Module io.helidon.integrations.vault.auths.k8s
Package io.helidon.integrations.vault.auths.k8s

Class ConfigureK8s.Request

java.lang.Object
io.helidon.integrations.common.rest.ApiJsonBuilder<ConfigureK8s.Request>
io.helidon.integrations.common.rest.ApiJsonRequest<ConfigureK8s.Request>
io.helidon.integrations.vault.VaultRequest<ConfigureK8s.Request>
io.helidon.integrations.vault.auths.k8s.ConfigureK8s.Request
All Implemented Interfaces:
ApiRequest<ConfigureK8s.Request>
Enclosing class:
ConfigureK8s
public static class ConfigureK8s.Request extends VaultRequest<ConfigureK8s.Request>
Request object. Can be configured with additional headers, query parameters etc.

  • Method Details

    • builder

      public static ConfigureK8s.Request builder()
      Fluent API builder for configuring a request. The request builder is passed as is, without a build method. The equivalent of a build method is ApiJsonBuilder.toJson(jakarta.json.JsonBuilderFactory) used by the RestApi.
      Returns:
      new request builder

    • address

      public ConfigureK8s.Request address(String address)
      Host string, host:port pair, or URL to the base of the Kubernetes API server. Required.
      Parameters:
      address - k8s API server address
      Returns:
      updated request

    • k8sCaCert

      public ConfigureK8s.Request k8sCaCert(String caCertPem)
      PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API. NOTE: Every line must end with a newline.
      Parameters:
      caCertPem - certification authority certificate, available at /var/run/secrets/kubernetes.io/serviceaccount/ca.crt when running in a pod
      Returns:
      updated request

    • tokenReviewerJwt

      public ConfigureK8s.Request tokenReviewerJwt(String token)
      A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set, the JWT submitted in the login payload will be used to access the Kubernetes TokenReview API.
      Parameters:
      token - token to use
      Returns:
      updated request

    • addPemKey

      public ConfigureK8s.Request addPemKey(String pemKey)
      Add PEM formatted public key or certificate used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
      Parameters:
      pemKey - pem encoded key to add
      Returns:
      updated request

    • issuer

      public ConfigureK8s.Request issuer(String issuer)
      Optional JWT issuer. If no issuer is specified, then this plugin will use kubernetes/serviceaccount as the default issuer.
      Parameters:
      issuer - issuer of tokens when validating the issuer
      Returns:
      updated request

    • disableIssuerValidation

      public ConfigureK8s.Request disableIssuerValidation(boolean disable)
      Disable JWT issuer validation. Allows to skip ISS validation.
      Parameters:
      disable - whether to disable issuer validation
      Returns:
      updated request

    • disableLocalCaJwt

      public ConfigureK8s.Request disableLocalCaJwt(boolean disable)
      Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod.
      Parameters:
      disable - whether to disable using local CA cert and service account
      Returns:
      updated request