1// Generated from definition io.k8s.api.certificates.v1beta1.ClusterTrustBundle
23/// ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).
4///
5/// ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.
6///
7/// It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.
8#[derive(Clone, Debug, Default, PartialEq)]
9pub struct ClusterTrustBundle {
10/// metadata contains the object metadata.
11pub metadata: crate::apimachinery::pkg::apis::meta::v1::ObjectMeta,
1213/// spec contains the signer (if any) and trust anchors.
14pub spec: crate::api::certificates::v1beta1::ClusterTrustBundleSpec,
15}
1617impl crate::Resource for ClusterTrustBundle {
18const API_VERSION: &'static str = "certificates.k8s.io/v1beta1";
19const GROUP: &'static str = "certificates.k8s.io";
20const KIND: &'static str = "ClusterTrustBundle";
21const VERSION: &'static str = "v1beta1";
22const URL_PATH_SEGMENT: &'static str = "clustertrustbundles";
23type Scope = crate::ClusterResourceScope;
24}
2526impl crate::ListableResource for ClusterTrustBundle {
27const LIST_KIND: &'static str = "ClusterTrustBundleList";
28}
2930impl crate::Metadata for ClusterTrustBundle {
31type Ty = crate::apimachinery::pkg::apis::meta::v1::ObjectMeta;
3233fn metadata(&self) -> &<Self as crate::Metadata>::Ty {
34&self.metadata
35 }
3637fn metadata_mut(&mut self) -> &mut<Self as crate::Metadata>::Ty {
38&mut self.metadata
39 }
40}
4142impl crate::DeepMerge for ClusterTrustBundle {
43fn merge_from(&mut self, other: Self) {
44crate::DeepMerge::merge_from(&mut self.metadata, other.metadata);
45crate::DeepMerge::merge_from(&mut self.spec, other.spec);
46 }
47}
4849impl<'de> crate::serde::Deserialize<'de> for ClusterTrustBundle {
50fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
51#[allow(non_camel_case_types)]
52enum Field {
53 Key_api_version,
54 Key_kind,
55 Key_metadata,
56 Key_spec,
57 Other,
58 }
5960impl<'de> crate::serde::Deserialize<'de> for Field {
61fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
62struct Visitor;
6364impl crate::serde::de::Visitor<'_> for Visitor {
65type Value = Field;
6667fn expecting(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
68 f.write_str("field identifier")
69 }
7071fn visit_str<E>(self, v: &str) -> Result<Self::Value, E> where E: crate::serde::de::Error {
72Ok(match v {
73"apiVersion" => Field::Key_api_version,
74"kind" => Field::Key_kind,
75"metadata" => Field::Key_metadata,
76"spec" => Field::Key_spec,
77_ => Field::Other,
78 })
79 }
80 }
8182 deserializer.deserialize_identifier(Visitor)
83 }
84 }
8586struct Visitor;
8788impl<'de> crate::serde::de::Visitor<'de> for Visitor {
89type Value = ClusterTrustBundle;
9091fn expecting(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
92 f.write_str(<Self::Value as crate::Resource>::KIND)
93 }
9495fn visit_map<A>(self, mut map: A) -> Result<Self::Value, A::Error> where A: crate::serde::de::MapAccess<'de> {
96let mut value_metadata: Option<crate::apimachinery::pkg::apis::meta::v1::ObjectMeta> = None;
97let mut value_spec: Option<crate::api::certificates::v1beta1::ClusterTrustBundleSpec> = None;
9899while let Some(key) = crate::serde::de::MapAccess::next_key::<Field>(&mut map)? {
100match key {
101 Field::Key_api_version => {
102let value_api_version: std::string::String = crate::serde::de::MapAccess::next_value(&mut map)?;
103if value_api_version != <Self::Value as crate::Resource>::API_VERSION {
104return Err(crate::serde::de::Error::invalid_value(crate::serde::de::Unexpected::Str(&value_api_version), &<Self::Value as crate::Resource>::API_VERSION));
105 }
106 },
107 Field::Key_kind => {
108let value_kind: std::string::String = crate::serde::de::MapAccess::next_value(&mut map)?;
109if value_kind != <Self::Value as crate::Resource>::KIND {
110return Err(crate::serde::de::Error::invalid_value(crate::serde::de::Unexpected::Str(&value_kind), &<Self::Value as crate::Resource>::KIND));
111 }
112 },
113 Field::Key_metadata => value_metadata = crate::serde::de::MapAccess::next_value(&mut map)?,
114 Field::Key_spec => value_spec = crate::serde::de::MapAccess::next_value(&mut map)?,
115 Field::Other => { let _: crate::serde::de::IgnoredAny = crate::serde::de::MapAccess::next_value(&mut map)?; },
116 }
117 }
118119Ok(ClusterTrustBundle {
120 metadata: value_metadata.unwrap_or_default(),
121 spec: value_spec.unwrap_or_default(),
122 })
123 }
124 }
125126 deserializer.deserialize_struct(
127 <Self as crate::Resource>::KIND,
128&[
129"apiVersion",
130"kind",
131"metadata",
132"spec",
133 ],
134 Visitor,
135 )
136 }
137}
138139impl crate::serde::Serialize for ClusterTrustBundle {
140fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> where S: crate::serde::Serializer {
141let mut state = serializer.serialize_struct(
142 <Self as crate::Resource>::KIND,
1434,
144 )?;
145crate::serde::ser::SerializeStruct::serialize_field(&mut state, "apiVersion", <Self as crate::Resource>::API_VERSION)?;
146crate::serde::ser::SerializeStruct::serialize_field(&mut state, "kind", <Self as crate::Resource>::KIND)?;
147crate::serde::ser::SerializeStruct::serialize_field(&mut state, "metadata", &self.metadata)?;
148crate::serde::ser::SerializeStruct::serialize_field(&mut state, "spec", &self.spec)?;
149crate::serde::ser::SerializeStruct::end(state)
150 }
151}
152153#[cfg(feature = "schemars")]
154impl crate::schemars::JsonSchema for ClusterTrustBundle {
155fn schema_name() -> std::string::String {
156"io.k8s.api.certificates.v1beta1.ClusterTrustBundle".into()
157 }
158159fn json_schema(__gen: &mut crate::schemars::gen::SchemaGenerator) -> crate::schemars::schema::Schema {
160crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
161 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
162 description: Some("ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).\n\nClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.\n\nIt can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.".into()),
163 ..Default::default()
164 })),
165 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::Object))),
166 object: Some(std::boxed::Box::new(crate::schemars::schema::ObjectValidation {
167 properties: [
168 (
169"apiVersion".into(),
170crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
171 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
172 description: Some("APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources".into()),
173 ..Default::default()
174 })),
175 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::String))),
176 ..Default::default()
177 }),
178 ),
179 (
180"kind".into(),
181crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
182 metadata: Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
183 description: Some("Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds".into()),
184 ..Default::default()
185 })),
186 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(std::boxed::Box::new(crate::schemars::schema::InstanceType::String))),
187 ..Default::default()
188 }),
189 ),
190 (
191"metadata".into(),
192 {
193let mut schema_obj = __gen.subschema_for::<crate::apimachinery::pkg::apis::meta::v1::ObjectMeta>().into_object();
194 schema_obj.metadata = Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
195 description: Some("metadata contains the object metadata.".into()),
196 ..Default::default()
197 }));
198crate::schemars::schema::Schema::Object(schema_obj)
199 },
200 ),
201 (
202"spec".into(),
203 {
204let mut schema_obj = __gen.subschema_for::<crate::api::certificates::v1beta1::ClusterTrustBundleSpec>().into_object();
205 schema_obj.metadata = Some(std::boxed::Box::new(crate::schemars::schema::Metadata {
206 description: Some("spec contains the signer (if any) and trust anchors.".into()),
207 ..Default::default()
208 }));
209crate::schemars::schema::Schema::Object(schema_obj)
210 },
211 ),
212 ].into(),
213 required: [
214"metadata".into(),
215"spec".into(),
216 ].into(),
217 ..Default::default()
218 })),
219 ..Default::default()
220 })
221 }
222}