From 7fd3dec1f2f9b6ff53d6ee9d3eb4dd7b9dc8f5a7 Mon Sep 17 00:00:00 2001 From: Shabir Mohamed Abdul Samadh <7249208+Shabirmean@users.noreply.github.com> Date: Wed, 19 May 2021 20:59:23 -0400 Subject: [PATCH 01/15] chore: move Makefile to repo root (#100) --- .repo-metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.repo-metadata.json b/.repo-metadata.json index 076eedc0..d13091b2 100644 --- a/.repo-metadata.json +++ b/.repo-metadata.json @@ -10,5 +10,6 @@ "repo": "googleapis/python-container", "distribution_name": "google-cloud-container", "api_id": "container.googleapis.com", + "codeowner_team": "@googleapis/cicd", "requires_billing": true -} \ No newline at end of file +} From b2f70749986023b2d90b185759fe7265b7d6a6dc Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Sat, 22 May 2021 09:36:06 +0000 Subject: [PATCH 02/15] chore: new owl bot post processor docker image (#102) gcr.io/repo-automation-bots/owlbot-python:latest@sha256:3c3a445b3ddc99ccd5d31edc4b4519729635d20693900db32c4f587ed51f7479 --- .github/.OwlBot.lock.yaml | 2 +- noxfile.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 864c1765..46e3f021 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:4c981a6b6f2b8914a448d7b3a01688365be03e3ed26dfee399a6aa77fb112eaa + digest: sha256:3c3a445b3ddc99ccd5d31edc4b4519729635d20693900db32c4f587ed51f7479 diff --git a/noxfile.py b/noxfile.py index f88eb87a..c5c5edba 100644 --- a/noxfile.py +++ b/noxfile.py @@ -179,7 +179,7 @@ def docs(session): """Build the docs for this library.""" session.install("-e", ".") - session.install("sphinx<3.0.0", "alabaster", "recommonmark") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) session.run( @@ -202,7 +202,7 @@ def docfx(session): session.install("-e", ".") session.install( - "sphinx<3.0.0", "alabaster", "recommonmark", "gcp-sphinx-docfx-yaml" + "sphinx==4.0.1", "alabaster", "recommonmark", "gcp-sphinx-docfx-yaml" ) shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) From aa2a9ccb862bbac91f8cf73766a23427104d1e91 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 25 May 2021 10:14:10 -0400 Subject: [PATCH 03/15] chore: new owl bot post processor docker image (#103) gcr.io/repo-automation-bots/owlbot-python:latest@sha256:0856ca711da1fd5ec9d6d7da6c50aa0bbf550fb94acb47b55159a640791987bf Co-authored-by: Owl Bot --- .github/.OwlBot.lock.yaml | 2 +- docs/multiprocessing.rst | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 46e3f021..127c2cdf 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:3c3a445b3ddc99ccd5d31edc4b4519729635d20693900db32c4f587ed51f7479 + digest: sha256:0856ca711da1fd5ec9d6d7da6c50aa0bbf550fb94acb47b55159a640791987bf diff --git a/docs/multiprocessing.rst b/docs/multiprocessing.rst index 1cb29d4c..536d17b2 100644 --- a/docs/multiprocessing.rst +++ b/docs/multiprocessing.rst @@ -1,7 +1,7 @@ .. note:: - Because this client uses :mod:`grpcio` library, it is safe to + Because this client uses :mod:`grpc` library, it is safe to share instances across threads. In multiprocessing scenarios, the best practice is to create client instances *after* the invocation of - :func:`os.fork` by :class:`multiprocessing.Pool` or + :func:`os.fork` by :class:`multiprocessing.pool.Pool` or :class:`multiprocessing.Process`. From 39c5b067fcc1443a1fd3a8482759e0f76cb245ff Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Tue, 25 May 2021 11:08:02 -0400 Subject: [PATCH 04/15] chore: delete unused protos (#101) --- google/cloud/container_v1/proto/__init__.py | 0 .../container_v1/proto/cluster_service.proto | 3352 -------------- .../cloud/container_v1beta1/proto/__init__.py | 0 .../proto/cluster_service.proto | 4077 ----------------- 4 files changed, 7429 deletions(-) delete mode 100644 google/cloud/container_v1/proto/__init__.py delete mode 100644 google/cloud/container_v1/proto/cluster_service.proto delete mode 100644 google/cloud/container_v1beta1/proto/__init__.py delete mode 100644 google/cloud/container_v1beta1/proto/cluster_service.proto diff --git a/google/cloud/container_v1/proto/__init__.py b/google/cloud/container_v1/proto/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/google/cloud/container_v1/proto/cluster_service.proto b/google/cloud/container_v1/proto/cluster_service.proto deleted file mode 100644 index 040173ec..00000000 --- a/google/cloud/container_v1/proto/cluster_service.proto +++ /dev/null @@ -1,3352 +0,0 @@ -// Copyright 2020 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.container.v1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/protobuf/empty.proto"; -import "google/protobuf/timestamp.proto"; - -option csharp_namespace = "Google.Cloud.Container.V1"; -option go_package = "google.golang.org/genproto/googleapis/container/v1;container"; -option java_multiple_files = true; -option java_outer_classname = "ClusterServiceProto"; -option java_package = "com.google.container.v1"; -option php_namespace = "Google\\Cloud\\Container\\V1"; -option ruby_package = "Google::Cloud::Container::V1"; - -// Google Kubernetes Engine Cluster Manager v1 -service ClusterManager { - option (google.api.default_host) = "container.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // Lists all clusters owned by a project in either the specified zone or all - // zones. - rpc ListClusters(ListClustersRequest) returns (ListClustersResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*}/clusters" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/clusters" - } - }; - option (google.api.method_signature) = "project_id,zone"; - option (google.api.method_signature) = "parent"; - } - - // Gets the details of a specific cluster. - rpc GetCluster(GetClusterRequest) returns (Cluster) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/clusters/*}" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - option (google.api.method_signature) = "name"; - } - - // Creates a cluster, consisting of the specified number and type of Google - // Compute Engine instances. - // - // By default, the cluster is created in the project's - // [default - // network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). - // - // One firewall is added for the cluster. After cluster creation, - // the Kubelet creates routes for each node to allow the containers - // on that node to communicate with all other instances in the - // cluster. - // - // Finally, an entry is added to the project's global metadata indicating - // which CIDR range the cluster is using. - rpc CreateCluster(CreateClusterRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*}/clusters" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster"; - option (google.api.method_signature) = "parent,cluster"; - } - - // Updates the settings of a specific cluster. - rpc UpdateCluster(UpdateClusterRequest) returns (Operation) { - option (google.api.http) = { - put: "/v1/{name=projects/*/locations/*/clusters/*}" - body: "*" - additional_bindings { - put: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,update"; - option (google.api.method_signature) = "name,update"; - } - - // Updates the version and/or image type for the specified node pool. - rpc UpdateNodePool(UpdateNodePoolRequest) returns (Operation) { - option (google.api.http) = { - put: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/update" - body: "*" - } - }; - } - - // Sets the autoscaling settings for the specified node pool. - rpc SetNodePoolAutoscaling(SetNodePoolAutoscalingRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setAutoscaling" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/autoscaling" - body: "*" - } - }; - } - - // Sets the logging service for a specific cluster. - rpc SetLoggingService(SetLoggingServiceRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setLogging" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/logging" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,logging_service"; - option (google.api.method_signature) = "name,logging_service"; - } - - // Sets the monitoring service for a specific cluster. - rpc SetMonitoringService(SetMonitoringServiceRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setMonitoring" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/monitoring" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,monitoring_service"; - option (google.api.method_signature) = "name,monitoring_service"; - } - - // Sets the addons for a specific cluster. - rpc SetAddonsConfig(SetAddonsConfigRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setAddons" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/addons" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,addons_config"; - option (google.api.method_signature) = "name,addons_config"; - } - - // Sets the locations for a specific cluster. - // Deprecated. Use - // [projects.locations.clusters.update](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update) - // instead. - rpc SetLocations(SetLocationsRequest) returns (Operation) { - option deprecated = true; - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setLocations" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/locations" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,locations"; - option (google.api.method_signature) = "name,locations"; - } - - // Updates the master for a specific cluster. - rpc UpdateMaster(UpdateMasterRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:updateMaster" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/master" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,master_version"; - option (google.api.method_signature) = "name,master_version"; - } - - // Sets master auth materials. Currently supports changing the admin password - // or a specific cluster, either via password generation or explicitly setting - // the password. - rpc SetMasterAuth(SetMasterAuthRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setMasterAuth" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMasterAuth" - body: "*" - } - }; - } - - // Deletes the cluster, including the Kubernetes endpoint and all worker - // nodes. - // - // Firewalls and routes that were configured during cluster creation - // are also deleted. - // - // Other Google Compute Engine resources that might be in use by the cluster, - // such as load balancer resources, are not deleted if they weren't present - // when the cluster was initially created. - rpc DeleteCluster(DeleteClusterRequest) returns (Operation) { - option (google.api.http) = { - delete: "/v1/{name=projects/*/locations/*/clusters/*}" - additional_bindings { - delete: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - option (google.api.method_signature) = "name"; - } - - // Lists all operations in a project in a specific zone or all zones. - rpc ListOperations(ListOperationsRequest) returns (ListOperationsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*}/operations" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/operations" - } - }; - option (google.api.method_signature) = "project_id,zone"; - } - - // Gets the specified operation. - rpc GetOperation(GetOperationRequest) returns (Operation) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/operations/*}" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/operations/{operation_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,operation_id"; - option (google.api.method_signature) = "name"; - } - - // Cancels the specified operation. - rpc CancelOperation(CancelOperationRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/operations/*}:cancel" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/operations/{operation_id}:cancel" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,operation_id"; - option (google.api.method_signature) = "name"; - } - - // Returns configuration info about the Google Kubernetes Engine service. - rpc GetServerConfig(GetServerConfigRequest) returns (ServerConfig) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*}/serverConfig" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/serverconfig" - } - }; - option (google.api.method_signature) = "project_id,zone"; - option (google.api.method_signature) = "name"; - } - - // Gets the public component of the cluster signing keys in - // JSON Web Key format. - // This API is not yet intended for general use, and is not available for all - // clusters. - rpc GetJSONWebKeys(GetJSONWebKeysRequest) returns (GetJSONWebKeysResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*/clusters/*}/jwks" - }; - } - - // Lists the node pools for a cluster. - rpc ListNodePools(ListNodePoolsRequest) returns (ListNodePoolsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*/clusters/*}/nodePools" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - option (google.api.method_signature) = "parent"; - } - - // Retrieves the requested node pool. - rpc GetNodePool(GetNodePoolRequest) returns (NodePool) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - additional_bindings { - get: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - option (google.api.method_signature) = "name"; - } - - // Creates a node pool for a cluster. - rpc CreateNodePool(CreateNodePoolRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*/clusters/*}/nodePools" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool"; - option (google.api.method_signature) = "parent,node_pool"; - } - - // Deletes a node pool from a cluster. - rpc DeleteNodePool(DeleteNodePoolRequest) returns (Operation) { - option (google.api.http) = { - delete: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - additional_bindings { - delete: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - option (google.api.method_signature) = "name"; - } - - // Rolls back a previously Aborted or Failed NodePool upgrade. - // This makes no changes if the last upgrade successfully completed. - rpc RollbackNodePoolUpgrade(RollbackNodePoolUpgradeRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:rollback" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}:rollback" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - option (google.api.method_signature) = "name"; - } - - // Sets the NodeManagement options for a node pool. - rpc SetNodePoolManagement(SetNodePoolManagementRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setManagement" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setManagement" - body: "*" - } - }; - } - - // Sets labels on a cluster. - rpc SetLabels(SetLabelsRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setResourceLabels" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/resourceLabels" - body: "*" - } - }; - } - - // Enables or disables the ABAC authorization mechanism on a cluster. - rpc SetLegacyAbac(SetLegacyAbacRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setLegacyAbac" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/legacyAbac" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,enabled"; - option (google.api.method_signature) = "name,enabled"; - } - - // Starts master IP rotation. - rpc StartIPRotation(StartIPRotationRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:startIpRotation" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:startIpRotation" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - option (google.api.method_signature) = "name"; - } - - // Completes master IP rotation. - rpc CompleteIPRotation(CompleteIPRotationRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:completeIpRotation" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:completeIpRotation" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - option (google.api.method_signature) = "name"; - } - - // Sets the size for a specific node pool. - rpc SetNodePoolSize(SetNodePoolSizeRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setSize" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setSize" - body: "*" - } - }; - } - - // Enables or disables Network Policy for a cluster. - rpc SetNetworkPolicy(SetNetworkPolicyRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setNetworkPolicy" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setNetworkPolicy" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,network_policy"; - option (google.api.method_signature) = "name,network_policy"; - } - - // Sets the maintenance policy for a cluster. - rpc SetMaintenancePolicy(SetMaintenancePolicyRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/clusters/*}:setMaintenancePolicy" - body: "*" - additional_bindings { - post: "/v1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMaintenancePolicy" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,maintenance_policy"; - option (google.api.method_signature) = "name,maintenance_policy"; - } - - // Lists subnetworks that are usable for creating clusters in a project. - rpc ListUsableSubnetworks(ListUsableSubnetworksRequest) returns (ListUsableSubnetworksResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*}/aggregated/usableSubnetworks" - }; - } -} - -// Parameters that describe the nodes in a cluster. -message NodeConfig { - // The name of a Google Compute Engine [machine - // type](https://cloud.google.com/compute/docs/machine-types) - // - // If unspecified, the default machine type is `e2-medium`. - string machine_type = 1; - - // Size of the disk attached to each node, specified in GB. - // The smallest allowed disk size is 10GB. - // - // If unspecified, the default disk size is 100GB. - int32 disk_size_gb = 2; - - // The set of Google API scopes to be made available on all of the - // node VMs under the "default" service account. - // - // The following scopes are recommended, but not required, and by default are - // not included: - // - // * `https://www.googleapis.com/auth/compute` is required for mounting - // persistent storage on your nodes. - // * `https://www.googleapis.com/auth/devstorage.read_only` is required for - // communicating with **gcr.io** - // (the [Google Container - // Registry](https://cloud.google.com/container-registry/)). - // - // If unspecified, no scopes are added, unless Cloud Logging or Cloud - // Monitoring are enabled, in which case their required scopes will be added. - repeated string oauth_scopes = 3; - - // The Google Cloud Platform Service Account to be used by the node VMs. - // Specify the email address of the Service Account; otherwise, if no Service - // Account is specified, the "default" service account is used. - string service_account = 9; - - // The metadata key/value pairs assigned to instances in the cluster. - // - // Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes - // in length. These are reflected as part of a URL in the metadata server. - // Additionally, to avoid ambiguity, keys must not conflict with any other - // metadata keys for the project or be one of the reserved keys: - // - "cluster-location" - // - "cluster-name" - // - "cluster-uid" - // - "configure-sh" - // - "containerd-configure-sh" - // - "enable-os-login" - // - "gci-ensure-gke-docker" - // - "gci-metrics-enabled" - // - "gci-update-strategy" - // - "instance-template" - // - "kube-env" - // - "startup-script" - // - "user-data" - // - "disable-address-manager" - // - "windows-startup-script-ps1" - // - "common-psm1" - // - "k8s-node-setup-psm1" - // - "install-ssh-psm1" - // - "user-profile-psm1" - // - // The following keys are reserved for Windows nodes: - // - "serial-port-logging-enable" - // - // Values are free-form strings, and only have meaning as interpreted by - // the image running in the instance. The only restriction placed on them is - // that each value's size must be less than or equal to 32 KB. - // - // The total size of all keys and values must be less than 512 KB. - map metadata = 4; - - // The image type to use for this node. Note that for a given image type, - // the latest version of it will be used. - string image_type = 5; - - // The map of Kubernetes labels (key/value pairs) to be applied to each node. - // These will added in addition to any default label(s) that - // Kubernetes may apply to the node. - // In case of conflict in label keys, the applied set may differ depending on - // the Kubernetes version -- it's best to assume the behavior is undefined - // and conflicts should be avoided. - // For more information, including usage and the valid values, see: - // https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - map labels = 6; - - // The number of local SSD disks to be attached to the node. - // - // The limit for this value is dependent upon the maximum number of - // disks available on a machine per zone. See: - // https://cloud.google.com/compute/docs/disks/local-ssd - // for more information. - int32 local_ssd_count = 7; - - // The list of instance tags applied to all nodes. Tags are used to identify - // valid sources or targets for network firewalls and are specified by - // the client during cluster or node pool creation. Each tag within the list - // must comply with RFC1035. - repeated string tags = 8; - - // Whether the nodes are created as preemptible VM instances. See: - // https://cloud.google.com/compute/docs/instances/preemptible for more - // information about preemptible VM instances. - bool preemptible = 10; - - // A list of hardware accelerators to be attached to each node. - // See https://cloud.google.com/compute/docs/gpus for more information about - // support for GPUs. - repeated AcceleratorConfig accelerators = 11; - - // Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or - // 'pd-balanced') - // - // If unspecified, the default disk type is 'pd-standard' - string disk_type = 12; - - // Minimum CPU platform to be used by this instance. The instance may be - // scheduled on the specified or newer CPU platform. Applicable values are the - // friendly names of CPU platforms, such as - // `minCpuPlatform: "Intel Haswell"` or - // `minCpuPlatform: "Intel Sandy Bridge"`. For more - // information, read [how to specify min CPU - // platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) - string min_cpu_platform = 13; - - // The workload metadata configuration for this node. - WorkloadMetadataConfig workload_metadata_config = 14; - - // List of kubernetes taints to be applied to each node. - // - // For more information, including usage and the valid values, see: - // https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - repeated NodeTaint taints = 15; - - // Sandbox configuration for this node. - SandboxConfig sandbox_config = 17; - - // Setting this field will assign instances of this - // pool to run on the specified node group. This is useful for running - // workloads on [sole tenant - // nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes). - string node_group = 18; - - // The optional reservation affinity. Setting this field will apply - // the specified [Zonal Compute - // Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) - // to this node pool. - ReservationAffinity reservation_affinity = 19; - - // Shielded Instance options. - ShieldedInstanceConfig shielded_instance_config = 20; - - // - // The Customer Managed Encryption Key used to encrypt the boot disk attached - // to each node in the node pool. This should be of the form - // projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. - // For more information about protecting resources with Cloud KMS Keys please - // see: - // https://cloud.google.com/compute/docs/disks/customer-managed-encryption - string boot_disk_kms_key = 23; -} - -// A set of Shielded Instance options. -message ShieldedInstanceConfig { - // Defines whether the instance has Secure Boot enabled. - // - // Secure Boot helps ensure that the system only runs authentic software by - // verifying the digital signature of all boot components, and halting the - // boot process if signature verification fails. - bool enable_secure_boot = 1; - - // Defines whether the instance has integrity monitoring enabled. - // - // Enables monitoring and attestation of the boot integrity of the instance. - // The attestation is performed against the integrity policy baseline. This - // baseline is initially derived from the implicitly trusted boot image when - // the instance is created. - bool enable_integrity_monitoring = 2; -} - -// SandboxConfig contains configurations of the sandbox to use for the node. -message SandboxConfig { - // Possible types of sandboxes. - enum Type { - // Default value. This should not be used. - UNSPECIFIED = 0; - - // Run sandbox using gvisor. - GVISOR = 1; - } - - // Type of the sandbox to use for the node. - Type type = 2; -} - -// [ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) -// is the configuration of desired reservation which instances could take -// capacity from. -message ReservationAffinity { - // Indicates whether to consume capacity from a reservation or not. - enum Type { - // Default value. This should not be used. - UNSPECIFIED = 0; - - // Do not consume from any reserved capacity. - NO_RESERVATION = 1; - - // Consume any reservation available. - ANY_RESERVATION = 2; - - // Must consume from a specific reservation. Must specify key value fields - // for specifying the reservations. - SPECIFIC_RESERVATION = 3; - } - - // Corresponds to the type of reservation consumption. - Type consume_reservation_type = 1; - - // Corresponds to the label key of a reservation resource. To target a - // SPECIFIC_RESERVATION by name, specify "googleapis.com/reservation-name" as - // the key and specify the name of your reservation as its value. - string key = 2; - - // Corresponds to the label value(s) of reservation resource(s). - repeated string values = 3; -} - -// Kubernetes taint is comprised of three fields: key, value, and effect. Effect -// can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. -// -// See -// [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) -// for more information, including usage and the valid values. -message NodeTaint { - // Possible values for Effect in taint. - enum Effect { - // Not set - EFFECT_UNSPECIFIED = 0; - - // NoSchedule - NO_SCHEDULE = 1; - - // PreferNoSchedule - PREFER_NO_SCHEDULE = 2; - - // NoExecute - NO_EXECUTE = 3; - } - - // Key for taint. - string key = 1; - - // Value for taint. - string value = 2; - - // Effect for taint. - Effect effect = 3; -} - -// The authentication information for accessing the master endpoint. -// Authentication can be done using HTTP basic auth or using client -// certificates. -message MasterAuth { - // The username to use for HTTP basic authentication to the master endpoint. - // For clusters v1.6.0 and later, basic authentication can be disabled by - // leaving username unspecified (or setting it to the empty string). - // - // Warning: basic authentication is deprecated, and will be removed in GKE - // control plane versions 1.19 and newer. For a list of recommended - // authentication methods, see: - // https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication - string username = 1 [deprecated = true]; - - // The password to use for HTTP basic authentication to the master endpoint. - // Because the master endpoint is open to the Internet, you should create a - // strong password. If a password is provided for cluster creation, username - // must be non-empty. - // - // Warning: basic authentication is deprecated, and will be removed in GKE - // control plane versions 1.19 and newer. For a list of recommended - // authentication methods, see: - // https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication - string password = 2 [deprecated = true]; - - // Configuration for client certificate authentication on the cluster. For - // clusters before v1.12, if no configuration is specified, a client - // certificate is issued. - ClientCertificateConfig client_certificate_config = 3; - - // [Output only] Base64-encoded public certificate that is the root of - // trust for the cluster. - string cluster_ca_certificate = 100; - - // [Output only] Base64-encoded public certificate used by clients to - // authenticate to the cluster endpoint. - string client_certificate = 101; - - // [Output only] Base64-encoded private key used by clients to authenticate - // to the cluster endpoint. - string client_key = 102; -} - -// Configuration for client certificates on the cluster. -message ClientCertificateConfig { - // Issue a client certificate. - bool issue_client_certificate = 1; -} - -// Configuration for the addons that can be automatically spun up in the -// cluster, enabling additional functionality. -message AddonsConfig { - // Configuration for the HTTP (L7) load balancing controller addon, which - // makes it easy to set up HTTP load balancers for services in a cluster. - HttpLoadBalancing http_load_balancing = 1; - - // Configuration for the horizontal pod autoscaling feature, which - // increases or decreases the number of replica pods a replication controller - // has based on the resource usage of the existing pods. - HorizontalPodAutoscaling horizontal_pod_autoscaling = 2; - - // Configuration for the Kubernetes Dashboard. - // This addon is deprecated, and will be disabled in 1.15. It is recommended - // to use the Cloud Console to manage and monitor your Kubernetes clusters, - // workloads and applications. For more information, see: - // https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards - KubernetesDashboard kubernetes_dashboard = 3 [deprecated = true]; - - // Configuration for NetworkPolicy. This only tracks whether the addon - // is enabled or not on the Master, it does not track whether network policy - // is enabled for the nodes. - NetworkPolicyConfig network_policy_config = 4; - - // Configuration for the Cloud Run addon, which allows the user to use a - // managed Knative service. - CloudRunConfig cloud_run_config = 7; - - // Configuration for NodeLocalDNS, a dns cache running on cluster nodes - DnsCacheConfig dns_cache_config = 8; - - // Configuration for the ConfigConnector add-on, a Kubernetes - // extension to manage hosted GCP services through the Kubernetes API - ConfigConnectorConfig config_connector_config = 10; -} - -// Configuration options for the HTTP (L7) load balancing controller addon, -// which makes it easy to set up HTTP load balancers for services in a cluster. -message HttpLoadBalancing { - // Whether the HTTP Load Balancing controller is enabled in the cluster. - // When enabled, it runs a small pod in the cluster that manages the load - // balancers. - bool disabled = 1; -} - -// Configuration options for the horizontal pod autoscaling feature, which -// increases or decreases the number of replica pods a replication controller -// has based on the resource usage of the existing pods. -message HorizontalPodAutoscaling { - // Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. - // When enabled, it ensures that metrics are collected into Stackdriver - // Monitoring. - bool disabled = 1; -} - -// Configuration for the Kubernetes Dashboard. -message KubernetesDashboard { - // Whether the Kubernetes Dashboard is enabled for this cluster. - bool disabled = 1; -} - -// Configuration for NetworkPolicy. This only tracks whether the addon -// is enabled or not on the Master, it does not track whether network policy -// is enabled for the nodes. -message NetworkPolicyConfig { - // Whether NetworkPolicy is enabled for this cluster. - bool disabled = 1; -} - -// Configuration for NodeLocal DNSCache -message DnsCacheConfig { - // Whether NodeLocal DNSCache is enabled for this cluster. - bool enabled = 1; -} - -// Configuration for controlling master global access settings. -message PrivateClusterMasterGlobalAccessConfig { - // Whenever master is accessible globally or not. - bool enabled = 1; -} - -// Configuration options for private clusters. -message PrivateClusterConfig { - // Whether nodes have internal IP addresses only. If enabled, all nodes are - // given only RFC 1918 private addresses and communicate with the master via - // private networking. - bool enable_private_nodes = 1; - - // Whether the master's internal IP address is used as the cluster endpoint. - bool enable_private_endpoint = 2; - - // The IP range in CIDR notation to use for the hosted master network. This - // range will be used for assigning internal IP addresses to the master or - // set of masters, as well as the ILB VIP. This range must not overlap with - // any other ranges in use within the cluster's network. - string master_ipv4_cidr_block = 3; - - // Output only. The internal IP address of this cluster's master endpoint. - string private_endpoint = 4; - - // Output only. The external IP address of this cluster's master endpoint. - string public_endpoint = 5; - - // Output only. The peering name in the customer VPC used by this cluster. - string peering_name = 7; - - // Controls master global access settings. - PrivateClusterMasterGlobalAccessConfig master_global_access_config = 8; -} - -// Configuration for returning group information from authenticators. -message AuthenticatorGroupsConfig { - // Whether this cluster should return group membership lookups - // during authentication using a group of security groups. - bool enabled = 1; - - // The name of the security group-of-groups to be used. Only relevant - // if enabled = true. - string security_group = 2; -} - -// Configuration options for the Cloud Run feature. -message CloudRunConfig { - // Load balancer type of ingress service of Cloud Run. - enum LoadBalancerType { - // Load balancer type for Cloud Run is unspecified. - LOAD_BALANCER_TYPE_UNSPECIFIED = 0; - - // Install external load balancer for Cloud Run. - LOAD_BALANCER_TYPE_EXTERNAL = 1; - - // Install internal load balancer for Cloud Run. - LOAD_BALANCER_TYPE_INTERNAL = 2; - } - - // Whether Cloud Run addon is enabled for this cluster. - bool disabled = 1; - - // Which load balancer type is installed for Cloud Run. - LoadBalancerType load_balancer_type = 3; -} - -// Configuration options for the Config Connector add-on. -message ConfigConnectorConfig { - // Whether Cloud Connector is enabled for this cluster. - bool enabled = 1; -} - -// Configuration options for the master authorized networks feature. Enabled -// master authorized networks will disallow all external traffic to access -// Kubernetes master through HTTPS except traffic from the given CIDR blocks, -// Google Compute Engine Public IPs and Google Prod IPs. -message MasterAuthorizedNetworksConfig { - // CidrBlock contains an optional name and one CIDR block. - message CidrBlock { - // display_name is an optional field for users to identify CIDR blocks. - string display_name = 1; - - // cidr_block must be specified in CIDR notation. - string cidr_block = 2; - } - - // Whether or not master authorized networks is enabled. - bool enabled = 1; - - // cidr_blocks define up to 50 external networks that could access - // Kubernetes master through HTTPS. - repeated CidrBlock cidr_blocks = 2; -} - -// Configuration for the legacy Attribute Based Access Control authorization -// mode. -message LegacyAbac { - // Whether the ABAC authorizer is enabled for this cluster. When enabled, - // identities in the system, including service accounts, nodes, and - // controllers, will have statically granted permissions beyond those - // provided by the RBAC configuration or IAM. - bool enabled = 1; -} - -// Configuration options for the NetworkPolicy feature. -// https://kubernetes.io/docs/concepts/services-networking/networkpolicies/ -message NetworkPolicy { - // Allowed Network Policy providers. - enum Provider { - // Not set - PROVIDER_UNSPECIFIED = 0; - - // Tigera (Calico Felix). - CALICO = 1; - } - - // The selected network policy provider. - Provider provider = 1; - - // Whether network policy is enabled on the cluster. - bool enabled = 2; -} - -// Configuration for Binary Authorization. -message BinaryAuthorization { - // Enable Binary Authorization for this cluster. If enabled, all container - // images will be validated by Binary Authorization. - bool enabled = 1; -} - -// Configuration for controlling how IPs are allocated in the cluster. -message IPAllocationPolicy { - // Whether alias IPs will be used for pod IPs in the cluster. - // This is used in conjunction with use_routes. It cannot - // be true if use_routes is true. If both use_ip_aliases and use_routes are - // false, then the server picks the default IP allocation mode - bool use_ip_aliases = 1; - - // Whether a new subnetwork will be created automatically for the cluster. - // - // This field is only applicable when `use_ip_aliases` is true. - bool create_subnetwork = 2; - - // A custom subnetwork name to be used if `create_subnetwork` is true. If - // this field is empty, then an automatic name will be chosen for the new - // subnetwork. - string subnetwork_name = 3; - - // This field is deprecated, use cluster_ipv4_cidr_block. - string cluster_ipv4_cidr = 4 [deprecated = true]; - - // This field is deprecated, use node_ipv4_cidr_block. - string node_ipv4_cidr = 5 [deprecated = true]; - - // This field is deprecated, use services_ipv4_cidr_block. - string services_ipv4_cidr = 6 [deprecated = true]; - - // The name of the secondary range to be used for the cluster CIDR - // block. The secondary range will be used for pod IP - // addresses. This must be an existing secondary range associated - // with the cluster subnetwork. - // - // This field is only applicable with use_ip_aliases is true and - // create_subnetwork is false. - string cluster_secondary_range_name = 7; - - // The name of the secondary range to be used as for the services - // CIDR block. The secondary range will be used for service - // ClusterIPs. This must be an existing secondary range associated - // with the cluster subnetwork. - // - // This field is only applicable with use_ip_aliases is true and - // create_subnetwork is false. - string services_secondary_range_name = 8; - - // The IP address range for the cluster pod IPs. If this field is set, then - // `cluster.cluster_ipv4_cidr` must be left blank. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string cluster_ipv4_cidr_block = 9; - - // The IP address range of the instance IPs in this cluster. - // - // This is applicable only if `create_subnetwork` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string node_ipv4_cidr_block = 10; - - // The IP address range of the services IPs in this cluster. If blank, a range - // will be automatically chosen with the default size. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string services_ipv4_cidr_block = 11; - - // The IP address range of the Cloud TPUs in this cluster. If unspecified, a - // range will be automatically chosen with the default size. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // If unspecified, the range will use the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string tpu_ipv4_cidr_block = 13; - - // Whether routes will be used for pod IPs in the cluster. - // This is used in conjunction with use_ip_aliases. It cannot be true if - // use_ip_aliases is true. If both use_ip_aliases and use_routes are false, - // then the server picks the default IP allocation mode - bool use_routes = 15; -} - -// A Google Kubernetes Engine cluster. -message Cluster { - // The current status of the cluster. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The PROVISIONING state indicates the cluster is being created. - PROVISIONING = 1; - - // The RUNNING state indicates the cluster has been created and is fully - // usable. - RUNNING = 2; - - // The RECONCILING state indicates that some work is actively being done on - // the cluster, such as upgrading the master or node software. Details can - // be found in the `statusMessage` field. - RECONCILING = 3; - - // The STOPPING state indicates the cluster is being deleted. - STOPPING = 4; - - // The ERROR state indicates the cluster is unusable. It will be - // automatically deleted. Details can be found in the `statusMessage` field. - ERROR = 5; - - // The DEGRADED state indicates the cluster requires user action to restore - // full functionality. Details can be found in the `statusMessage` field. - DEGRADED = 6; - } - - // The name of this cluster. The name must be unique within this project - // and location (e.g. zone or region), and can be up to 40 characters with - // the following restrictions: - // - // * Lowercase letters, numbers, and hyphens only. - // * Must start with a letter. - // * Must end with a number or a letter. - string name = 1; - - // An optional description of this cluster. - string description = 2; - - // The number of nodes to create in this cluster. You must ensure that your - // Compute Engine [resource quota](https://cloud.google.com/compute/quotas) - // is sufficient for this number of instances. You must also have available - // firewall and routes quota. - // For requests, this field should only be used in lieu of a - // "node_pool" object, since this configuration (along with the - // "node_config") will be used to create a "NodePool" object with an - // auto-generated name. Do not use this and a node_pool at the same time. - // - // This field is deprecated, use node_pool.initial_node_count instead. - int32 initial_node_count = 3 [deprecated = true]; - - // Parameters used in creating the cluster's nodes. - // For requests, this field should only be used in lieu of a - // "node_pool" object, since this configuration (along with the - // "initial_node_count") will be used to create a "NodePool" object with an - // auto-generated name. Do not use this and a node_pool at the same time. - // For responses, this field will be populated with the node configuration of - // the first node pool. (For configuration of each node pool, see - // `node_pool.config`) - // - // If unspecified, the defaults are used. - // This field is deprecated, use node_pool.config instead. - NodeConfig node_config = 4 [deprecated = true]; - - // The authentication information for accessing the master endpoint. - // If unspecified, the defaults are used: - // For clusters before v1.12, if master_auth is unspecified, `username` will - // be set to "admin", a random password will be generated, and a client - // certificate will be issued. - MasterAuth master_auth = 5; - - // The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string logging_service = 6; - - // The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string monitoring_service = 7; - - // The name of the Google Compute Engine - // [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) - // to which the cluster is connected. If left unspecified, the `default` - // network will be used. - string network = 8; - - // The IP address range of the container pods in this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`). Leave blank to have - // one automatically chosen or specify a `/14` block in `10.0.0.0/8`. - string cluster_ipv4_cidr = 9; - - // Configurations for the various addons available to run in the cluster. - AddonsConfig addons_config = 10; - - // The name of the Google Compute Engine - // [subnetwork](https://cloud.google.com/compute/docs/subnetworks) to which - // the cluster is connected. - string subnetwork = 11; - - // The node pools associated with this cluster. - // This field should not be set if "node_config" or "initial_node_count" are - // specified. - repeated NodePool node_pools = 12; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. - // - // This field provides a default value if - // [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - // are not specified during node pool creation. - // - // Warning: changing cluster locations will update the - // [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - // of all node pools and will result in nodes being added and/or removed. - repeated string locations = 13; - - // Kubernetes alpha features are enabled on this cluster. This includes alpha - // API groups (e.g. v1alpha1) and features that may not be production ready in - // the kubernetes version of the master and nodes. - // The cluster has no SLA for uptime and master/node upgrades are disabled. - // Alpha enabled clusters are automatically deleted thirty days after - // creation. - bool enable_kubernetes_alpha = 14; - - // The resource labels for the cluster to use to annotate any related - // Google Compute Engine resources. - map resource_labels = 15; - - // The fingerprint of the set of labels for this cluster. - string label_fingerprint = 16; - - // Configuration for the legacy ABAC authorization mode. - LegacyAbac legacy_abac = 18; - - // Configuration options for the NetworkPolicy feature. - NetworkPolicy network_policy = 19; - - // Configuration for cluster IP allocation. - IPAllocationPolicy ip_allocation_policy = 20; - - // The configuration options for master authorized networks feature. - MasterAuthorizedNetworksConfig master_authorized_networks_config = 22; - - // Configure the maintenance policy for this cluster. - MaintenancePolicy maintenance_policy = 23; - - // Configuration for Binary Authorization. - BinaryAuthorization binary_authorization = 24; - - // Cluster-level autoscaling configuration. - ClusterAutoscaling autoscaling = 26; - - // Configuration for cluster networking. - NetworkConfig network_config = 27; - - // The default constraint on the maximum number of pods that can be run - // simultaneously on a node in the node pool of this cluster. Only honored - // if cluster created with IP Alias support. - MaxPodsConstraint default_max_pods_constraint = 30; - - // Configuration for exporting resource usages. Resource usage export is - // disabled when this config is unspecified. - ResourceUsageExportConfig resource_usage_export_config = 33; - - // Configuration controlling RBAC group membership information. - AuthenticatorGroupsConfig authenticator_groups_config = 34; - - // Configuration for private cluster. - PrivateClusterConfig private_cluster_config = 37; - - // Configuration of etcd encryption. - DatabaseEncryption database_encryption = 38; - - // Cluster-level Vertical Pod Autoscaling configuration. - VerticalPodAutoscaling vertical_pod_autoscaling = 39; - - // Shielded Nodes configuration. - ShieldedNodes shielded_nodes = 40; - - // Release channel configuration. - ReleaseChannel release_channel = 41; - - // Configuration for the use of Kubernetes Service Accounts in GCP IAM - // policies. - WorkloadIdentityConfig workload_identity_config = 43; - - // [Output only] Server-defined URL for the resource. - string self_link = 100; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field is deprecated, use location instead. - string zone = 101 [deprecated = true]; - - // [Output only] The IP address of this cluster's master endpoint. - // The endpoint can be accessed from the internet at - // `https://username:password@endpoint/`. - // - // See the `masterAuth` property of this resource for username and - // password information. - string endpoint = 102; - - // The initial Kubernetes version for this cluster. Valid versions are those - // found in validMasterVersions returned by getServerConfig. The version can - // be upgraded over time; such upgrades are reflected in - // currentMasterVersion and currentNodeVersion. - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "","-": picks the default Kubernetes version - string initial_cluster_version = 103; - - // [Output only] The current software version of the master endpoint. - string current_master_version = 104; - - // [Output only] Deprecated, use - // [NodePools.version](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools) - // instead. The current version of the node software components. If they are - // currently at multiple versions because they're in the process of being - // upgraded, this reflects the minimum version of all nodes. - string current_node_version = 105 [deprecated = true]; - - // [Output only] The time the cluster was created, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string create_time = 106; - - // [Output only] The current status of this cluster. - Status status = 107; - - // [Output only] Deprecated. Use conditions instead. - // Additional information about the current status of this - // cluster, if available. - string status_message = 108 [deprecated = true]; - - // [Output only] The size of the address space on each node for hosting - // containers. This is provisioned from within the `container_ipv4_cidr` - // range. This field will only be set when cluster is in route-based network - // mode. - int32 node_ipv4_cidr_size = 109; - - // [Output only] The IP address range of the Kubernetes services in - // this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `1.2.3.4/29`). Service addresses are - // typically put in the last `/16` from the container CIDR. - string services_ipv4_cidr = 110; - - // Deprecated. Use node_pools.instance_group_urls. - repeated string instance_group_urls = 111 [deprecated = true]; - - // [Output only] The number of nodes currently in the cluster. Deprecated. - // Call Kubernetes API directly to retrieve node information. - int32 current_node_count = 112 [deprecated = true]; - - // [Output only] The time the cluster will be automatically - // deleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string expire_time = 113; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // or - // [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // in which the cluster resides. - string location = 114; - - // Enable the ability to use Cloud TPUs in this cluster. - bool enable_tpu = 115; - - // [Output only] The IP address range of the Cloud TPUs in this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `1.2.3.4/29`). - string tpu_ipv4_cidr_block = 116; - - // Which conditions caused the current cluster state. - repeated StatusCondition conditions = 118; -} - -// ClusterUpdate describes an update to the cluster. Exactly one update can -// be applied to a cluster with each request, so at most one field can be -// provided. -message ClusterUpdate { - // The Kubernetes version to change the nodes to (typically an - // upgrade). - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the Kubernetes master version - string desired_node_version = 4; - - // The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string desired_monitoring_service = 5; - - // Configurations for the various addons available to run in the cluster. - AddonsConfig desired_addons_config = 6; - - // The node pool to be upgraded. This field is mandatory if - // "desired_node_version", "desired_image_family" or - // "desired_node_pool_autoscaling" is specified and there is more than one - // node pool on the cluster. - string desired_node_pool_id = 7; - - // The desired image type for the node pool. - // NOTE: Set the "desired_node_pool" field as well. - string desired_image_type = 8; - - // Configuration of etcd encryption. - DatabaseEncryption desired_database_encryption = 46; - - // Configuration for Workload Identity. - WorkloadIdentityConfig desired_workload_identity_config = 47; - - // Configuration for Shielded Nodes. - ShieldedNodes desired_shielded_nodes = 48; - - // Autoscaler configuration for the node pool specified in - // desired_node_pool_id. If there is only one pool in the - // cluster and desired_node_pool_id is not provided then - // the change applies to that single node pool. - NodePoolAutoscaling desired_node_pool_autoscaling = 9; - - // The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. - // - // This list must always include the cluster's primary zone. - // - // Warning: changing cluster locations will update the locations of all node - // pools and will result in nodes being added and/or removed. - repeated string desired_locations = 10; - - // The desired configuration options for master authorized networks feature. - MasterAuthorizedNetworksConfig desired_master_authorized_networks_config = 12; - - // Cluster-level autoscaling configuration. - ClusterAutoscaling desired_cluster_autoscaling = 15; - - // The desired configuration options for the Binary Authorization feature. - BinaryAuthorization desired_binary_authorization = 16; - - // The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string desired_logging_service = 19; - - // The desired configuration for exporting resource usage. - ResourceUsageExportConfig desired_resource_usage_export_config = 21; - - // Cluster-level Vertical Pod Autoscaling configuration. - VerticalPodAutoscaling desired_vertical_pod_autoscaling = 22; - - // The desired private cluster configuration. - PrivateClusterConfig desired_private_cluster_config = 25; - - // The desired config of Intra-node visibility. - IntraNodeVisibilityConfig desired_intra_node_visibility_config = 26; - - // The desired status of whether to disable default sNAT for this cluster. - DefaultSnatStatus desired_default_snat_status = 28; - - // The desired release channel configuration. - ReleaseChannel desired_release_channel = 31; - - // The Kubernetes version to change the master to. - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the default Kubernetes version - string desired_master_version = 100; -} - -// This operation resource represents operations that may have happened or are -// happening on the cluster. All fields are output only. -message Operation { - // Current status of the operation. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The operation has been created. - PENDING = 1; - - // The operation is currently running. - RUNNING = 2; - - // The operation is done, either cancelled or completed. - DONE = 3; - - // The operation is aborting. - ABORTING = 4; - } - - // Operation type. - enum Type { - // Not set. - TYPE_UNSPECIFIED = 0; - - // Cluster create. - CREATE_CLUSTER = 1; - - // Cluster delete. - DELETE_CLUSTER = 2; - - // A master upgrade. - UPGRADE_MASTER = 3; - - // A node upgrade. - UPGRADE_NODES = 4; - - // Cluster repair. - REPAIR_CLUSTER = 5; - - // Cluster update. - UPDATE_CLUSTER = 6; - - // Node pool create. - CREATE_NODE_POOL = 7; - - // Node pool delete. - DELETE_NODE_POOL = 8; - - // Set node pool management. - SET_NODE_POOL_MANAGEMENT = 9; - - // Automatic node pool repair. - AUTO_REPAIR_NODES = 10; - - // Automatic node upgrade. - AUTO_UPGRADE_NODES = 11; - - // Set labels. - SET_LABELS = 12; - - // Set/generate master auth materials - SET_MASTER_AUTH = 13; - - // Set node pool size. - SET_NODE_POOL_SIZE = 14; - - // Updates network policy for a cluster. - SET_NETWORK_POLICY = 15; - - // Set the maintenance policy. - SET_MAINTENANCE_POLICY = 16; - } - - // The server-assigned ID for the operation. - string name = 1; - - // The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // operation is taking place. This field is deprecated, use location instead. - string zone = 2 [deprecated = true]; - - // The operation type. - Type operation_type = 3; - - // The current status of the operation. - Status status = 4; - - // Detailed operation progress, if available. - string detail = 8; - - // Output only. If an error has occurred, a textual description of the error. - string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Server-defined URL for the resource. - string self_link = 6; - - // Server-defined URL for the target of the operation. - string target_link = 7; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // or - // [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // in which the cluster resides. - string location = 9; - - // [Output only] The time the operation started, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string start_time = 10; - - // [Output only] The time the operation completed, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string end_time = 11; - - // Output only. [Output only] Progress information for an operation. - OperationProgress progress = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Which conditions caused the current cluster state. - repeated StatusCondition cluster_conditions = 13; - - // Which conditions caused the current node pool state. - repeated StatusCondition nodepool_conditions = 14; -} - -// Information about operation (or operation stage) progress. -message OperationProgress { - // Progress metric is (string, int|float|string) pair. - message Metric { - // Required. Metric name, e.g., "nodes total", "percent done". - string name = 1 [(google.api.field_behavior) = REQUIRED]; - - // Strictly one of the values is required. - oneof value { - // For metrics with integer value. - int64 int_value = 2; - - // For metrics with floating point value. - double double_value = 3; - - // For metrics with custom values (ratios, visual progress, etc.). - string string_value = 4; - } - } - - // A non-parameterized string describing an operation stage. - // Unset for single-stage operations. - string name = 1; - - // Status of an operation stage. - // Unset for single-stage operations. - Operation.Status status = 2; - - // Progress metric bundle, for example: - // metrics: [{name: "nodes done", int_value: 15}, - // {name: "nodes total", int_value: 32}] - // or - // metrics: [{name: "progress", double_value: 0.56}, - // {name: "progress scale", double_value: 1.0}] - repeated Metric metrics = 3; - - // Substages of an operation or a stage. - repeated OperationProgress stages = 4; -} - -// CreateClusterRequest creates a cluster. -message CreateClusterRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [deprecated = true]; - - // Required. A [cluster - // resource](https://cloud.google.com/container-engine/reference/rest/v1/projects.locations.clusters) - Cluster cluster = 3 [(google.api.field_behavior) = REQUIRED]; - - // The parent (project and location) where the cluster will be created. - // Specified in the format `projects/*/locations/*`. - string parent = 5; -} - -// GetClusterRequest gets the settings of a cluster. -message GetClusterRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to retrieve. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // The name (project, location, cluster) of the cluster to retrieve. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// UpdateClusterRequest updates the settings of a cluster. -message UpdateClusterRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. A description of the update. - ClusterUpdate update = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to update. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// UpdateNodePoolRequests update a node pool's image and/or version. -message UpdateNodePoolRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to upgrade. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // Required. The Kubernetes version to change the nodes to (typically an - // upgrade). - // - // Users may specify either explicit versions offered by Kubernetes Engine or - // version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the Kubernetes master version - string node_version = 5 [(google.api.field_behavior) = REQUIRED]; - - // Required. The desired image type for the node pool. - string image_type = 6 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool) of the node pool to - // update. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 8; - - // The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // node pool's nodes should be located. Changing the locations for a node pool - // will result in nodes being either created or removed from the node pool, - // depending on whether locations are being added or removed. - repeated string locations = 13; - - // The desired workload metadata config for the node pool. - WorkloadMetadataConfig workload_metadata_config = 14; - - // Upgrade settings control disruption and speed of the upgrade. - NodePool.UpgradeSettings upgrade_settings = 15; -} - -// SetNodePoolAutoscalingRequest sets the autoscaler settings of a node pool. -message SetNodePoolAutoscalingRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to upgrade. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // Required. Autoscaling configuration for the node pool. - NodePoolAutoscaling autoscaling = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool) of the node pool to set - // autoscaler settings. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// SetLoggingServiceRequest sets the logging service of a cluster. -message SetLoggingServiceRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string logging_service = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set logging. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// SetMonitoringServiceRequest sets the monitoring service of a cluster. -message SetMonitoringServiceRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string monitoring_service = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set monitoring. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetAddonsConfigRequest sets the addons associated with the cluster. -message SetAddonsConfigRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The desired configurations for the various addons available to run in the - // cluster. - AddonsConfig addons_config = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set addons. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetLocationsRequest sets the locations of the cluster. -message SetLocationsRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. Changing the locations a cluster is in - // will result in nodes being either created or removed from the cluster, - // depending on whether locations are being added or removed. - // - // This list must always include the cluster's primary zone. - repeated string locations = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set locations. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// UpdateMasterRequest updates the master of the cluster. -message UpdateMasterRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The Kubernetes version to change the master to. - // - // Users may specify either explicit versions offered by Kubernetes Engine or - // version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the default Kubernetes version - string master_version = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to update. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// SetMasterAuthRequest updates the admin password of a cluster. -message SetMasterAuthRequest { - // Operation type: what type update to perform. - enum Action { - // Operation is unknown and will error out. - UNKNOWN = 0; - - // Set the password to a user generated value. - SET_PASSWORD = 1; - - // Generate a new password and set it to that. - GENERATE_PASSWORD = 2; - - // Set the username. If an empty username is provided, basic authentication - // is disabled for the cluster. If a non-empty username is provided, basic - // authentication is enabled, with either a provided password or a generated - // one. - SET_USERNAME = 3; - } - - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The exact form of action to be taken on the master auth. - Action action = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. A description of the update. - MasterAuth update = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set auth. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// DeleteClusterRequest deletes a cluster. -message DeleteClusterRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to delete. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // The name (project, location, cluster) of the cluster to delete. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 4; -} - -// ListClustersRequest lists clusters. -message ListClustersRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides, or "-" for all zones. This field has been deprecated and - // replaced by the parent field. - string zone = 2 [deprecated = true]; - - // The parent (project and location) where the clusters will be listed. - // Specified in the format `projects/*/locations/*`. - // Location "-" matches all zones and all regions. - string parent = 4; -} - -// ListClustersResponse is the result of ListClustersRequest. -message ListClustersResponse { - // A list of clusters in the project in the specified zone, or - // across all ones. - repeated Cluster clusters = 1; - - // If any zones are listed here, the list of clusters returned - // may be missing those zones. - repeated string missing_zones = 2; -} - -// GetOperationRequest gets a single operation. -message GetOperationRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The server-assigned `name` of the operation. - // This field has been deprecated and replaced by the name field. - string operation_id = 3 [deprecated = true]; - - // The name (project, location, operation id) of the operation to get. - // Specified in the format `projects/*/locations/*/operations/*`. - string name = 5; -} - -// ListOperationsRequest lists operations. -message ListOperationsRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) to return - // operations for, or `-` for all zones. This field has been deprecated and - // replaced by the parent field. - string zone = 2 [deprecated = true]; - - // The parent (project and location) where the operations will be listed. - // Specified in the format `projects/*/locations/*`. - // Location "-" matches all zones and all regions. - string parent = 4; -} - -// CancelOperationRequest cancels a single operation. -message CancelOperationRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // operation resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The server-assigned `name` of the operation. - // This field has been deprecated and replaced by the name field. - string operation_id = 3 [deprecated = true]; - - // The name (project, location, operation id) of the operation to cancel. - // Specified in the format `projects/*/locations/*/operations/*`. - string name = 4; -} - -// ListOperationsResponse is the result of ListOperationsRequest. -message ListOperationsResponse { - // A list of operations in the project in the specified zone. - repeated Operation operations = 1; - - // If any zones are listed here, the list of operations returned - // may be missing the operations from those zones. - repeated string missing_zones = 2; -} - -// Gets the current Kubernetes Engine service configuration. -message GetServerConfigRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) to return - // operations for. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // The name (project and location) of the server config to get, - // specified in the format `projects/*/locations/*`. - string name = 4; -} - -// Kubernetes Engine service configuration. -message ServerConfig { - // ReleaseChannelConfig exposes configuration for a release channel. - message ReleaseChannelConfig { - // The release channel this configuration applies to. - ReleaseChannel.Channel channel = 1; - - // The default version for newly created clusters on the channel. - string default_version = 2; - - // List of valid versions for the channel. - repeated string valid_versions = 4; - } - - // Version of Kubernetes the service deploys by default. - string default_cluster_version = 1; - - // List of valid node upgrade target versions, in descending order. - repeated string valid_node_versions = 3; - - // Default image type. - string default_image_type = 4; - - // List of valid image types. - repeated string valid_image_types = 5; - - // List of valid master versions, in descending order. - repeated string valid_master_versions = 6; - - // List of release channel configurations. - repeated ReleaseChannelConfig channels = 9; -} - -// CreateNodePoolRequest creates a node pool for a cluster. -message CreateNodePoolRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the parent field. - string cluster_id = 3 [deprecated = true]; - - // Required. The node pool to create. - NodePool node_pool = 4 [(google.api.field_behavior) = REQUIRED]; - - // The parent (project, location, cluster id) where the node pool will be - // created. Specified in the format - // `projects/*/locations/*/clusters/*`. - string parent = 6; -} - -// DeleteNodePoolRequest deletes a node pool for a cluster. -message DeleteNodePoolRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to delete. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // The name (project, location, cluster, node pool id) of the node pool to - // delete. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// ListNodePoolsRequest lists the node pool(s) for a cluster. -message ListNodePoolsRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the parent field. - string cluster_id = 3 [deprecated = true]; - - // The parent (project, location, cluster id) where the node pools will be - // listed. Specified in the format `projects/*/locations/*/clusters/*`. - string parent = 5; -} - -// GetNodePoolRequest retrieves a node pool for a cluster. -message GetNodePoolRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // The name (project, location, cluster, node pool id) of the node pool to - // get. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// NodePool contains the name and configuration for a cluster's node pool. -// Node pools are a set of nodes (i.e. VM's), with a common configuration and -// specification, under the control of the cluster master. They may have a set -// of Kubernetes labels applied to them, which may be used to reference them -// during pod scheduling. They may also be resized up or down, to accommodate -// the workload. -message NodePool { - // These upgrade settings control the level of parallelism and the level of - // disruption caused by an upgrade. - // - // maxUnavailable controls the number of nodes that can be simultaneously - // unavailable. - // - // maxSurge controls the number of additional nodes that can be added to the - // node pool temporarily for the time of the upgrade to increase the number of - // available nodes. - // - // (maxUnavailable + maxSurge) determines the level of parallelism (how many - // nodes are being upgraded at the same time). - // - // Note: upgrades inevitably introduce some disruption since workloads need to - // be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, - // this holds true. (Disruption stays within the limits of - // PodDisruptionBudget, if it is configured.) - // - // Consider a hypothetical node pool with 5 nodes having maxSurge=2, - // maxUnavailable=1. This means the upgrade process upgrades 3 nodes - // simultaneously. It creates 2 additional (upgraded) nodes, then it brings - // down 3 old (not yet upgraded) nodes at the same time. This ensures that - // there are always at least 4 nodes available. - message UpgradeSettings { - // The maximum number of nodes that can be created beyond the current size - // of the node pool during the upgrade process. - int32 max_surge = 1; - - // The maximum number of nodes that can be simultaneously unavailable during - // the upgrade process. A node is considered available if its status is - // Ready. - int32 max_unavailable = 2; - } - - // The current status of the node pool instance. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The PROVISIONING state indicates the node pool is being created. - PROVISIONING = 1; - - // The RUNNING state indicates the node pool has been created - // and is fully usable. - RUNNING = 2; - - // The RUNNING_WITH_ERROR state indicates the node pool has been created - // and is partially usable. Some error state has occurred and some - // functionality may be impaired. Customer may need to reissue a request - // or trigger a new update. - RUNNING_WITH_ERROR = 3; - - // The RECONCILING state indicates that some work is actively being done on - // the node pool, such as upgrading node software. Details can - // be found in the `statusMessage` field. - RECONCILING = 4; - - // The STOPPING state indicates the node pool is being deleted. - STOPPING = 5; - - // The ERROR state indicates the node pool may be unusable. Details - // can be found in the `statusMessage` field. - ERROR = 6; - } - - // The name of the node pool. - string name = 1; - - // The node configuration of the pool. - NodeConfig config = 2; - - // The initial node count for the pool. You must ensure that your - // Compute Engine [resource quota](https://cloud.google.com/compute/quotas) - // is sufficient for this number of instances. You must also have available - // firewall and routes quota. - int32 initial_node_count = 3; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // NodePool's nodes should be located. - // - // If this value is unspecified during node pool creation, the - // [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) - // value will be used, instead. - // - // Warning: changing node pool locations will result in nodes being added - // and/or removed. - repeated string locations = 13; - - // [Output only] Server-defined URL for the resource. - string self_link = 100; - - // The version of the Kubernetes of this node. - string version = 101; - - // [Output only] The resource URLs of the [managed instance - // groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances) - // associated with this node pool. - repeated string instance_group_urls = 102; - - // [Output only] The status of the nodes in this pool instance. - Status status = 103; - - // [Output only] Deprecated. Use conditions instead. - // Additional information about the current status of this - // node pool instance, if available. - string status_message = 104 [deprecated = true]; - - // Autoscaler configuration for this NodePool. Autoscaler is enabled - // only if a valid configuration is present. - NodePoolAutoscaling autoscaling = 4; - - // NodeManagement configuration for this NodePool. - NodeManagement management = 5; - - // The constraint on the maximum number of pods that can be run - // simultaneously on a node in the node pool. - MaxPodsConstraint max_pods_constraint = 6; - - // Which conditions caused the current node pool state. - repeated StatusCondition conditions = 105; - - // [Output only] The pod CIDR block size per node in this node pool. - int32 pod_ipv4_cidr_size = 7; - - // Upgrade settings control disruption and speed of the upgrade. - UpgradeSettings upgrade_settings = 107; -} - -// NodeManagement defines the set of node management services turned on for the -// node pool. -message NodeManagement { - // A flag that specifies whether node auto-upgrade is enabled for the node - // pool. If enabled, node auto-upgrade helps keep the nodes in your node pool - // up to date with the latest release version of Kubernetes. - bool auto_upgrade = 1; - - // A flag that specifies whether the node auto-repair is enabled for the node - // pool. If enabled, the nodes in this node pool will be monitored and, if - // they fail health checks too many times, an automatic repair action will be - // triggered. - bool auto_repair = 2; - - // Specifies the Auto Upgrade knobs for the node pool. - AutoUpgradeOptions upgrade_options = 10; -} - -// AutoUpgradeOptions defines the set of options for the user to control how -// the Auto Upgrades will proceed. -message AutoUpgradeOptions { - // [Output only] This field is set when upgrades are about to commence - // with the approximate start time for the upgrades, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string auto_upgrade_start_time = 1; - - // [Output only] This field is set when upgrades are about to commence - // with the description of the upgrade. - string description = 2; -} - -// MaintenancePolicy defines the maintenance policy to be used for the cluster. -message MaintenancePolicy { - // Specifies the maintenance window in which maintenance may be performed. - MaintenanceWindow window = 1; - - // A hash identifying the version of this policy, so that updates to fields of - // the policy won't accidentally undo intermediate changes (and so that users - // of the API unaware of some fields won't accidentally remove other fields). - // Make a `get()` request to the cluster to get the current - // resource version and include it with requests to set the policy. - string resource_version = 3; -} - -// MaintenanceWindow defines the maintenance window to be used for the cluster. -message MaintenanceWindow { - oneof policy { - // DailyMaintenanceWindow specifies a daily maintenance operation window. - DailyMaintenanceWindow daily_maintenance_window = 2; - - // RecurringWindow specifies some number of recurring time periods for - // maintenance to occur. The time windows may be overlapping. If no - // maintenance windows are set, maintenance can occur at any time. - RecurringTimeWindow recurring_window = 3; - } - - // Exceptions to maintenance window. Non-emergency maintenance should not - // occur in these windows. - map maintenance_exclusions = 4; -} - -// Represents an arbitrary window of time. -message TimeWindow { - // The time that the window first starts. - google.protobuf.Timestamp start_time = 1; - - // The time that the window ends. The end time should take place after the - // start time. - google.protobuf.Timestamp end_time = 2; -} - -// Represents an arbitrary window of time that recurs. -message RecurringTimeWindow { - // The window of the first recurrence. - TimeWindow window = 1; - - // An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how - // this window reccurs. They go on for the span of time between the start and - // end time. - // - // For example, to have something repeat every weekday, you'd use: - // `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` - // - // To repeat some window daily (equivalent to the DailyMaintenanceWindow): - // `FREQ=DAILY` - // - // For the first weekend of every month: - // `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` - // - // This specifies how frequently the window starts. Eg, if you wanted to have - // a 9-5 UTC-4 window every weekday, you'd use something like: - // ``` - // start time = 2019-01-01T09:00:00-0400 - // end time = 2019-01-01T17:00:00-0400 - // recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR - // ``` - // - // Windows can span multiple days. Eg, to make the window encompass every - // weekend from midnight Saturday till the last minute of Sunday UTC: - // ``` - // start time = 2019-01-05T00:00:00Z - // end time = 2019-01-07T23:59:00Z - // recurrence = FREQ=WEEKLY;BYDAY=SA - // ``` - // - // Note the start and end time's specific dates are largely arbitrary except - // to specify duration of the window and when it first starts. - // The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported. - string recurrence = 2; -} - -// Time window specified for daily maintenance operations. -message DailyMaintenanceWindow { - // Time within the maintenance window to start the maintenance operations. - // Time format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) - // format "HH:MM", where HH : [00-23] and MM : [00-59] GMT. - string start_time = 2; - - // [Output only] Duration of the time window, automatically chosen to be - // smallest possible in the given scenario. - // Duration will be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) - // format "PTnHnMnS". - string duration = 3; -} - -// SetNodePoolManagementRequest sets the node management properties of a node -// pool. -message SetNodePoolManagementRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to update. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // Required. NodeManagement configuration for the node pool. - NodeManagement management = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool id) of the node pool to set - // management properties. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 7; -} - -// SetNodePoolSizeRequest sets the size a node -// pool. -message SetNodePoolSizeRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to update. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // Required. The desired node count for the pool. - int32 node_count = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool id) of the node pool to set - // size. - // Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 7; -} - -// RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or Failed -// NodePool upgrade. This will be an no-op if the last upgrade successfully -// completed. -message RollbackNodePoolUpgradeRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to rollback. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Deprecated. The name of the node pool to rollback. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [deprecated = true]; - - // The name (project, location, cluster, node pool id) of the node poll to - // rollback upgrade. - // Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// ListNodePoolsResponse is the result of ListNodePoolsRequest. -message ListNodePoolsResponse { - // A list of node pools for a cluster. - repeated NodePool node_pools = 1; -} - -// ClusterAutoscaling contains global, per-cluster information -// required by Cluster Autoscaler to automatically adjust -// the size of the cluster and create/delete -// node pools based on the current needs. -message ClusterAutoscaling { - // Enables automatic node pool creation and deletion. - bool enable_node_autoprovisioning = 1; - - // Contains global constraints regarding minimum and maximum - // amount of resources in the cluster. - repeated ResourceLimit resource_limits = 2; - - // AutoprovisioningNodePoolDefaults contains defaults for a node pool - // created by NAP. - AutoprovisioningNodePoolDefaults autoprovisioning_node_pool_defaults = 4; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // NodePool's nodes can be created by NAP. - repeated string autoprovisioning_locations = 5; -} - -// AutoprovisioningNodePoolDefaults contains defaults for a node pool created -// by NAP. -message AutoprovisioningNodePoolDefaults { - // Scopes that are used by NAP when creating node pools. - repeated string oauth_scopes = 1; - - // The Google Cloud Platform Service Account to be used by the node VMs. - string service_account = 2; - - // Specifies the upgrade settings for NAP created node pools - NodePool.UpgradeSettings upgrade_settings = 3; - - // Specifies the node management options for NAP created node-pools. - NodeManagement management = 4; - - // Minimum CPU platform to be used for NAP created node pools. - // The instance may be scheduled on the specified or newer CPU platform. - // Applicable values are the friendly names of CPU platforms, such as - // minCpuPlatform: Intel Haswell or - // minCpuPlatform: Intel Sandy Bridge. For more - // information, read [how to specify min CPU - // platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) - // To unset the min cpu platform field pass "automatic" - // as field value. - string min_cpu_platform = 5; - - // Size of the disk attached to each node, specified in GB. - // The smallest allowed disk size is 10GB. - // - // If unspecified, the default disk size is 100GB. - int32 disk_size_gb = 6; - - // Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or - // 'pd-balanced') - // - // If unspecified, the default disk type is 'pd-standard' - string disk_type = 7; - - // Shielded Instance options. - ShieldedInstanceConfig shielded_instance_config = 8; - - // The Customer Managed Encryption Key used to encrypt the boot disk attached - // to each node in the node pool. This should be of the form - // projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. - // For more information about protecting resources with Cloud KMS Keys please - // see: - // https://cloud.google.com/compute/docs/disks/customer-managed-encryption - string boot_disk_kms_key = 9; -} - -// Contains information about amount of some resource in the cluster. -// For memory, value should be in GB. -message ResourceLimit { - // Resource name "cpu", "memory" or gpu-specific string. - string resource_type = 1; - - // Minimum amount of the resource in the cluster. - int64 minimum = 2; - - // Maximum amount of the resource in the cluster. - int64 maximum = 3; -} - -// NodePoolAutoscaling contains information required by cluster autoscaler to -// adjust the size of the node pool to the current cluster usage. -message NodePoolAutoscaling { - // Is autoscaling enabled for this node pool. - bool enabled = 1; - - // Minimum number of nodes in the NodePool. Must be >= 1 and <= - // max_node_count. - int32 min_node_count = 2; - - // Maximum number of nodes in the NodePool. Must be >= min_node_count. There - // has to enough quota to scale up the cluster. - int32 max_node_count = 3; - - // Can this node pool be deleted automatically. - bool autoprovisioned = 4; -} - -// SetLabelsRequest sets the Google Cloud Platform labels on a Google Container -// Engine cluster, which will in turn set them for Google Compute Engine -// resources used by that cluster -message SetLabelsRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. The labels to set for that cluster. - map resource_labels = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. The fingerprint of the previous set of labels for this resource, - // used to detect conflicts. The fingerprint is initially generated by - // Kubernetes Engine and changes after every request to modify or update - // labels. You must always provide an up-to-date fingerprint hash when - // updating or changing labels. Make a `get()` request to the - // resource to get the latest fingerprint. - string label_fingerprint = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set labels. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// SetLegacyAbacRequest enables or disables the ABAC authorization mechanism for -// a cluster. -message SetLegacyAbacRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. Whether ABAC authorization will be enabled in the cluster. - bool enabled = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set legacy abac. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// StartIPRotationRequest creates a new IP for the cluster and then performs -// a node upgrade on each node pool to point to the new IP. -message StartIPRotationRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // The name (project, location, cluster id) of the cluster to start IP - // rotation. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; - - // Whether to rotate credentials during IP rotation. - bool rotate_credentials = 7; -} - -// CompleteIPRotationRequest moves the cluster master back into single-IP mode. -message CompleteIPRotationRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // The name (project, location, cluster id) of the cluster to complete IP - // rotation. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// AcceleratorConfig represents a Hardware Accelerator request. -message AcceleratorConfig { - // The number of the accelerator cards exposed to an instance. - int64 accelerator_count = 1; - - // The accelerator type resource name. List of supported accelerators - // [here](https://cloud.google.com/compute/docs/gpus) - string accelerator_type = 2; -} - -// WorkloadMetadataConfig defines the metadata configuration to expose to -// workloads on the node pool. -message WorkloadMetadataConfig { - // Mode is the configuration for how to expose metadata to workloads running - // on the node. - enum Mode { - // Not set. - MODE_UNSPECIFIED = 0; - - // Expose all Compute Engine metadata to pods. - GCE_METADATA = 1; - - // Run the GKE Metadata Server on this node. The GKE Metadata Server exposes - // a metadata API to workloads that is compatible with the V1 Compute - // Metadata APIs exposed by the Compute Engine and App Engine Metadata - // Servers. This feature can only be enabled if Workload Identity is enabled - // at the cluster level. - GKE_METADATA = 2; - } - - // Mode is the configuration for how to expose metadata to workloads running - // on the node pool. - Mode mode = 2; -} - -// SetNetworkPolicyRequest enables/disables network policy for a cluster. -message SetNetworkPolicyRequest { - // Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [deprecated = true]; - - // Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [deprecated = true]; - - // Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [deprecated = true]; - - // Required. Configuration options for the NetworkPolicy feature. - NetworkPolicy network_policy = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set networking - // policy. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetMaintenancePolicyRequest sets the maintenance policy for a cluster. -message SetMaintenancePolicyRequest { - // Required. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - string project_id = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. - string zone = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The name of the cluster to update. - string cluster_id = 3 [(google.api.field_behavior) = REQUIRED]; - - // Required. The maintenance policy to be set for the cluster. An empty field - // clears the existing maintenance policy. - MaintenancePolicy maintenance_policy = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set maintenance - // policy. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// StatusCondition describes why a cluster or a node pool has a certain status -// (e.g., ERROR or DEGRADED). -message StatusCondition { - // Code for each condition - enum Code { - // UNKNOWN indicates a generic condition. - UNKNOWN = 0; - - // GCE_STOCKOUT indicates that Google Compute Engine resources are - // temporarily unavailable. - GCE_STOCKOUT = 1; - - // GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot - // service account. - GKE_SERVICE_ACCOUNT_DELETED = 2; - - // Google Compute Engine quota was exceeded. - GCE_QUOTA_EXCEEDED = 3; - - // Cluster state was manually changed by an SRE due to a system logic error. - SET_BY_OPERATOR = 4; - - // Unable to perform an encrypt operation against the CloudKMS key used for - // etcd level encryption. - // More codes TBA - CLOUD_KMS_KEY_ERROR = 7; - } - - // Machine-friendly representation of the condition - Code code = 1; - - // Human-friendly representation of the condition - string message = 2; -} - -// NetworkConfig reports the relative names of network & subnetwork. -message NetworkConfig { - // Output only. The relative name of the Google Compute Engine - // [network][google.container.v1.NetworkConfig.network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) - // to which the cluster is connected. Example: - // projects/my-project/global/networks/my-network - string network = 1; - - // Output only. The relative name of the Google Compute Engine - // [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the - // cluster is connected. Example: - // projects/my-project/regions/us-central1/subnetworks/my-subnet - string subnetwork = 2; - - // Whether Intra-node visibility is enabled for this cluster. - // This makes same node pod to pod traffic visible for VPC network. - bool enable_intra_node_visibility = 5; - - // Whether the cluster disables default in-node sNAT rules. In-node sNAT rules - // will be disabled when default_snat_status is disabled. When disabled is set - // to false, default IP masquerade rules will be applied to the nodes to - // prevent sNAT on cluster internal traffic. - DefaultSnatStatus default_snat_status = 7; -} - -// GetOpenIDConfigRequest gets the OIDC discovery document for the -// cluster. See the OpenID Connect Discovery 1.0 specification for details. -message GetOpenIDConfigRequest { - // The cluster (project, location, cluster id) to get the discovery document - // for. Specified in the format `projects/*/locations/*/clusters/*`. - string parent = 1; -} - -// GetOpenIDConfigResponse is an OIDC discovery document for the cluster. -// See the OpenID Connect Discovery 1.0 specification for details. -message GetOpenIDConfigResponse { - // OIDC Issuer. - string issuer = 1; - - // JSON Web Key uri. - string jwks_uri = 2; - - // Supported response types. - repeated string response_types_supported = 3; - - // Supported subject types. - repeated string subject_types_supported = 4; - - // supported ID Token signing Algorithms. - repeated string id_token_signing_alg_values_supported = 5; - - // Supported claims. - repeated string claims_supported = 6; - - // Supported grant types. - repeated string grant_types = 7; -} - -// GetJSONWebKeysRequest gets the public component of the keys used by the -// cluster to sign token requests. This will be the jwks_uri for the discover -// document returned by getOpenIDConfig. See the OpenID Connect -// Discovery 1.0 specification for details. -message GetJSONWebKeysRequest { - // The cluster (project, location, cluster id) to get keys for. Specified in - // the format `projects/*/locations/*/clusters/*`. - string parent = 1; -} - -// Jwk is a JSON Web Key as specified in RFC 7517 -message Jwk { - // Key Type. - string kty = 1; - - // Algorithm. - string alg = 2; - - // Permitted uses for the public keys. - string use = 3; - - // Key ID. - string kid = 4; - - // Used for RSA keys. - string n = 5; - - // Used for RSA keys. - string e = 6; - - // Used for ECDSA keys. - string x = 7; - - // Used for ECDSA keys. - string y = 8; - - // Used for ECDSA keys. - string crv = 9; -} - -// GetJSONWebKeysResponse is a valid JSON Web Key Set as specififed in rfc 7517 -message GetJSONWebKeysResponse { - // The public component of the keys used by the cluster to sign token - // requests. - repeated Jwk keys = 1; -} - -// ReleaseChannel indicates which release channel a cluster is -// subscribed to. Release channels are arranged in order of risk. -// -// When a cluster is subscribed to a release channel, Google maintains -// both the master version and the node version. Node auto-upgrade -// defaults to true and cannot be disabled. -message ReleaseChannel { - // Possible values for 'channel'. - enum Channel { - // No channel specified. - UNSPECIFIED = 0; - - // RAPID channel is offered on an early access basis for customers who want - // to test new releases. - // - // WARNING: Versions available in the RAPID Channel may be subject to - // unresolved issues with no known workaround and are not subject to any - // SLAs. - RAPID = 1; - - // Clusters subscribed to REGULAR receive versions that are considered GA - // quality. REGULAR is intended for production users who want to take - // advantage of new features. - REGULAR = 2; - - // Clusters subscribed to STABLE receive versions that are known to be - // stable and reliable in production. - STABLE = 3; - } - - // channel specifies which release channel the cluster is subscribed to. - Channel channel = 1; -} - -// IntraNodeVisibilityConfig contains the desired config of the intra-node -// visibility on this cluster. -message IntraNodeVisibilityConfig { - // Enables intra node visibility for this cluster. - bool enabled = 1; -} - -// Constraints applied to pods. -message MaxPodsConstraint { - // Constraint enforced on the max num of pods per node. - int64 max_pods_per_node = 1; -} - -// Configuration for the use of Kubernetes Service Accounts in GCP IAM -// policies. -message WorkloadIdentityConfig { - // The workload pool to attach all Kubernetes service accounts to. - string workload_pool = 2; -} - -// Configuration of etcd encryption. -message DatabaseEncryption { - // State of etcd encryption. - enum State { - // Should never be set - UNKNOWN = 0; - - // Secrets in etcd are encrypted. - ENCRYPTED = 1; - - // Secrets in etcd are stored in plain text (at etcd level) - this is - // unrelated to Compute Engine level full disk encryption. - DECRYPTED = 2; - } - - // Denotes the state of etcd encryption. - State state = 2; - - // Name of CloudKMS key to use for the encryption of secrets in etcd. - // Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key - string key_name = 1; -} - -// ListUsableSubnetworksRequest requests the list of usable subnetworks -// available to a user for creating clusters. -message ListUsableSubnetworksRequest { - // The parent project where subnetworks are usable. - // Specified in the format `projects/*`. - string parent = 1; - - // Filtering currently only supports equality on the networkProjectId and must - // be in the form: "networkProjectId=[PROJECTID]", where `networkProjectId` - // is the project which owns the listed subnetworks. This defaults to the - // parent project ID. - string filter = 2; - - // The max number of results per page that should be returned. If the number - // of available results is larger than `page_size`, a `next_page_token` is - // returned which can be used to get the next page of results in subsequent - // requests. Acceptable values are 0 to 500, inclusive. (Default: 500) - int32 page_size = 3; - - // Specifies a page token to use. Set this to the nextPageToken returned by - // previous list requests to get the next page of results. - string page_token = 4; -} - -// ListUsableSubnetworksResponse is the response of -// ListUsableSubnetworksRequest. -message ListUsableSubnetworksResponse { - // A list of usable subnetworks in the specified network project. - repeated UsableSubnetwork subnetworks = 1; - - // This token allows you to get the next page of results for list requests. - // If the number of results is larger than `page_size`, use the - // `next_page_token` as a value for the query parameter `page_token` in the - // next request. The value will become empty when there are no more pages. - string next_page_token = 2; -} - -// Secondary IP range of a usable subnetwork. -message UsableSubnetworkSecondaryRange { - // Status shows the current usage of a secondary IP range. - enum Status { - // UNKNOWN is the zero value of the Status enum. It's not a valid status. - UNKNOWN = 0; - - // UNUSED denotes that this range is unclaimed by any cluster. - UNUSED = 1; - - // IN_USE_SERVICE denotes that this range is claimed by a cluster for - // services. It cannot be used for other clusters. - IN_USE_SERVICE = 2; - - // IN_USE_SHAREABLE_POD denotes this range was created by the network admin - // and is currently claimed by a cluster for pods. It can only be used by - // other clusters as a pod range. - IN_USE_SHAREABLE_POD = 3; - - // IN_USE_MANAGED_POD denotes this range was created by GKE and is claimed - // for pods. It cannot be used for other clusters. - IN_USE_MANAGED_POD = 4; - } - - // The name associated with this subnetwork secondary range, used when adding - // an alias IP range to a VM instance. - string range_name = 1; - - // The range of IP addresses belonging to this subnetwork secondary range. - string ip_cidr_range = 2; - - // This field is to determine the status of the secondary range programmably. - Status status = 3; -} - -// UsableSubnetwork resource returns the subnetwork name, its associated network -// and the primary CIDR range. -message UsableSubnetwork { - // Subnetwork Name. - // Example: projects/my-project/regions/us-central1/subnetworks/my-subnet - string subnetwork = 1; - - // Network Name. - // Example: projects/my-project/global/networks/my-network - string network = 2; - - // The range of internal addresses that are owned by this subnetwork. - string ip_cidr_range = 3; - - // Secondary IP ranges. - repeated UsableSubnetworkSecondaryRange secondary_ip_ranges = 4; - - // A human readable status message representing the reasons for cases where - // the caller cannot use the secondary ranges under the subnet. For example if - // the secondary_ip_ranges is empty due to a permission issue, an insufficient - // permission message will be given by status_message. - string status_message = 5; -} - -// Configuration for exporting cluster resource usages. -message ResourceUsageExportConfig { - // Parameters for using BigQuery as the destination of resource usage export. - message BigQueryDestination { - // The ID of a BigQuery Dataset. - string dataset_id = 1; - } - - // Parameters for controlling consumption metering. - message ConsumptionMeteringConfig { - // Whether to enable consumption metering for this cluster. If enabled, a - // second BigQuery table will be created to hold resource consumption - // records. - bool enabled = 1; - } - - // Configuration to use BigQuery as usage export destination. - BigQueryDestination bigquery_destination = 1; - - // Whether to enable network egress metering for this cluster. If enabled, a - // daemonset will be created in the cluster to meter network egress traffic. - bool enable_network_egress_metering = 2; - - // Configuration to enable resource consumption metering. - ConsumptionMeteringConfig consumption_metering_config = 3; -} - -// VerticalPodAutoscaling contains global, per-cluster information -// required by Vertical Pod Autoscaler to automatically adjust -// the resources of pods controlled by it. -message VerticalPodAutoscaling { - // Enables vertical pod autoscaling. - bool enabled = 1; -} - -// DefaultSnatStatus contains the desired state of whether default sNAT should -// be disabled on the cluster. -message DefaultSnatStatus { - // Disables cluster default sNAT rules. - bool disabled = 1; -} - -// Configuration of Shielded Nodes feature. -message ShieldedNodes { - // Whether Shielded Nodes features are enabled on all nodes in this cluster. - bool enabled = 1; -} diff --git a/google/cloud/container_v1beta1/proto/__init__.py b/google/cloud/container_v1beta1/proto/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/google/cloud/container_v1beta1/proto/cluster_service.proto b/google/cloud/container_v1beta1/proto/cluster_service.proto deleted file mode 100644 index fa4c3ba3..00000000 --- a/google/cloud/container_v1beta1/proto/cluster_service.proto +++ /dev/null @@ -1,4077 +0,0 @@ -// Copyright 2020 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.container.v1beta1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/protobuf/empty.proto"; -import "google/protobuf/timestamp.proto"; -import "google/protobuf/wrappers.proto"; -import "google/rpc/code.proto"; -import "google/rpc/status.proto"; - -option csharp_namespace = "Google.Cloud.Container.V1Beta1"; -option go_package = "google.golang.org/genproto/googleapis/container/v1beta1;container"; -option java_multiple_files = true; -option java_outer_classname = "ClusterServiceProto"; -option java_package = "com.google.container.v1beta1"; -option php_namespace = "Google\\Cloud\\Container\\V1beta1"; -option ruby_package = "Google::Cloud::Container::V1beta1"; -option (google.api.resource_definition) = { - type: "pubsub.googleapis.com/Topic" - pattern: "projects/{project}/topics/{topic}" -}; - -// Google Kubernetes Engine Cluster Manager v1beta1 -service ClusterManager { - option (google.api.default_host) = "container.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // Lists all clusters owned by a project in either the specified zone or all - // zones. - rpc ListClusters(ListClustersRequest) returns (ListClustersResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*/locations/*}/clusters" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/clusters" - } - }; - option (google.api.method_signature) = "project_id,zone"; - } - - // Gets the details for a specific cluster. - rpc GetCluster(GetClusterRequest) returns (Cluster) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/locations/*/clusters/*}" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - } - - // Creates a cluster, consisting of the specified number and type of Google - // Compute Engine instances. - // - // By default, the cluster is created in the project's - // [default - // network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). - // - // One firewall is added for the cluster. After cluster creation, - // the Kubelet creates routes for each node to allow the containers - // on that node to communicate with all other instances in the - // cluster. - // - // Finally, an entry is added to the project's global metadata indicating - // which CIDR range the cluster is using. - rpc CreateCluster(CreateClusterRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{parent=projects/*/locations/*}/clusters" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster"; - } - - // Updates the settings for a specific cluster. - rpc UpdateCluster(UpdateClusterRequest) returns (Operation) { - option (google.api.http) = { - put: "/v1beta1/{name=projects/*/locations/*/clusters/*}" - body: "*" - additional_bindings { - put: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,update"; - } - - // Updates the version and/or image type of a specific node pool. - rpc UpdateNodePool(UpdateNodePoolRequest) returns (Operation) { - option (google.api.http) = { - put: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/update" - body: "*" - } - }; - } - - // Sets the autoscaling settings of a specific node pool. - rpc SetNodePoolAutoscaling(SetNodePoolAutoscalingRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setAutoscaling" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/autoscaling" - body: "*" - } - }; - } - - // Sets the logging service for a specific cluster. - rpc SetLoggingService(SetLoggingServiceRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setLogging" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/logging" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,logging_service"; - } - - // Sets the monitoring service for a specific cluster. - rpc SetMonitoringService(SetMonitoringServiceRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setMonitoring" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/monitoring" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,monitoring_service"; - } - - // Sets the addons for a specific cluster. - rpc SetAddonsConfig(SetAddonsConfigRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setAddons" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/addons" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,addons_config"; - } - - // Sets the locations for a specific cluster. - // Deprecated. Use - // [projects.locations.clusters.update](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters/update) - // instead. - rpc SetLocations(SetLocationsRequest) returns (Operation) { - option deprecated = true; - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setLocations" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/locations" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,locations"; - } - - // Updates the master for a specific cluster. - rpc UpdateMaster(UpdateMasterRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:updateMaster" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/master" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,master_version"; - } - - // Sets master auth materials. Currently supports changing the admin password - // or a specific cluster, either via password generation or explicitly setting - // the password. - rpc SetMasterAuth(SetMasterAuthRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setMasterAuth" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMasterAuth" - body: "*" - } - }; - } - - // Deletes the cluster, including the Kubernetes endpoint and all worker - // nodes. - // - // Firewalls and routes that were configured during cluster creation - // are also deleted. - // - // Other Google Compute Engine resources that might be in use by the cluster, - // such as load balancer resources, are not deleted if they weren't present - // when the cluster was initially created. - rpc DeleteCluster(DeleteClusterRequest) returns (Operation) { - option (google.api.http) = { - delete: "/v1beta1/{name=projects/*/locations/*/clusters/*}" - additional_bindings { - delete: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - } - - // Lists all operations in a project in the specified zone or all zones. - rpc ListOperations(ListOperationsRequest) returns (ListOperationsResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*/locations/*}/operations" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/operations" - } - }; - option (google.api.method_signature) = "project_id,zone"; - } - - // Gets the specified operation. - rpc GetOperation(GetOperationRequest) returns (Operation) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/locations/*/operations/*}" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/operations/{operation_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,operation_id"; - } - - // Cancels the specified operation. - rpc CancelOperation(CancelOperationRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/operations/*}:cancel" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/operations/{operation_id}:cancel" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,operation_id"; - } - - // Returns configuration info about the Google Kubernetes Engine service. - rpc GetServerConfig(GetServerConfigRequest) returns (ServerConfig) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/locations/*}/serverConfig" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/serverconfig" - } - }; - option (google.api.method_signature) = "project_id,zone"; - } - - // Lists the node pools for a cluster. - rpc ListNodePools(ListNodePoolsRequest) returns (ListNodePoolsResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*/locations/*/clusters/*}/nodePools" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - } - - // Gets the public component of the cluster signing keys in - // JSON Web Key format. - // This API is not yet intended for general use, and is not available for all - // clusters. - rpc GetJSONWebKeys(GetJSONWebKeysRequest) returns (GetJSONWebKeysResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*/locations/*/clusters/*}/jwks" - }; - } - - // Retrieves the requested node pool. - rpc GetNodePool(GetNodePoolRequest) returns (NodePool) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - additional_bindings { - get: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - } - - // Creates a node pool for a cluster. - rpc CreateNodePool(CreateNodePoolRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{parent=projects/*/locations/*/clusters/*}/nodePools" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool"; - } - - // Deletes a node pool from a cluster. - rpc DeleteNodePool(DeleteNodePoolRequest) returns (Operation) { - option (google.api.http) = { - delete: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}" - additional_bindings { - delete: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - } - - // Rolls back a previously Aborted or Failed NodePool upgrade. - // This makes no changes if the last upgrade successfully completed. - rpc RollbackNodePoolUpgrade(RollbackNodePoolUpgradeRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}:rollback" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}:rollback" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id"; - } - - // Sets the NodeManagement options for a node pool. - rpc SetNodePoolManagement(SetNodePoolManagementRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setManagement" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setManagement" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,node_pool_id,management"; - } - - // Sets labels on a cluster. - rpc SetLabels(SetLabelsRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setResourceLabels" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/resourceLabels" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,resource_labels,label_fingerprint"; - } - - // Enables or disables the ABAC authorization mechanism on a cluster. - rpc SetLegacyAbac(SetLegacyAbacRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setLegacyAbac" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/legacyAbac" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,enabled"; - } - - // Starts master IP rotation. - rpc StartIPRotation(StartIPRotationRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:startIpRotation" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:startIpRotation" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - } - - // Completes master IP rotation. - rpc CompleteIPRotation(CompleteIPRotationRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:completeIpRotation" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:completeIpRotation" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id"; - } - - // Sets the size for a specific node pool. - rpc SetNodePoolSize(SetNodePoolSizeRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*/nodePools/*}:setSize" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}/nodePools/{node_pool_id}/setSize" - body: "*" - } - }; - } - - // Enables or disables Network Policy for a cluster. - rpc SetNetworkPolicy(SetNetworkPolicyRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setNetworkPolicy" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setNetworkPolicy" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,network_policy"; - } - - // Sets the maintenance policy for a cluster. - rpc SetMaintenancePolicy(SetMaintenancePolicyRequest) returns (Operation) { - option (google.api.http) = { - post: "/v1beta1/{name=projects/*/locations/*/clusters/*}:setMaintenancePolicy" - body: "*" - additional_bindings { - post: "/v1beta1/projects/{project_id}/zones/{zone}/clusters/{cluster_id}:setMaintenancePolicy" - body: "*" - } - }; - option (google.api.method_signature) = "project_id,zone,cluster_id,maintenance_policy"; - } - - // Lists subnetworks that can be used for creating clusters in a project. - rpc ListUsableSubnetworks(ListUsableSubnetworksRequest) returns (ListUsableSubnetworksResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*}/aggregated/usableSubnetworks" - }; - option (google.api.method_signature) = "parent"; - } - - // Fetches locations that offer Google Kubernetes Engine. - rpc ListLocations(ListLocationsRequest) returns (ListLocationsResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*}/locations" - }; - option (google.api.method_signature) = "parent"; - } -} - -// Parameters that can be configured on Linux nodes. -message LinuxNodeConfig { - // The Linux kernel parameters to be applied to the nodes and all pods running - // on the nodes. - // - // The following parameters are supported. - // - // net.core.netdev_max_backlog - // net.core.rmem_max - // net.core.wmem_default - // net.core.wmem_max - // net.core.optmem_max - // net.core.somaxconn - // net.ipv4.tcp_rmem - // net.ipv4.tcp_wmem - // net.ipv4.tcp_tw_reuse - map sysctls = 1; -} - -// Node kubelet configs. -message NodeKubeletConfig { - // Control the CPU management policy on the node. - // See - // https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ - // - // The following values are allowed. - // - "none": the default, which represents the existing scheduling behavior. - // - "static": allows pods with certain resource characteristics to be - // granted increased CPU affinity and exclusivity on the node. - // The default value is 'none' if unspecified. - string cpu_manager_policy = 1; - - // Enable CPU CFS quota enforcement for containers that specify CPU limits. - // - // This option is enabled by default which makes kubelet use CFS quota - // (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to - // enforce container CPU limits. Otherwise, CPU limits will not be enforced at - // all. - // - // Disable this option to mitigate CPU throttling problems while still having - // your pods to be in Guaranteed QoS class by specifying the CPU limits. - // - // The default value is 'true' if unspecified. - google.protobuf.BoolValue cpu_cfs_quota = 2; - - // Set the CPU CFS quota period value 'cpu.cfs_period_us'. - // - // The string must be a sequence of decimal numbers, each with optional - // fraction and a unit suffix, such as "300ms". - // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". - // The value must be a positive duration. - string cpu_cfs_quota_period = 3; -} - -// Parameters that describe the nodes in a cluster. -message NodeConfig { - // The name of a Google Compute Engine [machine - // type](https://cloud.google.com/compute/docs/machine-types). - // - // If unspecified, the default machine type is - // `e2-medium`. - string machine_type = 1; - - // Size of the disk attached to each node, specified in GB. - // The smallest allowed disk size is 10GB. - // - // If unspecified, the default disk size is 100GB. - int32 disk_size_gb = 2; - - // The set of Google API scopes to be made available on all of the - // node VMs under the "default" service account. - // - // The following scopes are recommended, but not required, and by default are - // not included: - // - // * `https://www.googleapis.com/auth/compute` is required for mounting - // persistent storage on your nodes. - // * `https://www.googleapis.com/auth/devstorage.read_only` is required for - // communicating with **gcr.io** - // (the [Google Container - // Registry](https://cloud.google.com/container-registry/)). - // - // If unspecified, no scopes are added, unless Cloud Logging or Cloud - // Monitoring are enabled, in which case their required scopes will be added. - repeated string oauth_scopes = 3; - - // The Google Cloud Platform Service Account to be used by the node VMs. - // Specify the email address of the Service Account; otherwise, if no Service - // Account is specified, the "default" service account is used. - string service_account = 9; - - // The metadata key/value pairs assigned to instances in the cluster. - // - // Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes - // in length. These are reflected as part of a URL in the metadata server. - // Additionally, to avoid ambiguity, keys must not conflict with any other - // metadata keys for the project or be one of the reserved keys: - // - "cluster-location" - // - "cluster-name" - // - "cluster-uid" - // - "configure-sh" - // - "containerd-configure-sh" - // - "enable-oslogin" - // - "gci-ensure-gke-docker" - // - "gci-metrics-enabled" - // - "gci-update-strategy" - // - "instance-template" - // - "kube-env" - // - "startup-script" - // - "user-data" - // - "disable-address-manager" - // - "windows-startup-script-ps1" - // - "common-psm1" - // - "k8s-node-setup-psm1" - // - "install-ssh-psm1" - // - "user-profile-psm1" - // - // The following keys are reserved for Windows nodes: - // - "serial-port-logging-enable" - // - // Values are free-form strings, and only have meaning as interpreted by - // the image running in the instance. The only restriction placed on them is - // that each value's size must be less than or equal to 32 KB. - // - // The total size of all keys and values must be less than 512 KB. - map metadata = 4; - - // The image type to use for this node. Note that for a given image type, - // the latest version of it will be used. - string image_type = 5; - - // The map of Kubernetes labels (key/value pairs) to be applied to each node. - // These will added in addition to any default label(s) that - // Kubernetes may apply to the node. - // In case of conflict in label keys, the applied set may differ depending on - // the Kubernetes version -- it's best to assume the behavior is undefined - // and conflicts should be avoided. - // For more information, including usage and the valid values, see: - // https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - map labels = 6; - - // The number of local SSD disks to be attached to the node. - // - // The limit for this value is dependent upon the maximum number of - // disks available on a machine per zone. See: - // https://cloud.google.com/compute/docs/disks/local-ssd - // for more information. - int32 local_ssd_count = 7; - - // The list of instance tags applied to all nodes. Tags are used to identify - // valid sources or targets for network firewalls and are specified by - // the client during cluster or node pool creation. Each tag within the list - // must comply with RFC1035. - repeated string tags = 8; - - // Whether the nodes are created as preemptible VM instances. See: - // https://cloud.google.com/compute/docs/instances/preemptible for more - // inforamtion about preemptible VM instances. - bool preemptible = 10; - - // A list of hardware accelerators to be attached to each node. - // See https://cloud.google.com/compute/docs/gpus for more information about - // support for GPUs. - repeated AcceleratorConfig accelerators = 11; - - // Sandbox configuration for this node. - SandboxConfig sandbox_config = 17; - - // Setting this field will assign instances of this - // pool to run on the specified node group. This is useful for running - // workloads on [sole tenant - // nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes). - string node_group = 18; - - // The optional reservation affinity. Setting this field will apply - // the specified [Zonal Compute - // Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) - // to this node pool. - ReservationAffinity reservation_affinity = 19; - - // Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or - // 'pd-balanced') - // - // If unspecified, the default disk type is 'pd-standard' - string disk_type = 12; - - // Minimum CPU platform to be used by this instance. The instance may be - // scheduled on the specified or newer CPU platform. Applicable values are the - // friendly names of CPU platforms, such as - // `minCpuPlatform: "Intel Haswell"` or - // `minCpuPlatform: "Intel Sandy Bridge"`. For more - // information, read [how to specify min CPU - // platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) - string min_cpu_platform = 13; - - // The workload metadata configuration for this node. - WorkloadMetadataConfig workload_metadata_config = 14; - - // List of kubernetes taints to be applied to each node. - // - // For more information, including usage and the valid values, see: - // https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - repeated NodeTaint taints = 15; - - // - // The Customer Managed Encryption Key used to encrypt the boot disk attached - // to each node in the node pool. This should be of the form - // projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. - // For more information about protecting resources with Cloud KMS Keys please - // see: - // https://cloud.google.com/compute/docs/disks/customer-managed-encryption - string boot_disk_kms_key = 23; - - // Shielded Instance options. - ShieldedInstanceConfig shielded_instance_config = 20; - - // Parameters that can be configured on Linux nodes. - LinuxNodeConfig linux_node_config = 21; - - // Node kubelet configs. - NodeKubeletConfig kubelet_config = 22; - - // Parameters for the ephemeral storage filesystem. - // If unspecified, ephemeral storage is backed by the boot disk. - EphemeralStorageConfig ephemeral_storage_config = 24; -} - -// A set of Shielded Instance options. -message ShieldedInstanceConfig { - // Defines whether the instance has Secure Boot enabled. - // - // Secure Boot helps ensure that the system only runs authentic software by - // verifying the digital signature of all boot components, and halting the - // boot process if signature verification fails. - bool enable_secure_boot = 1; - - // Defines whether the instance has integrity monitoring enabled. - // - // Enables monitoring and attestation of the boot integrity of the instance. - // The attestation is performed against the integrity policy baseline. This - // baseline is initially derived from the implicitly trusted boot image when - // the instance is created. - bool enable_integrity_monitoring = 2; -} - -// SandboxConfig contains configurations of the sandbox to use for the node. -message SandboxConfig { - // Possible types of sandboxes. - enum Type { - // Default value. This should not be used. - UNSPECIFIED = 0; - - // Run sandbox using gvisor. - GVISOR = 1; - } - - // Type of the sandbox to use for the node (e.g. 'gvisor') - string sandbox_type = 1 [deprecated = true]; - - // Type of the sandbox to use for the node. - Type type = 2; -} - -// EphemeralStorageConfig contains configuration for the ephemeral storage -// filesystem. -message EphemeralStorageConfig { - // Number of local SSDs to use to back ephemeral storage. Uses NVMe - // interfaces. Each local SSD is 375 GB in size. - // If zero, it means to disable using local SSDs as ephemeral storage. - int32 local_ssd_count = 1; -} - -// [ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) -// is the configuration of desired reservation which instances could take -// capacity from. -message ReservationAffinity { - // Indicates whether to consume capacity from a reservation or not. - enum Type { - // Default value. This should not be used. - UNSPECIFIED = 0; - - // Do not consume from any reserved capacity. - NO_RESERVATION = 1; - - // Consume any reservation available. - ANY_RESERVATION = 2; - - // Must consume from a specific reservation. Must specify key value fields - // for specifying the reservations. - SPECIFIC_RESERVATION = 3; - } - - // Corresponds to the type of reservation consumption. - Type consume_reservation_type = 1; - - // Corresponds to the label key of a reservation resource. To target a - // SPECIFIC_RESERVATION by name, specify "googleapis.com/reservation-name" as - // the key and specify the name of your reservation as its value. - string key = 2; - - // Corresponds to the label value(s) of reservation resource(s). - repeated string values = 3; -} - -// Kubernetes taint is comprised of three fields: key, value, and effect. Effect -// can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. -// -// See -// [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) -// for more information, including usage and the valid values. -message NodeTaint { - // Possible values for Effect in taint. - enum Effect { - // Not set - EFFECT_UNSPECIFIED = 0; - - // NoSchedule - NO_SCHEDULE = 1; - - // PreferNoSchedule - PREFER_NO_SCHEDULE = 2; - - // NoExecute - NO_EXECUTE = 3; - } - - // Key for taint. - string key = 1; - - // Value for taint. - string value = 2; - - // Effect for taint. - Effect effect = 3; -} - -// The authentication information for accessing the master endpoint. -// Authentication can be done using HTTP basic auth or using client -// certificates. -message MasterAuth { - // The username to use for HTTP basic authentication to the master endpoint. - // For clusters v1.6.0 and later, basic authentication can be disabled by - // leaving username unspecified (or setting it to the empty string). - // - // Warning: basic authentication is deprecated, and will be removed in GKE - // control plane versions 1.19 and newer. For a list of recommended - // authentication methods, see: - // https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication - string username = 1 [deprecated = true]; - - // The password to use for HTTP basic authentication to the master endpoint. - // Because the master endpoint is open to the Internet, you should create a - // strong password. If a password is provided for cluster creation, username - // must be non-empty. - // - // Warning: basic authentication is deprecated, and will be removed in GKE - // control plane versions 1.19 and newer. For a list of recommended - // authentication methods, see: - // https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication - string password = 2 [deprecated = true]; - - // Configuration for client certificate authentication on the cluster. For - // clusters before v1.12, if no configuration is specified, a client - // certificate is issued. - ClientCertificateConfig client_certificate_config = 3; - - string cluster_ca_certificate = 100; - - // [Output only] Base64-encoded public certificate used by clients to - // authenticate to the cluster endpoint. - string client_certificate = 101; - - // [Output only] Base64-encoded private key used by clients to authenticate - // to the cluster endpoint. - string client_key = 102; -} - -// Configuration for client certificates on the cluster. -message ClientCertificateConfig { - // Issue a client certificate. - bool issue_client_certificate = 1; -} - -// Configuration for the addons that can be automatically spun up in the -// cluster, enabling additional functionality. -message AddonsConfig { - // Configuration for the HTTP (L7) load balancing controller addon, which - // makes it easy to set up HTTP load balancers for services in a cluster. - HttpLoadBalancing http_load_balancing = 1; - - // Configuration for the horizontal pod autoscaling feature, which - // increases or decreases the number of replica pods a replication controller - // has based on the resource usage of the existing pods. - HorizontalPodAutoscaling horizontal_pod_autoscaling = 2; - - // Configuration for the Kubernetes Dashboard. - // This addon is deprecated, and will be disabled in 1.15. It is recommended - // to use the Cloud Console to manage and monitor your Kubernetes clusters, - // workloads and applications. For more information, see: - // https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards - KubernetesDashboard kubernetes_dashboard = 3 [deprecated = true]; - - // Configuration for NetworkPolicy. This only tracks whether the addon - // is enabled or not on the Master, it does not track whether network policy - // is enabled for the nodes. - NetworkPolicyConfig network_policy_config = 4; - - // Configuration for Istio, an open platform to connect, manage, and secure - // microservices. - IstioConfig istio_config = 5; - - // Configuration for the Cloud Run addon. The `IstioConfig` addon must be - // enabled in order to enable Cloud Run addon. This option can only be enabled - // at cluster creation time. - CloudRunConfig cloud_run_config = 7; - - // Configuration for NodeLocalDNS, a dns cache running on cluster nodes - DnsCacheConfig dns_cache_config = 8; - - // Configuration for the ConfigConnector add-on, a Kubernetes - // extension to manage hosted GCP services through the Kubernetes API - ConfigConnectorConfig config_connector_config = 10; - - // Configuration for the Compute Engine Persistent Disk CSI driver. - GcePersistentDiskCsiDriverConfig gce_persistent_disk_csi_driver_config = 11; - - // Configuration for the KALM addon, which manages the lifecycle of k8s - // applications. - KalmConfig kalm_config = 12; -} - -// Configuration options for the HTTP (L7) load balancing controller addon, -// which makes it easy to set up HTTP load balancers for services in a cluster. -message HttpLoadBalancing { - // Whether the HTTP Load Balancing controller is enabled in the cluster. - // When enabled, it runs a small pod in the cluster that manages the load - // balancers. - bool disabled = 1; -} - -// Configuration options for the horizontal pod autoscaling feature, which -// increases or decreases the number of replica pods a replication controller -// has based on the resource usage of the existing pods. -message HorizontalPodAutoscaling { - // Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. - // When enabled, it ensures that metrics are collected into Stackdriver - // Monitoring. - bool disabled = 1; -} - -// Configuration for the Kubernetes Dashboard. -message KubernetesDashboard { - // Whether the Kubernetes Dashboard is enabled for this cluster. - bool disabled = 1; -} - -// Configuration for NetworkPolicy. This only tracks whether the addon -// is enabled or not on the Master, it does not track whether network policy -// is enabled for the nodes. -message NetworkPolicyConfig { - // Whether NetworkPolicy is enabled for this cluster. - bool disabled = 1; -} - -// Configuration for NodeLocal DNSCache -message DnsCacheConfig { - // Whether NodeLocal DNSCache is enabled for this cluster. - bool enabled = 1; -} - -// Configuration options for the KALM addon. -message KalmConfig { - // Whether KALM is enabled for this cluster. - bool enabled = 1; -} - -// Configuration options for the Config Connector add-on. -message ConfigConnectorConfig { - // Whether Cloud Connector is enabled for this cluster. - bool enabled = 1; -} - -// Configuration for the Compute Engine PD CSI driver. This option can only be -// enabled at cluster creation time. -message GcePersistentDiskCsiDriverConfig { - // Whether the Compute Engine PD CSI driver is enabled for this cluster. - bool enabled = 1; -} - -// Configuration for controlling master global access settings. -message PrivateClusterMasterGlobalAccessConfig { - // Whenever master is accessible globally or not. - bool enabled = 1; -} - -// Configuration options for private clusters. -message PrivateClusterConfig { - // Whether nodes have internal IP addresses only. If enabled, all nodes are - // given only RFC 1918 private addresses and communicate with the master via - // private networking. - bool enable_private_nodes = 1; - - // Whether the master's internal IP address is used as the cluster endpoint. - bool enable_private_endpoint = 2; - - // The IP range in CIDR notation to use for the hosted master network. This - // range will be used for assigning internal IP addresses to the master or - // set of masters, as well as the ILB VIP. This range must not overlap with - // any other ranges in use within the cluster's network. - string master_ipv4_cidr_block = 3; - - // Output only. The internal IP address of this cluster's master endpoint. - string private_endpoint = 4; - - // Output only. The external IP address of this cluster's master endpoint. - string public_endpoint = 5; - - // Output only. The peering name in the customer VPC used by this cluster. - string peering_name = 7; - - // Controls master global access settings. - PrivateClusterMasterGlobalAccessConfig master_global_access_config = 8; -} - -// Configuration options for Istio addon. -message IstioConfig { - // Istio auth mode, https://istio.io/docs/concepts/security/mutual-tls.html - enum IstioAuthMode { - // auth not enabled - AUTH_NONE = 0; - - // auth mutual TLS enabled - AUTH_MUTUAL_TLS = 1; - } - - // Whether Istio is enabled for this cluster. - bool disabled = 1; - - // The specified Istio auth mode, either none, or mutual TLS. - IstioAuthMode auth = 2; -} - -// Configuration options for the Cloud Run feature. -message CloudRunConfig { - // Load balancer type of ingress service of Cloud Run. - enum LoadBalancerType { - // Load balancer type for Cloud Run is unspecified. - LOAD_BALANCER_TYPE_UNSPECIFIED = 0; - - // Install external load balancer for Cloud Run. - LOAD_BALANCER_TYPE_EXTERNAL = 1; - - // Install internal load balancer for Cloud Run. - LOAD_BALANCER_TYPE_INTERNAL = 2; - } - - // Whether Cloud Run addon is enabled for this cluster. - bool disabled = 1; - - // Which load balancer type is installed for Cloud Run. - LoadBalancerType load_balancer_type = 3; -} - -// Configuration options for the master authorized networks feature. Enabled -// master authorized networks will disallow all external traffic to access -// Kubernetes master through HTTPS except traffic from the given CIDR blocks, -// Google Compute Engine Public IPs and Google Prod IPs. -message MasterAuthorizedNetworksConfig { - // CidrBlock contains an optional name and one CIDR block. - message CidrBlock { - // display_name is an optional field for users to identify CIDR blocks. - string display_name = 1; - - // cidr_block must be specified in CIDR notation. - string cidr_block = 2; - } - - // Whether or not master authorized networks is enabled. - bool enabled = 1; - - // cidr_blocks define up to 10 external networks that could access - // Kubernetes master through HTTPS. - repeated CidrBlock cidr_blocks = 2; -} - -// Configuration for the legacy Attribute Based Access Control authorization -// mode. -message LegacyAbac { - // Whether the ABAC authorizer is enabled for this cluster. When enabled, - // identities in the system, including service accounts, nodes, and - // controllers, will have statically granted permissions beyond those - // provided by the RBAC configuration or IAM. - bool enabled = 1; -} - -// Configuration options for the NetworkPolicy feature. -// https://kubernetes.io/docs/concepts/services-networking/networkpolicies/ -message NetworkPolicy { - // Allowed Network Policy providers. - enum Provider { - // Not set - PROVIDER_UNSPECIFIED = 0; - - // Tigera (Calico Felix). - CALICO = 1; - } - - // The selected network policy provider. - Provider provider = 1; - - // Whether network policy is enabled on the cluster. - bool enabled = 2; -} - -// Configuration for controlling how IPs are allocated in the cluster. -message IPAllocationPolicy { - // Whether alias IPs will be used for pod IPs in the cluster. - // This is used in conjunction with use_routes. It cannot - // be true if use_routes is true. If both use_ip_aliases and use_routes are - // false, then the server picks the default IP allocation mode - bool use_ip_aliases = 1; - - // Whether a new subnetwork will be created automatically for the cluster. - // - // This field is only applicable when `use_ip_aliases` is true. - bool create_subnetwork = 2; - - // A custom subnetwork name to be used if `create_subnetwork` is true. If - // this field is empty, then an automatic name will be chosen for the new - // subnetwork. - string subnetwork_name = 3; - - // This field is deprecated, use cluster_ipv4_cidr_block. - string cluster_ipv4_cidr = 4 [deprecated = true]; - - // This field is deprecated, use node_ipv4_cidr_block. - string node_ipv4_cidr = 5 [deprecated = true]; - - // This field is deprecated, use services_ipv4_cidr_block. - string services_ipv4_cidr = 6 [deprecated = true]; - - // The name of the secondary range to be used for the cluster CIDR - // block. The secondary range will be used for pod IP - // addresses. This must be an existing secondary range associated - // with the cluster subnetwork. - // - // This field is only applicable with use_ip_aliases and - // create_subnetwork is false. - string cluster_secondary_range_name = 7; - - // The name of the secondary range to be used as for the services - // CIDR block. The secondary range will be used for service - // ClusterIPs. This must be an existing secondary range associated - // with the cluster subnetwork. - // - // This field is only applicable with use_ip_aliases and - // create_subnetwork is false. - string services_secondary_range_name = 8; - - // The IP address range for the cluster pod IPs. If this field is set, then - // `cluster.cluster_ipv4_cidr` must be left blank. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string cluster_ipv4_cidr_block = 9; - - // The IP address range of the instance IPs in this cluster. - // - // This is applicable only if `create_subnetwork` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string node_ipv4_cidr_block = 10; - - // The IP address range of the services IPs in this cluster. If blank, a range - // will be automatically chosen with the default size. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // Set to blank to have a range chosen with the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - string services_ipv4_cidr_block = 11; - - // If true, allow allocation of cluster CIDR ranges that overlap with certain - // kinds of network routes. By default we do not allow cluster CIDR ranges to - // intersect with any user declared routes. With allow_route_overlap == true, - // we allow overlapping with CIDR ranges that are larger than the cluster CIDR - // range. - // - // If this field is set to true, then cluster and services CIDRs must be - // fully-specified (e.g. `10.96.0.0/14`, but not `/14`), which means: - // 1) When `use_ip_aliases` is true, `cluster_ipv4_cidr_block` and - // `services_ipv4_cidr_block` must be fully-specified. - // 2) When `use_ip_aliases` is false, `cluster.cluster_ipv4_cidr` muse be - // fully-specified. - bool allow_route_overlap = 12; - - // The IP address range of the Cloud TPUs in this cluster. If unspecified, a - // range will be automatically chosen with the default size. - // - // This field is only applicable when `use_ip_aliases` is true. - // - // If unspecified, the range will use the default size. - // - // Set to /netmask (e.g. `/14`) to have a range chosen with a specific - // netmask. - // - // Set to a - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. - // `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range - // to use. - // This field is deprecated, use cluster.tpu_config.ipv4_cidr_block instead. - string tpu_ipv4_cidr_block = 13; - - // Whether routes will be used for pod IPs in the cluster. - // This is used in conjunction with use_ip_aliases. It cannot be true if - // use_ip_aliases is true. If both use_ip_aliases and use_routes are false, - // then the server picks the default IP allocation mode - bool use_routes = 15; -} - -// Configuration for Binary Authorization. -message BinaryAuthorization { - // Enable Binary Authorization for this cluster. If enabled, all container - // images will be validated by Google Binauthz. - bool enabled = 1; -} - -// Configuration for the PodSecurityPolicy feature. -message PodSecurityPolicyConfig { - // Enable the PodSecurityPolicy controller for this cluster. If enabled, pods - // must be valid under a PodSecurityPolicy to be created. - bool enabled = 1; -} - -// Configuration for returning group information from authenticators. -message AuthenticatorGroupsConfig { - // Whether this cluster should return group membership lookups - // during authentication using a group of security groups. - bool enabled = 1; - - // The name of the security group-of-groups to be used. Only relevant - // if enabled = true. - string security_group = 2; -} - -// Telemetry integration for the cluster. -message ClusterTelemetry { - // Type of the integration. - enum Type { - // Not set. - UNSPECIFIED = 0; - - // Monitoring integration is disabled. - DISABLED = 1; - - // Monitoring integration is enabled. - ENABLED = 2; - - // Only system components are monitored and logged. - SYSTEM_ONLY = 3; - } - - // Type of the integration. - Type type = 1; -} - -// A Google Kubernetes Engine cluster. -message Cluster { - // The current status of the cluster. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The PROVISIONING state indicates the cluster is being created. - PROVISIONING = 1; - - // The RUNNING state indicates the cluster has been created and is fully - // usable. - RUNNING = 2; - - // The RECONCILING state indicates that some work is actively being done on - // the cluster, such as upgrading the master or node software. Details can - // be found in the `statusMessage` field. - RECONCILING = 3; - - // The STOPPING state indicates the cluster is being deleted. - STOPPING = 4; - - // The ERROR state indicates the cluster may be unusable. Details - // can be found in the `statusMessage` field. - ERROR = 5; - - // The DEGRADED state indicates the cluster requires user action to restore - // full functionality. Details can be found in the `statusMessage` field. - DEGRADED = 6; - } - - // The name of this cluster. The name must be unique within this project - // and location (e.g. zone or region), and can be up to 40 characters with - // the following restrictions: - // - // * Lowercase letters, numbers, and hyphens only. - // * Must start with a letter. - // * Must end with a number or a letter. - string name = 1; - - // An optional description of this cluster. - string description = 2; - - // The number of nodes to create in this cluster. You must ensure that your - // Compute Engine [resource quota](https://cloud.google.com/compute/quotas) - // is sufficient for this number of instances. You must also have available - // firewall and routes quota. - // For requests, this field should only be used in lieu of a - // "node_pool" object, since this configuration (along with the - // "node_config") will be used to create a "NodePool" object with an - // auto-generated name. Do not use this and a node_pool at the same time. - // - // This field is deprecated, use node_pool.initial_node_count instead. - int32 initial_node_count = 3 [deprecated = true]; - - // Parameters used in creating the cluster's nodes. - // For requests, this field should only be used in lieu of a - // "node_pool" object, since this configuration (along with the - // "initial_node_count") will be used to create a "NodePool" object with an - // auto-generated name. Do not use this and a node_pool at the same time. - // For responses, this field will be populated with the node configuration of - // the first node pool. (For configuration of each node pool, see - // `node_pool.config`) - // - // If unspecified, the defaults are used. - // This field is deprecated, use node_pool.config instead. - NodeConfig node_config = 4 [deprecated = true]; - - // The authentication information for accessing the master endpoint. - // If unspecified, the defaults are used: - // For clusters before v1.12, if master_auth is unspecified, `username` will - // be set to "admin", a random password will be generated, and a client - // certificate will be issued. - MasterAuth master_auth = 5; - - // The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string logging_service = 6; - - // The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string monitoring_service = 7; - - // The name of the Google Compute Engine - // [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) - // to which the cluster is connected. If left unspecified, the `default` - // network will be used. On output this shows the network ID instead of the - // name. - string network = 8; - - // The IP address range of the container pods in this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `10.96.0.0/14`). Leave blank to have - // one automatically chosen or specify a `/14` block in `10.0.0.0/8`. - string cluster_ipv4_cidr = 9; - - // Configurations for the various addons available to run in the cluster. - AddonsConfig addons_config = 10; - - // The name of the Google Compute Engine - // [subnetwork](https://cloud.google.com/compute/docs/subnetworks) to which - // the cluster is connected. On output this shows the subnetwork ID instead of - // the name. - string subnetwork = 11; - - // The node pools associated with this cluster. - // This field should not be set if "node_config" or "initial_node_count" are - // specified. - repeated NodePool node_pools = 12; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. - // - // This field provides a default value if - // [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - // are not specified during node pool creation. - // - // Warning: changing cluster locations will update the - // [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - // of all node pools and will result in nodes being added and/or removed. - repeated string locations = 13; - - // Kubernetes alpha features are enabled on this cluster. This includes alpha - // API groups (e.g. v1beta1) and features that may not be production ready in - // the kubernetes version of the master and nodes. - // The cluster has no SLA for uptime and master/node upgrades are disabled. - // Alpha enabled clusters are automatically deleted thirty days after - // creation. - bool enable_kubernetes_alpha = 14; - - // The resource labels for the cluster to use to annotate any related - // Google Compute Engine resources. - map resource_labels = 15; - - // The fingerprint of the set of labels for this cluster. - string label_fingerprint = 16; - - // Configuration for the legacy ABAC authorization mode. - LegacyAbac legacy_abac = 18; - - // Configuration options for the NetworkPolicy feature. - NetworkPolicy network_policy = 19; - - // Configuration for cluster IP allocation. - IPAllocationPolicy ip_allocation_policy = 20; - - // The configuration options for master authorized networks feature. - MasterAuthorizedNetworksConfig master_authorized_networks_config = 22; - - // Configure the maintenance policy for this cluster. - MaintenancePolicy maintenance_policy = 23; - - // Configuration for Binary Authorization. - BinaryAuthorization binary_authorization = 24; - - // Configuration for the PodSecurityPolicy feature. - PodSecurityPolicyConfig pod_security_policy_config = 25; - - // Cluster-level autoscaling configuration. - ClusterAutoscaling autoscaling = 26; - - // Configuration for cluster networking. - NetworkConfig network_config = 27; - - // If this is a private cluster setup. Private clusters are clusters that, by - // default have no external IP addresses on the nodes and where nodes and the - // master communicate over private IP addresses. - // This field is deprecated, use private_cluster_config.enable_private_nodes - // instead. - bool private_cluster = 28 [deprecated = true]; - - // The IP prefix in CIDR notation to use for the hosted master network. - // This prefix will be used for assigning private IP addresses to the - // master or set of masters, as well as the ILB VIP. - // This field is deprecated, use - // private_cluster_config.master_ipv4_cidr_block instead. - string master_ipv4_cidr_block = 29 [deprecated = true]; - - // The default constraint on the maximum number of pods that can be run - // simultaneously on a node in the node pool of this cluster. Only honored - // if cluster created with IP Alias support. - MaxPodsConstraint default_max_pods_constraint = 30; - - // Configuration for exporting resource usages. Resource usage export is - // disabled when this config unspecified. - ResourceUsageExportConfig resource_usage_export_config = 33; - - // Configuration controlling RBAC group membership information. - AuthenticatorGroupsConfig authenticator_groups_config = 34; - - // Configuration for private cluster. - PrivateClusterConfig private_cluster_config = 37; - - // Cluster-level Vertical Pod Autoscaling configuration. - VerticalPodAutoscaling vertical_pod_autoscaling = 39; - - // Shielded Nodes configuration. - ShieldedNodes shielded_nodes = 40; - - // Release channel configuration. - ReleaseChannel release_channel = 41; - - // Configuration for the use of Kubernetes Service Accounts in GCP IAM - // policies. - WorkloadIdentityConfig workload_identity_config = 43; - - // Telemetry integration for the cluster. - ClusterTelemetry cluster_telemetry = 46; - - // Configuration for Cloud TPU support; - TpuConfig tpu_config = 47; - - // Notification configuration of the cluster. - NotificationConfig notification_config = 49; - - // Configuration of Confidential Nodes - ConfidentialNodes confidential_nodes = 50; - - // [Output only] Server-defined URL for the resource. - string self_link = 100; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field is deprecated, use location instead. - string zone = 101 [deprecated = true]; - - // [Output only] The IP address of this cluster's master endpoint. - // The endpoint can be accessed from the internet at - // `https://username:password@endpoint/`. - // - // See the `masterAuth` property of this resource for username and - // password information. - string endpoint = 102; - - // The initial Kubernetes version for this cluster. Valid versions are those - // found in validMasterVersions returned by getServerConfig. The version can - // be upgraded over time; such upgrades are reflected in - // currentMasterVersion and currentNodeVersion. - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "","-": picks the default Kubernetes version - string initial_cluster_version = 103; - - // [Output only] The current software version of the master endpoint. - string current_master_version = 104; - - // [Output only] Deprecated, use - // [NodePool.version](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters.nodePools) - // instead. The current version of the node software components. - // If they are currently at multiple versions because they're in the process - // of being upgraded, this reflects the minimum version of all nodes. - string current_node_version = 105 [deprecated = true]; - - // [Output only] The time the cluster was created, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string create_time = 106; - - // [Output only] The current status of this cluster. - Status status = 107; - - // [Output only] Deprecated. Use conditions instead. - // Additional information about the current status of this - // cluster, if available. - string status_message = 108 [deprecated = true]; - - // [Output only] The size of the address space on each node for hosting - // containers. This is provisioned from within the `container_ipv4_cidr` - // range. This field will only be set when cluster is in route-based network - // mode. - int32 node_ipv4_cidr_size = 109; - - // [Output only] The IP address range of the Kubernetes services in - // this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `1.2.3.4/29`). Service addresses are - // typically put in the last `/16` from the container CIDR. - string services_ipv4_cidr = 110; - - // Deprecated. Use node_pools.instance_group_urls. - repeated string instance_group_urls = 111 [deprecated = true]; - - // [Output only] The number of nodes currently in the cluster. Deprecated. - // Call Kubernetes API directly to retrieve node information. - int32 current_node_count = 112 [deprecated = true]; - - // [Output only] The time the cluster will be automatically - // deleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string expire_time = 113; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // or - // [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // in which the cluster resides. - string location = 114; - - // Enable the ability to use Cloud TPUs in this cluster. - // This field is deprecated, use tpu_config.enabled instead. - bool enable_tpu = 115; - - // [Output only] The IP address range of the Cloud TPUs in this cluster, in - // [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - // notation (e.g. `1.2.3.4/29`). - string tpu_ipv4_cidr_block = 116; - - // Configuration of etcd encryption. - DatabaseEncryption database_encryption = 38; - - // Which conditions caused the current cluster state. - repeated StatusCondition conditions = 118; - - // Configuration for master components. - Master master = 124; -} - -// ClusterUpdate describes an update to the cluster. Exactly one update can -// be applied to a cluster with each request, so at most one field can be -// provided. -message ClusterUpdate { - // The Kubernetes version to change the nodes to (typically an - // upgrade). - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the Kubernetes master version - string desired_node_version = 4; - - // The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string desired_monitoring_service = 5; - - // Configurations for the various addons available to run in the cluster. - AddonsConfig desired_addons_config = 6; - - // The node pool to be upgraded. This field is mandatory if - // "desired_node_version", "desired_image_family", - // "desired_node_pool_autoscaling", or "desired_workload_metadata_config" - // is specified and there is more than one node pool on the cluster. - string desired_node_pool_id = 7; - - // The desired image type for the node pool. - // NOTE: Set the "desired_node_pool" field as well. - string desired_image_type = 8; - - // Autoscaler configuration for the node pool specified in - // desired_node_pool_id. If there is only one pool in the - // cluster and desired_node_pool_id is not provided then - // the change applies to that single node pool. - NodePoolAutoscaling desired_node_pool_autoscaling = 9; - - // The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. - // - // This list must always include the cluster's primary zone. - // - // Warning: changing cluster locations will update the locations of all node - // pools and will result in nodes being added and/or removed. - repeated string desired_locations = 10; - - // The desired configuration options for master authorized networks feature. - MasterAuthorizedNetworksConfig desired_master_authorized_networks_config = 12; - - // The desired configuration options for the PodSecurityPolicy feature. - PodSecurityPolicyConfig desired_pod_security_policy_config = 14; - - // Cluster-level autoscaling configuration. - ClusterAutoscaling desired_cluster_autoscaling = 15; - - // The desired configuration options for the Binary Authorization feature. - BinaryAuthorization desired_binary_authorization = 16; - - // The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string desired_logging_service = 19; - - // The desired configuration for exporting resource usage. - ResourceUsageExportConfig desired_resource_usage_export_config = 21; - - // Cluster-level Vertical Pod Autoscaling configuration. - VerticalPodAutoscaling desired_vertical_pod_autoscaling = 22; - - // The desired private cluster configuration. - PrivateClusterConfig desired_private_cluster_config = 25; - - // The desired config of Intra-node visibility. - IntraNodeVisibilityConfig desired_intra_node_visibility_config = 26; - - // The desired status of whether to disable default sNAT for this cluster. - DefaultSnatStatus desired_default_snat_status = 28; - - // The desired telemetry integration for the cluster. - ClusterTelemetry desired_cluster_telemetry = 30; - - // The desired release channel configuration. - ReleaseChannel desired_release_channel = 31; - - // The desired Cloud TPU configuration. - TpuConfig desired_tpu_config = 38; - - // The desired datapath provider for the cluster. - DatapathProvider desired_datapath_provider = 50; - - // The desired notification configuration. - NotificationConfig desired_notification_config = 55; - - // The Kubernetes version to change the master to. The only valid value is the - // latest supported version. - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the default Kubernetes version - string desired_master_version = 100; - - // Configuration of etcd encryption. - DatabaseEncryption desired_database_encryption = 46; - - // Configuration for Workload Identity. - WorkloadIdentityConfig desired_workload_identity_config = 47; - - // Configuration for Shielded Nodes. - ShieldedNodes desired_shielded_nodes = 48; - - // Configuration for master components. - Master desired_master = 52; -} - -// This operation resource represents operations that may have happened or are -// happening on the cluster. All fields are output only. -message Operation { - // Current status of the operation. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The operation has been created. - PENDING = 1; - - // The operation is currently running. - RUNNING = 2; - - // The operation is done, either cancelled or completed. - DONE = 3; - - // The operation is aborting. - ABORTING = 4; - } - - // Operation type. - enum Type { - // Not set. - TYPE_UNSPECIFIED = 0; - - // Cluster create. - CREATE_CLUSTER = 1; - - // Cluster delete. - DELETE_CLUSTER = 2; - - // A master upgrade. - UPGRADE_MASTER = 3; - - // A node upgrade. - UPGRADE_NODES = 4; - - // Cluster repair. - REPAIR_CLUSTER = 5; - - // Cluster update. - UPDATE_CLUSTER = 6; - - // Node pool create. - CREATE_NODE_POOL = 7; - - // Node pool delete. - DELETE_NODE_POOL = 8; - - // Set node pool management. - SET_NODE_POOL_MANAGEMENT = 9; - - // Automatic node pool repair. - AUTO_REPAIR_NODES = 10; - - // Automatic node upgrade. - AUTO_UPGRADE_NODES = 11; - - // Set labels. - SET_LABELS = 12; - - // Set/generate master auth materials - SET_MASTER_AUTH = 13; - - // Set node pool size. - SET_NODE_POOL_SIZE = 14; - - // Updates network policy for a cluster. - SET_NETWORK_POLICY = 15; - - // Set the maintenance policy. - SET_MAINTENANCE_POLICY = 16; - } - - // The server-assigned ID for the operation. - string name = 1; - - // The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // operation is taking place. This field is deprecated, use location instead. - string zone = 2 [deprecated = true]; - - // The operation type. - Type operation_type = 3; - - // The current status of the operation. - Status status = 4; - - // Detailed operation progress, if available. - string detail = 8; - - // Output only. If an error has occurred, a textual description of the error. - // Deprecated. Use field error instead. - string status_message = 5 [ - deprecated = true, - (google.api.field_behavior) = OUTPUT_ONLY - ]; - - // Server-defined URL for the resource. - string self_link = 6; - - // Server-defined URL for the target of the operation. - string target_link = 7; - - // [Output only] The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // or - // [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) - // in which the cluster resides. - string location = 9; - - // [Output only] The time the operation started, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string start_time = 10; - - // [Output only] The time the operation completed, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string end_time = 11; - - // Output only. [Output only] Progress information for an operation. - OperationProgress progress = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Which conditions caused the current cluster state. - // Deprecated. Use field error instead. - repeated StatusCondition cluster_conditions = 13 [deprecated = true]; - - // Which conditions caused the current node pool state. - // Deprecated. Use field error instead. - repeated StatusCondition nodepool_conditions = 14 [deprecated = true]; - - // The error result of the operation in case of failure. - google.rpc.Status error = 15; -} - -// Information about operation (or operation stage) progress. -message OperationProgress { - // Progress metric is (string, int|float|string) pair. - message Metric { - // Required. Metric name, e.g., "nodes total", "percent done". - string name = 1 [(google.api.field_behavior) = REQUIRED]; - - // Strictly one of the values is required. - oneof value { - // For metrics with integer value. - int64 int_value = 2; - - // For metrics with floating point value. - double double_value = 3; - - // For metrics with custom values (ratios, visual progress, etc.). - string string_value = 4; - } - } - - // A non-parameterized string describing an operation stage. - // Unset for single-stage operations. - string name = 1; - - // Status of an operation stage. - // Unset for single-stage operations. - Operation.Status status = 2; - - // Progress metric bundle, for example: - // metrics: [{name: "nodes done", int_value: 15}, - // {name: "nodes total", int_value: 32}] - // or - // metrics: [{name: "progress", double_value: 0.56}, - // {name: "progress scale", double_value: 1.0}] - repeated Metric metrics = 3; - - // Substages of an operation or a stage. - repeated OperationProgress stages = 4; -} - -// CreateClusterRequest creates a cluster. -message CreateClusterRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. A [cluster - // resource](https://cloud.google.com/container-engine/reference/rest/v1beta1/projects.locations.clusters) - Cluster cluster = 3 [(google.api.field_behavior) = REQUIRED]; - - // The parent (project and location) where the cluster will be created. - // Specified in the format `projects/*/locations/*`. - string parent = 5; -} - -// GetClusterRequest gets the settings of a cluster. -message GetClusterRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to retrieve. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster) of the cluster to retrieve. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// UpdateClusterRequest updates the settings of a cluster. -message UpdateClusterRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. A description of the update. - ClusterUpdate update = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to update. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// SetNodePoolVersionRequest updates the version of a node pool. -message UpdateNodePoolRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to upgrade. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The Kubernetes version to change the nodes to (typically an - // upgrade). - // - // Users may specify either explicit versions offered by Kubernetes Engine or - // version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the Kubernetes master version - string node_version = 5 [(google.api.field_behavior) = REQUIRED]; - - // Required. The desired image type for the node pool. - string image_type = 6 [(google.api.field_behavior) = REQUIRED]; - - // The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // node pool's nodes should be located. Changing the locations for a node pool - // will result in nodes being either created or removed from the node pool, - // depending on whether locations are being added or removed. - repeated string locations = 13; - - // The desired workload metadata config for the node pool. - WorkloadMetadataConfig workload_metadata_config = 14; - - // The name (project, location, cluster, node pool) of the node pool to - // update. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 8; - - // Upgrade settings control disruption and speed of the upgrade. - NodePool.UpgradeSettings upgrade_settings = 15; - - // Parameters that can be configured on Linux nodes. - LinuxNodeConfig linux_node_config = 19; - - // Node kubelet configs. - NodeKubeletConfig kubelet_config = 20; -} - -// SetNodePoolAutoscalingRequest sets the autoscaler settings of a node pool. -message SetNodePoolAutoscalingRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to upgrade. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Autoscaling configuration for the node pool. - NodePoolAutoscaling autoscaling = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool) of the node pool to set - // autoscaler settings. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// SetLoggingServiceRequest sets the logging service of a cluster. -message SetLoggingServiceRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The logging service the cluster should use to write logs. - // Currently available options: - // - // * `logging.googleapis.com/kubernetes` - The Cloud Logging - // service with a Kubernetes-native resource model - // * `logging.googleapis.com` - The legacy Cloud Logging service (no longer - // available as of GKE 1.15). - // * `none` - no logs will be exported from the cluster. - // - // If left as an empty string,`logging.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. - string logging_service = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set logging. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// SetMonitoringServiceRequest sets the monitoring service of a cluster. -message SetMonitoringServiceRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The monitoring service the cluster should use to write metrics. - // Currently available options: - // - // * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring - // service with a Kubernetes-native resource model - // * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no - // longer available as of GKE 1.15). - // * `none` - No metrics will be exported from the cluster. - // - // If left as an empty string,`monitoring.googleapis.com/kubernetes` will be - // used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - string monitoring_service = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set monitoring. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetAddonsRequest sets the addons associated with the cluster. -message SetAddonsConfigRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The desired configurations for the various addons available to run in the - // cluster. - AddonsConfig addons_config = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set addons. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetLocationsRequest sets the locations of the cluster. -message SetLocationsRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The desired list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster's nodes should be located. Changing the locations a cluster is in - // will result in nodes being either created or removed from the cluster, - // depending on whether locations are being added or removed. - // - // This list must always include the cluster's primary zone. - repeated string locations = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set locations. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// UpdateMasterRequest updates the master of the cluster. -message UpdateMasterRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The Kubernetes version to change the master to. - // - // Users may specify either explicit versions offered by - // Kubernetes Engine or version aliases, which have the following behavior: - // - // - "latest": picks the highest valid Kubernetes version - // - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - // - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - // - "1.X.Y-gke.N": picks an explicit Kubernetes version - // - "-": picks the default Kubernetes version - string master_version = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to update. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// SetMasterAuthRequest updates the admin password of a cluster. -message SetMasterAuthRequest { - // Operation type: what type update to perform. - enum Action { - // Operation is unknown and will error out. - UNKNOWN = 0; - - // Set the password to a user generated value. - SET_PASSWORD = 1; - - // Generate a new password and set it to that. - GENERATE_PASSWORD = 2; - - // Set the username. If an empty username is provided, basic authentication - // is disabled for the cluster. If a non-empty username is provided, basic - // authentication is enabled, with either a provided password or a generated - // one. - SET_USERNAME = 3; - } - - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to upgrade. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The exact form of action to be taken on the master auth. - Action action = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. A description of the update. - MasterAuth update = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster) of the cluster to set auth. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// DeleteClusterRequest deletes a cluster. -message DeleteClusterRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to delete. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster) of the cluster to delete. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 4; -} - -// ListClustersRequest lists clusters. -message ListClustersRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides, or "-" for all zones. This field has been deprecated and - // replaced by the parent field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The parent (project and location) where the clusters will be listed. - // Specified in the format `projects/*/locations/*`. - // Location "-" matches all zones and all regions. - string parent = 4; -} - -// ListClustersResponse is the result of ListClustersRequest. -message ListClustersResponse { - // A list of clusters in the project in the specified zone, or - // across all ones. - repeated Cluster clusters = 1; - - // If any zones are listed here, the list of clusters returned - // may be missing those zones. - repeated string missing_zones = 2; -} - -// GetOperationRequest gets a single operation. -message GetOperationRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The server-assigned `name` of the operation. - // This field has been deprecated and replaced by the name field. - string operation_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, operation id) of the operation to get. - // Specified in the format `projects/*/locations/*/operations/*`. - string name = 5; -} - -// ListOperationsRequest lists operations. -message ListOperationsRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) to return - // operations for, or `-` for all zones. This field has been deprecated and - // replaced by the parent field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The parent (project and location) where the operations will be listed. - // Specified in the format `projects/*/locations/*`. - // Location "-" matches all zones and all regions. - string parent = 4; -} - -// CancelOperationRequest cancels a single operation. -message CancelOperationRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // operation resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The server-assigned `name` of the operation. - // This field has been deprecated and replaced by the name field. - string operation_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, operation id) of the operation to cancel. - // Specified in the format `projects/*/locations/*/operations/*`. - string name = 4; -} - -// ListOperationsResponse is the result of ListOperationsRequest. -message ListOperationsResponse { - // A list of operations in the project in the specified zone. - repeated Operation operations = 1; - - // If any zones are listed here, the list of operations returned - // may be missing the operations from those zones. - repeated string missing_zones = 2; -} - -// Gets the current Kubernetes Engine service configuration. -message GetServerConfigRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) to return - // operations for. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project and location) of the server config to get, - // specified in the format `projects/*/locations/*`. - string name = 4; -} - -// Kubernetes Engine service configuration. -message ServerConfig { - // ReleaseChannelConfig exposes configuration for a release channel. - message ReleaseChannelConfig { - // Deprecated. - message AvailableVersion { - option deprecated = true; - - // Kubernetes version. - string version = 1; - - // Reason for availability. - string reason = 2; - } - - // The release channel this configuration applies to. - ReleaseChannel.Channel channel = 1; - - // The default version for newly created clusters on the channel. - string default_version = 2; - - // Deprecated. - // This field has been deprecated and replaced with the valid_versions - // field. - repeated AvailableVersion available_versions = 3 [deprecated = true]; - - // List of valid versions for the channel. - repeated string valid_versions = 4; - } - - // Version of Kubernetes the service deploys by default. - string default_cluster_version = 1; - - // List of valid node upgrade target versions, in descending order. - repeated string valid_node_versions = 3; - - // Default image type. - string default_image_type = 4; - - // List of valid image types. - repeated string valid_image_types = 5; - - // List of valid master versions, in descending order. - repeated string valid_master_versions = 6; - - // List of release channel configurations. - repeated ReleaseChannelConfig channels = 9; -} - -// CreateNodePoolRequest creates a node pool for a cluster. -message CreateNodePoolRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the parent field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The node pool to create. - NodePool node_pool = 4 [(google.api.field_behavior) = REQUIRED]; - - // The parent (project, location, cluster id) where the node pool will be - // created. Specified in the format - // `projects/*/locations/*/clusters/*`. - string parent = 6; -} - -// DeleteNodePoolRequest deletes a node pool for a cluster. -message DeleteNodePoolRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to delete. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster, node pool id) of the node pool to - // delete. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// ListNodePoolsRequest lists the node pool(s) for a cluster. -message ListNodePoolsRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the parent field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the parent - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the parent field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The parent (project, location, cluster id) where the node pools will be - // listed. Specified in the format `projects/*/locations/*/clusters/*`. - string parent = 5; -} - -// GetNodePoolRequest retrieves a node pool for a cluster. -message GetNodePoolRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster, node pool id) of the node pool to - // get. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// NodePool contains the name and configuration for a cluster's node pool. -// Node pools are a set of nodes (i.e. VM's), with a common configuration and -// specification, under the control of the cluster master. They may have a set -// of Kubernetes labels applied to them, which may be used to reference them -// during pod scheduling. They may also be resized up or down, to accommodate -// the workload. -message NodePool { - // These upgrade settings control the level of parallelism and the level of - // disruption caused by an upgrade. - // - // maxUnavailable controls the number of nodes that can be simultaneously - // unavailable. - // - // maxSurge controls the number of additional nodes that can be added to the - // node pool temporarily for the time of the upgrade to increase the number of - // available nodes. - // - // (maxUnavailable + maxSurge) determines the level of parallelism (how many - // nodes are being upgraded at the same time). - // - // Note: upgrades inevitably introduce some disruption since workloads need to - // be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, - // this holds true. (Disruption stays within the limits of - // PodDisruptionBudget, if it is configured.) - // - // Consider a hypothetical node pool with 5 nodes having maxSurge=2, - // maxUnavailable=1. This means the upgrade process upgrades 3 nodes - // simultaneously. It creates 2 additional (upgraded) nodes, then it brings - // down 3 old (not yet upgraded) nodes at the same time. This ensures that - // there are always at least 4 nodes available. - message UpgradeSettings { - // The maximum number of nodes that can be created beyond the current size - // of the node pool during the upgrade process. - int32 max_surge = 1; - - // The maximum number of nodes that can be simultaneously unavailable during - // the upgrade process. A node is considered available if its status is - // Ready. - int32 max_unavailable = 2; - } - - // The current status of the node pool instance. - enum Status { - // Not set. - STATUS_UNSPECIFIED = 0; - - // The PROVISIONING state indicates the node pool is being created. - PROVISIONING = 1; - - // The RUNNING state indicates the node pool has been created - // and is fully usable. - RUNNING = 2; - - // The RUNNING_WITH_ERROR state indicates the node pool has been created - // and is partially usable. Some error state has occurred and some - // functionality may be impaired. Customer may need to reissue a request - // or trigger a new update. - RUNNING_WITH_ERROR = 3; - - // The RECONCILING state indicates that some work is actively being done on - // the node pool, such as upgrading node software. Details can - // be found in the `statusMessage` field. - RECONCILING = 4; - - // The STOPPING state indicates the node pool is being deleted. - STOPPING = 5; - - // The ERROR state indicates the node pool may be unusable. Details - // can be found in the `statusMessage` field. - ERROR = 6; - } - - // The name of the node pool. - string name = 1; - - // The node configuration of the pool. - NodeConfig config = 2; - - // The initial node count for the pool. You must ensure that your - // Compute Engine [resource quota](https://cloud.google.com/compute/quotas) - // is sufficient for this number of instances. You must also have available - // firewall and routes quota. - int32 initial_node_count = 3; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // NodePool's nodes should be located. - // - // If this value is unspecified during node pool creation, the - // [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) - // value will be used, instead. - // - // Warning: changing node pool locations will result in nodes being added - // and/or removed. - repeated string locations = 13; - - // [Output only] Server-defined URL for the resource. - string self_link = 100; - - // The version of the Kubernetes of this node. - string version = 101; - - // [Output only] The resource URLs of the [managed instance - // groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances) - // associated with this node pool. - repeated string instance_group_urls = 102; - - // [Output only] The status of the nodes in this pool instance. - Status status = 103; - - // [Output only] Deprecated. Use conditions instead. - // Additional information about the current status of this - // node pool instance, if available. - string status_message = 104 [deprecated = true]; - - // Autoscaler configuration for this NodePool. Autoscaler is enabled - // only if a valid configuration is present. - NodePoolAutoscaling autoscaling = 4; - - // NodeManagement configuration for this NodePool. - NodeManagement management = 5; - - // The constraint on the maximum number of pods that can be run - // simultaneously on a node in the node pool. - MaxPodsConstraint max_pods_constraint = 6; - - // Which conditions caused the current node pool state. - repeated StatusCondition conditions = 105; - - // [Output only] The pod CIDR block size per node in this node pool. - int32 pod_ipv4_cidr_size = 7; - - // Upgrade settings control disruption and speed of the upgrade. - UpgradeSettings upgrade_settings = 107; -} - -// NodeManagement defines the set of node management services turned on for the -// node pool. -message NodeManagement { - // Whether the nodes will be automatically upgraded. - bool auto_upgrade = 1; - - // Whether the nodes will be automatically repaired. - bool auto_repair = 2; - - // Specifies the Auto Upgrade knobs for the node pool. - AutoUpgradeOptions upgrade_options = 10; -} - -// AutoUpgradeOptions defines the set of options for the user to control how -// the Auto Upgrades will proceed. -message AutoUpgradeOptions { - // [Output only] This field is set when upgrades are about to commence - // with the approximate start time for the upgrades, in - // [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - string auto_upgrade_start_time = 1; - - // [Output only] This field is set when upgrades are about to commence - // with the description of the upgrade. - string description = 2; -} - -// MaintenancePolicy defines the maintenance policy to be used for the cluster. -message MaintenancePolicy { - // Specifies the maintenance window in which maintenance may be performed. - MaintenanceWindow window = 1; - - // A hash identifying the version of this policy, so that updates to fields of - // the policy won't accidentally undo intermediate changes (and so that users - // of the API unaware of some fields won't accidentally remove other fields). - // Make a `get()` request to the cluster to get the current - // resource version and include it with requests to set the policy. - string resource_version = 3; -} - -// MaintenanceWindow defines the maintenance window to be used for the cluster. -message MaintenanceWindow { - // Unimplemented, reserved for future use. - // HourlyMaintenanceWindow hourly_maintenance_window = 1; - oneof policy { - // DailyMaintenanceWindow specifies a daily maintenance operation window. - DailyMaintenanceWindow daily_maintenance_window = 2; - - // RecurringWindow specifies some number of recurring time periods for - // maintenance to occur. The time windows may be overlapping. If no - // maintenance windows are set, maintenance can occur at any time. - RecurringTimeWindow recurring_window = 3; - } - - // Exceptions to maintenance window. Non-emergency maintenance should not - // occur in these windows. - map maintenance_exclusions = 4; -} - -// Represents an arbitrary window of time. -message TimeWindow { - // The time that the window first starts. - google.protobuf.Timestamp start_time = 1; - - // The time that the window ends. The end time should take place after the - // start time. - google.protobuf.Timestamp end_time = 2; -} - -// Represents an arbitrary window of time that recurs. -message RecurringTimeWindow { - // The window of the first recurrence. - TimeWindow window = 1; - - // An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how - // this window reccurs. They go on for the span of time between the start and - // end time. - // - // For example, to have something repeat every weekday, you'd use: - // `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` - // - // To repeat some window daily (equivalent to the DailyMaintenanceWindow): - // `FREQ=DAILY` - // - // For the first weekend of every month: - // `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` - // - // This specifies how frequently the window starts. Eg, if you wanted to have - // a 9-5 UTC-4 window every weekday, you'd use something like: - // ``` - // start time = 2019-01-01T09:00:00-0400 - // end time = 2019-01-01T17:00:00-0400 - // recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR - // ``` - // - // Windows can span multiple days. Eg, to make the window encompass every - // weekend from midnight Saturday till the last minute of Sunday UTC: - // ``` - // start time = 2019-01-05T00:00:00Z - // end time = 2019-01-07T23:59:00Z - // recurrence = FREQ=WEEKLY;BYDAY=SA - // ``` - // - // Note the start and end time's specific dates are largely arbitrary except - // to specify duration of the window and when it first starts. - // The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported. - string recurrence = 2; -} - -// Time window specified for daily maintenance operations. -message DailyMaintenanceWindow { - // Time within the maintenance window to start the maintenance operations. - // It must be in format "HH:MM", where HH : [00-23] and MM : [00-59] GMT. - string start_time = 2; - - // [Output only] Duration of the time window, automatically chosen to be - // smallest possible in the given scenario. - string duration = 3; -} - -// SetNodePoolManagementRequest sets the node management properties of a node -// pool. -message SetNodePoolManagementRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to update. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. NodeManagement configuration for the node pool. - NodeManagement management = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool id) of the node pool to set - // management properties. Specified in the format - // `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 7; -} - -// SetNodePoolSizeRequest sets the size a node -// pool. -message SetNodePoolSizeRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to update. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The desired node count for the pool. - int32 node_count = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster, node pool id) of the node pool to set - // size. - // Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 7; -} - -// RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or Failed -// NodePool upgrade. This will be an no-op if the last upgrade successfully -// completed. -message RollbackNodePoolUpgradeRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to rollback. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the node pool to rollback. - // This field has been deprecated and replaced by the name field. - string node_pool_id = 4 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster, node pool id) of the node poll to - // rollback upgrade. - // Specified in the format `projects/*/locations/*/clusters/*/nodePools/*`. - string name = 6; -} - -// ListNodePoolsResponse is the result of ListNodePoolsRequest. -message ListNodePoolsResponse { - // A list of node pools for a cluster. - repeated NodePool node_pools = 1; -} - -// ClusterAutoscaling contains global, per-cluster information -// required by Cluster Autoscaler to automatically adjust -// the size of the cluster and create/delete -// node pools based on the current needs. -message ClusterAutoscaling { - // Defines possible options for autoscaling_profile field. - enum AutoscalingProfile { - // No change to autoscaling configuration. - PROFILE_UNSPECIFIED = 0; - - // Prioritize optimizing utilization of resources. - OPTIMIZE_UTILIZATION = 1; - - // Use default (balanced) autoscaling configuration. - BALANCED = 2; - } - - // Enables automatic node pool creation and deletion. - bool enable_node_autoprovisioning = 1; - - // Contains global constraints regarding minimum and maximum - // amount of resources in the cluster. - repeated ResourceLimit resource_limits = 2; - - // Defines autoscaling behaviour. - AutoscalingProfile autoscaling_profile = 3; - - // AutoprovisioningNodePoolDefaults contains defaults for a node pool - // created by NAP. - AutoprovisioningNodePoolDefaults autoprovisioning_node_pool_defaults = 4; - - // The list of Google Compute Engine - // [zones](https://cloud.google.com/compute/docs/zones#available) in which the - // NodePool's nodes can be created by NAP. - repeated string autoprovisioning_locations = 5; -} - -// AutoprovisioningNodePoolDefaults contains defaults for a node pool created -// by NAP. -message AutoprovisioningNodePoolDefaults { - // The set of Google API scopes to be made available on all of the - // node VMs under the "default" service account. - // - // The following scopes are recommended, but not required, and by default are - // not included: - // - // * `https://www.googleapis.com/auth/compute` is required for mounting - // persistent storage on your nodes. - // * `https://www.googleapis.com/auth/devstorage.read_only` is required for - // communicating with **gcr.io** - // (the [Google Container - // Registry](https://cloud.google.com/container-registry/)). - // - // If unspecified, no scopes are added, unless Cloud Logging or Cloud - // Monitoring are enabled, in which case their required scopes will be added. - repeated string oauth_scopes = 1; - - // The Google Cloud Platform Service Account to be used by the node VMs. - // Specify the email address of the Service Account; otherwise, if no Service - // Account is specified, the "default" service account is used. - string service_account = 2; - - // Upgrade settings control disruption and speed of the upgrade. - NodePool.UpgradeSettings upgrade_settings = 3; - - // NodeManagement configuration for this NodePool. - NodeManagement management = 4; - - // Minimum CPU platform to be used by this instance. The instance may be - // scheduled on the specified or newer CPU platform. Applicable values are the - // friendly names of CPU platforms, such as - // `minCpuPlatform: "Intel Haswell"` or - // `minCpuPlatform: "Intel Sandy Bridge"`. For more - // information, read [how to specify min CPU - // platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) - // To unset the min cpu platform field pass "automatic" - // as field value. - string min_cpu_platform = 5; - - // Size of the disk attached to each node, specified in GB. - // The smallest allowed disk size is 10GB. - // - // If unspecified, the default disk size is 100GB. - int32 disk_size_gb = 6; - - // Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or - // 'pd-balanced') - // - // If unspecified, the default disk type is 'pd-standard' - string disk_type = 7; - - // Shielded Instance options. - ShieldedInstanceConfig shielded_instance_config = 8; - - // - // The Customer Managed Encryption Key used to encrypt the boot disk attached - // to each node in the node pool. This should be of the form - // projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. - // For more information about protecting resources with Cloud KMS Keys please - // see: - // https://cloud.google.com/compute/docs/disks/customer-managed-encryption - string boot_disk_kms_key = 9; -} - -// Contains information about amount of some resource in the cluster. -// For memory, value should be in GB. -message ResourceLimit { - // Resource name "cpu", "memory" or gpu-specific string. - string resource_type = 1; - - // Minimum amount of the resource in the cluster. - int64 minimum = 2; - - // Maximum amount of the resource in the cluster. - int64 maximum = 3; -} - -// NodePoolAutoscaling contains information required by cluster autoscaler to -// adjust the size of the node pool to the current cluster usage. -message NodePoolAutoscaling { - // Is autoscaling enabled for this node pool. - bool enabled = 1; - - // Minimum number of nodes in the NodePool. Must be >= 1 and <= - // max_node_count. - int32 min_node_count = 2; - - // Maximum number of nodes in the NodePool. Must be >= min_node_count. There - // has to enough quota to scale up the cluster. - int32 max_node_count = 3; - - // Can this node pool be deleted automatically. - bool autoprovisioned = 4; -} - -// SetLabelsRequest sets the Google Cloud Platform labels on a Google Container -// Engine cluster, which will in turn set them for Google Compute Engine -// resources used by that cluster -message SetLabelsRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. The labels to set for that cluster. - map resource_labels = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. The fingerprint of the previous set of labels for this resource, - // used to detect conflicts. The fingerprint is initially generated by - // Kubernetes Engine and changes after every request to modify or update - // labels. You must always provide an up-to-date fingerprint hash when - // updating or changing labels. Make a `get()` request to the - // resource to get the latest fingerprint. - string label_fingerprint = 5 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set labels. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// SetLegacyAbacRequest enables or disables the ABAC authorization mechanism for -// a cluster. -message SetLegacyAbacRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster to update. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Whether ABAC authorization will be enabled in the cluster. - bool enabled = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set legacy abac. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// StartIPRotationRequest creates a new IP for the cluster and then performs -// a node upgrade on each node pool to point to the new IP. -message StartIPRotationRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster id) of the cluster to start IP - // rotation. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; - - // Whether to rotate credentials during IP rotation. - bool rotate_credentials = 7; -} - -// CompleteIPRotationRequest moves the cluster master back into single-IP mode. -message CompleteIPRotationRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // The name (project, location, cluster id) of the cluster to complete IP - // rotation. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 7; -} - -// AcceleratorConfig represents a Hardware Accelerator request. -message AcceleratorConfig { - // The number of the accelerator cards exposed to an instance. - int64 accelerator_count = 1; - - // The accelerator type resource name. List of supported accelerators - // [here](https://cloud.google.com/compute/docs/gpus) - string accelerator_type = 2; -} - -// WorkloadMetadataConfig defines the metadata configuration to expose to -// workloads on the node pool. -message WorkloadMetadataConfig { - // NodeMetadata is the configuration for if and how to expose the node - // metadata to the workload running on the node. - enum NodeMetadata { - // Not set. - UNSPECIFIED = 0; - - // Prevent workloads not in hostNetwork from accessing certain VM metadata, - // specifically kube-env, which contains Kubelet credentials, and the - // instance identity token. - // - // Metadata concealment is a temporary security solution available while the - // bootstrapping process for cluster nodes is being redesigned with - // significant security improvements. This feature is scheduled to be - // deprecated in the future and later removed. - SECURE = 1; - - // Expose all VM metadata to pods. - EXPOSE = 2; - - // Run the GKE Metadata Server on this node. The GKE Metadata Server exposes - // a metadata API to workloads that is compatible with the V1 Compute - // Metadata APIs exposed by the Compute Engine and App Engine Metadata - // Servers. This feature can only be enabled if Workload Identity is enabled - // at the cluster level. - GKE_METADATA_SERVER = 3; - } - - // Mode is the configuration for how to expose metadata to workloads running - // on the node. - enum Mode { - // Not set. - MODE_UNSPECIFIED = 0; - - // Expose all Compute Engine metadata to pods. - GCE_METADATA = 1; - - // Run the GKE Metadata Server on this node. The GKE Metadata Server exposes - // a metadata API to workloads that is compatible with the V1 Compute - // Metadata APIs exposed by the Compute Engine and App Engine Metadata - // Servers. This feature can only be enabled if Workload Identity is enabled - // at the cluster level. - GKE_METADATA = 2; - } - - // NodeMetadata is the configuration for how to expose metadata to the - // workloads running on the node. - NodeMetadata node_metadata = 1 [deprecated = true]; - - // Mode is the configuration for how to expose metadata to workloads running - // on the node pool. - Mode mode = 2; -} - -// SetNetworkPolicyRequest enables/disables network policy for a cluster. -message SetNetworkPolicyRequest { - // Required. Deprecated. The Google Developers Console [project ID or project - // number](https://developers.google.com/console/help/new/#projectnumber). - // This field has been deprecated and replaced by the name field. - string project_id = 1 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. This field has been deprecated and replaced by the name - // field. - string zone = 2 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Deprecated. The name of the cluster. - // This field has been deprecated and replaced by the name field. - string cluster_id = 3 [ - deprecated = true, - (google.api.field_behavior) = REQUIRED - ]; - - // Required. Configuration options for the NetworkPolicy feature. - NetworkPolicy network_policy = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set networking - // policy. Specified in the format `projects/*/locations/*/clusters/*`. - string name = 6; -} - -// SetMaintenancePolicyRequest sets the maintenance policy for a cluster. -message SetMaintenancePolicyRequest { - // Required. The Google Developers Console [project ID or project - // number](https://support.google.com/cloud/answer/6158840). - string project_id = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. The name of the Google Compute Engine - // [zone](https://cloud.google.com/compute/docs/zones#available) in which the - // cluster resides. - string zone = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The name of the cluster to update. - string cluster_id = 3 [(google.api.field_behavior) = REQUIRED]; - - // Required. The maintenance policy to be set for the cluster. An empty field - // clears the existing maintenance policy. - MaintenancePolicy maintenance_policy = 4 [(google.api.field_behavior) = REQUIRED]; - - // The name (project, location, cluster id) of the cluster to set maintenance - // policy. - // Specified in the format `projects/*/locations/*/clusters/*`. - string name = 5; -} - -// ListLocationsRequest is used to request the locations that offer GKE. -message ListLocationsRequest { - // Required. Contains the name of the resource requested. - // Specified in the format `projects/*`. - string parent = 1 [(google.api.field_behavior) = REQUIRED]; -} - -// ListLocationsResponse returns the list of all GKE locations and their -// recommendation state. -message ListLocationsResponse { - // A full list of GKE locations. - repeated Location locations = 1; - - // Only return ListLocationsResponse that occur after the page_token. This - // value should be populated from the ListLocationsResponse.next_page_token if - // that response token was set (which happens when listing more Locations than - // fit in a single ListLocationsResponse). - string next_page_token = 2; -} - -// Location returns the location name, and if the location is recommended -// for GKE cluster scheduling. -message Location { - // LocationType is the type of GKE location, regional or zonal. - enum LocationType { - // LOCATION_TYPE_UNSPECIFIED means the location type was not determined. - LOCATION_TYPE_UNSPECIFIED = 0; - - // A GKE Location where Zonal clusters can be created. - ZONE = 1; - - // A GKE Location where Regional clusters can be created. - REGION = 2; - } - - // Contains the type of location this Location is for. - // Regional or Zonal. - LocationType type = 1; - - // Contains the name of the resource requested. - // Specified in the format `projects/*/locations/*`. - string name = 2; - - // Whether the location is recomended for GKE cluster scheduling. - bool recommended = 3; -} - -// StatusCondition describes why a cluster or a node pool has a certain status -// (e.g., ERROR or DEGRADED). -message StatusCondition { - // Code for each condition - enum Code { - // UNKNOWN indicates a generic condition. - UNKNOWN = 0; - - // GCE_STOCKOUT indicates that Google Compute Engine resources are - // temporarily unavailable. - GCE_STOCKOUT = 1; - - // GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot - // service account. - GKE_SERVICE_ACCOUNT_DELETED = 2; - - // Google Compute Engine quota was exceeded. - GCE_QUOTA_EXCEEDED = 3; - - // Cluster state was manually changed by an SRE due to a system logic error. - SET_BY_OPERATOR = 4; - - // Unable to perform an encrypt operation against the CloudKMS key used for - // etcd level encryption. - // More codes TBA - CLOUD_KMS_KEY_ERROR = 7; - } - - // Machine-friendly representation of the condition - // Deprecated. Use canonical_code instead. - Code code = 1 [deprecated = true]; - - // Human-friendly representation of the condition - string message = 2; - - // Canonical code of the condition. - google.rpc.Code canonical_code = 3; -} - -// NetworkConfig reports the relative names of network & subnetwork. -message NetworkConfig { - // Output only. The relative name of the Google Compute Engine - // [network][google.container.v1beta1.NetworkConfig.network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) - // to which the cluster is connected. Example: - // projects/my-project/global/networks/my-network - string network = 1; - - // Output only. The relative name of the Google Compute Engine - // [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the - // cluster is connected. Example: - // projects/my-project/regions/us-central1/subnetworks/my-subnet - string subnetwork = 2; - - // Whether Intra-node visibility is enabled for this cluster. - // This makes same node pod to pod traffic visible for VPC network. - bool enable_intra_node_visibility = 5; - - // Whether the cluster disables default in-node sNAT rules. In-node sNAT rules - // will be disabled when default_snat_status is disabled. When disabled is set - // to false, default IP masquerade rules will be applied to the nodes to - // prevent sNAT on cluster internal traffic. - DefaultSnatStatus default_snat_status = 7; - - // The desired datapath provider for this cluster. By default, uses the - // IPTables-based kube-proxy implementation. - DatapathProvider datapath_provider = 11; -} - -// ListUsableSubnetworksRequest requests the list of usable subnetworks. -// available to a user for creating clusters. -message ListUsableSubnetworksRequest { - // Required. The parent project where subnetworks are usable. - // Specified in the format `projects/*`. - string parent = 1 [(google.api.field_behavior) = REQUIRED]; - - // Filtering currently only supports equality on the networkProjectId and must - // be in the form: "networkProjectId=[PROJECTID]", where `networkProjectId` - // is the project which owns the listed subnetworks. This defaults to the - // parent project ID. - string filter = 2; - - // The max number of results per page that should be returned. If the number - // of available results is larger than `page_size`, a `next_page_token` is - // returned which can be used to get the next page of results in subsequent - // requests. Acceptable values are 0 to 500, inclusive. (Default: 500) - int32 page_size = 3; - - // Specifies a page token to use. Set this to the nextPageToken returned by - // previous list requests to get the next page of results. - string page_token = 4; -} - -// ListUsableSubnetworksResponse is the response of -// ListUsableSubnetworksRequest. -message ListUsableSubnetworksResponse { - // A list of usable subnetworks in the specified network project. - repeated UsableSubnetwork subnetworks = 1; - - // This token allows you to get the next page of results for list requests. - // If the number of results is larger than `page_size`, use the - // `next_page_token` as a value for the query parameter `page_token` in the - // next request. The value will become empty when there are no more pages. - string next_page_token = 2; -} - -// Secondary IP range of a usable subnetwork. -message UsableSubnetworkSecondaryRange { - // Status shows the current usage of a secondary IP range. - enum Status { - // UNKNOWN is the zero value of the Status enum. It's not a valid status. - UNKNOWN = 0; - - // UNUSED denotes that this range is unclaimed by any cluster. - UNUSED = 1; - - // IN_USE_SERVICE denotes that this range is claimed by a cluster for - // services. It cannot be used for other clusters. - IN_USE_SERVICE = 2; - - // IN_USE_SHAREABLE_POD denotes this range was created by the network admin - // and is currently claimed by a cluster for pods. It can only be used by - // other clusters as a pod range. - IN_USE_SHAREABLE_POD = 3; - - // IN_USE_MANAGED_POD denotes this range was created by GKE and is claimed - // for pods. It cannot be used for other clusters. - IN_USE_MANAGED_POD = 4; - } - - // The name associated with this subnetwork secondary range, used when adding - // an alias IP range to a VM instance. - string range_name = 1; - - // The range of IP addresses belonging to this subnetwork secondary range. - string ip_cidr_range = 2; - - // This field is to determine the status of the secondary range programmably. - Status status = 3; -} - -// UsableSubnetwork resource returns the subnetwork name, its associated network -// and the primary CIDR range. -message UsableSubnetwork { - // Subnetwork Name. - // Example: projects/my-project/regions/us-central1/subnetworks/my-subnet - string subnetwork = 1; - - // Network Name. - // Example: projects/my-project/global/networks/my-network - string network = 2; - - // The range of internal addresses that are owned by this subnetwork. - string ip_cidr_range = 3; - - // Secondary IP ranges. - repeated UsableSubnetworkSecondaryRange secondary_ip_ranges = 4; - - // A human readable status message representing the reasons for cases where - // the caller cannot use the secondary ranges under the subnet. For example if - // the secondary_ip_ranges is empty due to a permission issue, an insufficient - // permission message will be given by status_message. - string status_message = 5; -} - -// VerticalPodAutoscaling contains global, per-cluster information -// required by Vertical Pod Autoscaler to automatically adjust -// the resources of pods controlled by it. -message VerticalPodAutoscaling { - // Enables vertical pod autoscaling. - bool enabled = 1; -} - -// DefaultSnatStatus contains the desired state of whether default sNAT should -// be disabled on the cluster. -message DefaultSnatStatus { - // Disables cluster default sNAT rules. - bool disabled = 1; -} - -// IntraNodeVisibilityConfig contains the desired config of the intra-node -// visibility on this cluster. -message IntraNodeVisibilityConfig { - // Enables intra node visibility for this cluster. - bool enabled = 1; -} - -// Constraints applied to pods. -message MaxPodsConstraint { - // Constraint enforced on the max num of pods per node. - int64 max_pods_per_node = 1; -} - -// Configuration for the use of Kubernetes Service Accounts in GCP IAM -// policies. -message WorkloadIdentityConfig { - // IAM Identity Namespace to attach all Kubernetes Service Accounts to. - string identity_namespace = 1 [deprecated = true]; - - // The workload pool to attach all Kubernetes service accounts to. - string workload_pool = 2; - - // identity provider is the third party identity provider. - string identity_provider = 3; -} - -// Configuration of etcd encryption. -message DatabaseEncryption { - // State of etcd encryption. - enum State { - // Should never be set - UNKNOWN = 0; - - // Secrets in etcd are encrypted. - ENCRYPTED = 1; - - // Secrets in etcd are stored in plain text (at etcd level) - this is - // unrelated to Compute Engine level full disk encryption. - DECRYPTED = 2; - } - - // Denotes the state of etcd encryption. - State state = 2; - - // Name of CloudKMS key to use for the encryption of secrets in etcd. - // Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key - string key_name = 1; -} - -// Configuration for exporting cluster resource usages. -message ResourceUsageExportConfig { - // Parameters for using BigQuery as the destination of resource usage export. - message BigQueryDestination { - // The ID of a BigQuery Dataset. - string dataset_id = 1; - } - - // Parameters for controlling consumption metering. - message ConsumptionMeteringConfig { - // Whether to enable consumption metering for this cluster. If enabled, a - // second BigQuery table will be created to hold resource consumption - // records. - bool enabled = 1; - } - - // Configuration to use BigQuery as usage export destination. - BigQueryDestination bigquery_destination = 1; - - // Whether to enable network egress metering for this cluster. If enabled, a - // daemonset will be created in the cluster to meter network egress traffic. - bool enable_network_egress_metering = 2; - - // Configuration to enable resource consumption metering. - ConsumptionMeteringConfig consumption_metering_config = 3; -} - -// Configuration of Shielded Nodes feature. -message ShieldedNodes { - // Whether Shielded Nodes features are enabled on all nodes in this cluster. - bool enabled = 1; -} - -// GetOpenIDConfigRequest gets the OIDC discovery document for the -// cluster. See the OpenID Connect Discovery 1.0 specification for details. -message GetOpenIDConfigRequest { - // The cluster (project, location, cluster id) to get the discovery document - // for. Specified in the format `projects/*/locations/*/clusters/*`. - string parent = 1; -} - -// GetOpenIDConfigResponse is an OIDC discovery document for the cluster. -// See the OpenID Connect Discovery 1.0 specification for details. -message GetOpenIDConfigResponse { - // OIDC Issuer. - string issuer = 1; - - // JSON Web Key uri. - string jwks_uri = 2; - - // Supported response types. - repeated string response_types_supported = 3; - - // Supported subject types. - repeated string subject_types_supported = 4; - - // supported ID Token signing Algorithms. - repeated string id_token_signing_alg_values_supported = 5; - - // Supported claims. - repeated string claims_supported = 6; - - // Supported grant types. - repeated string grant_types = 7; -} - -// GetJSONWebKeysRequest gets the public component of the keys used by the -// cluster to sign token requests. This will be the jwks_uri for the discover -// document returned by getOpenIDConfig. See the OpenID Connect -// Discovery 1.0 specification for details. -message GetJSONWebKeysRequest { - // The cluster (project, location, cluster id) to get keys for. Specified in - // the format `projects/*/locations/*/clusters/*`. - string parent = 1; -} - -// Jwk is a JSON Web Key as specified in RFC 7517 -message Jwk { - // Key Type. - string kty = 1; - - // Algorithm. - string alg = 2; - - // Permitted uses for the public keys. - string use = 3; - - // Key ID. - string kid = 4; - - // Used for RSA keys. - string n = 5; - - // Used for RSA keys. - string e = 6; - - // Used for ECDSA keys. - string x = 7; - - // Used for ECDSA keys. - string y = 8; - - // Used for ECDSA keys. - string crv = 9; -} - -// GetJSONWebKeysResponse is a valid JSON Web Key Set as specififed in rfc 7517 -message GetJSONWebKeysResponse { - // The public component of the keys used by the cluster to sign token - // requests. - repeated Jwk keys = 1; -} - -// ReleaseChannel indicates which release channel a cluster is -// subscribed to. Release channels are arranged in order of risk. -// -// When a cluster is subscribed to a release channel, Google maintains -// both the master version and the node version. Node auto-upgrade -// defaults to true and cannot be disabled. -message ReleaseChannel { - // Possible values for 'channel'. - enum Channel { - // No channel specified. - UNSPECIFIED = 0; - - // RAPID channel is offered on an early access basis for customers who want - // to test new releases. - // - // WARNING: Versions available in the RAPID Channel may be subject to - // unresolved issues with no known workaround and are not subject to any - // SLAs. - RAPID = 1; - - // Clusters subscribed to REGULAR receive versions that are considered GA - // quality. REGULAR is intended for production users who want to take - // advantage of new features. - REGULAR = 2; - - // Clusters subscribed to STABLE receive versions that are known to be - // stable and reliable in production. - STABLE = 3; - } - - // channel specifies which release channel the cluster is subscribed to. - Channel channel = 1; -} - -// Configuration for Cloud TPU. -message TpuConfig { - // Whether Cloud TPU integration is enabled or not. - bool enabled = 1; - - // Whether to use service networking for Cloud TPU or not. - bool use_service_networking = 2; - - // IPv4 CIDR block reserved for Cloud TPU in the VPC. - string ipv4_cidr_block = 3; -} - -// Master is the configuration for components on master. -message Master { - -} - -// NotificationConfig is the configuration of notifications. -message NotificationConfig { - // Pub/Sub specific notification config. - message PubSub { - // Enable notifications for Pub/Sub. - bool enabled = 1; - - // The desired Pub/Sub topic to which notifications will be - // sent by GKE. Format is `projects/{project}/topics/{topic}`. - string topic = 2 [(google.api.resource_reference) = { - type: "pubsub.googleapis.com/Topic" - }]; - } - - // Notification config for Pub/Sub. - PubSub pubsub = 1; -} - -// ConfidentialNodes is configuration for the confidential nodes feature, which -// makes nodes run on confidential VMs. -message ConfidentialNodes { - // Whether Confidential Nodes feature is enabled for all nodes in this - // cluster. - bool enabled = 1; -} - -// UpgradeEvent is a notification sent to customers by the cluster server when -// a resource is upgrading. -message UpgradeEvent { - // Required. The resource type that is upgrading. - UpgradeResourceType resource_type = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. The operation associated with this upgrade. - string operation = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The time when the operation was started. - google.protobuf.Timestamp operation_start_time = 3 [(google.api.field_behavior) = REQUIRED]; - - // Required. The current version before the upgrade. - string current_version = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. The target version for the upgrade. - string target_version = 5 [(google.api.field_behavior) = REQUIRED]; - - // Optional. Optional relative path to the resource. For example in node pool upgrades, - // the relative path of the node pool. - string resource = 6 [(google.api.field_behavior) = OPTIONAL]; -} - -// The datapath provider selects the implementation of the Kubernetes networking -// // model for service resolution and network policy enforcement. -enum DatapathProvider { - // Default value. - DATAPATH_PROVIDER_UNSPECIFIED = 0; - - // Use the IPTables implementation based on kube-proxy. - LEGACY_DATAPATH = 1; - - // Use the eBPF based GKE Dataplane V2 with additional features. See the [GKE - // Dataplane V2 - // documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) - // for more. - ADVANCED_DATAPATH = 2; -} - -// UpgradeResourceType is the resource type that is upgrading. It is used -// in upgrade notifications. -enum UpgradeResourceType { - // Default value. This shouldn't be used. - UPGRADE_RESOURCE_TYPE_UNSPECIFIED = 0; - - // Master / control plane - MASTER = 1; - - // Node pool - NODE_POOL = 2; -} From 631a3e182397118d9277b3e4a30352c8fe13d4d4 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Tue, 25 May 2021 11:12:02 -0400 Subject: [PATCH 05/15] chore: delete unused protos (#101) From 5053428f63792fa822ae28f34c0e35150794d153 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 28 May 2021 16:56:06 +0000 Subject: [PATCH 06/15] chore: new owl bot post processor docker image (#105) Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:c66ba3c8d7bc8566f47df841f98cd0097b28fff0b1864c86f5817f4c8c3e8600 --- .github/.OwlBot.lock.yaml | 2 +- docs/conf.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 127c2cdf..da616c91 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:0856ca711da1fd5ec9d6d7da6c50aa0bbf550fb94acb47b55159a640791987bf + digest: sha256:c66ba3c8d7bc8566f47df841f98cd0097b28fff0b1864c86f5817f4c8c3e8600 diff --git a/docs/conf.py b/docs/conf.py index 269b380a..7f10a099 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -363,6 +363,7 @@ "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None,), "grpc": ("https://grpc.github.io/grpc/python/", None), "proto-plus": ("https://proto-plus-python.readthedocs.io/en/latest/", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), } From 6da6c5a292e9d4b5149af926f6732b5fc6d04435 Mon Sep 17 00:00:00 2001 From: Don McCasland Date: Thu, 10 Jun 2021 07:56:34 -0700 Subject: [PATCH 07/15] chore: update CODEOWNERS to point to anthos-dpe team (#109) --- .github/CODEOWNERS | 2 +- .repo-metadata.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e2ec9cbc..77d9be37 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -5,7 +5,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax # The @googleapis/yoshi-python is the default owner for changes in this repo -* @googleapis/yoshi-python @googleapis/cicd +* @googleapis/yoshi-python @googleapis/anthos-dpe # The python-samples-reviewers team is the default owner for samples changes /samples/ @googleapis/python-samples-owners diff --git a/.repo-metadata.json b/.repo-metadata.json index d13091b2..7b4452dd 100644 --- a/.repo-metadata.json +++ b/.repo-metadata.json @@ -10,6 +10,6 @@ "repo": "googleapis/python-container", "distribution_name": "google-cloud-container", "api_id": "container.googleapis.com", - "codeowner_team": "@googleapis/cicd", + "codeowner_team": "@googleapis/anthos-dpe", "requires_billing": true } From d56f699dad3e7fdf654861e36a007a79df760790 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 11 Jun 2021 12:06:02 +0000 Subject: [PATCH 08/15] feat: support for NodeAutoprovisioning ImageType (#107) PiperOrigin-RevId: 378163331 Source-Link: https://github.com/googleapis/googleapis/commit/e610c3bbc75e66fcfd5d7c46fab225c5978700df Source-Link: https://github.com/googleapis/googleapis-gen/commit/49f69683660cbd5081c0b0d58b61fbfb9161c0e0 --- google/cloud/container_v1/types/cluster_service.py | 3 +++ google/cloud/container_v1beta1/types/cluster_service.py | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/google/cloud/container_v1/types/cluster_service.py b/google/cloud/container_v1/types/cluster_service.py index 937edbec..79450e44 100644 --- a/google/cloud/container_v1/types/cluster_service.py +++ b/google/cloud/container_v1/types/cluster_service.py @@ -2993,6 +2993,8 @@ class AutoprovisioningNodePoolDefaults(proto.Message): For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption + image_type (str): + The image type to use for NAP created node. """ oauth_scopes = proto.RepeatedField(proto.STRING, number=1,) @@ -3008,6 +3010,7 @@ class AutoprovisioningNodePoolDefaults(proto.Message): proto.MESSAGE, number=8, message="ShieldedInstanceConfig", ) boot_disk_kms_key = proto.Field(proto.STRING, number=9,) + image_type = proto.Field(proto.STRING, number=10,) class ResourceLimit(proto.Message): diff --git a/google/cloud/container_v1beta1/types/cluster_service.py b/google/cloud/container_v1beta1/types/cluster_service.py index 6a951a15..c40014d1 100644 --- a/google/cloud/container_v1beta1/types/cluster_service.py +++ b/google/cloud/container_v1beta1/types/cluster_service.py @@ -3359,6 +3359,9 @@ class AutoprovisioningNodePoolDefaults(proto.Message): For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption + image_type (str): + The image type to use for node created by + NodeAutoprovisioning. """ oauth_scopes = proto.RepeatedField(proto.STRING, number=1,) @@ -3374,6 +3377,7 @@ class AutoprovisioningNodePoolDefaults(proto.Message): proto.MESSAGE, number=8, message="ShieldedInstanceConfig", ) boot_disk_kms_key = proto.Field(proto.STRING, number=9,) + image_type = proto.Field(proto.STRING, number=10,) class ResourceLimit(proto.Message): From 48a193ce79b349c526578a7a846e86eb44cac2e3 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Thu, 17 Jun 2021 10:52:08 +0000 Subject: [PATCH 09/15] chore: new owl bot post processor docker image (#111) Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:58c7342b0bccf85028100adaa3d856cb4a871c22ca9c01960d996e66c40548ce --- .github/.OwlBot.lock.yaml | 2 +- docs/conf.py | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index da616c91..ea06d395 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:c66ba3c8d7bc8566f47df841f98cd0097b28fff0b1864c86f5817f4c8c3e8600 + digest: sha256:58c7342b0bccf85028100adaa3d856cb4a871c22ca9c01960d996e66c40548ce diff --git a/docs/conf.py b/docs/conf.py index 7f10a099..ce981509 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -80,9 +80,9 @@ master_doc = "index" # General information about the project. -project = u"google-cloud-container" -copyright = u"2019, Google" -author = u"Google APIs" +project = "google-cloud-container" +copyright = "2019, Google" +author = "Google APIs" # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the @@ -281,7 +281,7 @@ ( master_doc, "google-cloud-container.tex", - u"google-cloud-container Documentation", + "google-cloud-container Documentation", author, "manual", ) @@ -316,7 +316,7 @@ ( master_doc, "google-cloud-container", - u"google-cloud-container Documentation", + "google-cloud-container Documentation", [author], 1, ) @@ -335,7 +335,7 @@ ( master_doc, "google-cloud-container", - u"google-cloud-container Documentation", + "google-cloud-container Documentation", author, "google-cloud-container", "google-cloud-container Library", From 5a3941a03c48e3cef4d21ac10fc8e7b1b594ad1e Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Sat, 19 Jun 2021 01:36:09 +0000 Subject: [PATCH 10/15] docs: omit mention of Python 2.7 in 'CONTRIBUTING.rst' (#1127) (#112) Closes #1126 Source-Link: https://github.com/googleapis/synthtool/commit/b91f129527853d5b756146a0b5044481fb4e09a8 Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:b6169fc6a5207b11800a7c002d0c5c2bc6d82697185ca12e666f44031468cfcd --- .github/.OwlBot.lock.yaml | 2 +- CONTRIBUTING.rst | 7 ++----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index ea06d395..cc49c6a3 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:58c7342b0bccf85028100adaa3d856cb4a871c22ca9c01960d996e66c40548ce + digest: sha256:b6169fc6a5207b11800a7c002d0c5c2bc6d82697185ca12e666f44031468cfcd diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index d9e361ea..fd177f08 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -69,7 +69,6 @@ We use `nox `__ to instrument our tests. - To test your changes, run unit tests with ``nox``:: - $ nox -s unit-2.7 $ nox -s unit-3.8 $ ... @@ -144,7 +143,6 @@ Running System Tests # Run all system tests $ nox -s system-3.8 - $ nox -s system-2.7 # Run a single system test $ nox -s system-3.8 -- -k @@ -152,9 +150,8 @@ Running System Tests .. note:: - System tests are only configured to run under Python 2.7 and - Python 3.8. For expediency, we do not run them in older versions - of Python 3. + System tests are only configured to run under Python 3.8. + For expediency, we do not run them in older versions of Python 3. This alone will not run the tests. You'll need to change some local auth settings and change some configuration in your project to From 0b41eaf46ec5bfc40b6314917f711db659b6462c Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Sun, 20 Jun 2021 01:00:06 +0000 Subject: [PATCH 11/15] chore: update precommit hook pre-commit/pre-commit-hooks to v4 (#1083) (#113) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [pre-commit/pre-commit-hooks](https://togithub.com/pre-commit/pre-commit-hooks) | repository | major | `v3.4.0` -> `v4.0.1` | --- ### Release Notes
pre-commit/pre-commit-hooks ### [`v4.0.1`](https://togithub.com/pre-commit/pre-commit-hooks/releases/v4.0.1) [Compare Source](https://togithub.com/pre-commit/pre-commit-hooks/compare/v4.0.0...v4.0.1) ##### Fixes - `check-shebang-scripts-are-executable` fix entry point. - [#​602](https://togithub.com/pre-commit/pre-commit-hooks/issues/602) issue by [@​Person-93](https://togithub.com/Person-93). - [#​603](https://togithub.com/pre-commit/pre-commit-hooks/issues/603) PR by [@​scop](https://togithub.com/scop). ### [`v4.0.0`](https://togithub.com/pre-commit/pre-commit-hooks/releases/v4.0.0) [Compare Source](https://togithub.com/pre-commit/pre-commit-hooks/compare/v3.4.0...v4.0.0) ##### Features - `check-json`: report duplicate keys. - [#​558](https://togithub.com/pre-commit/pre-commit-hooks/issues/558) PR by [@​AdityaKhursale](https://togithub.com/AdityaKhursale). - [#​554](https://togithub.com/pre-commit/pre-commit-hooks/issues/554) issue by [@​adamchainz](https://togithub.com/adamchainz). - `no-commit-to-branch`: add `main` to default blocked branches. - [#​565](https://togithub.com/pre-commit/pre-commit-hooks/issues/565) PR by [@​ndevenish](https://togithub.com/ndevenish). - `check-case-conflict`: check conflicts in directory names as well. - [#​575](https://togithub.com/pre-commit/pre-commit-hooks/issues/575) PR by [@​slsyy](https://togithub.com/slsyy). - [#​70](https://togithub.com/pre-commit/pre-commit-hooks/issues/70) issue by [@​andyjack](https://togithub.com/andyjack). - `check-vcs-permalinks`: forbid other branch names. - [#​582](https://togithub.com/pre-commit/pre-commit-hooks/issues/582) PR by [@​jack1142](https://togithub.com/jack1142). - [#​581](https://togithub.com/pre-commit/pre-commit-hooks/issues/581) issue by [@​jack1142](https://togithub.com/jack1142). - `check-shebang-scripts-are-executable`: new hook which ensures shebang'd scripts are executable. - [#​545](https://togithub.com/pre-commit/pre-commit-hooks/issues/545) PR by [@​scop](https://togithub.com/scop). ##### Fixes - `check-executables-have-shebangs`: Short circuit shebang lookup on windows. - [#​544](https://togithub.com/pre-commit/pre-commit-hooks/issues/544) PR by [@​scop](https://togithub.com/scop). - `requirements-txt-fixer`: Fix comments which have indentation - [#​549](https://togithub.com/pre-commit/pre-commit-hooks/issues/549) PR by [@​greshilov](https://togithub.com/greshilov). - [#​548](https://togithub.com/pre-commit/pre-commit-hooks/issues/548) issue by [@​greshilov](https://togithub.com/greshilov). - `pretty-format-json`: write to stdout using UTF-8 encoding. - [#​571](https://togithub.com/pre-commit/pre-commit-hooks/issues/571) PR by [@​jack1142](https://togithub.com/jack1142). - [#​570](https://togithub.com/pre-commit/pre-commit-hooks/issues/570) issue by [@​jack1142](https://togithub.com/jack1142). - Use more inclusive language. - [#​599](https://togithub.com/pre-commit/pre-commit-hooks/issues/599) PR by [@​asottile](https://togithub.com/asottile). ##### Breaking changes - Remove deprecated hooks: `flake8`, `pyflakes`, `autopep8-wrapper`. - [#​597](https://togithub.com/pre-commit/pre-commit-hooks/issues/597) PR by [@​asottile](https://togithub.com/asottile).
--- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻️ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/synthtool). Source-Link: https://github.com/googleapis/synthtool/commit/333fd90856f1454380514bc59fc0936cdaf1c202 Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:b8c131c558606d3cea6e18f8e87befbd448c1482319b0db3c5d5388fa6ea72e3 --- .github/.OwlBot.lock.yaml | 2 +- .pre-commit-config.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index cc49c6a3..9602d540 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:b6169fc6a5207b11800a7c002d0c5c2bc6d82697185ca12e666f44031468cfcd + digest: sha256:b8c131c558606d3cea6e18f8e87befbd448c1482319b0db3c5d5388fa6ea72e3 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4f00c7cf..62eb5a77 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -16,7 +16,7 @@ # See https://pre-commit.com/hooks.html for more hooks repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.4.0 + rev: v4.0.1 hooks: - id: trailing-whitespace - id: end-of-file-fixer From 76668b18426f8a21a78b506acde9f5926e55d748 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 22 Jun 2021 20:14:17 +0000 Subject: [PATCH 12/15] chore: add kokoro 3.9 config templates (#114) Source-Link: https://github.com/googleapis/synthtool/commit/b0eb8a8b30b46a3c98d23c23107acb748c6601a1 Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:df50e8d462f86d6bcb42f27ecad55bb12c404f1c65de9c6fe4c4d25120080bd6 --- .github/.OwlBot.lock.yaml | 2 +- .kokoro/samples/python3.9/common.cfg | 40 +++++++++++++++++++++ .kokoro/samples/python3.9/continuous.cfg | 6 ++++ .kokoro/samples/python3.9/periodic-head.cfg | 11 ++++++ .kokoro/samples/python3.9/periodic.cfg | 6 ++++ .kokoro/samples/python3.9/presubmit.cfg | 6 ++++ 6 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 .kokoro/samples/python3.9/common.cfg create mode 100644 .kokoro/samples/python3.9/continuous.cfg create mode 100644 .kokoro/samples/python3.9/periodic-head.cfg create mode 100644 .kokoro/samples/python3.9/periodic.cfg create mode 100644 .kokoro/samples/python3.9/presubmit.cfg diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 9602d540..0954585f 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:b8c131c558606d3cea6e18f8e87befbd448c1482319b0db3c5d5388fa6ea72e3 + digest: sha256:df50e8d462f86d6bcb42f27ecad55bb12c404f1c65de9c6fe4c4d25120080bd6 diff --git a/.kokoro/samples/python3.9/common.cfg b/.kokoro/samples/python3.9/common.cfg new file mode 100644 index 00000000..595066b8 --- /dev/null +++ b/.kokoro/samples/python3.9/common.cfg @@ -0,0 +1,40 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +# Build logs will be here +action { + define_artifacts { + regex: "**/*sponge_log.xml" + } +} + +# Specify which tests to run +env_vars: { + key: "RUN_TESTS_SESSION" + value: "py-3.9" +} + +# Declare build specific Cloud project. +env_vars: { + key: "BUILD_SPECIFIC_GCLOUD_PROJECT" + value: "python-docs-samples-tests-py39" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/python-container/.kokoro/test-samples.sh" +} + +# Configure the docker image for kokoro-trampoline. +env_vars: { + key: "TRAMPOLINE_IMAGE" + value: "gcr.io/cloud-devrel-kokoro-resources/python-samples-testing-docker" +} + +# Download secrets for samples +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/python-docs-samples" + +# Download trampoline resources. +gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline" + +# Use the trampoline script to run in docker. +build_file: "python-container/.kokoro/trampoline.sh" \ No newline at end of file diff --git a/.kokoro/samples/python3.9/continuous.cfg b/.kokoro/samples/python3.9/continuous.cfg new file mode 100644 index 00000000..a1c8d975 --- /dev/null +++ b/.kokoro/samples/python3.9/continuous.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "INSTALL_LIBRARY_FROM_SOURCE" + value: "True" +} \ No newline at end of file diff --git a/.kokoro/samples/python3.9/periodic-head.cfg b/.kokoro/samples/python3.9/periodic-head.cfg new file mode 100644 index 00000000..f9cfcd33 --- /dev/null +++ b/.kokoro/samples/python3.9/periodic-head.cfg @@ -0,0 +1,11 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "INSTALL_LIBRARY_FROM_SOURCE" + value: "True" +} + +env_vars: { + key: "TRAMPOLINE_BUILD_FILE" + value: "github/python-pubsub/.kokoro/test-samples-against-head.sh" +} diff --git a/.kokoro/samples/python3.9/periodic.cfg b/.kokoro/samples/python3.9/periodic.cfg new file mode 100644 index 00000000..50fec964 --- /dev/null +++ b/.kokoro/samples/python3.9/periodic.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "INSTALL_LIBRARY_FROM_SOURCE" + value: "False" +} \ No newline at end of file diff --git a/.kokoro/samples/python3.9/presubmit.cfg b/.kokoro/samples/python3.9/presubmit.cfg new file mode 100644 index 00000000..a1c8d975 --- /dev/null +++ b/.kokoro/samples/python3.9/presubmit.cfg @@ -0,0 +1,6 @@ +# Format: //devtools/kokoro/config/proto/build.proto + +env_vars: { + key: "INSTALL_LIBRARY_FROM_SOURCE" + value: "True" +} \ No newline at end of file From d1a16681f9a6ce73c1b04fa98873efadb5d1c0d3 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 25 Jun 2021 23:28:24 +0000 Subject: [PATCH 13/15] chore(python): simplify nox steps in CONTRIBUTING.rst (#116) Source-Link: https://github.com/googleapis/synthtool/commit/26558bae8976a985d73c2d98c31d8612273f907d Post-Processor: gcr.io/repo-automation-bots/owlbot-python:latest@sha256:99d90d097e4a4710cc8658ee0b5b963f4426d0e424819787c3ac1405c9a26719 --- .github/.OwlBot.lock.yaml | 2 +- CONTRIBUTING.rst | 14 ++++++-------- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 0954585f..e2b39f94 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-python:latest - digest: sha256:df50e8d462f86d6bcb42f27ecad55bb12c404f1c65de9c6fe4c4d25120080bd6 + digest: sha256:99d90d097e4a4710cc8658ee0b5b963f4426d0e424819787c3ac1405c9a26719 diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index fd177f08..29c50d18 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -68,14 +68,12 @@ Using ``nox`` We use `nox `__ to instrument our tests. - To test your changes, run unit tests with ``nox``:: + $ nox -s unit - $ nox -s unit-3.8 - $ ... +- To run a single unit test:: -- Args to pytest can be passed through the nox command separated by a `--`. For - example, to run a single test:: + $ nox -s unit-3.9 -- -k - $ nox -s unit-3.8 -- -k .. note:: @@ -142,7 +140,7 @@ Running System Tests - To run system tests, you can execute:: # Run all system tests - $ nox -s system-3.8 + $ nox -s system # Run a single system test $ nox -s system-3.8 -- -k @@ -215,8 +213,8 @@ Supported versions can be found in our ``noxfile.py`` `config`_. .. _config: https://github.com/googleapis/python-container/blob/master/noxfile.py -We also explicitly decided to support Python 3 beginning with version -3.6. Reasons for this include: +We also explicitly decided to support Python 3 beginning with version 3.6. +Reasons for this include: - Encouraging use of newest versions of Python 3 - Taking the lead of `prominent`_ open-source `projects`_ From bb598c45f5f2c5ca75a638c17168d6a4a15547a4 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Wed, 30 Jun 2021 17:27:18 -0600 Subject: [PATCH 14/15] feat: add always_use_jwt_access (#119) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: use gapic-generator-python 0.50.3 Committer: @busunkim96 PiperOrigin-RevId: 382142900 Source-Link: https://github.com/googleapis/googleapis/commit/513440fda515f3c799c22a30e3906dcda325004e Source-Link: https://github.com/googleapis/googleapis-gen/commit/7b1e2c31233f79a704ec21ca410bf661d6bc68d0 * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md Co-authored-by: Owl Bot Co-authored-by: Bu Sun Kim --- .../services/cluster_manager/async_client.py | 5 + .../services/cluster_manager/client.py | 5 + .../cluster_manager/transports/base.py | 42 ++---- .../cluster_manager/transports/grpc.py | 10 +- .../transports/grpc_asyncio.py | 10 +- .../services/cluster_manager/async_client.py | 5 + .../services/cluster_manager/client.py | 5 + .../cluster_manager/transports/base.py | 42 ++---- .../cluster_manager/transports/grpc.py | 10 +- .../transports/grpc_asyncio.py | 10 +- owlbot.py | 9 ++ setup.py | 2 +- testing/constraints-3.6.txt | 2 +- .../container_v1/test_cluster_manager.py | 128 +++++------------- .../container_v1beta1/test_cluster_manager.py | 128 +++++------------- 15 files changed, 161 insertions(+), 252 deletions(-) diff --git a/google/cloud/container_v1/services/cluster_manager/async_client.py b/google/cloud/container_v1/services/cluster_manager/async_client.py index 9f03cbbd..a98c7a65 100644 --- a/google/cloud/container_v1/services/cluster_manager/async_client.py +++ b/google/cloud/container_v1/services/cluster_manager/async_client.py @@ -18,6 +18,7 @@ import re from typing import Dict, Sequence, Tuple, Type, Union import pkg_resources +import warnings import google.api_core.client_options as ClientOptions # type: ignore from google.api_core import exceptions as core_exceptions # type: ignore @@ -1210,6 +1211,10 @@ async def set_locations( output only. """ + warnings.warn( + "ClusterManagerAsyncClient.set_locations is deprecated", DeprecationWarning, + ) + # Create or coerce a protobuf request object. # Sanity check: If we got a request object, we should *not* have # gotten any keyword arguments that map to the request. diff --git a/google/cloud/container_v1/services/cluster_manager/client.py b/google/cloud/container_v1/services/cluster_manager/client.py index 6793154a..2121fb09 100644 --- a/google/cloud/container_v1/services/cluster_manager/client.py +++ b/google/cloud/container_v1/services/cluster_manager/client.py @@ -19,6 +19,7 @@ import re from typing import Callable, Dict, Optional, Sequence, Tuple, Type, Union import pkg_resources +import warnings from google.api_core import client_options as client_options_lib # type: ignore from google.api_core import exceptions as core_exceptions # type: ignore @@ -1365,6 +1366,10 @@ def set_locations( output only. """ + warnings.warn( + "ClusterManagerClient.set_locations is deprecated", DeprecationWarning, + ) + # Create or coerce a protobuf request object. # Sanity check: If we got a request object, we should *not* have # gotten any keyword arguments that map to the request. diff --git a/google/cloud/container_v1/services/cluster_manager/transports/base.py b/google/cloud/container_v1/services/cluster_manager/transports/base.py index 2c2d568e..2cd76906 100644 --- a/google/cloud/container_v1/services/cluster_manager/transports/base.py +++ b/google/cloud/container_v1/services/cluster_manager/transports/base.py @@ -24,6 +24,7 @@ from google.api_core import gapic_v1 # type: ignore from google.api_core import retry as retries # type: ignore from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore from google.cloud.container_v1.types import cluster_service from google.protobuf import empty_pb2 # type: ignore @@ -44,8 +45,6 @@ except pkg_resources.DistributionNotFound: # pragma: NO COVER _GOOGLE_AUTH_VERSION = None -_API_CORE_VERSION = google.api_core.__version__ - class ClusterManagerTransport(abc.ABC): """Abstract transport class for ClusterManager.""" @@ -63,6 +62,7 @@ def __init__( scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, **kwargs, ) -> None: """Instantiate the transport. @@ -86,6 +86,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. """ # Save the hostname. Default to port 443 (HTTPS) if none is specified. if ":" not in host: @@ -95,7 +97,7 @@ def __init__( scopes_kwargs = self._get_scopes_kwargs(self._host, scopes) # Save the scopes. - self._scopes = scopes or self.AUTH_SCOPES + self._scopes = scopes # If no credentials are provided, then determine the appropriate # defaults. @@ -114,13 +116,20 @@ def __init__( **scopes_kwargs, quota_project_id=quota_project_id ) + # If the credentials is service account credentials, then always try to use self signed JWT. + if ( + always_use_jwt_access + and isinstance(credentials, service_account.Credentials) + and hasattr(service_account.Credentials, "with_always_use_jwt_access") + ): + credentials = credentials.with_always_use_jwt_access(True) + # Save the credentials. self._credentials = credentials - # TODO(busunkim): These two class methods are in the base transport + # TODO(busunkim): This method is in the base transport # to avoid duplicating code across the transport classes. These functions - # should be deleted once the minimum required versions of google-api-core - # and google-auth are increased. + # should be deleted once the minimum required versions of google-auth is increased. # TODO: Remove this function once google-auth >= 1.25.0 is required @classmethod @@ -141,27 +150,6 @@ def _get_scopes_kwargs( return scopes_kwargs - # TODO: Remove this function once google-api-core >= 1.26.0 is required - @classmethod - def _get_self_signed_jwt_kwargs( - cls, host: str, scopes: Optional[Sequence[str]] - ) -> Dict[str, Union[Optional[Sequence[str]], str]]: - """Returns kwargs to pass to grpc_helpers.create_channel depending on the google-api-core version""" - - self_signed_jwt_kwargs: Dict[str, Union[Optional[Sequence[str]], str]] = {} - - if _API_CORE_VERSION and ( - packaging.version.parse(_API_CORE_VERSION) - >= packaging.version.parse("1.26.0") - ): - self_signed_jwt_kwargs["default_scopes"] = cls.AUTH_SCOPES - self_signed_jwt_kwargs["scopes"] = scopes - self_signed_jwt_kwargs["default_host"] = cls.DEFAULT_HOST - else: - self_signed_jwt_kwargs["scopes"] = scopes or cls.AUTH_SCOPES - - return self_signed_jwt_kwargs - def _prep_wrapped_messages(self, client_info): # Precompute the wrapped methods. self._wrapped_methods = { diff --git a/google/cloud/container_v1/services/cluster_manager/transports/grpc.py b/google/cloud/container_v1/services/cluster_manager/transports/grpc.py index 7bf6f3f7..d1188dec 100644 --- a/google/cloud/container_v1/services/cluster_manager/transports/grpc.py +++ b/google/cloud/container_v1/services/cluster_manager/transports/grpc.py @@ -58,6 +58,7 @@ def __init__( client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, ) -> None: """Instantiate the transport. @@ -98,6 +99,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. Raises: google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport @@ -150,6 +153,7 @@ def __init__( scopes=scopes, quota_project_id=quota_project_id, client_info=client_info, + always_use_jwt_access=always_use_jwt_access, ) if not self._grpc_channel: @@ -205,14 +209,14 @@ def create_channel( and ``credentials_file`` are passed. """ - self_signed_jwt_kwargs = cls._get_self_signed_jwt_kwargs(host, scopes) - return grpc_helpers.create_channel( host, credentials=credentials, credentials_file=credentials_file, quota_project_id=quota_project_id, - **self_signed_jwt_kwargs, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, **kwargs, ) diff --git a/google/cloud/container_v1/services/cluster_manager/transports/grpc_asyncio.py b/google/cloud/container_v1/services/cluster_manager/transports/grpc_asyncio.py index e22d694a..837092b7 100644 --- a/google/cloud/container_v1/services/cluster_manager/transports/grpc_asyncio.py +++ b/google/cloud/container_v1/services/cluster_manager/transports/grpc_asyncio.py @@ -79,14 +79,14 @@ def create_channel( aio.Channel: A gRPC AsyncIO channel object. """ - self_signed_jwt_kwargs = cls._get_self_signed_jwt_kwargs(host, scopes) - return grpc_helpers_async.create_channel( host, credentials=credentials, credentials_file=credentials_file, quota_project_id=quota_project_id, - **self_signed_jwt_kwargs, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, **kwargs, ) @@ -104,6 +104,7 @@ def __init__( client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, quota_project_id=None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, ) -> None: """Instantiate the transport. @@ -145,6 +146,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. Raises: google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport @@ -196,6 +199,7 @@ def __init__( scopes=scopes, quota_project_id=quota_project_id, client_info=client_info, + always_use_jwt_access=always_use_jwt_access, ) if not self._grpc_channel: diff --git a/google/cloud/container_v1beta1/services/cluster_manager/async_client.py b/google/cloud/container_v1beta1/services/cluster_manager/async_client.py index fa943c1a..5364ea41 100644 --- a/google/cloud/container_v1beta1/services/cluster_manager/async_client.py +++ b/google/cloud/container_v1beta1/services/cluster_manager/async_client.py @@ -18,6 +18,7 @@ import re from typing import Dict, Sequence, Tuple, Type, Union import pkg_resources +import warnings import google.api_core.client_options as ClientOptions # type: ignore from google.api_core import exceptions as core_exceptions # type: ignore @@ -1130,6 +1131,10 @@ async def set_locations( output only. """ + warnings.warn( + "ClusterManagerAsyncClient.set_locations is deprecated", DeprecationWarning, + ) + # Create or coerce a protobuf request object. # Sanity check: If we got a request object, we should *not* have # gotten any keyword arguments that map to the request. diff --git a/google/cloud/container_v1beta1/services/cluster_manager/client.py b/google/cloud/container_v1beta1/services/cluster_manager/client.py index 48d8ff97..21de5071 100644 --- a/google/cloud/container_v1beta1/services/cluster_manager/client.py +++ b/google/cloud/container_v1beta1/services/cluster_manager/client.py @@ -19,6 +19,7 @@ import re from typing import Callable, Dict, Optional, Sequence, Tuple, Type, Union import pkg_resources +import warnings from google.api_core import client_options as client_options_lib # type: ignore from google.api_core import exceptions as core_exceptions # type: ignore @@ -1294,6 +1295,10 @@ def set_locations( output only. """ + warnings.warn( + "ClusterManagerClient.set_locations is deprecated", DeprecationWarning, + ) + # Create or coerce a protobuf request object. # Sanity check: If we got a request object, we should *not* have # gotten any keyword arguments that map to the request. diff --git a/google/cloud/container_v1beta1/services/cluster_manager/transports/base.py b/google/cloud/container_v1beta1/services/cluster_manager/transports/base.py index 523a2431..91af1335 100644 --- a/google/cloud/container_v1beta1/services/cluster_manager/transports/base.py +++ b/google/cloud/container_v1beta1/services/cluster_manager/transports/base.py @@ -24,6 +24,7 @@ from google.api_core import gapic_v1 # type: ignore from google.api_core import retry as retries # type: ignore from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore from google.cloud.container_v1beta1.types import cluster_service from google.protobuf import empty_pb2 # type: ignore @@ -44,8 +45,6 @@ except pkg_resources.DistributionNotFound: # pragma: NO COVER _GOOGLE_AUTH_VERSION = None -_API_CORE_VERSION = google.api_core.__version__ - class ClusterManagerTransport(abc.ABC): """Abstract transport class for ClusterManager.""" @@ -63,6 +62,7 @@ def __init__( scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, **kwargs, ) -> None: """Instantiate the transport. @@ -86,6 +86,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. """ # Save the hostname. Default to port 443 (HTTPS) if none is specified. if ":" not in host: @@ -95,7 +97,7 @@ def __init__( scopes_kwargs = self._get_scopes_kwargs(self._host, scopes) # Save the scopes. - self._scopes = scopes or self.AUTH_SCOPES + self._scopes = scopes # If no credentials are provided, then determine the appropriate # defaults. @@ -114,13 +116,20 @@ def __init__( **scopes_kwargs, quota_project_id=quota_project_id ) + # If the credentials is service account credentials, then always try to use self signed JWT. + if ( + always_use_jwt_access + and isinstance(credentials, service_account.Credentials) + and hasattr(service_account.Credentials, "with_always_use_jwt_access") + ): + credentials = credentials.with_always_use_jwt_access(True) + # Save the credentials. self._credentials = credentials - # TODO(busunkim): These two class methods are in the base transport + # TODO(busunkim): This method is in the base transport # to avoid duplicating code across the transport classes. These functions - # should be deleted once the minimum required versions of google-api-core - # and google-auth are increased. + # should be deleted once the minimum required versions of google-auth is increased. # TODO: Remove this function once google-auth >= 1.25.0 is required @classmethod @@ -141,27 +150,6 @@ def _get_scopes_kwargs( return scopes_kwargs - # TODO: Remove this function once google-api-core >= 1.26.0 is required - @classmethod - def _get_self_signed_jwt_kwargs( - cls, host: str, scopes: Optional[Sequence[str]] - ) -> Dict[str, Union[Optional[Sequence[str]], str]]: - """Returns kwargs to pass to grpc_helpers.create_channel depending on the google-api-core version""" - - self_signed_jwt_kwargs: Dict[str, Union[Optional[Sequence[str]], str]] = {} - - if _API_CORE_VERSION and ( - packaging.version.parse(_API_CORE_VERSION) - >= packaging.version.parse("1.26.0") - ): - self_signed_jwt_kwargs["default_scopes"] = cls.AUTH_SCOPES - self_signed_jwt_kwargs["scopes"] = scopes - self_signed_jwt_kwargs["default_host"] = cls.DEFAULT_HOST - else: - self_signed_jwt_kwargs["scopes"] = scopes or cls.AUTH_SCOPES - - return self_signed_jwt_kwargs - def _prep_wrapped_messages(self, client_info): # Precompute the wrapped methods. self._wrapped_methods = { diff --git a/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc.py b/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc.py index 5da4bc2d..4cbdbb9c 100644 --- a/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc.py +++ b/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc.py @@ -58,6 +58,7 @@ def __init__( client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, ) -> None: """Instantiate the transport. @@ -98,6 +99,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. Raises: google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport @@ -150,6 +153,7 @@ def __init__( scopes=scopes, quota_project_id=quota_project_id, client_info=client_info, + always_use_jwt_access=always_use_jwt_access, ) if not self._grpc_channel: @@ -205,14 +209,14 @@ def create_channel( and ``credentials_file`` are passed. """ - self_signed_jwt_kwargs = cls._get_self_signed_jwt_kwargs(host, scopes) - return grpc_helpers.create_channel( host, credentials=credentials, credentials_file=credentials_file, quota_project_id=quota_project_id, - **self_signed_jwt_kwargs, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, **kwargs, ) diff --git a/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc_asyncio.py b/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc_asyncio.py index b5f2bb5a..66915da4 100644 --- a/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc_asyncio.py +++ b/google/cloud/container_v1beta1/services/cluster_manager/transports/grpc_asyncio.py @@ -79,14 +79,14 @@ def create_channel( aio.Channel: A gRPC AsyncIO channel object. """ - self_signed_jwt_kwargs = cls._get_self_signed_jwt_kwargs(host, scopes) - return grpc_helpers_async.create_channel( host, credentials=credentials, credentials_file=credentials_file, quota_project_id=quota_project_id, - **self_signed_jwt_kwargs, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, **kwargs, ) @@ -104,6 +104,7 @@ def __init__( client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, quota_project_id=None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, ) -> None: """Instantiate the transport. @@ -145,6 +146,8 @@ def __init__( API requests. If ``None``, then default info will be used. Generally, you only need to set this if you're developing your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. Raises: google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport @@ -196,6 +199,7 @@ def __init__( scopes=scopes, quota_project_id=quota_project_id, client_info=client_info, + always_use_jwt_access=always_use_jwt_access, ) if not self._grpc_channel: diff --git a/owlbot.py b/owlbot.py index 8f5ee2ad..1bd814f4 100644 --- a/owlbot.py +++ b/owlbot.py @@ -71,6 +71,15 @@ library / f"google/container_{library.name}", f"google/cloud/container_{library.name}" ) + + # Fix DeprecationWarning + # Fix incorrect DeprecationWarning + # Fixed in https://github.com/googleapis/gapic-generator-python/pull/943 + s.replace( + "google/**/*client.py", + "warnings\.DeprecationWarning", + "DeprecationWarning" + ) s.move(library / "tests") s.move(library / "scripts") s.move(library / "docs", excludes=["index.rst"]) diff --git a/setup.py b/setup.py index 5443de2a..2c3dfd2c 100644 --- a/setup.py +++ b/setup.py @@ -29,7 +29,7 @@ # 'Development Status :: 5 - Production/Stable' release_status = "Development Status :: 5 - Production/Stable" dependencies = [ - "google-api-core[grpc] >= 1.21.2, < 2.0.0dev", + "google-api-core[grpc] >= 1.26.0, <2.0.0dev", "grpc-google-iam-v1 >= 0.12.3, < 0.13dev", "proto-plus >= 1.4.0", "packaging >= 14.3", diff --git a/testing/constraints-3.6.txt b/testing/constraints-3.6.txt index 32665453..58c6eba2 100644 --- a/testing/constraints-3.6.txt +++ b/testing/constraints-3.6.txt @@ -5,7 +5,7 @@ # # e.g., if setup.py has "foo >= 1.14.0, < 2.0.0dev", # Then this file should have foo==1.14.0 -google-api-core==1.26.3 +google-api-core==1.26.0 grpc-google-iam-v1==0.12.3 proto-plus==1.4.0 libcst==0.2.5 diff --git a/tests/unit/gapic/container_v1/test_cluster_manager.py b/tests/unit/gapic/container_v1/test_cluster_manager.py index 82b81b14..28cc1f9f 100644 --- a/tests/unit/gapic/container_v1/test_cluster_manager.py +++ b/tests/unit/gapic/container_v1/test_cluster_manager.py @@ -35,9 +35,6 @@ from google.cloud.container_v1.services.cluster_manager import ClusterManagerClient from google.cloud.container_v1.services.cluster_manager import pagers from google.cloud.container_v1.services.cluster_manager import transports -from google.cloud.container_v1.services.cluster_manager.transports.base import ( - _API_CORE_VERSION, -) from google.cloud.container_v1.services.cluster_manager.transports.base import ( _GOOGLE_AUTH_VERSION, ) @@ -47,8 +44,9 @@ import google.auth -# TODO(busunkim): Once google-api-core >= 1.26.0 is required: -# - Delete all the api-core and auth "less than" test cases +# TODO(busunkim): Once google-auth >= 1.25.0 is required transitively +# through google-api-core: +# - Delete the auth "less than" test cases # - Delete these pytest markers (Make the "greater than or equal to" tests the default). requires_google_auth_lt_1_25_0 = pytest.mark.skipif( packaging.version.parse(_GOOGLE_AUTH_VERSION) >= packaging.version.parse("1.25.0"), @@ -59,16 +57,6 @@ reason="This test requires google-auth >= 1.25.0", ) -requires_api_core_lt_1_26_0 = pytest.mark.skipif( - packaging.version.parse(_API_CORE_VERSION) >= packaging.version.parse("1.26.0"), - reason="This test requires google-api-core < 1.26.0", -) - -requires_api_core_gte_1_26_0 = pytest.mark.skipif( - packaging.version.parse(_API_CORE_VERSION) < packaging.version.parse("1.26.0"), - reason="This test requires google-api-core >= 1.26.0", -) - def client_cert_source_callback(): return b"cert bytes", b"key bytes" @@ -131,6 +119,36 @@ def test_cluster_manager_client_from_service_account_info(client_class): assert client.transport._host == "container.googleapis.com:443" +@pytest.mark.parametrize( + "client_class", [ClusterManagerClient, ClusterManagerAsyncClient,] +) +def test_cluster_manager_client_service_account_always_use_jwt(client_class): + with mock.patch.object( + service_account.Credentials, "with_always_use_jwt_access", create=True + ) as use_jwt: + creds = service_account.Credentials(None, None, None) + client = client_class(credentials=creds) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize( + "transport_class,transport_name", + [ + (transports.ClusterManagerGrpcTransport, "grpc"), + (transports.ClusterManagerGrpcAsyncIOTransport, "grpc_asyncio"), + ], +) +def test_cluster_manager_client_service_account_always_use_jwt_true( + transport_class, transport_name +): + with mock.patch.object( + service_account.Credentials, "with_always_use_jwt_access", create=True + ) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + @pytest.mark.parametrize( "client_class", [ClusterManagerClient, ClusterManagerAsyncClient,] ) @@ -8877,7 +8895,6 @@ def test_cluster_manager_transport_auth_adc_old_google_auth(transport_class): (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), ], ) -@requires_api_core_gte_1_26_0 def test_cluster_manager_transport_create_channel(transport_class, grpc_helpers): # If credentials and host are not provided, the transport class should use # ADC credentials. @@ -8906,79 +8923,6 @@ def test_cluster_manager_transport_create_channel(transport_class, grpc_helpers) ) -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ClusterManagerGrpcTransport, grpc_helpers), - (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), - ], -) -@requires_api_core_lt_1_26_0 -def test_cluster_manager_transport_create_channel_old_api_core( - transport_class, grpc_helpers -): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class(quota_project_id="octopus") - - create_channel.assert_called_with( - "container.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - scopes=("https://www.googleapis.com/auth/cloud-platform",), - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ClusterManagerGrpcTransport, grpc_helpers), - (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), - ], -) -@requires_api_core_lt_1_26_0 -def test_cluster_manager_transport_create_channel_user_scopes( - transport_class, grpc_helpers -): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - - create_channel.assert_called_with( - "container.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - scopes=["1", "2"], - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - @pytest.mark.parametrize( "transport_class", [ @@ -9001,7 +8945,7 @@ def test_cluster_manager_grpc_transport_client_cert_source_for_mtls(transport_cl "squid.clam.whelk:443", credentials=cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_channel_creds, quota_project_id=None, options=[ @@ -9110,7 +9054,7 @@ def test_cluster_manager_transport_channel_mtls_with_client_cert_source( "mtls.squid.clam.whelk:443", credentials=cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_cred, quota_project_id=None, options=[ @@ -9157,7 +9101,7 @@ def test_cluster_manager_transport_channel_mtls_with_adc(transport_class): "mtls.squid.clam.whelk:443", credentials=mock_cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_cred, quota_project_id=None, options=[ diff --git a/tests/unit/gapic/container_v1beta1/test_cluster_manager.py b/tests/unit/gapic/container_v1beta1/test_cluster_manager.py index f3b9b08e..41a7277b 100644 --- a/tests/unit/gapic/container_v1beta1/test_cluster_manager.py +++ b/tests/unit/gapic/container_v1beta1/test_cluster_manager.py @@ -37,9 +37,6 @@ from google.cloud.container_v1beta1.services.cluster_manager import ClusterManagerClient from google.cloud.container_v1beta1.services.cluster_manager import pagers from google.cloud.container_v1beta1.services.cluster_manager import transports -from google.cloud.container_v1beta1.services.cluster_manager.transports.base import ( - _API_CORE_VERSION, -) from google.cloud.container_v1beta1.services.cluster_manager.transports.base import ( _GOOGLE_AUTH_VERSION, ) @@ -52,8 +49,9 @@ import google.auth -# TODO(busunkim): Once google-api-core >= 1.26.0 is required: -# - Delete all the api-core and auth "less than" test cases +# TODO(busunkim): Once google-auth >= 1.25.0 is required transitively +# through google-api-core: +# - Delete the auth "less than" test cases # - Delete these pytest markers (Make the "greater than or equal to" tests the default). requires_google_auth_lt_1_25_0 = pytest.mark.skipif( packaging.version.parse(_GOOGLE_AUTH_VERSION) >= packaging.version.parse("1.25.0"), @@ -64,16 +62,6 @@ reason="This test requires google-auth >= 1.25.0", ) -requires_api_core_lt_1_26_0 = pytest.mark.skipif( - packaging.version.parse(_API_CORE_VERSION) >= packaging.version.parse("1.26.0"), - reason="This test requires google-api-core < 1.26.0", -) - -requires_api_core_gte_1_26_0 = pytest.mark.skipif( - packaging.version.parse(_API_CORE_VERSION) < packaging.version.parse("1.26.0"), - reason="This test requires google-api-core >= 1.26.0", -) - def client_cert_source_callback(): return b"cert bytes", b"key bytes" @@ -136,6 +124,36 @@ def test_cluster_manager_client_from_service_account_info(client_class): assert client.transport._host == "container.googleapis.com:443" +@pytest.mark.parametrize( + "client_class", [ClusterManagerClient, ClusterManagerAsyncClient,] +) +def test_cluster_manager_client_service_account_always_use_jwt(client_class): + with mock.patch.object( + service_account.Credentials, "with_always_use_jwt_access", create=True + ) as use_jwt: + creds = service_account.Credentials(None, None, None) + client = client_class(credentials=creds) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize( + "transport_class,transport_name", + [ + (transports.ClusterManagerGrpcTransport, "grpc"), + (transports.ClusterManagerGrpcAsyncIOTransport, "grpc_asyncio"), + ], +) +def test_cluster_manager_client_service_account_always_use_jwt_true( + transport_class, transport_name +): + with mock.patch.object( + service_account.Credentials, "with_always_use_jwt_access", create=True + ) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + @pytest.mark.parametrize( "client_class", [ClusterManagerClient, ClusterManagerAsyncClient,] ) @@ -9236,7 +9254,6 @@ def test_cluster_manager_transport_auth_adc_old_google_auth(transport_class): (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), ], ) -@requires_api_core_gte_1_26_0 def test_cluster_manager_transport_create_channel(transport_class, grpc_helpers): # If credentials and host are not provided, the transport class should use # ADC credentials. @@ -9265,79 +9282,6 @@ def test_cluster_manager_transport_create_channel(transport_class, grpc_helpers) ) -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ClusterManagerGrpcTransport, grpc_helpers), - (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), - ], -) -@requires_api_core_lt_1_26_0 -def test_cluster_manager_transport_create_channel_old_api_core( - transport_class, grpc_helpers -): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class(quota_project_id="octopus") - - create_channel.assert_called_with( - "container.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - scopes=("https://www.googleapis.com/auth/cloud-platform",), - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ClusterManagerGrpcTransport, grpc_helpers), - (transports.ClusterManagerGrpcAsyncIOTransport, grpc_helpers_async), - ], -) -@requires_api_core_lt_1_26_0 -def test_cluster_manager_transport_create_channel_user_scopes( - transport_class, grpc_helpers -): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - - create_channel.assert_called_with( - "container.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - scopes=["1", "2"], - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - @pytest.mark.parametrize( "transport_class", [ @@ -9360,7 +9304,7 @@ def test_cluster_manager_grpc_transport_client_cert_source_for_mtls(transport_cl "squid.clam.whelk:443", credentials=cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_channel_creds, quota_project_id=None, options=[ @@ -9469,7 +9413,7 @@ def test_cluster_manager_transport_channel_mtls_with_client_cert_source( "mtls.squid.clam.whelk:443", credentials=cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_cred, quota_project_id=None, options=[ @@ -9516,7 +9460,7 @@ def test_cluster_manager_transport_channel_mtls_with_adc(transport_class): "mtls.squid.clam.whelk:443", credentials=mock_cred, credentials_file=None, - scopes=("https://www.googleapis.com/auth/cloud-platform",), + scopes=None, ssl_credentials=mock_ssl_cred, quota_project_id=None, options=[ From 48700c2682b043a652359a93575d6126aae67668 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Wed, 30 Jun 2021 16:34:57 -0700 Subject: [PATCH 15/15] chore: release 2.5.0 (#110) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 13 +++++++++++++ setup.py | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 459f8215..dc988648 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,19 @@ [1]: https://pypi.org/project/google-cloud-container/#history +## [2.5.0](https://www.github.com/googleapis/python-container/compare/v2.4.1...v2.5.0) (2021-06-30) + + +### Features + +* add always_use_jwt_access ([#119](https://www.github.com/googleapis/python-container/issues/119)) ([bb598c4](https://www.github.com/googleapis/python-container/commit/bb598c45f5f2c5ca75a638c17168d6a4a15547a4)) +* support for NodeAutoprovisioning ImageType ([#107](https://www.github.com/googleapis/python-container/issues/107)) ([d56f699](https://www.github.com/googleapis/python-container/commit/d56f699dad3e7fdf654861e36a007a79df760790)) + + +### Documentation + +* omit mention of Python 2.7 in 'CONTRIBUTING.rst' ([#1127](https://www.github.com/googleapis/python-container/issues/1127)) ([#112](https://www.github.com/googleapis/python-container/issues/112)) ([5a3941a](https://www.github.com/googleapis/python-container/commit/5a3941a03c48e3cef4d21ac10fc8e7b1b594ad1e)), closes [#1126](https://www.github.com/googleapis/python-container/issues/1126) + ### [2.4.1](https://www.github.com/googleapis/python-container/compare/v2.4.0...v2.4.1) (2021-05-16) diff --git a/setup.py b/setup.py index 2c3dfd2c..206956c8 100644 --- a/setup.py +++ b/setup.py @@ -22,7 +22,7 @@ name = "google-cloud-container" description = "Google Container Engine API client library" -version = "2.4.1" +version = "2.5.0" # Should be one of: # 'Development Status :: 3 - Alpha' # 'Development Status :: 4 - Beta'