Package io.quarkus.kubernetes.deployment

Class SecurityContextConfig

java.lang.Object

io.quarkus.kubernetes.deployment.SecurityContextConfig

public class SecurityContextConfig
extends Object

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecurityContextConfig.PodFSGroupChangePolicy
static class	SecurityContextConfig.SeLinuxOptions
static class	SecurityContextConfig.WindowsOptions

Field Summary

Fields

Modifier and Type	Field	Description
(package private) Optional<Long>	fsGroup	A special supplemental group that applies to all containers in a pod.
(package private) Optional<SecurityContextConfig.PodFSGroupChangePolicy>	fsGroupChangePolicy	It holds policies that will be used for applying fsGroup to a volume when volume is mounted.
(package private) Optional<Long>	runAsGroup	The GID to run the entrypoint of the container process.
(package private) Optional<Boolean>	runAsNonRoot	Indicates that the container must run as a non-root user.
(package private) Optional<Long>	runAsUser	The UID to run the entrypoint of the container process.
(package private) SecurityContextConfig.SeLinuxOptions	seLinuxOptions	SELinuxOptions to be applied to the container.
(package private) Optional<List<Long>>	supplementalGroups	A list of groups applied to the first process run in each container, in addition to the container's primary GID.
(package private) Optional<Map<String,String>>	sysctls	Sysctls hold a list of namespaced sysctls used for the pod.
(package private) SecurityContextConfig.WindowsOptions	windowsOptions	The Windows specific settings applied to all containers.

Constructor Summary

Constructors

Constructor	Description
SecurityContextConfig()

Method Summary

Modifier and Type	Method	Description
protected boolean	isAnyPropertySet()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

seLinuxOptions

SecurityContextConfig.SeLinuxOptions seLinuxOptions

SELinuxOptions to be applied to the container.

windowsOptions

SecurityContextConfig.WindowsOptions windowsOptions

The Windows specific settings applied to all containers.

runAsUser

@ConfigItem
Optional<Long> runAsUser

The UID to run the entrypoint of the container process.

runAsGroup

@ConfigItem
Optional<Long> runAsGroup

The GID to run the entrypoint of the container process.

runAsNonRoot

@ConfigItem
Optional<Boolean> runAsNonRoot

Indicates that the container must run as a non-root user.

supplementalGroups

@ConfigItem
Optional<List<Long>> supplementalGroups

A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.

fsGroup

@ConfigItem
Optional<Long> fsGroup

A special supplemental group that applies to all containers in a pod.

sysctls

@ConfigItem
Optional<Map<String,String>> sysctls

Sysctls hold a list of namespaced sysctls used for the pod.

fsGroupChangePolicy

@ConfigItem
Optional<SecurityContextConfig.PodFSGroupChangePolicy> fsGroupChangePolicy

It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always

Constructor Detail

SecurityContextConfig

public SecurityContextConfig()

Method Detail

isAnyPropertySet

protected boolean isAnyPropertySet()