Package io.kubernetes.client.proto

Class V1beta1Certificates.CertificateSigningRequestSpec

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessageV3
io.kubernetes.client.proto.V1beta1Certificates.CertificateSigningRequestSpec
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1beta1Certificates.CertificateSigningRequestSpecOrBuilder, Serializable
Enclosing class:
V1beta1Certificates
public static final class V1beta1Certificates.CertificateSigningRequestSpec extends com.google.protobuf.GeneratedMessageV3 implements V1beta1Certificates.CertificateSigningRequestSpecOrBuilder
 CertificateSigningRequestSpec contains the certificate request.
Protobuf type k8s.io.api.certificates.v1beta1.CertificateSigningRequestSpec
See Also:

  • Field Details

  • Method Details

    • getUnknownFields

      public final com.google.protobuf.UnknownFieldSet getUnknownFields()
      Specified by:
      getUnknownFields in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getUnknownFields in class com.google.protobuf.GeneratedMessageV3

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetMapField

      protected com.google.protobuf.MapField internalGetMapField(int number)
      Overrides:
      internalGetMapField in class com.google.protobuf.GeneratedMessageV3

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

    • hasRequest

      public boolean hasRequest()
       Base64-encoded PKCS#10 CSR data
 +listType=atomic
      optional bytes request = 1;
      Specified by:
      hasRequest in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getRequest

      public com.google.protobuf.ByteString getRequest()
       Base64-encoded PKCS#10 CSR data
 +listType=atomic
      optional bytes request = 1;
      Specified by:
      getRequest in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • hasSignerName

      public boolean hasSignerName()
       Requested signer for the request. It is a qualified name in the form:
 `scope-hostname.io/name`.
 If empty, it will be defaulted:
  1. If it's a kubelet client certificate, it is assigned
     "kubernetes.io/kube-apiserver-client-kubelet".
  2. If it's a kubelet serving certificate, it is assigned
     "kubernetes.io/kubelet-serving".
  3. Otherwise, it is assigned "kubernetes.io/legacy-unknown".
 Distribution of trust for signers happens out of band.
 You can select on this field using `spec.signerName`.
 +optional
      optional string signerName = 7;
      Specified by:
      hasSignerName in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getSignerName

      public String getSignerName()
       Requested signer for the request. It is a qualified name in the form:
 `scope-hostname.io/name`.
 If empty, it will be defaulted:
  1. If it's a kubelet client certificate, it is assigned
     "kubernetes.io/kube-apiserver-client-kubelet".
  2. If it's a kubelet serving certificate, it is assigned
     "kubernetes.io/kubelet-serving".
  3. Otherwise, it is assigned "kubernetes.io/legacy-unknown".
 Distribution of trust for signers happens out of band.
 You can select on this field using `spec.signerName`.
 +optional
      optional string signerName = 7;
      Specified by:
      getSignerName in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getSignerNameBytes

      public com.google.protobuf.ByteString getSignerNameBytes()
       Requested signer for the request. It is a qualified name in the form:
 `scope-hostname.io/name`.
 If empty, it will be defaulted:
  1. If it's a kubelet client certificate, it is assigned
     "kubernetes.io/kube-apiserver-client-kubelet".
  2. If it's a kubelet serving certificate, it is assigned
     "kubernetes.io/kubelet-serving".
  3. Otherwise, it is assigned "kubernetes.io/legacy-unknown".
 Distribution of trust for signers happens out of band.
 You can select on this field using `spec.signerName`.
 +optional
      optional string signerName = 7;
      Specified by:
      getSignerNameBytes in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • hasExpirationSeconds

      public boolean hasExpirationSeconds()
       expirationSeconds is the requested duration of validity of the issued
 certificate. The certificate signer may issue a certificate with a different
 validity duration so a client must check the delta between the notBefore and
 and notAfter fields in the issued certificate to determine the actual duration.
 The v1.22+ in-tree implementations of the well-known Kubernetes signers will
 honor this field as long as the requested duration is not greater than the
 maximum duration they will honor per the --cluster-signing-duration CLI
 flag to the Kubernetes controller manager.
 Certificate signers may not honor this field for various reasons:
   1. Old signer that is unaware of the field (such as the in-tree
      implementations prior to v1.22)
   2. Signer whose configured maximum is shorter than the requested duration
   3. Signer whose configured minimum is longer than the requested duration
 The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
 As of v1.22, this field is beta and is controlled via the CSRDuration feature gate.
 +optional
      optional int32 expirationSeconds = 8;
      Specified by:
      hasExpirationSeconds in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExpirationSeconds

      public int getExpirationSeconds()
       expirationSeconds is the requested duration of validity of the issued
 certificate. The certificate signer may issue a certificate with a different
 validity duration so a client must check the delta between the notBefore and
 and notAfter fields in the issued certificate to determine the actual duration.
 The v1.22+ in-tree implementations of the well-known Kubernetes signers will
 honor this field as long as the requested duration is not greater than the
 maximum duration they will honor per the --cluster-signing-duration CLI
 flag to the Kubernetes controller manager.
 Certificate signers may not honor this field for various reasons:
   1. Old signer that is unaware of the field (such as the in-tree
      implementations prior to v1.22)
   2. Signer whose configured maximum is shorter than the requested duration
   3. Signer whose configured minimum is longer than the requested duration
 The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
 As of v1.22, this field is beta and is controlled via the CSRDuration feature gate.
 +optional
      optional int32 expirationSeconds = 8;
      Specified by:
      getExpirationSeconds in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsagesList

      public com.google.protobuf.ProtocolStringList getUsagesList()
       allowedUsages specifies a set of usage contexts the key will be
 valid for.
 See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
      https://tools.ietf.org/html/rfc5280#section-4.2.1.12
 Valid values are:
  "signing",
  "digital signature",
  "content commitment",
  "key encipherment",
  "key agreement",
  "data encipherment",
  "cert sign",
  "crl sign",
  "encipher only",
  "decipher only",
  "any",
  "server auth",
  "client auth",
  "code signing",
  "email protection",
  "s/mime",
  "ipsec end system",
  "ipsec tunnel",
  "ipsec user",
  "timestamping",
  "ocsp signing",
  "microsoft sgc",
  "netscape sgc"
 +listType=atomic
      repeated string usages = 5;
      Specified by:
      getUsagesList in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsagesCount

      public int getUsagesCount()
       allowedUsages specifies a set of usage contexts the key will be
 valid for.
 See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
      https://tools.ietf.org/html/rfc5280#section-4.2.1.12
 Valid values are:
  "signing",
  "digital signature",
  "content commitment",
  "key encipherment",
  "key agreement",
  "data encipherment",
  "cert sign",
  "crl sign",
  "encipher only",
  "decipher only",
  "any",
  "server auth",
  "client auth",
  "code signing",
  "email protection",
  "s/mime",
  "ipsec end system",
  "ipsec tunnel",
  "ipsec user",
  "timestamping",
  "ocsp signing",
  "microsoft sgc",
  "netscape sgc"
 +listType=atomic
      repeated string usages = 5;
      Specified by:
      getUsagesCount in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsages

      public String getUsages(int index)
       allowedUsages specifies a set of usage contexts the key will be
 valid for.
 See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
      https://tools.ietf.org/html/rfc5280#section-4.2.1.12
 Valid values are:
  "signing",
  "digital signature",
  "content commitment",
  "key encipherment",
  "key agreement",
  "data encipherment",
  "cert sign",
  "crl sign",
  "encipher only",
  "decipher only",
  "any",
  "server auth",
  "client auth",
  "code signing",
  "email protection",
  "s/mime",
  "ipsec end system",
  "ipsec tunnel",
  "ipsec user",
  "timestamping",
  "ocsp signing",
  "microsoft sgc",
  "netscape sgc"
 +listType=atomic
      repeated string usages = 5;
      Specified by:
      getUsages in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsagesBytes

      public com.google.protobuf.ByteString getUsagesBytes(int index)
       allowedUsages specifies a set of usage contexts the key will be
 valid for.
 See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
      https://tools.ietf.org/html/rfc5280#section-4.2.1.12
 Valid values are:
  "signing",
  "digital signature",
  "content commitment",
  "key encipherment",
  "key agreement",
  "data encipherment",
  "cert sign",
  "crl sign",
  "encipher only",
  "decipher only",
  "any",
  "server auth",
  "client auth",
  "code signing",
  "email protection",
  "s/mime",
  "ipsec end system",
  "ipsec tunnel",
  "ipsec user",
  "timestamping",
  "ocsp signing",
  "microsoft sgc",
  "netscape sgc"
 +listType=atomic
      repeated string usages = 5;
      Specified by:
      getUsagesBytes in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • hasUsername

      public boolean hasUsername()
       Information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string username = 2;
      Specified by:
      hasUsername in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsername

      public String getUsername()
       Information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string username = 2;
      Specified by:
      getUsername in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUsernameBytes

      public com.google.protobuf.ByteString getUsernameBytes()
       Information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string username = 2;
      Specified by:
      getUsernameBytes in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • hasUid

      public boolean hasUid()
       UID information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string uid = 3;
      Specified by:
      hasUid in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUid

      public String getUid()
       UID information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string uid = 3;
      Specified by:
      getUid in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getUidBytes

      public com.google.protobuf.ByteString getUidBytes()
       UID information about the requesting user.
 See user.Info interface for details.
 +optional
      optional string uid = 3;
      Specified by:
      getUidBytes in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getGroupsList

      public com.google.protobuf.ProtocolStringList getGroupsList()
       Group information about the requesting user.
 See user.Info interface for details.
 +listType=atomic
 +optional
      repeated string groups = 4;
      Specified by:
      getGroupsList in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getGroupsCount

      public int getGroupsCount()
       Group information about the requesting user.
 See user.Info interface for details.
 +listType=atomic
 +optional
      repeated string groups = 4;
      Specified by:
      getGroupsCount in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getGroups

      public String getGroups(int index)
       Group information about the requesting user.
 See user.Info interface for details.
 +listType=atomic
 +optional
      repeated string groups = 4;
      Specified by:
      getGroups in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getGroupsBytes

      public com.google.protobuf.ByteString getGroupsBytes(int index)
       Group information about the requesting user.
 See user.Info interface for details.
 +listType=atomic
 +optional
      repeated string groups = 4;
      Specified by:
      getGroupsBytes in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExtraCount

      public int getExtraCount()
      Description copied from interface: V1beta1Certificates.CertificateSigningRequestSpecOrBuilder
       Extra information about the requesting user.
 See user.Info interface for details.
 +optional
      map<string, .k8s.io.api.certificates.v1beta1.ExtraValue> extra = 6;
      Specified by:
      getExtraCount in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • containsExtra

      public boolean containsExtra(String key)
       Extra information about the requesting user.
 See user.Info interface for details.
 +optional
      map<string, .k8s.io.api.certificates.v1beta1.ExtraValue> extra = 6;
      Specified by:
      containsExtra in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExtra

      @Deprecated public Map<String,V1beta1Certificates.ExtraValue> getExtra()
      Deprecated.
      Use getExtraMap() instead.
      Specified by:
      getExtra in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExtraMap

      public Map<String,V1beta1Certificates.ExtraValue> getExtraMap()
       Extra information about the requesting user.
 See user.Info interface for details.
 +optional
      map<string, .k8s.io.api.certificates.v1beta1.ExtraValue> extra = 6;
      Specified by:
      getExtraMap in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExtraOrDefault

      public V1beta1Certificates.ExtraValue getExtraOrDefault(String key, V1beta1Certificates.ExtraValue defaultValue)
       Extra information about the requesting user.
 See user.Info interface for details.
 +optional
      map<string, .k8s.io.api.certificates.v1beta1.ExtraValue> extra = 6;
      Specified by:
      getExtraOrDefault in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • getExtraOrThrow

      public V1beta1Certificates.ExtraValue getExtraOrThrow(String key)
       Extra information about the requesting user.
 See user.Info interface for details.
 +optional
      map<string, .k8s.io.api.certificates.v1beta1.ExtraValue> extra = 6;
      Specified by:
      getExtraOrThrow in interface V1beta1Certificates.CertificateSigningRequestSpecOrBuilder

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessageV3
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessageV3

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static V1beta1Certificates.CertificateSigningRequestSpec parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public V1beta1Certificates.CertificateSigningRequestSpec.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static V1beta1Certificates.CertificateSigningRequestSpec.Builder newBuilder()

    • newBuilder

      public static V1beta1Certificates.CertificateSigningRequestSpec.Builder newBuilder(V1beta1Certificates.CertificateSigningRequestSpec prototype)

    • toBuilder

      public V1beta1Certificates.CertificateSigningRequestSpec.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected V1beta1Certificates.CertificateSigningRequestSpec.Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
      Specified by:
      newBuilderForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstance

      public static V1beta1Certificates.CertificateSigningRequestSpec getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<V1beta1Certificates.CertificateSigningRequestSpec> parser()

    • getParserForType

      public com.google.protobuf.Parser<V1beta1Certificates.CertificateSigningRequestSpec> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstanceForType

      public V1beta1Certificates.CertificateSigningRequestSpec getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder