org.cdk8s.plus23.ContainerSecurityContextProps Maven / Gradle / Ivy
package org.cdk8s.plus23;
/**
* Properties for `ContainerSecurityContext`.
*/
@javax.annotation.Generated(value = "jsii-pacmak/1.75.0 (build 63bb957)", date = "2023-02-21T09:46:03.557Z")
@software.amazon.jsii.Jsii(module = org.cdk8s.plus23.$Module.class, fqn = "cdk8s-plus-23.ContainerSecurityContextProps")
@software.amazon.jsii.Jsii.Proxy(ContainerSecurityContextProps.Jsii$Proxy.class)
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public interface ContainerSecurityContextProps extends software.amazon.jsii.JsiiSerializable {
/**
* Whether a process can gain more privileges than its parent process.
*
* Default: false
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Boolean getAllowPrivilegeEscalation() {
return null;
}
/**
* Indicates that the container must run as a non-root user.
*
* If true, the Kubelet will validate the image at runtime to ensure that it does
* not run as UID 0 (root) and fail to start the container if it does.
*
* Default: true
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Boolean getEnsureNonRoot() {
return null;
}
/**
* The GID to run the entrypoint of the container process.
*
* Default: - 26000. An arbitrary number bigger than 9999 is selected here.
* This is so that the container is blocked to access host files even if
* somehow it manages to get access to host file system.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Number getGroup() {
return null;
}
/**
* Run container in privileged mode.
*
* Processes in privileged containers are essentially equivalent to root on the host.
*
* Default: false
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Boolean getPrivileged() {
return null;
}
/**
* Whether this container has a read-only root filesystem.
*
* Default: true
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Boolean getReadOnlyRootFilesystem() {
return null;
}
/**
* The UID to run the entrypoint of the container process.
*
* Default: - 25000. An arbitrary number bigger than 9999 is selected here.
* This is so that the container is blocked to access host files even if
* somehow it manages to get access to host file system.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
default @org.jetbrains.annotations.Nullable java.lang.Number getUser() {
return null;
}
/**
* @return a {@link Builder} of {@link ContainerSecurityContextProps}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
static Builder builder() {
return new Builder();
}
/**
* A builder for {@link ContainerSecurityContextProps}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public static final class Builder implements software.amazon.jsii.Builder {
java.lang.Boolean allowPrivilegeEscalation;
java.lang.Boolean ensureNonRoot;
java.lang.Number group;
java.lang.Boolean privileged;
java.lang.Boolean readOnlyRootFilesystem;
java.lang.Number user;
/**
* Sets the value of {@link ContainerSecurityContextProps#getAllowPrivilegeEscalation}
* @param allowPrivilegeEscalation Whether a process can gain more privileges than its parent process.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder allowPrivilegeEscalation(java.lang.Boolean allowPrivilegeEscalation) {
this.allowPrivilegeEscalation = allowPrivilegeEscalation;
return this;
}
/**
* Sets the value of {@link ContainerSecurityContextProps#getEnsureNonRoot}
* @param ensureNonRoot Indicates that the container must run as a non-root user.
* If true, the Kubelet will validate the image at runtime to ensure that it does
* not run as UID 0 (root) and fail to start the container if it does.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder ensureNonRoot(java.lang.Boolean ensureNonRoot) {
this.ensureNonRoot = ensureNonRoot;
return this;
}
/**
* Sets the value of {@link ContainerSecurityContextProps#getGroup}
* @param group The GID to run the entrypoint of the container process.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder group(java.lang.Number group) {
this.group = group;
return this;
}
/**
* Sets the value of {@link ContainerSecurityContextProps#getPrivileged}
* @param privileged Run container in privileged mode.
* Processes in privileged containers are essentially equivalent to root on the host.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder privileged(java.lang.Boolean privileged) {
this.privileged = privileged;
return this;
}
/**
* Sets the value of {@link ContainerSecurityContextProps#getReadOnlyRootFilesystem}
* @param readOnlyRootFilesystem Whether this container has a read-only root filesystem.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder readOnlyRootFilesystem(java.lang.Boolean readOnlyRootFilesystem) {
this.readOnlyRootFilesystem = readOnlyRootFilesystem;
return this;
}
/**
* Sets the value of {@link ContainerSecurityContextProps#getUser}
* @param user The UID to run the entrypoint of the container process.
* @return {@code this}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder user(java.lang.Number user) {
this.user = user;
return this;
}
/**
* Builds the configured instance.
* @return a new instance of {@link ContainerSecurityContextProps}
* @throws NullPointerException if any required attribute was not provided
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
@Override
public ContainerSecurityContextProps build() {
return new Jsii$Proxy(this);
}
}
/**
* An implementation for {@link ContainerSecurityContextProps}
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
@software.amazon.jsii.Internal
final class Jsii$Proxy extends software.amazon.jsii.JsiiObject implements ContainerSecurityContextProps {
private final java.lang.Boolean allowPrivilegeEscalation;
private final java.lang.Boolean ensureNonRoot;
private final java.lang.Number group;
private final java.lang.Boolean privileged;
private final java.lang.Boolean readOnlyRootFilesystem;
private final java.lang.Number user;
/**
* Constructor that initializes the object based on values retrieved from the JsiiObject.
* @param objRef Reference to the JSII managed object.
*/
protected Jsii$Proxy(final software.amazon.jsii.JsiiObjectRef objRef) {
super(objRef);
this.allowPrivilegeEscalation = software.amazon.jsii.Kernel.get(this, "allowPrivilegeEscalation", software.amazon.jsii.NativeType.forClass(java.lang.Boolean.class));
this.ensureNonRoot = software.amazon.jsii.Kernel.get(this, "ensureNonRoot", software.amazon.jsii.NativeType.forClass(java.lang.Boolean.class));
this.group = software.amazon.jsii.Kernel.get(this, "group", software.amazon.jsii.NativeType.forClass(java.lang.Number.class));
this.privileged = software.amazon.jsii.Kernel.get(this, "privileged", software.amazon.jsii.NativeType.forClass(java.lang.Boolean.class));
this.readOnlyRootFilesystem = software.amazon.jsii.Kernel.get(this, "readOnlyRootFilesystem", software.amazon.jsii.NativeType.forClass(java.lang.Boolean.class));
this.user = software.amazon.jsii.Kernel.get(this, "user", software.amazon.jsii.NativeType.forClass(java.lang.Number.class));
}
/**
* Constructor that initializes the object based on literal property values passed by the {@link Builder}.
*/
protected Jsii$Proxy(final Builder builder) {
super(software.amazon.jsii.JsiiObject.InitializationMode.JSII);
this.allowPrivilegeEscalation = builder.allowPrivilegeEscalation;
this.ensureNonRoot = builder.ensureNonRoot;
this.group = builder.group;
this.privileged = builder.privileged;
this.readOnlyRootFilesystem = builder.readOnlyRootFilesystem;
this.user = builder.user;
}
@Override
public final java.lang.Boolean getAllowPrivilegeEscalation() {
return this.allowPrivilegeEscalation;
}
@Override
public final java.lang.Boolean getEnsureNonRoot() {
return this.ensureNonRoot;
}
@Override
public final java.lang.Number getGroup() {
return this.group;
}
@Override
public final java.lang.Boolean getPrivileged() {
return this.privileged;
}
@Override
public final java.lang.Boolean getReadOnlyRootFilesystem() {
return this.readOnlyRootFilesystem;
}
@Override
public final java.lang.Number getUser() {
return this.user;
}
@Override
@software.amazon.jsii.Internal
public com.fasterxml.jackson.databind.JsonNode $jsii$toJson() {
final com.fasterxml.jackson.databind.ObjectMapper om = software.amazon.jsii.JsiiObjectMapper.INSTANCE;
final com.fasterxml.jackson.databind.node.ObjectNode data = com.fasterxml.jackson.databind.node.JsonNodeFactory.instance.objectNode();
if (this.getAllowPrivilegeEscalation() != null) {
data.set("allowPrivilegeEscalation", om.valueToTree(this.getAllowPrivilegeEscalation()));
}
if (this.getEnsureNonRoot() != null) {
data.set("ensureNonRoot", om.valueToTree(this.getEnsureNonRoot()));
}
if (this.getGroup() != null) {
data.set("group", om.valueToTree(this.getGroup()));
}
if (this.getPrivileged() != null) {
data.set("privileged", om.valueToTree(this.getPrivileged()));
}
if (this.getReadOnlyRootFilesystem() != null) {
data.set("readOnlyRootFilesystem", om.valueToTree(this.getReadOnlyRootFilesystem()));
}
if (this.getUser() != null) {
data.set("user", om.valueToTree(this.getUser()));
}
final com.fasterxml.jackson.databind.node.ObjectNode struct = com.fasterxml.jackson.databind.node.JsonNodeFactory.instance.objectNode();
struct.set("fqn", om.valueToTree("cdk8s-plus-23.ContainerSecurityContextProps"));
struct.set("data", data);
final com.fasterxml.jackson.databind.node.ObjectNode obj = com.fasterxml.jackson.databind.node.JsonNodeFactory.instance.objectNode();
obj.set("$jsii.struct", struct);
return obj;
}
@Override
public final boolean equals(final Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
ContainerSecurityContextProps.Jsii$Proxy that = (ContainerSecurityContextProps.Jsii$Proxy) o;
if (this.allowPrivilegeEscalation != null ? !this.allowPrivilegeEscalation.equals(that.allowPrivilegeEscalation) : that.allowPrivilegeEscalation != null) return false;
if (this.ensureNonRoot != null ? !this.ensureNonRoot.equals(that.ensureNonRoot) : that.ensureNonRoot != null) return false;
if (this.group != null ? !this.group.equals(that.group) : that.group != null) return false;
if (this.privileged != null ? !this.privileged.equals(that.privileged) : that.privileged != null) return false;
if (this.readOnlyRootFilesystem != null ? !this.readOnlyRootFilesystem.equals(that.readOnlyRootFilesystem) : that.readOnlyRootFilesystem != null) return false;
return this.user != null ? this.user.equals(that.user) : that.user == null;
}
@Override
public final int hashCode() {
int result = this.allowPrivilegeEscalation != null ? this.allowPrivilegeEscalation.hashCode() : 0;
result = 31 * result + (this.ensureNonRoot != null ? this.ensureNonRoot.hashCode() : 0);
result = 31 * result + (this.group != null ? this.group.hashCode() : 0);
result = 31 * result + (this.privileged != null ? this.privileged.hashCode() : 0);
result = 31 * result + (this.readOnlyRootFilesystem != null ? this.readOnlyRootFilesystem.hashCode() : 0);
result = 31 * result + (this.user != null ? this.user.hashCode() : 0);
return result;
}
}
}