All fields are immutable after creation.

  • Field Details

  • Constructor Details

    • V1beta1PodCertificateRequestSpec

      public V1beta1PodCertificateRequestSpec(String nodeName, String nodeUID, byte @Nullable [] pkixPublicKey, String podName, String podUID, byte @Nullable [] proofOfPossession, String serviceAccountName, String serviceAccountUID, String signerName)

  • Method Details

    • getNodeName

      public String getNodeName()
      nodeName is the name of the node the pod is assigned to.
      Returns:
      the nodeName property value

    • setNodeName

      public void setNodeName(String nodeName)
      Set the nodeName property value
      Parameters:
      nodeName - property value to set

    • nodeName

      public V1beta1PodCertificateRequestSpec nodeName(String nodeName)
      Set nodeName in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getNodeUID

      public String getNodeUID()
      nodeUID is the UID of the node the pod is assigned to.
      Returns:
      the nodeUID property value

    • setNodeUID

      public void setNodeUID(String nodeUID)
      Set the nodeUID property value
      Parameters:
      nodeUID - property value to set

    • nodeUID

      public V1beta1PodCertificateRequestSpec nodeUID(String nodeUID)
      Set nodeUID in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getPkixPublicKey

      public byte @Nullable [] getPkixPublicKey()
      pkixPublicKey is the PKIX-serialized public key the signer will issue the certificate to. The key must be one of RSA3072, RSA4096, ECDSAP256, ECDSAP384, ECDSAP521, or ED25519. Note that this list may be expanded in the future. Signer implementations do not need to support all key types supported by kube-apiserver and kubelet. If a signer does not support the key type used for a given PodCertificateRequest, it must deny the request by setting a status.conditions entry with a type of \"Denied\" and a reason of \"UnsupportedKeyType\". It may also suggest a key type that it does support in the message field.
      Returns:
      the pkixPublicKey property value

    • setPkixPublicKey

      public void setPkixPublicKey(byte @Nullable [] pkixPublicKey)
      Set the pkixPublicKey property value
      Parameters:
      pkixPublicKey - property value to set

    • pkixPublicKey

      public V1beta1PodCertificateRequestSpec pkixPublicKey(byte @Nullable [] pkixPublicKey)
      Set pkixPublicKey in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getPodName

      public String getPodName()
      podName is the name of the pod into which the certificate will be mounted.
      Returns:
      the podName property value

    • setPodName

      public void setPodName(String podName)
      Set the podName property value
      Parameters:
      podName - property value to set

    • podName

      public V1beta1PodCertificateRequestSpec podName(String podName)
      Set podName in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getPodUID

      public String getPodUID()
      podUID is the UID of the pod into which the certificate will be mounted.
      Returns:
      the podUID property value

    • setPodUID

      public void setPodUID(String podUID)
      Set the podUID property value
      Parameters:
      podUID - property value to set

    • podUID

      public V1beta1PodCertificateRequestSpec podUID(String podUID)
      Set podUID in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getProofOfPossession

      public byte @Nullable [] getProofOfPossession()
      proofOfPossession proves that the requesting kubelet holds the private key corresponding to pkixPublicKey. It is contructed by signing the ASCII bytes of the pod's UID using `pkixPublicKey`. kube-apiserver validates the proof of possession during creation of the PodCertificateRequest. If the key is an RSA key, then the signature is over the ASCII bytes of the pod UID, using RSASSA-PSS from RFC 8017 (as implemented by the golang function crypto/rsa.SignPSS with nil options). If the key is an ECDSA key, then the signature is as described by [SEC 1, Version 2.0](https://www.secg.org/sec1-v2.pdf) (as implemented by the golang library function crypto/ecdsa.SignASN1) If the key is an ED25519 key, the the signature is as described by the [ED25519 Specification](https://ed25519.cr.yp.to/) (as implemented by the golang library crypto/ed25519.Sign).
      Returns:
      the proofOfPossession property value

    • setProofOfPossession

      public void setProofOfPossession(byte @Nullable [] proofOfPossession)
      Set the proofOfPossession property value
      Parameters:
      proofOfPossession - property value to set

    • proofOfPossession

      public V1beta1PodCertificateRequestSpec proofOfPossession(byte @Nullable [] proofOfPossession)
      Set proofOfPossession in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getServiceAccountName

      public String getServiceAccountName()
      serviceAccountName is the name of the service account the pod is running as.
      Returns:
      the serviceAccountName property value

    • setServiceAccountName

      public void setServiceAccountName(String serviceAccountName)
      Set the serviceAccountName property value
      Parameters:
      serviceAccountName - property value to set

    • serviceAccountName

      public V1beta1PodCertificateRequestSpec serviceAccountName(String serviceAccountName)
      Set serviceAccountName in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getServiceAccountUID

      public String getServiceAccountUID()
      serviceAccountUID is the UID of the service account the pod is running as.
      Returns:
      the serviceAccountUID property value

    • setServiceAccountUID

      public void setServiceAccountUID(String serviceAccountUID)
      Set the serviceAccountUID property value
      Parameters:
      serviceAccountUID - property value to set

    • serviceAccountUID

      public V1beta1PodCertificateRequestSpec serviceAccountUID(String serviceAccountUID)
      Set serviceAccountUID in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getSignerName

      public String getSignerName()
      signerName indicates the requested signer. All signer names beginning with `kubernetes.io` are reserved for use by the Kubernetes project. There is currently one well-known signer documented by the Kubernetes project, `kubernetes.io/kube-apiserver-client-pod`, which will issue client certificates understood by kube-apiserver. It is currently unimplemented.
      Returns:
      the signerName property value

    • setSignerName

      public void setSignerName(String signerName)
      Set the signerName property value
      Parameters:
      signerName - property value to set

    • signerName

      public V1beta1PodCertificateRequestSpec signerName(String signerName)
      Set signerName in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getMaxExpirationSeconds

      public Integer getMaxExpirationSeconds()
      maxExpirationSeconds is the maximum lifetime permitted for the certificate. If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver will reject values shorter than 3600 (1 hour). The maximum allowable value is 7862400 (91 days). The signer implementation is then free to issue a certificate with any lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 seconds (1 hour). This constraint is enforced by kube-apiserver. `kubernetes.io` signers will never issue certificates with a lifetime longer than 24 hours.
      Returns:
      the maxExpirationSeconds property value

    • setMaxExpirationSeconds

      public void setMaxExpirationSeconds(Integer maxExpirationSeconds)
      Set the maxExpirationSeconds property value
      Parameters:
      maxExpirationSeconds - property value to set

    • maxExpirationSeconds

      public V1beta1PodCertificateRequestSpec maxExpirationSeconds(Integer maxExpirationSeconds)
      Set maxExpirationSeconds in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • getUnverifiedUserAnnotations

      public Map<String, @NotNull String> getUnverifiedUserAnnotations()
      unverifiedUserAnnotations allow pod authors to pass additional information to the signer implementation. Kubernetes does not restrict or validate this metadata in any way. Entries are subject to the same validation as object metadata annotations, with the addition that all keys must be domain-prefixed. No restrictions are placed on values, except an overall size limitation on the entire field. Signers should document the keys and values they support. Signers should deny requests that contain keys they do not recognize.
      Returns:
      the unverifiedUserAnnotations property value

    • setUnverifiedUserAnnotations

      public void setUnverifiedUserAnnotations(Map<String, @NotNull String> unverifiedUserAnnotations)
      Set the unverifiedUserAnnotations property value
      Parameters:
      unverifiedUserAnnotations - property value to set

    • unverifiedUserAnnotations

      public V1beta1PodCertificateRequestSpec unverifiedUserAnnotations(Map<String, @NotNull String> unverifiedUserAnnotations)
      Set unverifiedUserAnnotations in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • putUnverifiedUserAnnotationsItem

      public V1beta1PodCertificateRequestSpec putUnverifiedUserAnnotationsItem(String key, String unverifiedUserAnnotationsItem)
      Set the value for the key for the unverifiedUserAnnotations map property in a chainable fashion.
      Returns:
      The same instance of V1beta1PodCertificateRequestSpec for chaining.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object