Package io.kubernetes.client.proto

Class V1.PodSecurityContext.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderType>
com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>
io.kubernetes.client.proto.V1.PodSecurityContext.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1.PodSecurityContextOrBuilder, Cloneable
Enclosing class:
V1.PodSecurityContext
public static final class V1.PodSecurityContext.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder> implements V1.PodSecurityContextOrBuilder
 PodSecurityContext holds pod-level security attributes and common container settings.
 Some fields are also present in container.securityContext.  Field values of
 container.securityContext take precedence over field values of PodSecurityContext.
Protobuf type k8s.io.api.core.v1.PodSecurityContext

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • clear

      public V1.PodSecurityContext.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • getDefaultInstanceForType

      public V1.PodSecurityContext getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public V1.PodSecurityContext build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public V1.PodSecurityContext buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public V1.PodSecurityContext.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • setField

      public V1.PodSecurityContext.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • clearField

      public V1.PodSecurityContext.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • clearOneof

      public V1.PodSecurityContext.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • setRepeatedField

      public V1.PodSecurityContext.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • addRepeatedField

      public V1.PodSecurityContext.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • mergeFrom

      public V1.PodSecurityContext.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1.PodSecurityContext.Builder>

    • mergeFrom

      public V1.PodSecurityContext.Builder mergeFrom(V1.PodSecurityContext other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • mergeFrom

      public V1.PodSecurityContext.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1.PodSecurityContext.Builder>
      Throws:
      IOException

    • hasSeLinuxOptions

      public boolean hasSeLinuxOptions()
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;
      Specified by:
      hasSeLinuxOptions in interface V1.PodSecurityContextOrBuilder

    • getSeLinuxOptions

      public V1.SELinuxOptions getSeLinuxOptions()
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;
      Specified by:
      getSeLinuxOptions in interface V1.PodSecurityContextOrBuilder

    • setSeLinuxOptions

      public V1.PodSecurityContext.Builder setSeLinuxOptions(V1.SELinuxOptions value)
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

    • setSeLinuxOptions

      public V1.PodSecurityContext.Builder setSeLinuxOptions(V1.SELinuxOptions.Builder builderForValue)
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

    • mergeSeLinuxOptions

      public V1.PodSecurityContext.Builder mergeSeLinuxOptions(V1.SELinuxOptions value)
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

    • clearSeLinuxOptions

      public V1.PodSecurityContext.Builder clearSeLinuxOptions()
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

    • getSeLinuxOptionsBuilder

      public V1.SELinuxOptions.Builder getSeLinuxOptionsBuilder()
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;

    • getSeLinuxOptionsOrBuilder

      public V1.SELinuxOptionsOrBuilder getSeLinuxOptionsOrBuilder()
       The SELinux context to be applied to all containers.
 If unspecified, the container runtime will allocate a random SELinux context for each
 container.  May also be set in SecurityContext.  If set in
 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
 takes precedence for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 1;
      Specified by:
      getSeLinuxOptionsOrBuilder in interface V1.PodSecurityContextOrBuilder

    • hasWindowsOptions

      public boolean hasWindowsOptions()
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;
      Specified by:
      hasWindowsOptions in interface V1.PodSecurityContextOrBuilder

    • getWindowsOptions

      public V1.WindowsSecurityContextOptions getWindowsOptions()
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;
      Specified by:
      getWindowsOptions in interface V1.PodSecurityContextOrBuilder

    • setWindowsOptions

      public V1.PodSecurityContext.Builder setWindowsOptions(V1.WindowsSecurityContextOptions value)
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;

    • setWindowsOptions

      public V1.PodSecurityContext.Builder setWindowsOptions(V1.WindowsSecurityContextOptions.Builder builderForValue)
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;

    • mergeWindowsOptions

      public V1.PodSecurityContext.Builder mergeWindowsOptions(V1.WindowsSecurityContextOptions value)
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;

    • clearWindowsOptions

      public V1.PodSecurityContext.Builder clearWindowsOptions()
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;

    • getWindowsOptionsBuilder

      public V1.WindowsSecurityContextOptions.Builder getWindowsOptionsBuilder()
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;

    • getWindowsOptionsOrBuilder

      public V1.WindowsSecurityContextOptionsOrBuilder getWindowsOptionsOrBuilder()
       The Windows specific settings applied to all containers.
 If unspecified, the options within a container's SecurityContext will be used.
 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
 Note that this field cannot be set when spec.os.name is linux.
 +optional
      optional .k8s.io.api.core.v1.WindowsSecurityContextOptions windowsOptions = 8;
      Specified by:
      getWindowsOptionsOrBuilder in interface V1.PodSecurityContextOrBuilder

    • hasRunAsUser

      public boolean hasRunAsUser()
       The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsUser = 2;
      Specified by:
      hasRunAsUser in interface V1.PodSecurityContextOrBuilder

    • getRunAsUser

      public long getRunAsUser()
       The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsUser = 2;
      Specified by:
      getRunAsUser in interface V1.PodSecurityContextOrBuilder

    • setRunAsUser

      public V1.PodSecurityContext.Builder setRunAsUser(long value)
       The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsUser = 2;

    • clearRunAsUser

      public V1.PodSecurityContext.Builder clearRunAsUser()
       The UID to run the entrypoint of the container process.
 Defaults to user specified in image metadata if unspecified.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsUser = 2;

    • hasRunAsGroup

      public boolean hasRunAsGroup()
       The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsGroup = 6;
      Specified by:
      hasRunAsGroup in interface V1.PodSecurityContextOrBuilder

    • getRunAsGroup

      public long getRunAsGroup()
       The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsGroup = 6;
      Specified by:
      getRunAsGroup in interface V1.PodSecurityContextOrBuilder

    • setRunAsGroup

      public V1.PodSecurityContext.Builder setRunAsGroup(long value)
       The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsGroup = 6;

    • clearRunAsGroup

      public V1.PodSecurityContext.Builder clearRunAsGroup()
       The GID to run the entrypoint of the container process.
 Uses runtime default if unset.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence
 for that container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 runAsGroup = 6;

    • hasRunAsNonRoot

      public boolean hasRunAsNonRoot()
       Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional
      optional bool runAsNonRoot = 3;
      Specified by:
      hasRunAsNonRoot in interface V1.PodSecurityContextOrBuilder

    • getRunAsNonRoot

      public boolean getRunAsNonRoot()
       Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional
      optional bool runAsNonRoot = 3;
      Specified by:
      getRunAsNonRoot in interface V1.PodSecurityContextOrBuilder

    • setRunAsNonRoot

      public V1.PodSecurityContext.Builder setRunAsNonRoot(boolean value)
       Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional
      optional bool runAsNonRoot = 3;

    • clearRunAsNonRoot

      public V1.PodSecurityContext.Builder clearRunAsNonRoot()
       Indicates that the container must run as a non-root user.
 If true, the Kubelet will validate the image at runtime to ensure that it
 does not run as UID 0 (root) and fail to start the container if it does.
 If unset or false, no such validation will be performed.
 May also be set in SecurityContext.  If set in both SecurityContext and
 PodSecurityContext, the value specified in SecurityContext takes precedence.
 +optional
      optional bool runAsNonRoot = 3;

    • getSupplementalGroupsList

      public List<Long> getSupplementalGroupsList()
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;
      Specified by:
      getSupplementalGroupsList in interface V1.PodSecurityContextOrBuilder

    • getSupplementalGroupsCount

      public int getSupplementalGroupsCount()
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;
      Specified by:
      getSupplementalGroupsCount in interface V1.PodSecurityContextOrBuilder

    • getSupplementalGroups

      public long getSupplementalGroups(int index)
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;
      Specified by:
      getSupplementalGroups in interface V1.PodSecurityContextOrBuilder

    • setSupplementalGroups

      public V1.PodSecurityContext.Builder setSupplementalGroups(int index, long value)
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;

    • addSupplementalGroups

      public V1.PodSecurityContext.Builder addSupplementalGroups(long value)
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;

    • addAllSupplementalGroups

      public V1.PodSecurityContext.Builder addAllSupplementalGroups(Iterable<? extends Long> values)
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;

    • clearSupplementalGroups

      public V1.PodSecurityContext.Builder clearSupplementalGroups()
       A list of groups applied to the first process run in each container, in addition
 to the container's primary GID.  If unspecified, no groups will be added to
 any container.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated int64 supplementalGroups = 4;

    • hasFsGroup

      public boolean hasFsGroup()
       A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 fsGroup = 5;
      Specified by:
      hasFsGroup in interface V1.PodSecurityContextOrBuilder

    • getFsGroup

      public long getFsGroup()
       A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 fsGroup = 5;
      Specified by:
      getFsGroup in interface V1.PodSecurityContextOrBuilder

    • setFsGroup

      public V1.PodSecurityContext.Builder setFsGroup(long value)
       A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 fsGroup = 5;

    • clearFsGroup

      public V1.PodSecurityContext.Builder clearFsGroup()
       A special supplemental group that applies to all containers in a pod.
 Some volume types allow the Kubelet to change the ownership of that volume
 to be owned by the pod:
 1. The owning GID will be the FSGroup
 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
 3. The permission bits are OR'd with rw-rw----
 If unset, the Kubelet will not modify the ownership and permissions of any volume.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional int64 fsGroup = 5;

    • getSysctlsList

      public List<V1.Sysctl> getSysctlsList()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;
      Specified by:
      getSysctlsList in interface V1.PodSecurityContextOrBuilder

    • getSysctlsCount

      public int getSysctlsCount()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;
      Specified by:
      getSysctlsCount in interface V1.PodSecurityContextOrBuilder

    • getSysctls

      public V1.Sysctl getSysctls(int index)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;
      Specified by:
      getSysctls in interface V1.PodSecurityContextOrBuilder

    • setSysctls

      public V1.PodSecurityContext.Builder setSysctls(int index, V1.Sysctl value)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • setSysctls

      public V1.PodSecurityContext.Builder setSysctls(int index, V1.Sysctl.Builder builderForValue)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addSysctls

      public V1.PodSecurityContext.Builder addSysctls(V1.Sysctl value)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addSysctls

      public V1.PodSecurityContext.Builder addSysctls(int index, V1.Sysctl value)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addSysctls

      public V1.PodSecurityContext.Builder addSysctls(V1.Sysctl.Builder builderForValue)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addSysctls

      public V1.PodSecurityContext.Builder addSysctls(int index, V1.Sysctl.Builder builderForValue)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addAllSysctls

      public V1.PodSecurityContext.Builder addAllSysctls(Iterable<? extends V1.Sysctl> values)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • clearSysctls

      public V1.PodSecurityContext.Builder clearSysctls()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • removeSysctls

      public V1.PodSecurityContext.Builder removeSysctls(int index)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • getSysctlsBuilder

      public V1.Sysctl.Builder getSysctlsBuilder(int index)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • getSysctlsOrBuilder

      public V1.SysctlOrBuilder getSysctlsOrBuilder(int index)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;
      Specified by:
      getSysctlsOrBuilder in interface V1.PodSecurityContextOrBuilder

    • getSysctlsOrBuilderList

      public List<? extends V1.SysctlOrBuilder> getSysctlsOrBuilderList()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;
      Specified by:
      getSysctlsOrBuilderList in interface V1.PodSecurityContextOrBuilder

    • addSysctlsBuilder

      public V1.Sysctl.Builder addSysctlsBuilder()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • addSysctlsBuilder

      public V1.Sysctl.Builder addSysctlsBuilder(int index)
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • getSysctlsBuilderList

      public List<V1.Sysctl.Builder> getSysctlsBuilderList()
       Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
 sysctls (by the container runtime) might fail to launch.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      repeated .k8s.io.api.core.v1.Sysctl sysctls = 7;

    • hasFsGroupChangePolicy

      public boolean hasFsGroupChangePolicy()
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;
      Specified by:
      hasFsGroupChangePolicy in interface V1.PodSecurityContextOrBuilder

    • getFsGroupChangePolicy

      public String getFsGroupChangePolicy()
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;
      Specified by:
      getFsGroupChangePolicy in interface V1.PodSecurityContextOrBuilder

    • getFsGroupChangePolicyBytes

      public com.google.protobuf.ByteString getFsGroupChangePolicyBytes()
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;
      Specified by:
      getFsGroupChangePolicyBytes in interface V1.PodSecurityContextOrBuilder

    • setFsGroupChangePolicy

      public V1.PodSecurityContext.Builder setFsGroupChangePolicy(String value)
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;

    • clearFsGroupChangePolicy

      public V1.PodSecurityContext.Builder clearFsGroupChangePolicy()
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;

    • setFsGroupChangePolicyBytes

      public V1.PodSecurityContext.Builder setFsGroupChangePolicyBytes(com.google.protobuf.ByteString value)
       fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
 before being exposed inside Pod. This field will only apply to
 volume types which support fsGroup based ownership(and permissions).
 It will have no effect on ephemeral volume types such as: secret, configmaps
 and emptydir.
 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional string fsGroupChangePolicy = 9;

    • hasSeccompProfile

      public boolean hasSeccompProfile()
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;
      Specified by:
      hasSeccompProfile in interface V1.PodSecurityContextOrBuilder

    • getSeccompProfile

      public V1.SeccompProfile getSeccompProfile()
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;
      Specified by:
      getSeccompProfile in interface V1.PodSecurityContextOrBuilder

    • setSeccompProfile

      public V1.PodSecurityContext.Builder setSeccompProfile(V1.SeccompProfile value)
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;

    • setSeccompProfile

      public V1.PodSecurityContext.Builder setSeccompProfile(V1.SeccompProfile.Builder builderForValue)
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;

    • mergeSeccompProfile

      public V1.PodSecurityContext.Builder mergeSeccompProfile(V1.SeccompProfile value)
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;

    • clearSeccompProfile

      public V1.PodSecurityContext.Builder clearSeccompProfile()
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;

    • getSeccompProfileBuilder

      public V1.SeccompProfile.Builder getSeccompProfileBuilder()
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;

    • getSeccompProfileOrBuilder

      public V1.SeccompProfileOrBuilder getSeccompProfileOrBuilder()
       The seccomp options to use by the containers in this pod.
 Note that this field cannot be set when spec.os.name is windows.
 +optional
      optional .k8s.io.api.core.v1.SeccompProfile seccompProfile = 10;
      Specified by:
      getSeccompProfileOrBuilder in interface V1.PodSecurityContextOrBuilder

    • setUnknownFields

      public final V1.PodSecurityContext.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>

    • mergeUnknownFields

      public final V1.PodSecurityContext.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1.PodSecurityContext.Builder>