Package io.kubernetes.client.proto

Class V1beta1Policy.PodSecurityPolicySpec.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderT>
com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>
io.kubernetes.client.proto.V1beta1Policy.PodSecurityPolicySpec.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1beta1Policy.PodSecurityPolicySpecOrBuilder, Cloneable
Enclosing class:
V1beta1Policy.PodSecurityPolicySpec
public static final class V1beta1Policy.PodSecurityPolicySpec.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder> implements V1beta1Policy.PodSecurityPolicySpecOrBuilder
 PodSecurityPolicySpec defines the policy enforced.
Protobuf type k8s.io.api.policy.v1beta1.PodSecurityPolicySpec

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • clear

      public V1beta1Policy.PodSecurityPolicySpec.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • getDefaultInstanceForType

      public V1beta1Policy.PodSecurityPolicySpec getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public V1beta1Policy.PodSecurityPolicySpec build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public V1beta1Policy.PodSecurityPolicySpec buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public V1beta1Policy.PodSecurityPolicySpec.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • setField

      public V1beta1Policy.PodSecurityPolicySpec.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • clearField

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • clearOneof

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • setRepeatedField

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • addRepeatedField

      public V1beta1Policy.PodSecurityPolicySpec.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • mergeFrom

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • mergeFrom

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(V1beta1Policy.PodSecurityPolicySpec other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • mergeFrom

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>
      Throws:
      IOException

    • hasPrivileged

      public boolean hasPrivileged()
       privileged determines if a pod can request to be run as privileged.
 +optional
      optional bool privileged = 1;
      Specified by:
      hasPrivileged in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getPrivileged

      public boolean getPrivileged()
       privileged determines if a pod can request to be run as privileged.
 +optional
      optional bool privileged = 1;
      Specified by:
      getPrivileged in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setPrivileged

      public V1beta1Policy.PodSecurityPolicySpec.Builder setPrivileged(boolean value)
       privileged determines if a pod can request to be run as privileged.
 +optional
      optional bool privileged = 1;

    • clearPrivileged

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearPrivileged()
       privileged determines if a pod can request to be run as privileged.
 +optional
      optional bool privileged = 1;

    • getDefaultAddCapabilitiesList

      public com.google.protobuf.ProtocolStringList getDefaultAddCapabilitiesList()
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;
      Specified by:
      getDefaultAddCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getDefaultAddCapabilitiesCount

      public int getDefaultAddCapabilitiesCount()
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;
      Specified by:
      getDefaultAddCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getDefaultAddCapabilities

      public String getDefaultAddCapabilities(int index)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;
      Specified by:
      getDefaultAddCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getDefaultAddCapabilitiesBytes

      public com.google.protobuf.ByteString getDefaultAddCapabilitiesBytes(int index)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;
      Specified by:
      getDefaultAddCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setDefaultAddCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder setDefaultAddCapabilities(int index, String value)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;

    • addDefaultAddCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addDefaultAddCapabilities(String value)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;

    • addAllDefaultAddCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllDefaultAddCapabilities(Iterable<String> values)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;

    • clearDefaultAddCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearDefaultAddCapabilities()
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;

    • addDefaultAddCapabilitiesBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value)
       defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
      repeated string defaultAddCapabilities = 2;

    • getRequiredDropCapabilitiesList

      public com.google.protobuf.ProtocolStringList getRequiredDropCapabilitiesList()
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;
      Specified by:
      getRequiredDropCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRequiredDropCapabilitiesCount

      public int getRequiredDropCapabilitiesCount()
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;
      Specified by:
      getRequiredDropCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRequiredDropCapabilities

      public String getRequiredDropCapabilities(int index)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;
      Specified by:
      getRequiredDropCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRequiredDropCapabilitiesBytes

      public com.google.protobuf.ByteString getRequiredDropCapabilitiesBytes(int index)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;
      Specified by:
      getRequiredDropCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setRequiredDropCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRequiredDropCapabilities(int index, String value)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;

    • addRequiredDropCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addRequiredDropCapabilities(String value)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;

    • addAllRequiredDropCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllRequiredDropCapabilities(Iterable<String> values)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;

    • clearRequiredDropCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearRequiredDropCapabilities()
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;

    • addRequiredDropCapabilitiesBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value)
       requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
      repeated string requiredDropCapabilities = 3;

    • getAllowedCapabilitiesList

      public com.google.protobuf.ProtocolStringList getAllowedCapabilitiesList()
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;
      Specified by:
      getAllowedCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCapabilitiesCount

      public int getAllowedCapabilitiesCount()
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;
      Specified by:
      getAllowedCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCapabilities

      public String getAllowedCapabilities(int index)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;
      Specified by:
      getAllowedCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCapabilitiesBytes

      public com.google.protobuf.ByteString getAllowedCapabilitiesBytes(int index)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;
      Specified by:
      getAllowedCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCapabilities(int index, String value)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;

    • addAllowedCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCapabilities(String value)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;

    • addAllAllowedCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedCapabilities(Iterable<String> values)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;

    • clearAllowedCapabilities

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedCapabilities()
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;

    • addAllowedCapabilitiesBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value)
       allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
      repeated string allowedCapabilities = 4;

    • getVolumesList

      public com.google.protobuf.ProtocolStringList getVolumesList()
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;
      Specified by:
      getVolumesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getVolumesCount

      public int getVolumesCount()
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;
      Specified by:
      getVolumesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getVolumes

      public String getVolumes(int index)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;
      Specified by:
      getVolumes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getVolumesBytes

      public com.google.protobuf.ByteString getVolumesBytes(int index)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;
      Specified by:
      getVolumesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder setVolumes(int index, String value)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;

    • addVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addVolumes(String value)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;

    • addAllVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllVolumes(Iterable<String> values)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;

    • clearVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearVolumes()
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;

    • addVolumesBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addVolumesBytes(com.google.protobuf.ByteString value)
       volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
      repeated string volumes = 5;

    • hasHostNetwork

      public boolean hasHostNetwork()
       hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
      optional bool hostNetwork = 6;
      Specified by:
      hasHostNetwork in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostNetwork

      public boolean getHostNetwork()
       hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
      optional bool hostNetwork = 6;
      Specified by:
      getHostNetwork in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setHostNetwork

      public V1beta1Policy.PodSecurityPolicySpec.Builder setHostNetwork(boolean value)
       hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
      optional bool hostNetwork = 6;

    • clearHostNetwork

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostNetwork()
       hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
      optional bool hostNetwork = 6;

    • getHostPortsList

      public List<V1beta1Policy.HostPortRange> getHostPortsList()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;
      Specified by:
      getHostPortsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostPortsCount

      public int getHostPortsCount()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;
      Specified by:
      getHostPortsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostPorts

      public V1beta1Policy.HostPortRange getHostPorts(int index)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;
      Specified by:
      getHostPorts in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPorts(int index, V1beta1Policy.HostPortRange value)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • setHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPorts(int index, V1beta1Policy.HostPortRange.Builder builderForValue)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Policy.HostPortRange value)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(int index, V1beta1Policy.HostPortRange value)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Policy.HostPortRange.Builder builderForValue)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(int index, V1beta1Policy.HostPortRange.Builder builderForValue)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addAllHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllHostPorts(Iterable<? extends V1beta1Policy.HostPortRange> values)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • clearHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostPorts()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • removeHostPorts

      public V1beta1Policy.PodSecurityPolicySpec.Builder removeHostPorts(int index)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • getHostPortsBuilder

      public V1beta1Policy.HostPortRange.Builder getHostPortsBuilder(int index)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • getHostPortsOrBuilder

      public V1beta1Policy.HostPortRangeOrBuilder getHostPortsOrBuilder(int index)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;
      Specified by:
      getHostPortsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostPortsOrBuilderList

      public List<? extends V1beta1Policy.HostPortRangeOrBuilder> getHostPortsOrBuilderList()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;
      Specified by:
      getHostPortsOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • addHostPortsBuilder

      public V1beta1Policy.HostPortRange.Builder addHostPortsBuilder()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • addHostPortsBuilder

      public V1beta1Policy.HostPortRange.Builder addHostPortsBuilder(int index)
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • getHostPortsBuilderList

      public List<V1beta1Policy.HostPortRange.Builder> getHostPortsBuilderList()
       hostPorts determines which host port ranges are allowed to be exposed.
 +optional
      repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

    • hasHostPID

      public boolean hasHostPID()
       hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
      optional bool hostPID = 8;
      Specified by:
      hasHostPID in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostPID

      public boolean getHostPID()
       hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
      optional bool hostPID = 8;
      Specified by:
      getHostPID in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setHostPID

      public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPID(boolean value)
       hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
      optional bool hostPID = 8;

    • clearHostPID

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostPID()
       hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
      optional bool hostPID = 8;

    • hasHostIPC

      public boolean hasHostIPC()
       hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
      optional bool hostIPC = 9;
      Specified by:
      hasHostIPC in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getHostIPC

      public boolean getHostIPC()
       hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
      optional bool hostIPC = 9;
      Specified by:
      getHostIPC in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setHostIPC

      public V1beta1Policy.PodSecurityPolicySpec.Builder setHostIPC(boolean value)
       hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
      optional bool hostIPC = 9;

    • clearHostIPC

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostIPC()
       hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
      optional bool hostIPC = 9;

    • hasSeLinux

      public boolean hasSeLinux()
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;
      Specified by:
      hasSeLinux in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getSeLinux

      public V1beta1Policy.SELinuxStrategyOptions getSeLinux()
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;
      Specified by:
      getSeLinux in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setSeLinux

      public V1beta1Policy.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Policy.SELinuxStrategyOptions value)
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

    • setSeLinux

      public V1beta1Policy.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Policy.SELinuxStrategyOptions.Builder builderForValue)
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

    • mergeSeLinux

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeSeLinux(V1beta1Policy.SELinuxStrategyOptions value)
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

    • clearSeLinux

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearSeLinux()
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

    • getSeLinuxBuilder

      public V1beta1Policy.SELinuxStrategyOptions.Builder getSeLinuxBuilder()
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

    • getSeLinuxOrBuilder

      public V1beta1Policy.SELinuxStrategyOptionsOrBuilder getSeLinuxOrBuilder()
       seLinux is the strategy that will dictate the allowable labels that may be set.
      optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;
      Specified by:
      getSeLinuxOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • hasRunAsUser

      public boolean hasRunAsUser()
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;
      Specified by:
      hasRunAsUser in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRunAsUser

      public V1beta1Policy.RunAsUserStrategyOptions getRunAsUser()
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;
      Specified by:
      getRunAsUser in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setRunAsUser

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value)
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

    • setRunAsUser

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions.Builder builderForValue)
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

    • mergeRunAsUser

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value)
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

    • clearRunAsUser

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearRunAsUser()
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

    • getRunAsUserBuilder

      public V1beta1Policy.RunAsUserStrategyOptions.Builder getRunAsUserBuilder()
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

    • getRunAsUserOrBuilder

      public V1beta1Policy.RunAsUserStrategyOptionsOrBuilder getRunAsUserOrBuilder()
       runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
      optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;
      Specified by:
      getRunAsUserOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • hasRunAsGroup

      public boolean hasRunAsGroup()
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;
      Specified by:
      hasRunAsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRunAsGroup

      public V1beta1Policy.RunAsGroupStrategyOptions getRunAsGroup()
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;
      Specified by:
      getRunAsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setRunAsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value)
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

    • setRunAsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions.Builder builderForValue)
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

    • mergeRunAsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value)
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

    • clearRunAsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearRunAsGroup()
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

    • getRunAsGroupBuilder

      public V1beta1Policy.RunAsGroupStrategyOptions.Builder getRunAsGroupBuilder()
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

    • getRunAsGroupOrBuilder

      public V1beta1Policy.RunAsGroupStrategyOptionsOrBuilder getRunAsGroupOrBuilder()
       RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;
      Specified by:
      getRunAsGroupOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • hasSupplementalGroups

      public boolean hasSupplementalGroups()
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;
      Specified by:
      hasSupplementalGroups in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getSupplementalGroups

      public V1beta1Policy.SupplementalGroupsStrategyOptions getSupplementalGroups()
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;
      Specified by:
      getSupplementalGroups in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setSupplementalGroups

      public V1beta1Policy.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value)
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

    • setSupplementalGroups

      public V1beta1Policy.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions.Builder builderForValue)
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

    • mergeSupplementalGroups

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value)
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

    • clearSupplementalGroups

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearSupplementalGroups()
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

    • getSupplementalGroupsBuilder

      public V1beta1Policy.SupplementalGroupsStrategyOptions.Builder getSupplementalGroupsBuilder()
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

    • getSupplementalGroupsOrBuilder

      public V1beta1Policy.SupplementalGroupsStrategyOptionsOrBuilder getSupplementalGroupsOrBuilder()
       supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;
      Specified by:
      getSupplementalGroupsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • hasFsGroup

      public boolean hasFsGroup()
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;
      Specified by:
      hasFsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getFsGroup

      public V1beta1Policy.FSGroupStrategyOptions getFsGroup()
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;
      Specified by:
      getFsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setFsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Policy.FSGroupStrategyOptions value)
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

    • setFsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Policy.FSGroupStrategyOptions.Builder builderForValue)
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

    • mergeFsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFsGroup(V1beta1Policy.FSGroupStrategyOptions value)
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

    • clearFsGroup

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearFsGroup()
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

    • getFsGroupBuilder

      public V1beta1Policy.FSGroupStrategyOptions.Builder getFsGroupBuilder()
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

    • getFsGroupOrBuilder

      public V1beta1Policy.FSGroupStrategyOptionsOrBuilder getFsGroupOrBuilder()
       fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
      optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;
      Specified by:
      getFsGroupOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • hasReadOnlyRootFilesystem

      public boolean hasReadOnlyRootFilesystem()
       readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
      optional bool readOnlyRootFilesystem = 14;
      Specified by:
      hasReadOnlyRootFilesystem in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getReadOnlyRootFilesystem

      public boolean getReadOnlyRootFilesystem()
       readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
      optional bool readOnlyRootFilesystem = 14;
      Specified by:
      getReadOnlyRootFilesystem in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setReadOnlyRootFilesystem

      public V1beta1Policy.PodSecurityPolicySpec.Builder setReadOnlyRootFilesystem(boolean value)
       readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
      optional bool readOnlyRootFilesystem = 14;

    • clearReadOnlyRootFilesystem

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearReadOnlyRootFilesystem()
       readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
      optional bool readOnlyRootFilesystem = 14;

    • hasDefaultAllowPrivilegeEscalation

      public boolean hasDefaultAllowPrivilegeEscalation()
       defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
      optional bool defaultAllowPrivilegeEscalation = 15;
      Specified by:
      hasDefaultAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getDefaultAllowPrivilegeEscalation

      public boolean getDefaultAllowPrivilegeEscalation()
       defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
      optional bool defaultAllowPrivilegeEscalation = 15;
      Specified by:
      getDefaultAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setDefaultAllowPrivilegeEscalation

      public V1beta1Policy.PodSecurityPolicySpec.Builder setDefaultAllowPrivilegeEscalation(boolean value)
       defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
      optional bool defaultAllowPrivilegeEscalation = 15;

    • clearDefaultAllowPrivilegeEscalation

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearDefaultAllowPrivilegeEscalation()
       defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
      optional bool defaultAllowPrivilegeEscalation = 15;

    • hasAllowPrivilegeEscalation

      public boolean hasAllowPrivilegeEscalation()
       allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
      optional bool allowPrivilegeEscalation = 16;
      Specified by:
      hasAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowPrivilegeEscalation

      public boolean getAllowPrivilegeEscalation()
       allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
      optional bool allowPrivilegeEscalation = 16;
      Specified by:
      getAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowPrivilegeEscalation

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowPrivilegeEscalation(boolean value)
       allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
      optional bool allowPrivilegeEscalation = 16;

    • clearAllowPrivilegeEscalation

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowPrivilegeEscalation()
       allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
      optional bool allowPrivilegeEscalation = 16;

    • getAllowedHostPathsList

      public List<V1beta1Policy.AllowedHostPath> getAllowedHostPathsList()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;
      Specified by:
      getAllowedHostPathsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedHostPathsCount

      public int getAllowedHostPathsCount()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;
      Specified by:
      getAllowedHostPathsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedHostPaths

      public V1beta1Policy.AllowedHostPath getAllowedHostPaths(int index)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;
      Specified by:
      getAllowedHostPaths in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath value)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • setAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath.Builder builderForValue)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Policy.AllowedHostPath value)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath value)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Policy.AllowedHostPath.Builder builderForValue)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath.Builder builderForValue)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedHostPaths(Iterable<? extends V1beta1Policy.AllowedHostPath> values)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • clearAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedHostPaths()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • removeAllowedHostPaths

      public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedHostPaths(int index)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • getAllowedHostPathsBuilder

      public V1beta1Policy.AllowedHostPath.Builder getAllowedHostPathsBuilder(int index)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • getAllowedHostPathsOrBuilder

      public V1beta1Policy.AllowedHostPathOrBuilder getAllowedHostPathsOrBuilder(int index)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;
      Specified by:
      getAllowedHostPathsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedHostPathsOrBuilderList

      public List<? extends V1beta1Policy.AllowedHostPathOrBuilder> getAllowedHostPathsOrBuilderList()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;
      Specified by:
      getAllowedHostPathsOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • addAllowedHostPathsBuilder

      public V1beta1Policy.AllowedHostPath.Builder addAllowedHostPathsBuilder()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • addAllowedHostPathsBuilder

      public V1beta1Policy.AllowedHostPath.Builder addAllowedHostPathsBuilder(int index)
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • getAllowedHostPathsBuilderList

      public List<V1beta1Policy.AllowedHostPath.Builder> getAllowedHostPathsBuilderList()
       allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

    • getAllowedFlexVolumesList

      public List<V1beta1Policy.AllowedFlexVolume> getAllowedFlexVolumesList()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;
      Specified by:
      getAllowedFlexVolumesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedFlexVolumesCount

      public int getAllowedFlexVolumesCount()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;
      Specified by:
      getAllowedFlexVolumesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedFlexVolumes

      public V1beta1Policy.AllowedFlexVolume getAllowedFlexVolumes(int index)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;
      Specified by:
      getAllowedFlexVolumes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume value)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • setAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume.Builder builderForValue)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume value)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume value)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume.Builder builderForValue)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume.Builder builderForValue)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedFlexVolumes(Iterable<? extends V1beta1Policy.AllowedFlexVolume> values)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • clearAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedFlexVolumes()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • removeAllowedFlexVolumes

      public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedFlexVolumes(int index)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • getAllowedFlexVolumesBuilder

      public V1beta1Policy.AllowedFlexVolume.Builder getAllowedFlexVolumesBuilder(int index)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • getAllowedFlexVolumesOrBuilder

      public V1beta1Policy.AllowedFlexVolumeOrBuilder getAllowedFlexVolumesOrBuilder(int index)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;
      Specified by:
      getAllowedFlexVolumesOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedFlexVolumesOrBuilderList

      public List<? extends V1beta1Policy.AllowedFlexVolumeOrBuilder> getAllowedFlexVolumesOrBuilderList()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;
      Specified by:
      getAllowedFlexVolumesOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • addAllowedFlexVolumesBuilder

      public V1beta1Policy.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • addAllowedFlexVolumesBuilder

      public V1beta1Policy.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder(int index)
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • getAllowedFlexVolumesBuilderList

      public List<V1beta1Policy.AllowedFlexVolume.Builder> getAllowedFlexVolumesBuilderList()
       allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

    • getAllowedCSIDriversList

      public List<V1beta1Policy.AllowedCSIDriver> getAllowedCSIDriversList()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;
      Specified by:
      getAllowedCSIDriversList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCSIDriversCount

      public int getAllowedCSIDriversCount()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;
      Specified by:
      getAllowedCSIDriversCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCSIDrivers

      public V1beta1Policy.AllowedCSIDriver getAllowedCSIDrivers(int index)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;
      Specified by:
      getAllowedCSIDrivers in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver value)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • setAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver.Builder builderForValue)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver value)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver value)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver.Builder builderForValue)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver.Builder builderForValue)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedCSIDrivers(Iterable<? extends V1beta1Policy.AllowedCSIDriver> values)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • clearAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedCSIDrivers()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • removeAllowedCSIDrivers

      public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedCSIDrivers(int index)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • getAllowedCSIDriversBuilder

      public V1beta1Policy.AllowedCSIDriver.Builder getAllowedCSIDriversBuilder(int index)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • getAllowedCSIDriversOrBuilder

      public V1beta1Policy.AllowedCSIDriverOrBuilder getAllowedCSIDriversOrBuilder(int index)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;
      Specified by:
      getAllowedCSIDriversOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedCSIDriversOrBuilderList

      public List<? extends V1beta1Policy.AllowedCSIDriverOrBuilder> getAllowedCSIDriversOrBuilderList()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;
      Specified by:
      getAllowedCSIDriversOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • addAllowedCSIDriversBuilder

      public V1beta1Policy.AllowedCSIDriver.Builder addAllowedCSIDriversBuilder()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • addAllowedCSIDriversBuilder

      public V1beta1Policy.AllowedCSIDriver.Builder addAllowedCSIDriversBuilder(int index)
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • getAllowedCSIDriversBuilderList

      public List<V1beta1Policy.AllowedCSIDriver.Builder> getAllowedCSIDriversBuilderList()
       AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
      repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

    • getAllowedUnsafeSysctlsList

      public com.google.protobuf.ProtocolStringList getAllowedUnsafeSysctlsList()
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;
      Specified by:
      getAllowedUnsafeSysctlsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedUnsafeSysctlsCount

      public int getAllowedUnsafeSysctlsCount()
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;
      Specified by:
      getAllowedUnsafeSysctlsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedUnsafeSysctls

      public String getAllowedUnsafeSysctls(int index)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;
      Specified by:
      getAllowedUnsafeSysctls in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedUnsafeSysctlsBytes

      public com.google.protobuf.ByteString getAllowedUnsafeSysctlsBytes(int index)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;
      Specified by:
      getAllowedUnsafeSysctlsBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedUnsafeSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedUnsafeSysctls(int index, String value)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;

    • addAllowedUnsafeSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctls(String value)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;

    • addAllAllowedUnsafeSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedUnsafeSysctls(Iterable<String> values)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;

    • clearAllowedUnsafeSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedUnsafeSysctls()
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;

    • addAllowedUnsafeSysctlsBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value)
       allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
      repeated string allowedUnsafeSysctls = 19;

    • getForbiddenSysctlsList

      public com.google.protobuf.ProtocolStringList getForbiddenSysctlsList()
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;
      Specified by:
      getForbiddenSysctlsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getForbiddenSysctlsCount

      public int getForbiddenSysctlsCount()
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;
      Specified by:
      getForbiddenSysctlsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getForbiddenSysctls

      public String getForbiddenSysctls(int index)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;
      Specified by:
      getForbiddenSysctls in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getForbiddenSysctlsBytes

      public com.google.protobuf.ByteString getForbiddenSysctlsBytes(int index)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;
      Specified by:
      getForbiddenSysctlsBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setForbiddenSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder setForbiddenSysctls(int index, String value)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;

    • addForbiddenSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder addForbiddenSysctls(String value)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;

    • addAllForbiddenSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllForbiddenSysctls(Iterable<String> values)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;

    • clearForbiddenSysctls

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearForbiddenSysctls()
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;

    • addForbiddenSysctlsBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addForbiddenSysctlsBytes(com.google.protobuf.ByteString value)
       forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
      repeated string forbiddenSysctls = 20;

    • getAllowedProcMountTypesList

      public com.google.protobuf.ProtocolStringList getAllowedProcMountTypesList()
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;
      Specified by:
      getAllowedProcMountTypesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedProcMountTypesCount

      public int getAllowedProcMountTypesCount()
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;
      Specified by:
      getAllowedProcMountTypesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedProcMountTypes

      public String getAllowedProcMountTypes(int index)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;
      Specified by:
      getAllowedProcMountTypes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getAllowedProcMountTypesBytes

      public com.google.protobuf.ByteString getAllowedProcMountTypesBytes(int index)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;
      Specified by:
      getAllowedProcMountTypesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setAllowedProcMountTypes

      public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedProcMountTypes(int index, String value)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;

    • addAllowedProcMountTypes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedProcMountTypes(String value)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;

    • addAllAllowedProcMountTypes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedProcMountTypes(Iterable<String> values)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;

    • clearAllowedProcMountTypes

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedProcMountTypes()
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;

    • addAllowedProcMountTypesBytes

      public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value)
       AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
      repeated string allowedProcMountTypes = 21;

    • hasRuntimeClass

      public boolean hasRuntimeClass()
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;
      Specified by:
      hasRuntimeClass in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • getRuntimeClass

      public V1beta1Policy.RuntimeClassStrategyOptions getRuntimeClass()
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;
      Specified by:
      getRuntimeClass in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setRuntimeClass

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value)
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

    • setRuntimeClass

      public V1beta1Policy.PodSecurityPolicySpec.Builder setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions.Builder builderForValue)
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

    • mergeRuntimeClass

      public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value)
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

    • clearRuntimeClass

      public V1beta1Policy.PodSecurityPolicySpec.Builder clearRuntimeClass()
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

    • getRuntimeClassBuilder

      public V1beta1Policy.RuntimeClassStrategyOptions.Builder getRuntimeClassBuilder()
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

    • getRuntimeClassOrBuilder

      public V1beta1Policy.RuntimeClassStrategyOptionsOrBuilder getRuntimeClassOrBuilder()
       runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
      optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;
      Specified by:
      getRuntimeClassOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

    • setUnknownFields

      public final V1beta1Policy.PodSecurityPolicySpec.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

    • mergeUnknownFields

      public final V1beta1Policy.PodSecurityPolicySpec.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>