Package io.envoyproxy.envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3

Class Config.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderT>
com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>
io.envoyproxy.envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3.Config.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, ConfigOrBuilder, Cloneable
Enclosing class:
Config
public static final class Config.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder> implements ConfigOrBuilder
 Fetches the secret on-demand while allowing the parent cluster or listener to accept connections
 without warming. During the handshake, a secret name is derived from the peer hello message, an
 SDS resource request starts, and the handshake is paused. Once an SDS response is received with a
 resource, the handshake is resumed with the provided certificate. If the SDS server indicates the
 resource removal, the handshake is failed, and the SDS subscription to the resource is stopped.

 Similar to the regular SDS, the certificate is configured using the outer common TLS context,
 e.g. by setting the FIPS compliance policy on the loaded certificate.
Protobuf type envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3.Config

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • clear

      public Config.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • getDefaultInstanceForType

      public Config getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public Config build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public Config buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public Config.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • setField

      public Config.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • clearField

      public Config.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • clearOneof

      public Config.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • setRepeatedField

      public Config.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • addRepeatedField

      public Config.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • mergeFrom

      public Config.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Config.Builder>

    • mergeFrom

      public Config.Builder mergeFrom(Config other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • mergeFrom

      public Config.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Config.Builder>
      Throws:
      IOException

    • hasConfigSource

      public boolean hasConfigSource()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      hasConfigSource in interface ConfigOrBuilder
      Returns:
      Whether the configSource field is set.

    • getConfigSource

      public ConfigSource getConfigSource()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      getConfigSource in interface ConfigOrBuilder
      Returns:
      The configSource.

    • setConfigSource

      public Config.Builder setConfigSource(ConfigSource value)
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }

    • setConfigSource

      public Config.Builder setConfigSource(ConfigSource.Builder builderForValue)
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }

    • mergeConfigSource

      public Config.Builder mergeConfigSource(ConfigSource value)
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }

    • clearConfigSource

      public Config.Builder clearConfigSource()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }

    • getConfigSourceBuilder

      public ConfigSource.Builder getConfigSourceBuilder()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }

    • getConfigSourceOrBuilder

      public ConfigSourceOrBuilder getConfigSourceOrBuilder()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      getConfigSourceOrBuilder in interface ConfigOrBuilder

    • hasCertificateMapper

      public boolean hasCertificateMapper()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      hasCertificateMapper in interface ConfigOrBuilder
      Returns:
      Whether the certificateMapper field is set.

    • getCertificateMapper

      public TypedExtensionConfig getCertificateMapper()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      getCertificateMapper in interface ConfigOrBuilder
      Returns:
      The certificateMapper.

    • setCertificateMapper

      public Config.Builder setCertificateMapper(TypedExtensionConfig value)
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }

    • setCertificateMapper

      public Config.Builder setCertificateMapper(TypedExtensionConfig.Builder builderForValue)
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }

    • mergeCertificateMapper

      public Config.Builder mergeCertificateMapper(TypedExtensionConfig value)
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }

    • clearCertificateMapper

      public Config.Builder clearCertificateMapper()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }

    • getCertificateMapperBuilder

      public TypedExtensionConfig.Builder getCertificateMapperBuilder()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }

    • getCertificateMapperOrBuilder

      public TypedExtensionConfigOrBuilder getCertificateMapperOrBuilder()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      getCertificateMapperOrBuilder in interface ConfigOrBuilder

    • getPrefetchSecretNamesList

      public com.google.protobuf.ProtocolStringList getPrefetchSecretNamesList()
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesList in interface ConfigOrBuilder
      Returns:
      A list containing the prefetchSecretNames.

    • getPrefetchSecretNamesCount

      public int getPrefetchSecretNamesCount()
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesCount in interface ConfigOrBuilder
      Returns:
      The count of prefetchSecretNames.

    • getPrefetchSecretNames

      public String getPrefetchSecretNames(int index)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNames in interface ConfigOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The prefetchSecretNames at the given index.

    • getPrefetchSecretNamesBytes

      public com.google.protobuf.ByteString getPrefetchSecretNamesBytes(int index)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesBytes in interface ConfigOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the prefetchSecretNames at the given index.

    • setPrefetchSecretNames

      public Config.Builder setPrefetchSecretNames(int index, String value)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Parameters:
      index - The index to set the value at.
      value - The prefetchSecretNames to set.
      Returns:
      This builder for chaining.

    • addPrefetchSecretNames

      public Config.Builder addPrefetchSecretNames(String value)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Parameters:
      value - The prefetchSecretNames to add.
      Returns:
      This builder for chaining.

    • addAllPrefetchSecretNames

      public Config.Builder addAllPrefetchSecretNames(Iterable<String> values)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Parameters:
      values - The prefetchSecretNames to add.
      Returns:
      This builder for chaining.

    • clearPrefetchSecretNames

      public Config.Builder clearPrefetchSecretNames()
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Returns:
      This builder for chaining.

    • addPrefetchSecretNamesBytes

      public Config.Builder addPrefetchSecretNamesBytes(com.google.protobuf.ByteString value)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Parameters:
      value - The bytes of the prefetchSecretNames to add.
      Returns:
      This builder for chaining.

    • setUnknownFields

      public final Config.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>

    • mergeUnknownFields

      public final Config.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Config.Builder>