Package io.envoyproxy.envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3

Class Config

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessageV3
io.envoyproxy.envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3.Config
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, ConfigOrBuilder, Serializable
public final class Config extends com.google.protobuf.GeneratedMessageV3 implements ConfigOrBuilder
 Fetches the secret on-demand while allowing the parent cluster or listener to accept connections
 without warming. During the handshake, a secret name is derived from the peer hello message, an
 SDS resource request starts, and the handshake is paused. Once an SDS response is received with a
 resource, the handshake is resumed with the provided certificate. If the SDS server indicates the
 resource removal, the handshake is failed, and the SDS subscription to the resource is stopped.

 Similar to the regular SDS, the certificate is configured using the outer common TLS context,
 e.g. by setting the FIPS compliance policy on the loaded certificate.
Protobuf type envoy.extensions.transport_sockets.tls.cert_selectors.on_demand_secret.v3.Config
See Also:

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static final class 
    Config.Builder
    Fetches the secret on-demand while allowing the parent cluster or listener to accept connections without warming.

    Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3

    com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>,BuilderT extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT,BuilderT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter

    Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

    com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    CERTIFICATE_MAPPER_FIELD_NUMBER
     
    static final int
    CONFIG_SOURCE_FIELD_NUMBER
     
    static final int
    PREFETCH_SECRET_NAMES_FIELD_NUMBER
     

    Fields inherited from class com.google.protobuf.GeneratedMessageV3

    alwaysUseFieldBuilders, unknownFields

    Fields inherited from class com.google.protobuf.AbstractMessage

    memoizedSize

    Fields inherited from class com.google.protobuf.AbstractMessageLite

    memoizedHashCode

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    equals(Object obj)
     
    TypedExtensionConfig
    getCertificateMapper()
    Extension point to specify a function to compute the secret name.
    TypedExtensionConfigOrBuilder
    getCertificateMapperOrBuilder()
    Extension point to specify a function to compute the secret name.
    ConfigSource
    getConfigSource()
    Defines the configuration source of the secrets.
    ConfigSourceOrBuilder
    getConfigSourceOrBuilder()
    Defines the configuration source of the secrets.
    static Config
    getDefaultInstance()
     
    Config
    getDefaultInstanceForType()
     
    static final com.google.protobuf.Descriptors.Descriptor
    getDescriptor()
     
    com.google.protobuf.Parser<Config>
    getParserForType()
     
    String
    getPrefetchSecretNames(int index)
    A list of secret resource names to start fetching on configuration load (prior to receiving any requests).
    com.google.protobuf.ByteString
    getPrefetchSecretNamesBytes(int index)
    A list of secret resource names to start fetching on configuration load (prior to receiving any requests).
    int
    getPrefetchSecretNamesCount()
    A list of secret resource names to start fetching on configuration load (prior to receiving any requests).
    com.google.protobuf.ProtocolStringList
    getPrefetchSecretNamesList()
    A list of secret resource names to start fetching on configuration load (prior to receiving any requests).
    int
    getSerializedSize()
     
    boolean
    hasCertificateMapper()
    Extension point to specify a function to compute the secret name.
    boolean
    hasConfigSource()
    Defines the configuration source of the secrets.
    int
    hashCode()
     
    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
    internalGetFieldAccessorTable()
     
    final boolean
    isInitialized()
     
    static Config.Builder
    newBuilder()
     
    static Config.Builder
    newBuilder(Config prototype)
     
    Config.Builder
    newBuilderForType()
     
    protected Config.Builder
    newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
     
    protected Object
    newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
     
    static Config
    parseDelimitedFrom(InputStream input)
     
    static Config
    parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static Config
    parseFrom(byte[] data)
     
    static Config
    parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static Config
    parseFrom(com.google.protobuf.ByteString data)
     
    static Config
    parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static Config
    parseFrom(com.google.protobuf.CodedInputStream input)
     
    static Config
    parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static Config
    parseFrom(InputStream input)
     
    static Config
    parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static Config
    parseFrom(ByteBuffer data)
     
    static Config
    parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static com.google.protobuf.Parser<Config>
    parser()
     
    Config.Builder
    toBuilder()
     
    void
    writeTo(com.google.protobuf.CodedOutputStream output)
     

    Methods inherited from class com.google.protobuf.GeneratedMessageV3

    canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, isStringEmpty, makeExtensionsImmutable, makeMutableCopy, makeMutableCopy, mergeFromAndMakeImmutableInternal, mutableCopy, mutableCopy, mutableCopy, mutableCopy, mutableCopy, newBooleanList, newBuilderForType, newDoubleList, newFloatList, newIntList, newLongList, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag

    Methods inherited from class com.google.protobuf.AbstractMessage

    findInitializationErrors, getInitializationErrorString, hashBoolean, hashEnum, hashEnumList, hashFields, hashLong, toString

    Methods inherited from class com.google.protobuf.AbstractMessageLite

    addAll, addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface com.google.protobuf.MessageLite

    toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Field Details

    • CONFIG_SOURCE_FIELD_NUMBER

      public static final int CONFIG_SOURCE_FIELD_NUMBER
      See Also:

    • CERTIFICATE_MAPPER_FIELD_NUMBER

      public static final int CERTIFICATE_MAPPER_FIELD_NUMBER
      See Also:

    • PREFETCH_SECRET_NAMES_FIELD_NUMBER

      public static final int PREFETCH_SECRET_NAMES_FIELD_NUMBER
      See Also:

  • Method Details

    • newInstance

      protected Object newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
      Overrides:
      newInstance in class com.google.protobuf.GeneratedMessageV3

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

    • hasConfigSource

      public boolean hasConfigSource()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      hasConfigSource in interface ConfigOrBuilder
      Returns:
      Whether the configSource field is set.

    • getConfigSource

      public ConfigSource getConfigSource()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      getConfigSource in interface ConfigOrBuilder
      Returns:
      The configSource.

    • getConfigSourceOrBuilder

      public ConfigSourceOrBuilder getConfigSourceOrBuilder()
       Defines the configuration source of the secrets.
      .envoy.config.core.v3.ConfigSource config_source = 1 [(.validate.rules) = { ... }
      Specified by:
      getConfigSourceOrBuilder in interface ConfigOrBuilder

    • hasCertificateMapper

      public boolean hasCertificateMapper()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      hasCertificateMapper in interface ConfigOrBuilder
      Returns:
      Whether the certificateMapper field is set.

    • getCertificateMapper

      public TypedExtensionConfig getCertificateMapper()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      getCertificateMapper in interface ConfigOrBuilder
      Returns:
      The certificateMapper.

    • getCertificateMapperOrBuilder

      public TypedExtensionConfigOrBuilder getCertificateMapperOrBuilder()
       Extension point to specify a function to compute the secret name. The extension is called
 during the TLS handshake after receiving the "CLIENT HELLO" message from the client.
 [#extension-category: envoy.tls.certificate_mappers]
      .envoy.config.core.v3.TypedExtensionConfig certificate_mapper = 2 [(.validate.rules) = { ... }
      Specified by:
      getCertificateMapperOrBuilder in interface ConfigOrBuilder

    • getPrefetchSecretNamesList

      public com.google.protobuf.ProtocolStringList getPrefetchSecretNamesList()
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesList in interface ConfigOrBuilder
      Returns:
      A list containing the prefetchSecretNames.

    • getPrefetchSecretNamesCount

      public int getPrefetchSecretNamesCount()
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesCount in interface ConfigOrBuilder
      Returns:
      The count of prefetchSecretNames.

    • getPrefetchSecretNames

      public String getPrefetchSecretNames(int index)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNames in interface ConfigOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The prefetchSecretNames at the given index.

    • getPrefetchSecretNamesBytes

      public com.google.protobuf.ByteString getPrefetchSecretNamesBytes(int index)
       A list of secret resource names to start fetching on configuration load (prior to receiving any
 requests). The parent resource initializes immediately without waiting for the fetch to
 complete.
      repeated string prefetch_secret_names = 3;
      Specified by:
      getPrefetchSecretNamesBytes in interface ConfigOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the prefetchSecretNames at the given index.

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessageV3
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessageV3

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static Config parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static Config parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static Config parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static Config parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static Config parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static Config parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static Config parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public Config.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static Config.Builder newBuilder()

    • newBuilder

      public static Config.Builder newBuilder(Config prototype)

    • toBuilder

      public Config.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected Config.Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
      Specified by:
      newBuilderForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstance

      public static Config getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<Config> parser()

    • getParserForType

      public com.google.protobuf.Parser<Config> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstanceForType

      public Config getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder