zio-k8s-client/com.coralogix.zio.k8s.model.certificates.v1beta1/CertificateSigningRequestSpec

CertificateSigningRequestSpec

case class CertificateSigningRequestSpec(extra: Optional[Map[String, Vector[String]]], groups: Optional[Vector[String]], request: Chunk[Byte], signerName: Optional[String], uid: Optional[String], usages: Optional[Vector[String]], username: Optional[String])

This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.

Value Params
extra

Extra information about the requesting user. See user.Info interface for details.

groups

Group information about the requesting user. See user.Info interface for details.

request

Base64-encoded PKCS#10 CSR data

signerName

Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name. If empty, it will be defaulted:

  1. If it's a kubelet client certificate, it is assigned "kubernetes.io/kube-apiserver-client-kubelet".
  2. If it's a kubelet serving certificate, it is assigned "kubernetes.io/kubelet-serving".
  3. Otherwise, it is assigned "kubernetes.io/legacy-unknown". Distribution of trust for signers happens out of band. You can select on this field using spec.signerName.
uid

UID information about the requesting user. See user.Info interface for details.

usages

allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"

username

Information about the requesting user. See user.Info interface for details.

Companion
object
trait Serializable
trait Product
trait Equals
class Object
trait Matchable
class Any

Value members

Concrete methods

def getExtra: IO[K8sFailure, Map[String, Vector[String]]]

Extra information about the requesting user. See user.Info interface for details.

Extra information about the requesting user. See user.Info interface for details.

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

def getGroups: IO[K8sFailure, Vector[String]]

Group information about the requesting user. See user.Info interface for details.

Group information about the requesting user. See user.Info interface for details.

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

def getRequest: IO[K8sFailure, Chunk[Byte]]

Base64-encoded PKCS#10 CSR data

Base64-encoded PKCS#10 CSR data

This effect always succeeds, it is safe to use the field request directly.

def getSignerName: IO[K8sFailure, String]

Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name. If empty, it will be defaulted:

Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name. If empty, it will be defaulted:

  1. If it's a kubelet client certificate, it is assigned "kubernetes.io/kube-apiserver-client-kubelet".
  2. If it's a kubelet serving certificate, it is assigned "kubernetes.io/kubelet-serving".
  3. Otherwise, it is assigned "kubernetes.io/legacy-unknown". Distribution of trust for signers happens out of band. You can select on this field using spec.signerName.

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

def getUid: IO[K8sFailure, String]

UID information about the requesting user. See user.Info interface for details.

UID information about the requesting user. See user.Info interface for details.

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

def getUsages: IO[K8sFailure, Vector[String]]

allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"

allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

def getUsername: IO[K8sFailure, String]

Information about the requesting user. See user.Info interface for details.

Information about the requesting user. See user.Info interface for details.

If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.

Inherited methods

def productElementNames: Iterator[String]
Inherited from
Product
def productIterator: Iterator[Any]
Inherited from
Product