1// Generated from definition io.k8s.api.certificates.v1.CertificateSigningRequestStatus
23/// CertificateSigningRequestStatus contains conditions used to indicate approved/denied/failed status of the request, and the issued certificate.
4#[derive(Clone, Debug, Default, PartialEq)]
5pub struct CertificateSigningRequestStatus {
6/// certificate is populated with an issued certificate by the signer after an Approved condition is present. This field is set via the /status subresource. Once populated, this field is immutable.
7 ///
8 /// If the certificate signing request is denied, a condition of type "Denied" is added and this field remains empty. If the signer cannot issue the certificate, a condition of type "Failed" is added and this field remains empty.
9 ///
10 /// Validation requirements:
11 /// 1. certificate must contain one or more PEM blocks.
12 /// 2. All PEM blocks must have the "CERTIFICATE" label, contain no headers, and the encoded data
13 /// must be a BER-encoded ASN.1 Certificate structure as described in section 4 of RFC5280.
14 /// 3. Non-PEM content may appear before or after the "CERTIFICATE" PEM blocks and is unvalidated,
15 /// to allow for explanatory text as described in section 5.2 of RFC7468.
16 ///
17 /// If more than one PEM block is present, and the definition of the requested spec.signerName does not indicate otherwise, the first block is the issued certificate, and subsequent blocks should be treated as intermediate certificates and presented in TLS handshakes.
18 ///
19 /// The certificate is encoded in PEM format.
20 ///
21 /// When serialized as JSON or YAML, the data is additionally base64-encoded, so it consists of:
22 ///
23 /// base64(
24 /// -----BEGIN CERTIFICATE-----
25 /// ...
26 /// -----END CERTIFICATE-----
27 /// )
28pub certificate: Option<crate::ByteString>,
2930/// conditions applied to the request. Known conditions are "Approved", "Denied", and "Failed".
31pub conditions: Option<std::vec::Vec<crate::api::certificates::v1::CertificateSigningRequestCondition>>,
32}
3334impl crate::DeepMerge for CertificateSigningRequestStatus {
35fn merge_from(&mut self, other: Self) {
36crate::DeepMerge::merge_from(&mut self.certificate, other.certificate);
37crate::merge_strategies::list::map(
38&mut self.conditions,
39 other.conditions,
40&[|lhs, rhs| lhs.type_ == rhs.type_],
41 |current_item, other_item| {
42crate::DeepMerge::merge_from(current_item, other_item);
43 },
44 );
45 }
46}
4748impl<'de> crate::serde::Deserialize<'de> for CertificateSigningRequestStatus {
49fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
50#[allow(non_camel_case_types)]
51enum Field {
52 Key_certificate,
53 Key_conditions,
54 Other,
55 }
5657impl<'de> crate::serde::Deserialize<'de> for Field {
58fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
59struct Visitor;
6061impl crate::serde::de::Visitor<'_> for Visitor {
62type Value = Field;
6364fn expecting(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
65 f.write_str("field identifier")
66 }
6768fn visit_str<E>(self, v: &str) -> Result<Self::Value, E> where E: crate::serde::de::Error {
69Ok(match v {
70"certificate" => Field::Key_certificate,
71"conditions" => Field::Key_conditions,
72_ => Field::Other,
73 })
74 }
75 }
7677 deserializer.deserialize_identifier(Visitor)
78 }
79 }
8081struct Visitor;
8283impl<'de> crate::serde::de::Visitor<'de> for Visitor {
84type Value = CertificateSigningRequestStatus;
8586fn expecting(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
87 f.write_str("CertificateSigningRequestStatus")
88 }
8990fn visit_map<A>(self, mut map: A) -> Result<Self::Value, A::Error> where A: crate::serde::de::MapAccess<'de> {
91let mut value_certificate: Option<crate::ByteString> = None;
92let mut value_conditions: Option<std::vec::Vec<crate::api::certificates::v1::CertificateSigningRequestCondition>> = None;
9394while let Some(key) = crate::serde::de::MapAccess::next_key::<Field>(&mut map)? {
95match key {
96 Field::Key_certificate => value_certificate = crate::serde::de::MapAccess::next_value(&mut map)?,
97 Field::Key_conditions => value_conditions = crate::serde::de::MapAccess::next_value(&mut map)?,
98 Field::Other => { let _: crate::serde::de::IgnoredAny = crate::serde::de::MapAccess::next_value(&mut map)?; },
99 }
100 }
101102Ok(CertificateSigningRequestStatus {
103 certificate: value_certificate,
104 conditions: value_conditions,
105 })
106 }
107 }
108109 deserializer.deserialize_struct(
110"CertificateSigningRequestStatus",
111&[
112"certificate",
113"conditions",
114 ],
115 Visitor,
116 )
117 }
118}
119120impl crate::serde::Serialize for CertificateSigningRequestStatus {
121fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> where S: crate::serde::Serializer {
122let mut state = serializer.serialize_struct(
123"CertificateSigningRequestStatus",
124self.certificate.as_ref().map_or(0, |_| 1) +
125self.conditions.as_ref().map_or(0, |_| 1),
126 )?;
127if let Some(value) = &self.certificate {
128crate::serde::ser::SerializeStruct::serialize_field(&mut state, "certificate", value)?;
129 }
130if let Some(value) = &self.conditions {
131crate::serde::ser::SerializeStruct::serialize_field(&mut state, "conditions", value)?;
132 }
133crate::serde::ser::SerializeStruct::end(state)
134 }
135}
136137#[cfg(feature = "schemars")]
138impl crate::schemars::JsonSchema for CertificateSigningRequestStatus {
139fn schema_name() -> std::string::String {
140"io.k8s.api.certificates.v1.CertificateSigningRequestStatus".into()
141 }
142143fn json_schema(__gen: &mut crate::schemars::gen::SchemaGenerator) -> crate::schemars::schema::Schema {
144crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
145 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
146 description: Some("CertificateSigningRequestStatus contains conditions used to indicate approved/denied/failed status of the request, and the issued certificate.".into()),
147 ..Default::default()
148 })),
149 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::Object))),
150 object: Some(std::boxed::Box::new(crate::schemars::schema::ObjectValidation {
151 properties: [
152 (
153"certificate".into(),
154crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
155 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
156 description: Some("certificate is populated with an issued certificate by the signer after an Approved condition is present. This field is set via the /status subresource. Once populated, this field is immutable.\n\nIf the certificate signing request is denied, a condition of type \"Denied\" is added and this field remains empty. If the signer cannot issue the certificate, a condition of type \"Failed\" is added and this field remains empty.\n\nValidation requirements:\n 1. certificate must contain one or more PEM blocks.\n 2. All PEM blocks must have the \"CERTIFICATE\" label, contain no headers, and the encoded data\n must be a BER-encoded ASN.1 Certificate structure as described in section 4 of RFC5280.\n 3. Non-PEM content may appear before or after the \"CERTIFICATE\" PEM blocks and is unvalidated,\n to allow for explanatory text as described in section 5.2 of RFC7468.\n\nIf more than one PEM block is present, and the definition of the requested spec.signerName does not indicate otherwise, the first block is the issued certificate, and subsequent blocks should be treated as intermediate certificates and presented in TLS handshakes.\n\nThe certificate is encoded in PEM format.\n\nWhen serialized as JSON or YAML, the data is additionally base64-encoded, so it consists of:\n\n base64(\n -----BEGIN CERTIFICATE-----\n ...\n -----END CERTIFICATE-----\n )".into()),
157 ..Default::default()
158 })),
159 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::String))),
160 format: Some("byte".into()),
161 ..Default::default()
162 }),
163 ),
164 (
165"conditions".into(),
166crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
167 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
168 description: Some("conditions applied to the request. Known conditions are \"Approved\", \"Denied\", and \"Failed\".".into()),
169 ..Default::default()
170 })),
171 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::Array))),
172 array: Some(std::boxed::Box::new(crate::schemars::schema::ArrayValidation {
173 items: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(__gen.subschema_for::<crate::api::certificates::v1::CertificateSigningRequestCondition>()))),
174 ..Default::default()
175 })),
176 ..Default::default()
177 }),
178 ),
179 ].into(),
180 ..Default::default()
181 })),
182 ..Default::default()
183 })
184 }
185}