//
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is
// regenerated.
//
namespace k8s.Models
{
using Newtonsoft.Json;
using System.Collections;
using System.Collections.Generic;
using System.Linq;
///
/// PodSecurityContext holds pod-level security attributes and common
/// container settings. Some fields are also present in
/// container.securityContext. Field values of container.securityContext
/// take precedence over field values of PodSecurityContext.
///
public partial class V1PodSecurityContext
{
///
/// Initializes a new instance of the V1PodSecurityContext class.
///
public V1PodSecurityContext()
{
CustomInit();
}
///
/// Initializes a new instance of the V1PodSecurityContext class.
///
/// A special supplemental group that applies to
/// all containers in a pod. Some volume types allow the Kubelet to
/// change the ownership of that volume to be owned by the pod:
///
/// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new
/// files created in the volume will be owned by FSGroup) 3. The
/// permission bits are OR'd with rw-rw----
///
/// If unset, the Kubelet will not modify the ownership and permissions
/// of any volume.
/// The GID to run the entrypoint of the
/// container process. Uses runtime default if unset. May also be set
/// in SecurityContext. If set in both SecurityContext and
/// PodSecurityContext, the value specified in SecurityContext takes
/// precedence for that container.
/// Indicates that the container must run as
/// a non-root user. If true, the Kubelet will validate the image at
/// runtime to ensure that it does not run as UID 0 (root) and fail to
/// start the container if it does. If unset or false, no such
/// validation will be performed. May also be set in SecurityContext.
/// If set in both SecurityContext and PodSecurityContext, the value
/// specified in SecurityContext takes precedence.
/// The UID to run the entrypoint of the
/// container process. Defaults to user specified in image metadata if
/// unspecified. May also be set in SecurityContext. If set in both
/// SecurityContext and PodSecurityContext, the value specified in
/// SecurityContext takes precedence for that container.
/// The SELinux context to be applied to
/// all containers. If unspecified, the container runtime will allocate
/// a random SELinux context for each container. May also be set in
/// SecurityContext. If set in both SecurityContext and
/// PodSecurityContext, the value specified in SecurityContext takes
/// precedence for that container.
/// A list of groups applied to the
/// first process run in each container, in addition to the container's
/// primary GID. If unspecified, no groups will be added to any
/// container.
public V1PodSecurityContext(long? fsGroup = default(long?), long? runAsGroup = default(long?), bool? runAsNonRoot = default(bool?), long? runAsUser = default(long?), V1SELinuxOptions seLinuxOptions = default(V1SELinuxOptions), IList supplementalGroups = default(IList))
{
FsGroup = fsGroup;
RunAsGroup = runAsGroup;
RunAsNonRoot = runAsNonRoot;
RunAsUser = runAsUser;
SeLinuxOptions = seLinuxOptions;
SupplementalGroups = supplementalGroups;
CustomInit();
}
///
/// An initialization method that performs custom operations like setting defaults
///
partial void CustomInit();
///
/// Gets or sets a special supplemental group that applies to all
/// containers in a pod. Some volume types allow the Kubelet to change
/// the ownership of that volume to be owned by the pod:
///
/// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new
/// files created in the volume will be owned by FSGroup) 3. The
/// permission bits are OR'd with rw-rw----
///
/// If unset, the Kubelet will not modify the ownership and permissions
/// of any volume.
///
[JsonProperty(PropertyName = "fsGroup")]
public long? FsGroup { get; set; }
///
/// Gets or sets the GID to run the entrypoint of the container
/// process. Uses runtime default if unset. May also be set in
/// SecurityContext. If set in both SecurityContext and
/// PodSecurityContext, the value specified in SecurityContext takes
/// precedence for that container.
///
[JsonProperty(PropertyName = "runAsGroup")]
public long? RunAsGroup { get; set; }
///
/// Gets or sets indicates that the container must run as a non-root
/// user. If true, the Kubelet will validate the image at runtime to
/// ensure that it does not run as UID 0 (root) and fail to start the
/// container if it does. If unset or false, no such validation will be
/// performed. May also be set in SecurityContext. If set in both
/// SecurityContext and PodSecurityContext, the value specified in
/// SecurityContext takes precedence.
///
[JsonProperty(PropertyName = "runAsNonRoot")]
public bool? RunAsNonRoot { get; set; }
///
/// Gets or sets the UID to run the entrypoint of the container
/// process. Defaults to user specified in image metadata if
/// unspecified. May also be set in SecurityContext. If set in both
/// SecurityContext and PodSecurityContext, the value specified in
/// SecurityContext takes precedence for that container.
///
[JsonProperty(PropertyName = "runAsUser")]
public long? RunAsUser { get; set; }
///
/// Gets or sets the SELinux context to be applied to all containers.
/// If unspecified, the container runtime will allocate a random
/// SELinux context for each container. May also be set in
/// SecurityContext. If set in both SecurityContext and
/// PodSecurityContext, the value specified in SecurityContext takes
/// precedence for that container.
///
[JsonProperty(PropertyName = "seLinuxOptions")]
public V1SELinuxOptions SeLinuxOptions { get; set; }
///
/// Gets or sets a list of groups applied to the first process run in
/// each container, in addition to the container's primary GID. If
/// unspecified, no groups will be added to any container.
///
[JsonProperty(PropertyName = "supplementalGroups")]
public IList SupplementalGroups { get; set; }
}
}