• Home
• com.google.apis
• google-api-services-cloudbuild
• v2-rev20241210-2.0.0
• source code
• SecurityContext.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.google.api.services.cloudbuild.v2.model.SecurityContext Maven / Gradle / Ivy

/*
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the License for the specific language governing permissions and limitations under
 * the License.
 */
/*
 * This code was generated by https://github.com/googleapis/google-api-java-client-services/
 * Modify at your own risk.
 */

package com.google.api.services.cloudbuild.v2.model;

/**
 * Security options the container should be run with.
 *
 * 
 This is the Java data model class that specifies how to parse/serialize into the JSON that is
 * transmitted over HTTP when working with the Cloud Build API. For a detailed explanation see:
 * https://developers.google.com/api-client-library/java/google-http-java-client/json
 * 
 *
 * @author Google, Inc.
 */
@SuppressWarnings("javadoc")
public final class SecurityContext extends com.google.api.client.json.GenericJson {

  /**
   * Optional. AllowPrivilegeEscalation controls whether a process can gain more privileges than its
   * parent process. This bool directly controls if the no_new_privs flag will be set on the
   * container process. AllowPrivilegeEscalation is true always when the container is: 1) run as
   * Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is
   * windows. +optional
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key
  private java.lang.Boolean allowPrivilegeEscalation;

  /**
   * Optional. Adds and removes POSIX capabilities from running containers.
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key
  private Capabilities capabilities;

  /**
   * Run container in privileged mode.
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key
  private java.lang.Boolean privileged;

  /**
   * Optional. The GID to run the entrypoint of the container process. Uses runtime default if
   * unset. May also be set in PodSecurityContext. If set in both SecurityContext and
   * PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this
   * field cannot be set when spec.os.name is windows. +optional
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key @com.google.api.client.json.JsonString
  private java.lang.Long runAsGroup;

  /**
   * Optional. Indicates that the container must run as a non-root user. If true, the Kubelet will
   * validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start
   * the container if it does. If unset or false, no such validation will be performed. May also be
   * set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value
   * specified in SecurityContext takes precedence. +optional
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key
  private java.lang.Boolean runAsNonRoot;

  /**
   * Optional. The UID to run the entrypoint of the container process. Defaults to user specified in
   * image metadata if unspecified. May also be set in PodSecurityContext. If set in both
   * SecurityContext and PodSecurityContext, the value specified in SecurityContext takes
   * precedence. Note that this field cannot be set when spec.os.name is windows. +optional
   * The value may be {@code null}.
   */
  @com.google.api.client.util.Key @com.google.api.client.json.JsonString
  private java.lang.Long runAsUser;

  /**
   * Optional. AllowPrivilegeEscalation controls whether a process can gain more privileges than its
   * parent process. This bool directly controls if the no_new_privs flag will be set on the
   * container process. AllowPrivilegeEscalation is true always when the container is: 1) run as
   * Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is
   * windows. +optional
   * @return value or {@code null} for none
   */
  public java.lang.Boolean getAllowPrivilegeEscalation() {
    return allowPrivilegeEscalation;
  }

  /**
   * Optional. AllowPrivilegeEscalation controls whether a process can gain more privileges than its
   * parent process. This bool directly controls if the no_new_privs flag will be set on the
   * container process. AllowPrivilegeEscalation is true always when the container is: 1) run as
   * Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is
   * windows. +optional
   * @param allowPrivilegeEscalation allowPrivilegeEscalation or {@code null} for none
   */
  public SecurityContext setAllowPrivilegeEscalation(java.lang.Boolean allowPrivilegeEscalation) {
    this.allowPrivilegeEscalation = allowPrivilegeEscalation;
    return this;
  }

  /**
   * Optional. Adds and removes POSIX capabilities from running containers.
   * @return value or {@code null} for none
   */
  public Capabilities getCapabilities() {
    return capabilities;
  }

  /**
   * Optional. Adds and removes POSIX capabilities from running containers.
   * @param capabilities capabilities or {@code null} for none
   */
  public SecurityContext setCapabilities(Capabilities capabilities) {
    this.capabilities = capabilities;
    return this;
  }

  /**
   * Run container in privileged mode.
   * @return value or {@code null} for none
   */
  public java.lang.Boolean getPrivileged() {
    return privileged;
  }

  /**
   * Run container in privileged mode.
   * @param privileged privileged or {@code null} for none
   */
  public SecurityContext setPrivileged(java.lang.Boolean privileged) {
    this.privileged = privileged;
    return this;
  }

  /**
   * Optional. The GID to run the entrypoint of the container process. Uses runtime default if
   * unset. May also be set in PodSecurityContext. If set in both SecurityContext and
   * PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this
   * field cannot be set when spec.os.name is windows. +optional
   * @return value or {@code null} for none
   */
  public java.lang.Long getRunAsGroup() {
    return runAsGroup;
  }

  /**
   * Optional. The GID to run the entrypoint of the container process. Uses runtime default if
   * unset. May also be set in PodSecurityContext. If set in both SecurityContext and
   * PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this
   * field cannot be set when spec.os.name is windows. +optional
   * @param runAsGroup runAsGroup or {@code null} for none
   */
  public SecurityContext setRunAsGroup(java.lang.Long runAsGroup) {
    this.runAsGroup = runAsGroup;
    return this;
  }

  /**
   * Optional. Indicates that the container must run as a non-root user. If true, the Kubelet will
   * validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start
   * the container if it does. If unset or false, no such validation will be performed. May also be
   * set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value
   * specified in SecurityContext takes precedence. +optional
   * @return value or {@code null} for none
   */
  public java.lang.Boolean getRunAsNonRoot() {
    return runAsNonRoot;
  }

  /**
   * Optional. Indicates that the container must run as a non-root user. If true, the Kubelet will
   * validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start
   * the container if it does. If unset or false, no such validation will be performed. May also be
   * set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value
   * specified in SecurityContext takes precedence. +optional
   * @param runAsNonRoot runAsNonRoot or {@code null} for none
   */
  public SecurityContext setRunAsNonRoot(java.lang.Boolean runAsNonRoot) {
    this.runAsNonRoot = runAsNonRoot;
    return this;
  }

  /**
   * Optional. The UID to run the entrypoint of the container process. Defaults to user specified in
   * image metadata if unspecified. May also be set in PodSecurityContext. If set in both
   * SecurityContext and PodSecurityContext, the value specified in SecurityContext takes
   * precedence. Note that this field cannot be set when spec.os.name is windows. +optional
   * @return value or {@code null} for none
   */
  public java.lang.Long getRunAsUser() {
    return runAsUser;
  }

  /**
   * Optional. The UID to run the entrypoint of the container process. Defaults to user specified in
   * image metadata if unspecified. May also be set in PodSecurityContext. If set in both
   * SecurityContext and PodSecurityContext, the value specified in SecurityContext takes
   * precedence. Note that this field cannot be set when spec.os.name is windows. +optional
   * @param runAsUser runAsUser or {@code null} for none
   */
  public SecurityContext setRunAsUser(java.lang.Long runAsUser) {
    this.runAsUser = runAsUser;
    return this;
  }

  @Override
  public SecurityContext set(String fieldName, Object value) {
    return (SecurityContext) super.set(fieldName, value);
  }

  @Override
  public SecurityContext clone() {
    return (SecurityContext) super.clone();
  }

}