Class PodSecurityPolicySpec.Builder
- java.lang.Object
-
- com.marcnuri.yakc.model.io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec.Builder
-
- Enclosing class:
- PodSecurityPolicySpec
public static class PodSecurityPolicySpec.Builder extends java.lang.Object
-
-
Method Summary
-
-
-
Method Detail
-
allowPrivilegeEscalation
public PodSecurityPolicySpec.Builder allowPrivilegeEscalation(java.lang.Boolean allowPrivilegeEscalation)
allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.- Returns:
this
.
-
addToAllowedCSIDrivers
public PodSecurityPolicySpec.Builder addToAllowedCSIDrivers(AllowedCSIDriver addToAllowedCSIDrivers)
-
allowedCSIDrivers
public PodSecurityPolicySpec.Builder allowedCSIDrivers(java.util.Collection<? extends AllowedCSIDriver> allowedCSIDrivers)
-
clearAllowedCSIDrivers
public PodSecurityPolicySpec.Builder clearAllowedCSIDrivers()
-
addToAllowedCapabilities
public PodSecurityPolicySpec.Builder addToAllowedCapabilities(java.lang.String addToAllowedCapabilities)
-
allowedCapabilities
public PodSecurityPolicySpec.Builder allowedCapabilities(java.util.Collection<? extends java.lang.String> allowedCapabilities)
-
clearAllowedCapabilities
public PodSecurityPolicySpec.Builder clearAllowedCapabilities()
-
addToAllowedFlexVolumes
public PodSecurityPolicySpec.Builder addToAllowedFlexVolumes(AllowedFlexVolume addToAllowedFlexVolumes)
-
allowedFlexVolumes
public PodSecurityPolicySpec.Builder allowedFlexVolumes(java.util.Collection<? extends AllowedFlexVolume> allowedFlexVolumes)
-
clearAllowedFlexVolumes
public PodSecurityPolicySpec.Builder clearAllowedFlexVolumes()
-
addToAllowedHostPaths
public PodSecurityPolicySpec.Builder addToAllowedHostPaths(AllowedHostPath addToAllowedHostPaths)
-
allowedHostPaths
public PodSecurityPolicySpec.Builder allowedHostPaths(java.util.Collection<? extends AllowedHostPath> allowedHostPaths)
-
clearAllowedHostPaths
public PodSecurityPolicySpec.Builder clearAllowedHostPaths()
-
addToAllowedProcMountTypes
public PodSecurityPolicySpec.Builder addToAllowedProcMountTypes(java.lang.String addToAllowedProcMountTypes)
-
allowedProcMountTypes
public PodSecurityPolicySpec.Builder allowedProcMountTypes(java.util.Collection<? extends java.lang.String> allowedProcMountTypes)
-
clearAllowedProcMountTypes
public PodSecurityPolicySpec.Builder clearAllowedProcMountTypes()
-
addToAllowedUnsafeSysctls
public PodSecurityPolicySpec.Builder addToAllowedUnsafeSysctls(java.lang.String addToAllowedUnsafeSysctls)
-
allowedUnsafeSysctls
public PodSecurityPolicySpec.Builder allowedUnsafeSysctls(java.util.Collection<? extends java.lang.String> allowedUnsafeSysctls)
-
clearAllowedUnsafeSysctls
public PodSecurityPolicySpec.Builder clearAllowedUnsafeSysctls()
-
addToDefaultAddCapabilities
public PodSecurityPolicySpec.Builder addToDefaultAddCapabilities(java.lang.String addToDefaultAddCapabilities)
-
defaultAddCapabilities
public PodSecurityPolicySpec.Builder defaultAddCapabilities(java.util.Collection<? extends java.lang.String> defaultAddCapabilities)
-
clearDefaultAddCapabilities
public PodSecurityPolicySpec.Builder clearDefaultAddCapabilities()
-
defaultAllowPrivilegeEscalation
public PodSecurityPolicySpec.Builder defaultAllowPrivilegeEscalation(java.lang.Boolean defaultAllowPrivilegeEscalation)
defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.- Returns:
this
.
-
addToForbiddenSysctls
public PodSecurityPolicySpec.Builder addToForbiddenSysctls(java.lang.String addToForbiddenSysctls)
-
forbiddenSysctls
public PodSecurityPolicySpec.Builder forbiddenSysctls(java.util.Collection<? extends java.lang.String> forbiddenSysctls)
-
clearForbiddenSysctls
public PodSecurityPolicySpec.Builder clearForbiddenSysctls()
-
fsGroup
public PodSecurityPolicySpec.Builder fsGroup(@NonNull @NonNull FSGroupStrategyOptions fsGroup)
- Returns:
this
.
-
hostIPC
public PodSecurityPolicySpec.Builder hostIPC(java.lang.Boolean hostIPC)
hostIPC determines if the policy allows the use of HostIPC in the pod spec.- Returns:
this
.
-
hostNetwork
public PodSecurityPolicySpec.Builder hostNetwork(java.lang.Boolean hostNetwork)
hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.- Returns:
this
.
-
hostPID
public PodSecurityPolicySpec.Builder hostPID(java.lang.Boolean hostPID)
hostPID determines if the policy allows the use of HostPID in the pod spec.- Returns:
this
.
-
addToHostPorts
public PodSecurityPolicySpec.Builder addToHostPorts(HostPortRange addToHostPorts)
-
hostPorts
public PodSecurityPolicySpec.Builder hostPorts(java.util.Collection<? extends HostPortRange> hostPorts)
-
clearHostPorts
public PodSecurityPolicySpec.Builder clearHostPorts()
-
privileged
public PodSecurityPolicySpec.Builder privileged(java.lang.Boolean privileged)
privileged determines if a pod can request to be run as privileged.- Returns:
this
.
-
readOnlyRootFilesystem
public PodSecurityPolicySpec.Builder readOnlyRootFilesystem(java.lang.Boolean readOnlyRootFilesystem)
readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.- Returns:
this
.
-
addToRequiredDropCapabilities
public PodSecurityPolicySpec.Builder addToRequiredDropCapabilities(java.lang.String addToRequiredDropCapabilities)
-
requiredDropCapabilities
public PodSecurityPolicySpec.Builder requiredDropCapabilities(java.util.Collection<? extends java.lang.String> requiredDropCapabilities)
-
clearRequiredDropCapabilities
public PodSecurityPolicySpec.Builder clearRequiredDropCapabilities()
-
runAsGroup
public PodSecurityPolicySpec.Builder runAsGroup(RunAsGroupStrategyOptions runAsGroup)
- Returns:
this
.
-
runAsUser
public PodSecurityPolicySpec.Builder runAsUser(@NonNull @NonNull RunAsUserStrategyOptions runAsUser)
- Returns:
this
.
-
runtimeClass
public PodSecurityPolicySpec.Builder runtimeClass(RuntimeClassStrategyOptions runtimeClass)
- Returns:
this
.
-
seLinux
public PodSecurityPolicySpec.Builder seLinux(@NonNull @NonNull SELinuxStrategyOptions seLinux)
- Returns:
this
.
-
supplementalGroups
public PodSecurityPolicySpec.Builder supplementalGroups(@NonNull @NonNull SupplementalGroupsStrategyOptions supplementalGroups)
- Returns:
this
.
-
addToVolumes
public PodSecurityPolicySpec.Builder addToVolumes(java.lang.String addToVolumes)
-
volumes
public PodSecurityPolicySpec.Builder volumes(java.util.Collection<? extends java.lang.String> volumes)
-
clearVolumes
public PodSecurityPolicySpec.Builder clearVolumes()
-
build
public PodSecurityPolicySpec build()
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-