diff --git a/appengine/v1/appengine-api.json b/appengine/v1/appengine-api.json index 8567e082590..e1f3dff1215 100644 --- a/appengine/v1/appengine-api.json +++ b/appengine/v1/appengine-api.json @@ -1710,6 +1710,66 @@ ] } } + }, + "services": { + "resources": { + "versions": { + "methods": { + "delete": { + "description": "Deletes an existing Version resource.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}", + "httpMethod": "DELETE", + "id": "appengine.projects.locations.applications.services.versions.delete", + "parameterOrder": [ + "projectsId", + "locationsId", + "applicationsId", + "servicesId", + "versionsId" + ], + "parameters": { + "applicationsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "locationsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "projectsId": { + "description": "Part of `name`. Name of the resource requested. Example: apps/myapp/services/default/versions/v1.", + "location": "path", + "required": true, + "type": "string" + }, + "servicesId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "versionsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + } + }, + "path": "v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } } } } @@ -1718,7 +1778,7 @@ } } }, - "revision": "20240906", + "revision": "20241007", "rootUrl": "https://appengine.googleapis.com/", "schemas": { "ApiConfigHandler": { diff --git a/appengine/v1/appengine-gen.go b/appengine/v1/appengine-gen.go index 5a307ed2065..515eb6ec586 100644 --- a/appengine/v1/appengine-gen.go +++ b/appengine/v1/appengine-gen.go @@ -327,6 +327,7 @@ type ProjectsLocationsService struct { func NewProjectsLocationsApplicationsService(s *APIService) *ProjectsLocationsApplicationsService { rs := &ProjectsLocationsApplicationsService{s: s} rs.AuthorizedDomains = NewProjectsLocationsApplicationsAuthorizedDomainsService(s) + rs.Services = NewProjectsLocationsApplicationsServicesService(s) return rs } @@ -334,6 +335,8 @@ type ProjectsLocationsApplicationsService struct { s *APIService AuthorizedDomains *ProjectsLocationsApplicationsAuthorizedDomainsService + + Services *ProjectsLocationsApplicationsServicesService } func NewProjectsLocationsApplicationsAuthorizedDomainsService(s *APIService) *ProjectsLocationsApplicationsAuthorizedDomainsService { @@ -345,6 +348,27 @@ type ProjectsLocationsApplicationsAuthorizedDomainsService struct { s *APIService } +func NewProjectsLocationsApplicationsServicesService(s *APIService) *ProjectsLocationsApplicationsServicesService { + rs := &ProjectsLocationsApplicationsServicesService{s: s} + rs.Versions = NewProjectsLocationsApplicationsServicesVersionsService(s) + return rs +} + +type ProjectsLocationsApplicationsServicesService struct { + s *APIService + + Versions *ProjectsLocationsApplicationsServicesVersionsService +} + +func NewProjectsLocationsApplicationsServicesVersionsService(s *APIService) *ProjectsLocationsApplicationsServicesVersionsService { + rs := &ProjectsLocationsApplicationsServicesVersionsService{s: s} + return rs +} + +type ProjectsLocationsApplicationsServicesVersionsService struct { + s *APIService +} + // ApiConfigHandler: Google Cloud Endpoints // (https://cloud.google.com/endpoints) configuration for API handlers. type ApiConfigHandler struct { @@ -8511,3 +8535,115 @@ func (c *ProjectsLocationsApplicationsAuthorizedDomainsListCall) Pages(ctx conte c.PageToken(x.NextPageToken) } } + +type ProjectsLocationsApplicationsServicesVersionsDeleteCall struct { + s *APIService + projectsId string + locationsId string + applicationsId string + servicesId string + versionsId string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes an existing Version resource. +// +// - applicationsId: Part of `name`. See documentation of `projectsId`. +// - locationsId: Part of `name`. See documentation of `projectsId`. +// - projectsId: Part of `name`. Name of the resource requested. Example: +// apps/myapp/services/default/versions/v1. +// - servicesId: Part of `name`. See documentation of `projectsId`. +// - versionsId: Part of `name`. See documentation of `projectsId`. +func (r *ProjectsLocationsApplicationsServicesVersionsService) Delete(projectsId string, locationsId string, applicationsId string, servicesId string, versionsId string) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c := &ProjectsLocationsApplicationsServicesVersionsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.projectsId = projectsId + c.locationsId = locationsId + c.applicationsId = applicationsId + c.servicesId = servicesId + c.versionsId = versionsId + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Context(ctx context.Context) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "projectsId": c.projectsId, + "locationsId": c.locationsId, + "applicationsId": c.applicationsId, + "servicesId": c.servicesId, + "versionsId": c.versionsId, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "appengine.projects.locations.applications.services.versions.delete" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} diff --git a/appengine/v1beta/appengine-api.json b/appengine/v1beta/appengine-api.json index 0429678e6e2..cc6374f945b 100644 --- a/appengine/v1beta/appengine-api.json +++ b/appengine/v1beta/appengine-api.json @@ -1817,6 +1817,66 @@ ] } } + }, + "services": { + "resources": { + "versions": { + "methods": { + "delete": { + "description": "Deletes an existing Version resource.", + "flatPath": "v1beta/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}", + "httpMethod": "DELETE", + "id": "appengine.projects.locations.applications.services.versions.delete", + "parameterOrder": [ + "projectsId", + "locationsId", + "applicationsId", + "servicesId", + "versionsId" + ], + "parameters": { + "applicationsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "locationsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "projectsId": { + "description": "Part of `name`. Name of the resource requested. Example: apps/myapp/services/default/versions/v1.", + "location": "path", + "required": true, + "type": "string" + }, + "servicesId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + }, + "versionsId": { + "description": "Part of `name`. See documentation of `projectsId`.", + "location": "path", + "required": true, + "type": "string" + } + }, + "path": "v1beta/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } } } }, @@ -1918,7 +1978,7 @@ } } }, - "revision": "20240906", + "revision": "20241007", "rootUrl": "https://appengine.googleapis.com/", "schemas": { "ApiConfigHandler": { diff --git a/appengine/v1beta/appengine-gen.go b/appengine/v1beta/appengine-gen.go index 491f5945051..d034e472b9c 100644 --- a/appengine/v1beta/appengine-gen.go +++ b/appengine/v1beta/appengine-gen.go @@ -330,6 +330,7 @@ type ProjectsLocationsService struct { func NewProjectsLocationsApplicationsService(s *APIService) *ProjectsLocationsApplicationsService { rs := &ProjectsLocationsApplicationsService{s: s} rs.AuthorizedDomains = NewProjectsLocationsApplicationsAuthorizedDomainsService(s) + rs.Services = NewProjectsLocationsApplicationsServicesService(s) return rs } @@ -337,6 +338,8 @@ type ProjectsLocationsApplicationsService struct { s *APIService AuthorizedDomains *ProjectsLocationsApplicationsAuthorizedDomainsService + + Services *ProjectsLocationsApplicationsServicesService } func NewProjectsLocationsApplicationsAuthorizedDomainsService(s *APIService) *ProjectsLocationsApplicationsAuthorizedDomainsService { @@ -348,6 +351,27 @@ type ProjectsLocationsApplicationsAuthorizedDomainsService struct { s *APIService } +func NewProjectsLocationsApplicationsServicesService(s *APIService) *ProjectsLocationsApplicationsServicesService { + rs := &ProjectsLocationsApplicationsServicesService{s: s} + rs.Versions = NewProjectsLocationsApplicationsServicesVersionsService(s) + return rs +} + +type ProjectsLocationsApplicationsServicesService struct { + s *APIService + + Versions *ProjectsLocationsApplicationsServicesVersionsService +} + +func NewProjectsLocationsApplicationsServicesVersionsService(s *APIService) *ProjectsLocationsApplicationsServicesVersionsService { + rs := &ProjectsLocationsApplicationsServicesVersionsService{s: s} + return rs +} + +type ProjectsLocationsApplicationsServicesVersionsService struct { + s *APIService +} + func NewProjectsLocationsOperationsService(s *APIService) *ProjectsLocationsOperationsService { rs := &ProjectsLocationsOperationsService{s: s} return rs @@ -8903,6 +8927,118 @@ func (c *ProjectsLocationsApplicationsAuthorizedDomainsListCall) Pages(ctx conte } } +type ProjectsLocationsApplicationsServicesVersionsDeleteCall struct { + s *APIService + projectsId string + locationsId string + applicationsId string + servicesId string + versionsId string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes an existing Version resource. +// +// - applicationsId: Part of `name`. See documentation of `projectsId`. +// - locationsId: Part of `name`. See documentation of `projectsId`. +// - projectsId: Part of `name`. Name of the resource requested. Example: +// apps/myapp/services/default/versions/v1. +// - servicesId: Part of `name`. See documentation of `projectsId`. +// - versionsId: Part of `name`. See documentation of `projectsId`. +func (r *ProjectsLocationsApplicationsServicesVersionsService) Delete(projectsId string, locationsId string, applicationsId string, servicesId string, versionsId string) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c := &ProjectsLocationsApplicationsServicesVersionsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.projectsId = projectsId + c.locationsId = locationsId + c.applicationsId = applicationsId + c.servicesId = servicesId + c.versionsId = versionsId + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Context(ctx context.Context) *ProjectsLocationsApplicationsServicesVersionsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}/versions/{versionsId}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "projectsId": c.projectsId, + "locationsId": c.locationsId, + "applicationsId": c.applicationsId, + "servicesId": c.servicesId, + "versionsId": c.versionsId, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "appengine.projects.locations.applications.services.versions.delete" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsApplicationsServicesVersionsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type ProjectsLocationsOperationsGetCall struct { s *APIService projectsId string diff --git a/backupdr/v1/backupdr-api.json b/backupdr/v1/backupdr-api.json index 5b143d14300..ca354cc2b13 100644 --- a/backupdr/v1/backupdr-api.json +++ b/backupdr/v1/backupdr-api.json @@ -1658,7 +1658,7 @@ } } }, - "revision": "20240920", + "revision": "20241002", "rootUrl": "https://backupdr.googleapis.com/", "schemas": { "AbandonBackupRequest": { @@ -2444,8 +2444,7 @@ "type": "string" }, "resourceType": { - "description": "Output only. Output Only. Resource type of workload on which backupplan is applied", - "readOnly": true, + "description": "Optional. Resource type of workload on which backupplan is applied", "type": "string" }, "rulesConfigInfo": { diff --git a/backupdr/v1/backupdr-gen.go b/backupdr/v1/backupdr-gen.go index 9a7cf225b76..173cd6a56ec 100644 --- a/backupdr/v1/backupdr-gen.go +++ b/backupdr/v1/backupdr-gen.go @@ -1039,8 +1039,8 @@ type BackupPlanAssociation struct { // Resource: Required. Immutable. Resource name of workload on which backupplan // is applied Resource string `json:"resource,omitempty"` - // ResourceType: Output only. Output Only. Resource type of workload on which - // backupplan is applied + // ResourceType: Optional. Resource type of workload on which backupplan is + // applied ResourceType string `json:"resourceType,omitempty"` // RulesConfigInfo: Output only. The config info related to backup rules. RulesConfigInfo []*RuleConfigInfo `json:"rulesConfigInfo,omitempty"` diff --git a/batch/v1/batch-api.json b/batch/v1/batch-api.json index babc2aa5d58..1e1cf06af2a 100644 --- a/batch/v1/batch-api.json +++ b/batch/v1/batch-api.json @@ -561,7 +561,7 @@ } } }, - "revision": "20240925", + "revision": "20241002", "rootUrl": "https://batch.googleapis.com/", "schemas": { "Accelerator": { @@ -1264,7 +1264,7 @@ "type": "string" }, "reservation": { - "description": "Optional. If specified, VMs will consume only the specified reservation. If not specified (default), VMs will consume any applicable reservation. Additionally, VMs will not consume any reservation if \"NO_RESERVATION\" is specified.", + "description": "Optional. If not specified (default), VMs will consume any applicable reservation. If \"NO_RESERVATION\" is specified, VMs will not consume any reservation. Otherwise, if specified, VMs will consume only the specified reservation.", "type": "string" } }, diff --git a/batch/v1/batch-gen.go b/batch/v1/batch-gen.go index f200eefa702..9a4aa012b25 100644 --- a/batch/v1/batch-gen.go +++ b/batch/v1/batch-gen.go @@ -1185,10 +1185,10 @@ type InstancePolicy struct { // by this field) is the older model, and has been migrated to use the SPOT // model as the underlying technology. This old model will still be supported. ProvisioningModel string `json:"provisioningModel,omitempty"` - // Reservation: Optional. If specified, VMs will consume only the specified - // reservation. If not specified (default), VMs will consume any applicable - // reservation. Additionally, VMs will not consume any reservation if - // "NO_RESERVATION" is specified. + // Reservation: Optional. If not specified (default), VMs will consume any + // applicable reservation. If "NO_RESERVATION" is specified, VMs will not + // consume any reservation. Otherwise, if specified, VMs will consume only the + // specified reservation. Reservation string `json:"reservation,omitempty"` // ForceSendFields is a list of field names (e.g. "Accelerators") to // unconditionally include in API requests. By default, fields with empty or diff --git a/beyondcorp/v1/beyondcorp-api.json b/beyondcorp/v1/beyondcorp-api.json index b7d3205033e..8baf89cfacd 100644 --- a/beyondcorp/v1/beyondcorp-api.json +++ b/beyondcorp/v1/beyondcorp-api.json @@ -2257,7 +2257,7 @@ } } }, - "revision": "20240925", + "revision": "20241004", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -3545,9 +3545,24 @@ "description": "The Hub message contains information pertaining to the regional data path deployments.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1Hub", "properties": { - "natGatewayConfig": { - "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig", - "description": "Optional. NAT gateway setup to ensure enough NAT IP addresses are available to handle the traffic needed to access the applications. Allows to explicitly enable or disable the NAT in the Hub along with the total IPs allocated to handle the capacity limits." + "internetGateway": { + "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway", + "description": "Optional. Internet Gateway configuration." + } + }, + "type": "object" + }, + "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway": { + "description": "Represents the Internet Gateway configuration.", + "id": "GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway", + "properties": { + "assignedIps": { + "description": "Output only. List of IP addresses assigned to the Cloud NAT.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" } }, "type": "object" @@ -3602,21 +3617,6 @@ }, "type": "object" }, - "GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig": { - "description": "Represents the NAT Gateway configuration.", - "id": "GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig", - "properties": { - "natIps": { - "description": "Output only. List of NAT IPs that will be used for establishing connection to the endpoints.", - "items": { - "type": "string" - }, - "readOnly": true, - "type": "array" - } - }, - "type": "object" - }, "GoogleCloudBeyondcorpSecuritygatewaysV1Peering": { "description": "VPC Peering details.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1Peering", @@ -3748,6 +3748,13 @@ "description": "Set Peering request for creating a VPC peering between Google network and customer networks.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1SetPeeringRequest", "properties": { + "peerings": { + "description": "Required. List of Peering connection information.", + "items": { + "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Peering" + }, + "type": "array" + }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "type": "string" @@ -3755,13 +3762,6 @@ "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "type": "boolean" - }, - "vpcPeerings": { - "description": "Required. List of Peering connection information.", - "items": { - "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1Peering" - }, - "type": "array" } }, "type": "object" diff --git a/beyondcorp/v1/beyondcorp-gen.go b/beyondcorp/v1/beyondcorp-gen.go index d2ffc74c8fa..62271fe987f 100644 --- a/beyondcorp/v1/beyondcorp-gen.go +++ b/beyondcorp/v1/beyondcorp-gen.go @@ -1744,18 +1744,15 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher) MarshalJSON() ([ // GoogleCloudBeyondcorpSecuritygatewaysV1Hub: The Hub message contains // information pertaining to the regional data path deployments. type GoogleCloudBeyondcorpSecuritygatewaysV1Hub struct { - // NatGatewayConfig: Optional. NAT gateway setup to ensure enough NAT IP - // addresses are available to handle the traffic needed to access the - // applications. Allows to explicitly enable or disable the NAT in the Hub - // along with the total IPs allocated to handle the capacity limits. - NatGatewayConfig *GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig `json:"natGatewayConfig,omitempty"` - // ForceSendFields is a list of field names (e.g. "NatGatewayConfig") to + // InternetGateway: Optional. Internet Gateway configuration. + InternetGateway *GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway `json:"internetGateway,omitempty"` + // ForceSendFields is a list of field names (e.g. "InternetGateway") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NatGatewayConfig") to include in + // NullFields is a list of field names (e.g. "InternetGateway") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. @@ -1767,6 +1764,29 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1Hub) MarshalJSON() ([]byte, error return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway: Represents the +// Internet Gateway configuration. +type GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway struct { + // AssignedIps: Output only. List of IP addresses assigned to the Cloud NAT. + AssignedIps []string `json:"assignedIps,omitempty"` + // ForceSendFields is a list of field names (e.g. "AssignedIps") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AssignedIps") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse: Message for // response to listing Applications. type GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse struct { @@ -1829,30 +1849,6 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse) Mar return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig: Represents the NAT -// Gateway configuration. -type GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig struct { - // NatIps: Output only. List of NAT IPs that will be used for establishing - // connection to the endpoints. - NatIps []string `json:"natIps,omitempty"` - // ForceSendFields is a list of field names (e.g. "NatIps") to unconditionally - // include in API requests. By default, fields with empty or default values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more - // details. - ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NatIps") to include in API - // requests with the JSON null value. By default, fields with empty values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. - NullFields []string `json:"-"` -} - -func (s GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig) MarshalJSON() ([]byte, error) { - type NoMethod GoogleCloudBeyondcorpSecuritygatewaysV1NatGatewayConfig - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) -} - // GoogleCloudBeyondcorpSecuritygatewaysV1Peering: VPC Peering details. type GoogleCloudBeyondcorpSecuritygatewaysV1Peering struct { // DnsZones: Optional. List of DNS zones for DNS peering with the customer VPC @@ -1974,6 +1970,8 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata) // request for creating a VPC peering between Google network and customer // networks. type GoogleCloudBeyondcorpSecuritygatewaysV1SetPeeringRequest struct { + // Peerings: Required. List of Peering connection information. + Peerings []*GoogleCloudBeyondcorpSecuritygatewaysV1Peering `json:"peerings,omitempty"` // RequestId: Optional. An optional request ID to identify requests. Specify a // unique request ID so that if you must retry your request, the server will // know to ignore the request if it has already been completed. The server will @@ -1989,15 +1987,13 @@ type GoogleCloudBeyondcorpSecuritygatewaysV1SetPeeringRequest struct { // ValidateOnly: Optional. If set, validates request by executing a dry-run // which would not alter the resource in any way. ValidateOnly bool `json:"validateOnly,omitempty"` - // VpcPeerings: Required. List of Peering connection information. - VpcPeerings []*GoogleCloudBeyondcorpSecuritygatewaysV1Peering `json:"vpcPeerings,omitempty"` - // ForceSendFields is a list of field names (e.g. "RequestId") to + // ForceSendFields is a list of field names (e.g. "Peerings") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "RequestId") to include in API + // NullFields is a list of field names (e.g. "Peerings") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. diff --git a/beyondcorp/v1alpha/beyondcorp-api.json b/beyondcorp/v1alpha/beyondcorp-api.json index de9f79bd25b..ae84f67ffd1 100644 --- a/beyondcorp/v1alpha/beyondcorp-api.json +++ b/beyondcorp/v1alpha/beyondcorp-api.json @@ -4408,7 +4408,7 @@ } } }, - "revision": "20240925", + "revision": "20241004", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -6683,9 +6683,24 @@ "description": "The Hub message contains information pertaining to the regional data path deployments.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaHub", "properties": { - "natGatewayConfig": { - "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig", - "description": "Optional. NAT gateway setup to ensure enough NAT IP addresses are available to handle the traffic needed to access the applications. Allows to explicitly enable or disable the NAT in the Hub along with the total IPs allocated to handle the capacity limits." + "internetGateway": { + "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway", + "description": "Optional. Internet Gateway configuration." + } + }, + "type": "object" + }, + "GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway": { + "description": "Represents the Internet Gateway configuration.", + "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway", + "properties": { + "assignedIps": { + "description": "Output only. List of IP addresses assigned to the Cloud NAT.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" } }, "type": "object" @@ -6740,21 +6755,6 @@ }, "type": "object" }, - "GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig": { - "description": "Represents the NAT Gateway configuration.", - "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig", - "properties": { - "natIps": { - "description": "Output only. List of NAT IPs that will be used for establishing connection to the endpoints.", - "items": { - "type": "string" - }, - "readOnly": true, - "type": "array" - } - }, - "type": "object" - }, "GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering": { "description": "VPC Peering details.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering", @@ -6886,6 +6886,13 @@ "description": "Set Peering request for creating a VPC peering between Google network and customer networks.", "id": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaSetPeeringRequest", "properties": { + "peerings": { + "description": "Required. List of Peering connection information.", + "items": { + "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering" + }, + "type": "array" + }, "requestId": { "description": "Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "type": "string" @@ -6893,13 +6900,6 @@ "validateOnly": { "description": "Optional. If set, validates request by executing a dry-run which would not alter the resource in any way.", "type": "boolean" - }, - "vpcPeerings": { - "description": "Required. List of Peering connection information.", - "items": { - "$ref": "GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering" - }, - "type": "array" } }, "type": "object" diff --git a/beyondcorp/v1alpha/beyondcorp-gen.go b/beyondcorp/v1alpha/beyondcorp-gen.go index 54a15a5898c..ef0f5e12bef 100644 --- a/beyondcorp/v1alpha/beyondcorp-gen.go +++ b/beyondcorp/v1alpha/beyondcorp-gen.go @@ -2957,18 +2957,15 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaEndpointMatcher) MarshalJSON // GoogleCloudBeyondcorpSecuritygatewaysV1alphaHub: The Hub message contains // information pertaining to the regional data path deployments. type GoogleCloudBeyondcorpSecuritygatewaysV1alphaHub struct { - // NatGatewayConfig: Optional. NAT gateway setup to ensure enough NAT IP - // addresses are available to handle the traffic needed to access the - // applications. Allows to explicitly enable or disable the NAT in the Hub - // along with the total IPs allocated to handle the capacity limits. - NatGatewayConfig *GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig `json:"natGatewayConfig,omitempty"` - // ForceSendFields is a list of field names (e.g. "NatGatewayConfig") to + // InternetGateway: Optional. Internet Gateway configuration. + InternetGateway *GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway `json:"internetGateway,omitempty"` + // ForceSendFields is a list of field names (e.g. "InternetGateway") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NatGatewayConfig") to include in + // NullFields is a list of field names (e.g. "InternetGateway") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. @@ -2980,6 +2977,29 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaHub) MarshalJSON() ([]byte, return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } +// GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway: Represents the +// Internet Gateway configuration. +type GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway struct { + // AssignedIps: Output only. List of IP addresses assigned to the Cloud NAT. + AssignedIps []string `json:"assignedIps,omitempty"` + // ForceSendFields is a list of field names (e.g. "AssignedIps") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AssignedIps") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudBeyondcorpSecuritygatewaysV1alphaInternetGateway + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + // GoogleCloudBeyondcorpSecuritygatewaysV1alphaListApplicationsResponse: // Message for response to listing Applications. type GoogleCloudBeyondcorpSecuritygatewaysV1alphaListApplicationsResponse struct { @@ -3042,30 +3062,6 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaListSecurityGatewaysResponse return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig: Represents the -// NAT Gateway configuration. -type GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig struct { - // NatIps: Output only. List of NAT IPs that will be used for establishing - // connection to the endpoints. - NatIps []string `json:"natIps,omitempty"` - // ForceSendFields is a list of field names (e.g. "NatIps") to unconditionally - // include in API requests. By default, fields with empty or default values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more - // details. - ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NatIps") to include in API - // requests with the JSON null value. By default, fields with empty values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. - NullFields []string `json:"-"` -} - -func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig) MarshalJSON() ([]byte, error) { - type NoMethod GoogleCloudBeyondcorpSecuritygatewaysV1alphaNatGatewayConfig - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) -} - // GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering: VPC Peering details. type GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering struct { // DnsZones: Optional. List of DNS zones for DNS peering with the customer VPC @@ -3188,6 +3184,8 @@ func (s GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMeta // request for creating a VPC peering between Google network and customer // networks. type GoogleCloudBeyondcorpSecuritygatewaysV1alphaSetPeeringRequest struct { + // Peerings: Required. List of Peering connection information. + Peerings []*GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering `json:"peerings,omitempty"` // RequestId: Optional. An optional request ID to identify requests. Specify a // unique request ID so that if you must retry your request, the server will // know to ignore the request if it has already been completed. The server will @@ -3203,15 +3201,13 @@ type GoogleCloudBeyondcorpSecuritygatewaysV1alphaSetPeeringRequest struct { // ValidateOnly: Optional. If set, validates request by executing a dry-run // which would not alter the resource in any way. ValidateOnly bool `json:"validateOnly,omitempty"` - // VpcPeerings: Required. List of Peering connection information. - VpcPeerings []*GoogleCloudBeyondcorpSecuritygatewaysV1alphaPeering `json:"vpcPeerings,omitempty"` - // ForceSendFields is a list of field names (e.g. "RequestId") to + // ForceSendFields is a list of field names (e.g. "Peerings") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "RequestId") to include in API + // NullFields is a list of field names (e.g. "Peerings") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. diff --git a/datastream/v1/datastream-api.json b/datastream/v1/datastream-api.json index 264fde66388..da4c8ba6259 100644 --- a/datastream/v1/datastream-api.json +++ b/datastream/v1/datastream-api.json @@ -1250,7 +1250,7 @@ } } }, - "revision": "20240904", + "revision": "20240930", "rootUrl": "https://datastream.googleapis.com/", "schemas": { "AppendOnly": { @@ -2067,7 +2067,7 @@ "type": "object" }, "MysqlProfile": { - "description": "MySQL database profile.", + "description": "MySQL database profile. Next ID: 7.", "id": "MysqlProfile", "properties": { "hostname": { @@ -2075,7 +2075,7 @@ "type": "string" }, "password": { - "description": "Required. Input only. Password for the MySQL connection.", + "description": "Optional. Input only. Password for the MySQL connection. Mutually exclusive with the `secret_manager_stored_password` field.", "type": "string" }, "port": { @@ -2338,7 +2338,7 @@ "type": "object" }, "OracleProfile": { - "description": "Oracle database profile.", + "description": "Oracle database profile. Next ID: 10.", "id": "OracleProfile", "properties": { "connectionAttributes": { @@ -2361,7 +2361,7 @@ "description": "Optional. SSL configuration for the Oracle connection." }, "password": { - "description": "Required. Password for the Oracle connection.", + "description": "Optional. Password for the Oracle connection. Mutually exclusive with the `secret_manager_stored_password` field.", "type": "string" }, "port": { @@ -2546,7 +2546,7 @@ "type": "object" }, "PostgresqlProfile": { - "description": "PostgreSQL database profile.", + "description": "PostgreSQL database profile. Next ID: 7.", "id": "PostgresqlProfile", "properties": { "database": { @@ -2558,7 +2558,7 @@ "type": "string" }, "password": { - "description": "Required. Password for the PostgreSQL connection.", + "description": "Optional. Password for the PostgreSQL connection. Mutually exclusive with the `secret_manager_stored_password` field.", "type": "string" }, "port": { @@ -2938,7 +2938,7 @@ "type": "object" }, "SqlServerProfile": { - "description": "SQLServer database profile", + "description": "SQLServer database profile. Next ID: 8.", "id": "SqlServerProfile", "properties": { "database": { @@ -2950,7 +2950,7 @@ "type": "string" }, "password": { - "description": "Required. Password for the SQLServer connection.", + "description": "Optional. Password for the SQLServer connection. Mutually exclusive with the `secret_manager_stored_password` field.", "type": "string" }, "port": { diff --git a/datastream/v1/datastream-gen.go b/datastream/v1/datastream-gen.go index b10b945d3f3..77ff9c4afb0 100644 --- a/datastream/v1/datastream-gen.go +++ b/datastream/v1/datastream-gen.go @@ -1184,11 +1184,12 @@ func (s MysqlObjectIdentifier) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// MysqlProfile: MySQL database profile. +// MysqlProfile: MySQL database profile. Next ID: 7. type MysqlProfile struct { // Hostname: Required. Hostname for the MySQL connection. Hostname string `json:"hostname,omitempty"` - // Password: Required. Input only. Password for the MySQL connection. + // Password: Optional. Input only. Password for the MySQL connection. Mutually + // exclusive with the `secret_manager_stored_password` field. Password string `json:"password,omitempty"` // Port: Port for the MySQL connection, default value is 3306. Port int64 `json:"port,omitempty"` @@ -1488,7 +1489,7 @@ func (s OracleObjectIdentifier) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// OracleProfile: Oracle database profile. +// OracleProfile: Oracle database profile. Next ID: 10. type OracleProfile struct { // ConnectionAttributes: Connection string attributes ConnectionAttributes map[string]string `json:"connectionAttributes,omitempty"` @@ -1498,7 +1499,8 @@ type OracleProfile struct { Hostname string `json:"hostname,omitempty"` // OracleSslConfig: Optional. SSL configuration for the Oracle connection. OracleSslConfig *OracleSslConfig `json:"oracleSslConfig,omitempty"` - // Password: Required. Password for the Oracle connection. + // Password: Optional. Password for the Oracle connection. Mutually exclusive + // with the `secret_manager_stored_password` field. Password string `json:"password,omitempty"` // Port: Port for the Oracle connection, default value is 1521. Port int64 `json:"port,omitempty"` @@ -1737,13 +1739,14 @@ func (s PostgresqlObjectIdentifier) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// PostgresqlProfile: PostgreSQL database profile. +// PostgresqlProfile: PostgreSQL database profile. Next ID: 7. type PostgresqlProfile struct { // Database: Required. Database for the PostgreSQL connection. Database string `json:"database,omitempty"` // Hostname: Required. Hostname for the PostgreSQL connection. Hostname string `json:"hostname,omitempty"` - // Password: Required. Password for the PostgreSQL connection. + // Password: Optional. Password for the PostgreSQL connection. Mutually + // exclusive with the `secret_manager_stored_password` field. Password string `json:"password,omitempty"` // Port: Port for the PostgreSQL connection, default value is 5432. Port int64 `json:"port,omitempty"` @@ -2207,13 +2210,14 @@ func (s SqlServerObjectIdentifier) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// SqlServerProfile: SQLServer database profile +// SqlServerProfile: SQLServer database profile. Next ID: 8. type SqlServerProfile struct { // Database: Required. Database for the SQLServer connection. Database string `json:"database,omitempty"` // Hostname: Required. Hostname for the SQLServer connection. Hostname string `json:"hostname,omitempty"` - // Password: Required. Password for the SQLServer connection. + // Password: Optional. Password for the SQLServer connection. Mutually + // exclusive with the `secret_manager_stored_password` field. Password string `json:"password,omitempty"` // Port: Port for the SQLServer connection, default value is 1433. Port int64 `json:"port,omitempty"` diff --git a/gkehub/v2/gkehub-api.json b/gkehub/v2/gkehub-api.json index 993a11c62b1..346d9485cf3 100644 --- a/gkehub/v2/gkehub-api.json +++ b/gkehub/v2/gkehub-api.json @@ -177,6 +177,197 @@ } }, "resources": { + "memberships": { + "resources": { + "features": { + "methods": { + "create": { + "description": "Creates membershipFeature under a given parent.", + "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "POST", + "id": "gkehub.projects.locations.memberships.features.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "featureId": { + "description": "Required. The ID of the membership_feature to create.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of parent where the MembershipFeature will be created. Specified in the format `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2/{+parent}/features", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Removes a membershipFeature.", + "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "DELETE", + "id": "gkehub.projects.locations.memberships.features.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the membershipFeature to be deleted. Specified in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "========= MembershipFeature Services ========= Gets details of a membershipFeature.", + "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The MembershipFeature resource name in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2/{+name}", + "response": { + "$ref": "MembershipFeature" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists MembershipFeatures in a given project and location.", + "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Lists MembershipFeatures that match the filter expression, following the syntax outlined in https://google.aip.dev/160. Examples: - Feature with the name \"helloworld\" in project \"foo-proj\" and membership \"member-bar\": name = \"projects/foo-proj/locations/global/memberships/member-bar/features/helloworld\" - Features that have a label called `foo`: labels.foo:* - Features that have a label called `foo` whose value is `bar`: labels.foo = bar", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "One or more fields to compare and use to sort the output. See https://google.aip.dev/132#ordering.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "When requesting a 'page' of resources, `page_size` specifies number of resources to return. If unspecified or set to 0, all resources will be returned.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Token returned by previous call to `ListFeatures` which specifies the position in the list from where to continue listing the resources.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The parent where the MembershipFeature will be listed. In the format: `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2/{+parent}/features", + "response": { + "$ref": "ListMembershipFeaturesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates an existing MembershipFeature.", + "flatPath": "v2/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "PATCH", + "id": "gkehub.projects.locations.memberships.features.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "allowMissing": { + "description": "Optional. If set to true, and the MembershipFeature is not found, a new MembershipFeature will be created. In this situation, `update_mask` is ignored.", + "location": "query", + "type": "boolean" + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. Mask of fields to update.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v2/{+name}", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } + }, "operations": { "methods": { "cancel": { @@ -280,149 +471,2800 @@ } } }, - "revision": "20240809", + "revision": "20241006", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { + "AppDevExperienceState": { + "description": "State for App Dev Exp Feature.", + "id": "AppDevExperienceState", + "properties": { + "networkingInstallSucceeded": { + "$ref": "AppDevExperienceStatus", + "description": "Status of subcomponent that detects configured Service Mesh resources." + } + }, + "type": "object" + }, + "AppDevExperienceStatus": { + "description": "Status specifies state for the subcomponent.", + "id": "AppDevExperienceStatus", + "properties": { + "code": { + "description": "Code specifies AppDevExperienceFeature's subcomponent ready state.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "FAILED", + "UNKNOWN" + ], + "enumDescriptions": [ + "Not set.", + "AppDevExperienceFeature's specified subcomponent is ready.", + "AppDevExperienceFeature's specified subcomponent ready state is false. This means AppDevExperienceFeature has encountered an issue that blocks all, or a portion, of its normal operation. See the `description` for more details.", + "AppDevExperienceFeature's specified subcomponent has a pending or unknown state." + ], + "type": "string" + }, + "description": { + "description": "Description is populated if Code is Failed, explaining why it has failed.", + "type": "string" + } + }, + "type": "object" + }, "CancelOperationRequest": { "description": "The request message for Operations.CancelOperation.", "id": "CancelOperationRequest", "properties": {}, "type": "object" }, - "Empty": { - "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", - "id": "Empty", - "properties": {}, + "CloudBuildSpec": { + "description": "**Cloud Build**: Configurations for each Cloud Build enabled cluster.", + "id": "CloudBuildSpec", + "properties": { + "securityPolicy": { + "description": "Whether it is allowed to run the privileged builds on the cluster or not.", + "enum": [ + "SECURITY_POLICY_UNSPECIFIED", + "NON_PRIVILEGED", + "PRIVILEGED" + ], + "enumDescriptions": [ + "Unspecified policy", + "Privileged build pods are disallowed", + "Privileged build pods are allowed" + ], + "type": "string" + }, + "version": { + "description": "Version of the cloud build software on the cluster.", + "type": "string" + } + }, "type": "object" }, - "GoogleRpcStatus": { - "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", - "id": "GoogleRpcStatus", + "ClusterUpgradeGKEUpgrade": { + "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", + "id": "ClusterUpgradeGKEUpgrade", "properties": { - "code": { - "description": "The status code, which should be an enum value of google.rpc.Code.", - "format": "int32", - "type": "integer" + "name": { + "description": "Name of the upgrade, e.g., \"k8s_control_plane\".", + "type": "string" }, - "details": { - "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", - "items": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "type": "object" - }, - "type": "array" + "version": { + "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\".", + "type": "string" + } + }, + "type": "object" + }, + "ClusterUpgradeIgnoredMembership": { + "description": "IgnoredMembership represents a membership ignored by the feature. A membership can be ignored because it was manually upgraded to a newer version than RC default.", + "id": "ClusterUpgradeIgnoredMembership", + "properties": { + "ignoredTime": { + "description": "Time when the membership was first set to ignored.", + "format": "google-datetime", + "type": "string" }, - "message": { - "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "reason": { + "description": "Reason why the membership is ignored.", "type": "string" } }, "type": "object" }, - "ListLocationsResponse": { - "description": "The response message for Locations.ListLocations.", - "id": "ListLocationsResponse", + "ClusterUpgradeMembershipGKEUpgradeState": { + "description": "MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership.", + "id": "ClusterUpgradeMembershipGKEUpgradeState", "properties": { - "locations": { - "description": "A list of locations that matches the specified filter in the request.", + "status": { + "$ref": "ClusterUpgradeUpgradeStatus", + "description": "Status of the upgrade." + }, + "upgrade": { + "$ref": "ClusterUpgradeGKEUpgrade", + "description": "Which upgrade to track the state." + } + }, + "type": "object" + }, + "ClusterUpgradeState": { + "description": "Per-membership state for this feature.", + "id": "ClusterUpgradeState", + "properties": { + "ignored": { + "$ref": "ClusterUpgradeIgnoredMembership", + "description": "Whether this membership is ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel." + }, + "upgrades": { + "description": "Actual upgrade state against desired.", "items": { - "$ref": "Location" + "$ref": "ClusterUpgradeMembershipGKEUpgradeState" }, "type": "array" + } + }, + "type": "object" + }, + "ClusterUpgradeUpgradeStatus": { + "description": "UpgradeStatus provides status information for each upgrade.", + "id": "ClusterUpgradeUpgradeStatus", + "properties": { + "code": { + "description": "Status code of the upgrade.", + "enum": [ + "CODE_UNSPECIFIED", + "INELIGIBLE", + "PENDING", + "IN_PROGRESS", + "SOAKING", + "FORCED_SOAKING", + "COMPLETE" + ], + "enumDescriptions": [ + "Required by https://linter.aip.dev/126/unspecified.", + "The upgrade is ineligible. At the scope level, this means the upgrade is ineligible for all the clusters in the scope.", + "The upgrade is pending. At the scope level, this means the upgrade is pending for all the clusters in the scope.", + "The upgrade is in progress. At the scope level, this means the upgrade is in progress for at least one cluster in the scope.", + "The upgrade has finished and is soaking until the soaking time is up. At the scope level, this means at least one cluster is in soaking while the rest are either soaking or complete.", + "A cluster will be forced to enter soaking if an upgrade doesn't finish within a certain limit, despite it's actual status.", + "The upgrade has passed all post conditions (soaking). At the scope level, this means all eligible clusters are in COMPLETE status." + ], + "type": "string" }, - "nextPageToken": { - "description": "The standard List next-page token.", + "reason": { + "description": "Reason for this status.", + "type": "string" + }, + "updateTime": { + "description": "Last timestamp the status was updated.", + "format": "google-datetime", "type": "string" } }, "type": "object" }, - "ListOperationsResponse": { - "description": "The response message for Operations.ListOperations.", - "id": "ListOperationsResponse", + "ConfigManagementBinauthzConfig": { + "description": "Configuration for Binauthz.", + "id": "ConfigManagementBinauthzConfig", "properties": { - "nextPageToken": { - "description": "The standard List next-page token.", + "enabled": { + "description": "Whether binauthz is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzState": { + "description": "State for Binauthz.", + "id": "ConfigManagementBinauthzState", + "properties": { + "version": { + "$ref": "ConfigManagementBinauthzVersion", + "description": "The version of binauthz that is installed." + }, + "webhook": { + "description": "The state of the binauthz webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzVersion": { + "description": "The version of binauthz.", + "id": "ConfigManagementBinauthzVersion", + "properties": { + "webhookVersion": { + "description": "The version of the binauthz webhook.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSync": { + "description": "Configuration for Config Sync", + "id": "ConfigManagementConfigSync", + "properties": { + "allowVerticalScale": { + "deprecated": true, + "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", + "type": "boolean" }, - "operations": { - "description": "A list of operations that matches the specified filter in the request.", + "enabled": { + "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + "type": "boolean" + }, + "git": { + "$ref": "ConfigManagementGitConfig", + "description": "Git repo configuration for the cluster." + }, + "metricsGcpServiceAccountEmail": { + "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA.", + "type": "string" + }, + "oci": { + "$ref": "ConfigManagementOciConfig", + "description": "OCI repo configuration for the cluster." + }, + "preventDrift": { + "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.", + "type": "boolean" + }, + "sourceFormat": { + "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncDeploymentState": { + "description": "The state of ConfigSync's deployment on a cluster.", + "id": "ConfigManagementConfigSyncDeploymentState", + "properties": { + "admissionWebhook": { + "description": "Deployment state of admission-webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gitSync": { + "description": "Deployment state of the git-sync pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "importer": { + "description": "Deployment state of the importer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "monitor": { + "description": "Deployment state of the monitor pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "otelCollector": { + "description": "Deployment state of otel-collector", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "reconcilerManager": { + "description": "Deployment state of reconciler-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Deployment state of resource-group-controller-manager", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "rootReconciler": { + "description": "Deployment state of root-reconciler.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "syncer": { + "description": "Deployment state of the syncer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncError": { + "description": "Errors pertaining to the installation of Config Sync", + "id": "ConfigManagementConfigSyncError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncState": { + "description": "State information for ConfigSync.", + "id": "ConfigManagementConfigSyncState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementConfigSyncDeploymentState", + "description": "Information about the deployment of ConfigSync, including the version. of the various Pods deployed" + }, + "errors": { + "description": "Errors pertaining to the installation of Config Sync.", "items": { - "$ref": "Operation" + "$ref": "ConfigManagementConfigSyncError" }, "type": "array" + }, + "reposyncCrd": { + "description": "The state of the Reposync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "rootsyncCrd": { + "description": "The state of the RootSync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "state": { + "description": "The state of CS This field summarizes the other fields in this message.", + "enum": [ + "STATE_UNSPECIFIED", + "CONFIG_SYNC_NOT_INSTALLED", + "CONFIG_SYNC_INSTALLED", + "CONFIG_SYNC_ERROR", + "CONFIG_SYNC_PENDING" + ], + "enumDescriptions": [ + "CS's state cannot be determined.", + "CS is not installed.", + "The expected CS version is installed successfully.", + "CS encounters errors.", + "CS is installing or terminating." + ], + "type": "string" + }, + "syncState": { + "$ref": "ConfigManagementSyncState", + "description": "The state of ConfigSync's process to sync configs to a cluster." + }, + "version": { + "$ref": "ConfigManagementConfigSyncVersion", + "description": "The version of ConfigSync deployed." } }, "type": "object" }, - "Location": { - "description": "A resource that represents a Google Cloud location.", - "id": "Location", + "ConfigManagementConfigSyncVersion": { + "description": "Specific versioning information pertaining to ConfigSync's Pods.", + "id": "ConfigManagementConfigSyncVersion", "properties": { - "displayName": { - "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "admissionWebhook": { + "description": "Version of the deployed admission-webhook pod.", "type": "string" }, - "labels": { - "additionalProperties": { - "type": "string" - }, - "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", - "type": "object" + "gitSync": { + "description": "Version of the deployed git-sync pod.", + "type": "string" }, - "locationId": { - "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "importer": { + "description": "Version of the deployed importer pod.", "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata. For example the available capacity at the given location.", - "type": "object" + "monitor": { + "description": "Version of the deployed monitor pod.", + "type": "string" }, - "name": { - "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "otelCollector": { + "description": "Version of the deployed otel-collector pod", + "type": "string" + }, + "reconcilerManager": { + "description": "Version of the deployed reconciler-manager pod.", + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Version of the deployed resource-group-controller-manager pod", + "type": "string" + }, + "rootReconciler": { + "description": "Version of the deployed reconciler container in root-reconciler pod.", + "type": "string" + }, + "syncer": { + "description": "Version of the deployed syncer pod.", "type": "string" } }, "type": "object" }, - "Operation": { - "description": "This resource represents a long-running operation that is the result of a network API call.", - "id": "Operation", + "ConfigManagementErrorResource": { + "description": "Model for a config file in the git repo with an associated Sync error.", + "id": "ConfigManagementErrorResource", "properties": { - "done": { - "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", - "type": "boolean" + "resourceGvk": { + "$ref": "ConfigManagementGroupVersionKind", + "description": "Group/version/kind of the resource that is causing an error" }, - "error": { - "$ref": "GoogleRpcStatus", - "description": "The error result of the operation in case of failure or cancellation." + "resourceName": { + "description": "Metadata name of the resource that is causing an error", + "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", - "type": "object" + "resourceNamespace": { + "description": "Namespace of the resource that is causing an error", + "type": "string" }, - "name": { - "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "sourcePath": { + "description": "Path in the git repo of the erroneous config", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGatekeeperDeploymentState": { + "description": "State of Policy Controller installation.", + "id": "ConfigManagementGatekeeperDeploymentState", + "properties": { + "gatekeeperAudit": { + "description": "Status of gatekeeper-audit deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" }, - "response": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", - "type": "object" + "gatekeeperControllerManagerState": { + "description": "Status of gatekeeper-controller-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gatekeeperMutation": { + "description": "Status of the pod serving the mutation webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGitConfig": { + "description": "Git repo configuration for a single cluster.", + "id": "ConfigManagementGitConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "httpsProxy": { + "description": "URL for the HTTPS proxy to be used when communicating with the Git repo.", + "type": "string" + }, + "policyDir": { + "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.", + "type": "string" + }, + "syncBranch": { + "description": "The branch of the repository to sync from. Default: master.", + "type": "string" + }, + "syncRepo": { + "description": "The URL of the Git repository to use as the source of truth.", + "type": "string" + }, + "syncRev": { + "description": "Git revision (tag or hash) to check out. Default HEAD.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGroupVersionKind": { + "description": "A Kubernetes object's GVK.", + "id": "ConfigManagementGroupVersionKind", + "properties": { + "group": { + "description": "Kubernetes Group", + "type": "string" + }, + "kind": { + "description": "Kubernetes Kind", + "type": "string" + }, + "version": { + "description": "Kubernetes Version", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerConfig": { + "description": "Configuration for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerConfig", + "properties": { + "enableHierarchicalResourceQuota": { + "description": "Whether hierarchical resource quota is enabled in this cluster.", + "type": "boolean" + }, + "enablePodTreeLabels": { + "description": "Whether pod tree labels are enabled in this cluster.", + "type": "boolean" + }, + "enabled": { + "description": "Whether Hierarchy Controller is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerDeploymentState": { + "description": "Deployment state for Hierarchy Controller", + "id": "ConfigManagementHierarchyControllerDeploymentState", + "properties": { + "extension": { + "description": "The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "hnc": { + "description": "The deployment state for open source HNC (e.g. v0.7.0-hc.0).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerState": { + "description": "State for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerState", + "properties": { + "state": { + "$ref": "ConfigManagementHierarchyControllerDeploymentState", + "description": "The deployment state for Hierarchy Controller." + }, + "version": { + "$ref": "ConfigManagementHierarchyControllerVersion", + "description": "The version for Hierarchy Controller." + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerVersion": { + "description": "Version for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerVersion", + "properties": { + "extension": { + "description": "Version for Hierarchy Controller extension.", + "type": "string" + }, + "hnc": { + "description": "Version for open source HNC.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementInstallError": { + "description": "Errors pertaining to the installation of ACM.", + "id": "ConfigManagementInstallError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOciConfig": { + "description": "OCI repo configuration for a single cluster.", + "id": "ConfigManagementOciConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "policyDir": { + "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo.", + "type": "string" + }, + "syncRepo": { + "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOperatorState": { + "description": "State information for an ACM's Operator.", + "id": "ConfigManagementOperatorState", + "properties": { + "deploymentState": { + "description": "The state of the Operator's deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "errors": { + "description": "Install errors.", + "items": { + "$ref": "ConfigManagementInstallError" + }, + "type": "array" + }, + "version": { + "description": "The semenatic version number of the operator.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyController": { + "description": "Configuration for Policy Controller", + "id": "ConfigManagementPolicyController", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "enabled": { + "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.", + "type": "boolean" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "ConfigManagementPolicyControllerMonitoring", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.", + "type": "boolean" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + }, + "templateLibraryInstalled": { + "description": "Installs the default template library along with Policy Controller.", + "type": "boolean" + }, + "updateTime": { + "description": "Output only. Last time this membership spec was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMigration": { + "description": "State for the migration of PolicyController from ACM -\u003e PoCo Hub.", + "id": "ConfigManagementPolicyControllerMigration", + "properties": { + "copyTime": { + "description": "Last time this membership spec was copied to PoCo feature.", + "format": "google-datetime", + "type": "string" + }, + "stage": { + "description": "Stage of the migration.", + "enum": [ + "STAGE_UNSPECIFIED", + "ACM_MANAGED", + "POCO_MANAGED" + ], + "enumDescriptions": [ + "Unknown state of migration.", + "ACM Hub/Operator manages policycontroller. No migration yet completed.", + "All migrations steps complete; Poco Hub now manages policycontroller." + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMonitoring": { + "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "ConfigManagementPolicyControllerMonitoring", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerState": { + "description": "State for PolicyControllerState.", + "id": "ConfigManagementPolicyControllerState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementGatekeeperDeploymentState", + "description": "The state about the policy controller installation." + }, + "migration": { + "$ref": "ConfigManagementPolicyControllerMigration", + "description": "Record state of ACM -\u003e PoCo Hub migration for this feature." + }, + "version": { + "$ref": "ConfigManagementPolicyControllerVersion", + "description": "The version of Gatekeeper Policy Controller deployed." + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerVersion": { + "description": "The build version of Gatekeeper Policy Controller is using.", + "id": "ConfigManagementPolicyControllerVersion", + "properties": { + "version": { + "description": "The gatekeeper image tag that is composed of ACM version, git tag, build number.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementSpec": { + "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", + "id": "ConfigManagementSpec", + "properties": { + "binauthz": { + "$ref": "ConfigManagementBinauthzConfig", + "deprecated": true, + "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." + }, + "cluster": { + "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.", + "type": "string" + }, + "configSync": { + "$ref": "ConfigManagementConfigSync", + "description": "Config Sync configuration for the cluster." + }, + "hierarchyController": { + "$ref": "ConfigManagementHierarchyControllerConfig", + "description": "Hierarchy Controller configuration for the cluster. Deprecated: Configuring Hierarchy Controller through the configmanagement feature is no longer recommended. Use https://github.com/kubernetes-sigs/hierarchical-namespaces instead." + }, + "management": { + "description": "Enables automatic Feature management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google will manage the Feature for the cluster.", + "User will manually manage the Feature for the cluster." + ], + "type": "string" + }, + "policyController": { + "$ref": "ConfigManagementPolicyController", + "description": "Policy Controller configuration for the cluster. Deprecated: Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the policycontroller feature instead." + }, + "version": { + "description": "Version of ACM installed.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementState": { + "description": "**Anthos Config Management**: State for a single cluster.", + "id": "ConfigManagementState", + "properties": { + "binauthzState": { + "$ref": "ConfigManagementBinauthzState", + "description": "Binauthz status." + }, + "clusterName": { + "description": "This field is set to the `cluster_name` field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.", + "type": "string" + }, + "configSyncState": { + "$ref": "ConfigManagementConfigSyncState", + "description": "Current sync status." + }, + "hierarchyControllerState": { + "$ref": "ConfigManagementHierarchyControllerState", + "description": "Hierarchy Controller status." + }, + "membershipSpec": { + "$ref": "ConfigManagementSpec", + "description": "Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state." + }, + "operatorState": { + "$ref": "ConfigManagementOperatorState", + "description": "Current install status of ACM's Operator." + }, + "policyControllerState": { + "$ref": "ConfigManagementPolicyControllerState", + "description": "PolicyController status." + } + }, + "type": "object" + }, + "ConfigManagementSyncError": { + "description": "An ACM created error representing a problem syncing configurations.", + "id": "ConfigManagementSyncError", + "properties": { + "code": { + "description": "An ACM defined error code", + "type": "string" + }, + "errorMessage": { + "description": "A description of the error", + "type": "string" + }, + "errorResources": { + "description": "A list of config(s) associated with the error, if any", + "items": { + "$ref": "ConfigManagementErrorResource" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementSyncState": { + "description": "State indicating an ACM's progress syncing configurations to a cluster.", + "id": "ConfigManagementSyncState", + "properties": { + "code": { + "description": "Sync status code.", + "enum": [ + "SYNC_CODE_UNSPECIFIED", + "SYNCED", + "PENDING", + "ERROR", + "NOT_CONFIGURED", + "NOT_INSTALLED", + "UNAUTHORIZED", + "UNREACHABLE" + ], + "enumDescriptions": [ + "Config Sync cannot determine a sync code", + "Config Sync successfully synced the git Repo with the cluster", + "Config Sync is in the progress of syncing a new change", + "Indicates an error configuring Config Sync, and user action is required", + "Config Sync has been installed but not configured", + "Config Sync has not been installed", + "Error authorizing with the cluster", + "Cluster could not be reached" + ], + "type": "string" + }, + "errors": { + "description": "A list of errors resulting from problematic configs. This list will be truncated after 100 errors, although it is unlikely for that many errors to simultaneously exist.", + "items": { + "$ref": "ConfigManagementSyncError" + }, + "type": "array" + }, + "importToken": { + "description": "Token indicating the state of the importer.", + "type": "string" + }, + "lastSync": { + "deprecated": true, + "description": "Deprecated: use last_sync_time instead. Timestamp of when ACM last successfully synced the repo. The time format is specified in https://golang.org/pkg/time/#Time.String", + "type": "string" + }, + "lastSyncTime": { + "description": "Timestamp type of when ACM last successfully synced the repo.", + "format": "google-datetime", + "type": "string" + }, + "sourceToken": { + "description": "Token indicating the state of the repo.", + "type": "string" + }, + "syncToken": { + "description": "Token indicating the state of the syncer.", + "type": "string" + } + }, + "type": "object" + }, + "Empty": { + "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", + "id": "Empty", + "properties": {}, + "type": "object" + }, + "FeatureConfigRef": { + "description": "Information of the FeatureConfig applied on the MembershipFeature.", + "id": "FeatureConfigRef", + "properties": { + "config": { + "description": "Input only. Resource name of FeatureConfig, in the format: `projects/{project}/locations/global/featureConfigs/{feature_config}`.", + "type": "string" + }, + "configUpdateTime": { + "description": "Output only. When the FeatureConfig was last applied and copied to FeatureSpec.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "uuid": { + "description": "Output only. An id that uniquely identify a FeatureConfig object.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "FeatureSpec": { + "description": "FeatureSpec contains user input per-feature spec information.", + "id": "FeatureSpec", + "properties": { + "cloudbuild": { + "$ref": "CloudBuildSpec", + "description": "Cloudbuild-specific FeatureSpec." + }, + "configmanagement": { + "$ref": "ConfigManagementSpec", + "description": "Config Management FeatureSpec." + }, + "identityservice": { + "$ref": "IdentityServiceSpec", + "description": "IdentityService FeatureSpec." + }, + "origin": { + "$ref": "Origin", + "description": "Whether this per-Feature spec was inherited from a fleet-level default. This field can be updated by users by either overriding a Feature config (updated to USER implicitly) or setting to FLEET explicitly." + }, + "policycontroller": { + "$ref": "PolicyControllerSpec", + "description": "Policycontroller-specific FeatureSpec." + }, + "servicemesh": { + "$ref": "ServiceMeshSpec", + "description": "ServiceMesh Feature Spec." + }, + "workloadcertificate": { + "$ref": "WorkloadCertificateSpec", + "description": "Workloadcertificate-specific FeatureSpec." + } + }, + "type": "object" + }, + "FeatureState": { + "description": "FeatureState contains high-level state information and per-feature state information for this MembershipFeature.", + "id": "FeatureState", + "properties": { + "appdevexperience": { + "$ref": "AppDevExperienceState", + "description": "Appdevexperience specific state." + }, + "clusterupgrade": { + "$ref": "ClusterUpgradeState", + "description": "Cluster upgrade state." + }, + "configmanagement": { + "$ref": "ConfigManagementState", + "description": "Config Management state" + }, + "identityservice": { + "$ref": "IdentityServiceState", + "description": "Identity service state" + }, + "metering": { + "$ref": "MeteringState", + "description": "Metering state" + }, + "policycontroller": { + "$ref": "PolicyControllerState", + "description": "Policy Controller state" + }, + "servicemesh": { + "$ref": "ServiceMeshState", + "description": "Service mesh state" + }, + "state": { + "$ref": "State", + "description": "The high-level state of this MembershipFeature." + } + }, + "type": "object" + }, + "GoogleRpcStatus": { + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", + "id": "GoogleRpcStatus", + "properties": { + "code": { + "description": "The status code, which should be an enum value of google.rpc.Code.", + "format": "int32", + "type": "integer" + }, + "details": { + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", + "items": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "type": "object" + }, + "type": "array" + }, + "message": { + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceAuthMethod": { + "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", + "id": "IdentityServiceAuthMethod", + "properties": { + "azureadConfig": { + "$ref": "IdentityServiceAzureADConfig", + "description": "AzureAD specific Configuration." + }, + "googleConfig": { + "$ref": "IdentityServiceGoogleConfig", + "description": "GoogleConfig specific configuration" + }, + "ldapConfig": { + "$ref": "IdentityServiceLdapConfig", + "description": "LDAP specific configuration." + }, + "name": { + "description": "Identifier for auth config.", + "type": "string" + }, + "oidcConfig": { + "$ref": "IdentityServiceOidcConfig", + "description": "OIDC specific configuration." + }, + "proxy": { + "description": "Proxy server address to use for auth method.", + "type": "string" + }, + "samlConfig": { + "$ref": "IdentityServiceSamlConfig", + "description": "SAML specific configuration." + } + }, + "type": "object" + }, + "IdentityServiceAzureADConfig": { + "description": "Configuration for the AzureAD Auth flow.", + "id": "IdentityServiceAzureADConfig", + "properties": { + "clientId": { + "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted AzureAD client secret.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "groupFormat": { + "description": "Optional. Format of the AzureAD groups that the client wants for auth.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "The redirect URL that kubectl uses for authorization.", + "type": "string" + }, + "tenant": { + "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.", + "type": "string" + }, + "userClaim": { + "description": "Optional. Claim in the AzureAD ID Token that holds the user details.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceDiagnosticInterface": { + "description": "Configuration options for the AIS diagnostic interface.", + "id": "IdentityServiceDiagnosticInterface", + "properties": { + "enabled": { + "description": "Determines whether to enable the diagnostic interface.", + "type": "boolean" + }, + "expirationTime": { + "description": "Determines the expiration time of the diagnostic interface enablement. When reached, requests to the interface would be automatically rejected.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceGoogleConfig": { + "description": "Configuration for the Google Plugin Auth flow.", + "id": "IdentityServiceGoogleConfig", + "properties": { + "disable": { + "description": "Disable automatic configuration of Google Plugin on supported platforms.", + "type": "boolean" + } + }, + "type": "object" + }, + "IdentityServiceGroupConfig": { + "description": "Contains the properties for locating and authenticating groups in the directory.", + "id": "IdentityServiceGroupConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for group entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Optional filter to be used when searching for groups a user belongs to. This can be used to explicitly match only certain groups in order to reduce the amount of groups returned for each user. This defaults to \"(objectClass=Group)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. The identifying name of each group a user belongs to. For example, if this is set to \"distinguishedName\" then RBACs and other group expectations should be written as full DNs. This defaults to \"distinguishedName\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "diagnosticInterface": { + "$ref": "IdentityServiceDiagnosticInterface", + "description": "Configuration options for the AIS diagnostic interface." + }, + "sessionDuration": { + "description": "Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceLdapConfig": { + "description": "Configuration for the LDAP Auth flow.", + "id": "IdentityServiceLdapConfig", + "properties": { + "group": { + "$ref": "IdentityServiceGroupConfig", + "description": "Optional. Contains the properties for locating and authenticating groups in the directory." + }, + "server": { + "$ref": "IdentityServiceServerConfig", + "description": "Required. Server settings for the external LDAP server." + }, + "serviceAccount": { + "$ref": "IdentityServiceServiceAccountConfig", + "description": "Required. Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate." + }, + "user": { + "$ref": "IdentityServiceUserConfig", + "description": "Required. Defines where users exist in the LDAP directory." + } + }, + "type": "object" + }, + "IdentityServiceOidcConfig": { + "description": "Configuration for OIDC Auth flow.", + "id": "IdentityServiceOidcConfig", + "properties": { + "certificateAuthorityData": { + "description": "PEM-encoded CA for OIDC provider.", + "type": "string" + }, + "clientId": { + "description": "ID for OIDC client application.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "deployCloudConsoleProxy": { + "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.", + "type": "boolean" + }, + "enableAccessToken": { + "description": "Enable access token.", + "type": "boolean" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted OIDC Client secret", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "extraParams": { + "description": "Comma-separated list of key-value pairs.", + "type": "string" + }, + "groupPrefix": { + "description": "Prefix to prepend to group name.", + "type": "string" + }, + "groupsClaim": { + "description": "Claim in OIDC ID token that holds group information.", + "type": "string" + }, + "issuerUri": { + "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.", + "type": "string" + }, + "scopes": { + "description": "Comma-separated list of identifiers.", + "type": "string" + }, + "userClaim": { + "description": "Claim in OIDC ID token that holds username.", + "type": "string" + }, + "userPrefix": { + "description": "Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSamlConfig": { + "description": "Configuration for the SAML Auth flow.", + "id": "IdentityServiceSamlConfig", + "properties": { + "attributeMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".", + "type": "object" + }, + "groupPrefix": { + "description": "Optional. Prefix to prepend to group name.", + "type": "string" + }, + "groupsAttribute": { + "description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).", + "type": "string" + }, + "identityProviderCertificates": { + "description": "Required. The list of IdP certificates to validate the SAML response against.", + "items": { + "type": "string" + }, + "type": "array" + }, + "identityProviderId": { + "description": "Required. The entity ID of the SAML IdP.", + "type": "string" + }, + "identityProviderSsoUri": { + "description": "Required. The URI where the SAML IdP exposes the SSO service.", + "type": "string" + }, + "userAttribute": { + "description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).", + "type": "string" + }, + "userPrefix": { + "description": "Optional. Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServerConfig": { + "description": "Server settings for the external LDAP server.", + "id": "IdentityServiceServerConfig", + "properties": { + "certificateAuthorityData": { + "description": "Optional. Contains a Base64 encoded, PEM formatted certificate authority certificate for the LDAP server. This must be provided for the \"ldaps\" and \"startTLS\" connections.", + "format": "byte", + "type": "string" + }, + "connectionType": { + "description": "Optional. Defines the connection type to communicate with the LDAP server. If `starttls` or `ldaps` is specified, the certificate_authority_data should not be empty.", + "type": "string" + }, + "host": { + "description": "Required. Defines the hostname or IP of the LDAP server. Port is optional and will default to 389, if unspecified. For example, \"ldap.server.example\" or \"10.10.10.10:389\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServiceAccountConfig": { + "description": "Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate.", + "id": "IdentityServiceServiceAccountConfig", + "properties": { + "simpleBindCredentials": { + "$ref": "IdentityServiceSimpleBindCredentials", + "description": "Credentials for basic auth." + } + }, + "type": "object" + }, + "IdentityServiceSimpleBindCredentials": { + "description": "The structure holds the LDAP simple binding credential.", + "id": "IdentityServiceSimpleBindCredentials", + "properties": { + "dn": { + "description": "Required. The distinguished name(DN) of the service account object/user.", + "type": "string" + }, + "encryptedPassword": { + "description": "Output only. The encrypted password of the service account object/user.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "password": { + "description": "Required. Input only. The password of the service account object/user.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSpec": { + "description": "**IdentityService**: Configuration for a single membership.", + "id": "IdentityServiceSpec", + "properties": { + "authMethods": { + "description": "A member may support multiple auth methods.", + "items": { + "$ref": "IdentityServiceAuthMethod" + }, + "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." + } + }, + "type": "object" + }, + "IdentityServiceState": { + "description": "**IdentityService**: State for a single membership, analyzed and reported by feature controller.", + "id": "IdentityServiceState", + "properties": { + "failureReason": { + "description": "The reason of the failure.", + "type": "string" + }, + "installedVersion": { + "description": "Installed AIS version. This is the AIS version installed on this member. The values makes sense iff state is OK.", + "type": "string" + }, + "memberConfig": { + "$ref": "IdentityServiceSpec", + "description": "Last reconciled membership configuration" + }, + "state": { + "description": "Deployment state on this member", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "OK", + "ERROR" + ], + "enumDescriptions": [ + "Unspecified state", + "deployment succeeds", + "Failure with error." + ], + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceUserConfig": { + "description": "Defines where users exist in the LDAP directory.", + "id": "IdentityServiceUserConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for user entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Filter to apply when searching for the user. This can be used to further restrict the user accounts which are allowed to login. This defaults to \"(objectClass=User)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. Determines which attribute to use as the user's identity after they are authenticated. This is distinct from the loginAttribute field to allow users to login with a username, but then have their actual identifier be an email address or full Distinguished Name (DN). For example, setting loginAttribute to \"sAMAccountName\" and identifierAttribute to \"userPrincipalName\" would allow a user to login as \"bsmith\", but actual RBAC policies for the user would be written as \"bsmith@example.com\". Using \"userPrincipalName\" is recommended since this will be unique for each user. This defaults to \"userPrincipalName\".", + "type": "string" + }, + "loginAttribute": { + "description": "Optional. The name of the attribute which matches against the input username. This is used to find the user in the LDAP database e.g. \"(=)\" and is combined with the optional filter field. This defaults to \"userPrincipalName\".", + "type": "string" + } + }, + "type": "object" + }, + "LifecycleState": { + "description": "LifecycleState describes the state of a MembershipFeature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the MembershipFeature.", + "id": "LifecycleState", + "properties": { + "state": { + "description": "Output only. The current state of the Feature resource in the Hub API.", + "enum": [ + "STATE_UNSPECIFIED", + "ENABLING", + "ACTIVE", + "DISABLING", + "UPDATING", + "SERVICE_UPDATING" + ], + "enumDescriptions": [ + "State is unknown or not set.", + "The MembershipFeature is being enabled, and the MembershipFeature resource is being created. Once complete, the corresponding MembershipFeature will be enabled in this Hub.", + "The MembershipFeature is enabled in this Hub, and the MembershipFeature resource is fully available.", + "The MembershipFeature is being disabled in this Hub, and the MembershipFeature resource is being deleted.", + "The MembershipFeature resource is being updated.", + "The MembershipFeature resource is being updated by the Hub Service." + ], + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ListLocationsResponse": { + "description": "The response message for Locations.ListLocations.", + "id": "ListLocationsResponse", + "properties": { + "locations": { + "description": "A list of locations that matches the specified filter in the request.", + "items": { + "$ref": "Location" + }, + "type": "array" + }, + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + } + }, + "type": "object" + }, + "ListMembershipFeaturesResponse": { + "description": "Response message for the `GkeHubFeature.ListMembershipFeatures` method.", + "id": "ListMembershipFeaturesResponse", + "properties": { + "membershipFeatures": { + "description": "The list of matching MembershipFeatures.", + "items": { + "$ref": "MembershipFeature" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to request the next page of resources from the `ListMembershipFeatures` method. The value of an empty string means that there are no more resources to return.", + "type": "string" + }, + "unreachable": { + "description": "List of locations that could not be reached while fetching this list.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListOperationsResponse": { + "description": "The response message for Operations.ListOperations.", + "id": "ListOperationsResponse", + "properties": { + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + }, + "operations": { + "description": "A list of operations that matches the specified filter in the request.", + "items": { + "$ref": "Operation" + }, + "type": "array" + } + }, + "type": "object" + }, + "Location": { + "description": "A resource that represents a Google Cloud location.", + "id": "Location", + "properties": { + "displayName": { + "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", + "type": "object" + }, + "locationId": { + "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "type": "string" + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata. For example the available capacity at the given location.", + "type": "object" + }, + "name": { + "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "type": "string" + } + }, + "type": "object" + }, + "MembershipFeature": { + "description": "MembershipFeature represents the settings and status of a Fleet Feature enabled on a single Fleet Membership.", + "id": "MembershipFeature", + "properties": { + "createTime": { + "description": "Output only. When the MembershipFeature resource was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. When the MembershipFeature resource was deleted.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "featureConfigRef": { + "$ref": "FeatureConfigRef", + "description": "Reference information for a FeatureConfig applied on the MembershipFeature." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "GCP labels for this MembershipFeature.", + "type": "object" + }, + "lifecycleState": { + "$ref": "LifecycleState", + "description": "Output only. Lifecycle information of the resource itself.", + "readOnly": true + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "readOnly": true, + "type": "string" + }, + "spec": { + "$ref": "FeatureSpec", + "description": "Spec of this membershipFeature." + }, + "state": { + "$ref": "FeatureState", + "description": "Output only. State of the this membershipFeature.", + "readOnly": true + }, + "updateTime": { + "description": "Output only. When the MembershipFeature resource was last updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "MeteringState": { + "description": "**Metering**: State for a single membership, analyzed and reported by feature controller.", + "id": "MeteringState", + "properties": { + "lastMeasurementTime": { + "description": "The time stamp of the most recent measurement of the number of vCPUs in the cluster.", + "format": "google-datetime", + "type": "string" + }, + "preciseLastMeasuredClusterVcpuCapacity": { + "description": "The vCPUs capacity in the cluster according to the most recent measurement (1/1000 precision).", + "format": "float", + "type": "number" + } + }, + "type": "object" + }, + "Operation": { + "description": "This resource represents a long-running operation that is the result of a network API call.", + "id": "Operation", + "properties": { + "done": { + "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", + "type": "boolean" + }, + "error": { + "$ref": "GoogleRpcStatus", + "description": "The error result of the operation in case of failure or cancellation." + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", + "type": "object" + }, + "name": { + "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "type": "string" + }, + "response": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", + "type": "object" + } + }, + "type": "object" + }, + "OperationMetadata": { + "description": "Metadata of the long-running operation.", + "id": "OperationMetadata", + "properties": { + "apiVersion": { + "description": "Output only. API version used to start the operation.", + "readOnly": true, + "type": "string" + }, + "cancelRequested": { + "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "readOnly": true, + "type": "boolean" + }, + "createTime": { + "description": "Output only. The time the operation was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "endTime": { + "description": "Output only. The time the operation finished running.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "statusDetail": { + "description": "Output only. Human-readable status of the operation, if any.", + "readOnly": true, + "type": "string" + }, + "target": { + "description": "Output only. Server-defined resource path for the target of the operation.", + "readOnly": true, + "type": "string" + }, + "verb": { + "description": "Output only. Name of the verb executed by the operation.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "Origin": { + "description": "Origin defines where this FeatureSpec originated from.", + "id": "Origin", + "properties": { + "type": { + "description": "Type specifies which type of origin is set.", + "enum": [ + "TYPE_UNSPECIFIED", + "FLEET", + "FLEET_OUT_OF_SYNC", + "USER" + ], + "enumDescriptions": [ + "Type is unknown or not set.", + "Per-Feature spec was inherited from the fleet-level default.", + "Per-Feature spec was inherited from the fleet-level default but is now out of sync with the current default.", + "Per-Feature spec was inherited from a user specification." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerBundleInstallSpec": { + "description": "BundleInstallSpec is the specification configuration for a single managed bundle.", + "id": "PolicyControllerBundleInstallSpec", + "properties": { + "exemptedNamespaces": { + "description": "the set of namespaces to be exempted from the bundle", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerHubConfig": { + "description": "Configuration for Policy Controller", + "id": "PolicyControllerHubConfig", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "constraintViolationLimit": { + "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.", + "format": "int64", + "type": "string" + }, + "deploymentConfigs": { + "additionalProperties": { + "$ref": "PolicyControllerPolicyControllerDeploymentConfig" + }, + "description": "Map of deployment configs to deployments (“admission”, “audit”, “mutation”).", + "type": "object" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "installSpec": { + "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", + "enum": [ + "INSTALL_SPEC_UNSPECIFIED", + "INSTALL_SPEC_NOT_INSTALLED", + "INSTALL_SPEC_ENABLED", + "INSTALL_SPEC_SUSPENDED", + "INSTALL_SPEC_DETACHED" + ], + "enumDescriptions": [ + "Spec is unknown.", + "Request to uninstall Policy Controller.", + "Request to install and enable Policy Controller.", + "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", + "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources." + ], + "type": "string" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "PolicyControllerMonitoringConfig", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enables the ability to mutate resources using Policy Controller.", + "type": "boolean" + }, + "policyContent": { + "$ref": "PolicyControllerPolicyContentSpec", + "description": "Specifies the desired policy content on the cluster" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + } + }, + "type": "object" + }, + "PolicyControllerMonitoringConfig": { + "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "PolicyControllerMonitoringConfig", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerOnClusterState": { + "description": "OnClusterState represents the state of a sub-component of Policy Controller.", + "id": "PolicyControllerOnClusterState", + "properties": { + "details": { + "description": "Surface potential errors or information logs.", + "type": "string" + }, + "state": { + "description": "The lifecycle state of this component.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentSpec": { + "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", + "id": "PolicyControllerPolicyContentSpec", + "properties": { + "bundles": { + "additionalProperties": { + "$ref": "PolicyControllerBundleInstallSpec" + }, + "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint.", + "type": "object" + }, + "templateLibrary": { + "$ref": "PolicyControllerTemplateLibraryConfig", + "description": "Configures the installation of the Template Library." + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentState": { + "description": "The state of the policy controller policy content", + "id": "PolicyControllerPolicyContentState", + "properties": { + "bundleStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "The state of the any bundles included in the chosen version of the manifest", + "type": "object" + }, + "referentialSyncConfigState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the referential data sync configuration. This could represent the state of either the syncSet object(s) or the config object, depending on the version of PoCo configured by the user." + }, + "templateLibraryState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the template library" + } + }, + "type": "object" + }, + "PolicyControllerPolicyControllerDeploymentConfig": { + "description": "Deployment-specific configuration.", + "id": "PolicyControllerPolicyControllerDeploymentConfig", + "properties": { + "containerResources": { + "$ref": "PolicyControllerResourceRequirements", + "description": "Container resource requirements." + }, + "podAffinity": { + "description": "Pod affinity configuration.", + "enum": [ + "AFFINITY_UNSPECIFIED", + "NO_AFFINITY", + "ANTI_AFFINITY" + ], + "enumDescriptions": [ + "No affinity configuration has been specified.", + "Affinity configurations will be removed from the deployment.", + "Anti-affinity configuration will be applied to this deployment. Default for admissions deployment." + ], + "type": "string" + }, + "podAntiAffinity": { + "deprecated": true, + "description": "Pod anti-affinity enablement. Deprecated: use `pod_affinity` instead.", + "type": "boolean" + }, + "podTolerations": { + "description": "Pod tolerations of node taints.", + "items": { + "$ref": "PolicyControllerToleration" + }, + "type": "array" + }, + "replicaCount": { + "description": "Pod replica count.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceList": { + "description": "ResourceList contains container resource requirements.", + "id": "PolicyControllerResourceList", + "properties": { + "cpu": { + "description": "CPU requirement expressed in Kubernetes resource units.", + "type": "string" + }, + "memory": { + "description": "Memory requirement expressed in Kubernetes resource units.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceRequirements": { + "description": "ResourceRequirements describes the compute resource requirements.", + "id": "PolicyControllerResourceRequirements", + "properties": { + "limits": { + "$ref": "PolicyControllerResourceList", + "description": "Limits describes the maximum amount of compute resources allowed for use by the running container." + }, + "requests": { + "$ref": "PolicyControllerResourceList", + "description": "Requests describes the amount of compute resources reserved for the container by the kube-scheduler." + } + }, + "type": "object" + }, + "PolicyControllerSpec": { + "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", + "id": "PolicyControllerSpec", + "properties": { + "policyControllerHubConfig": { + "$ref": "PolicyControllerHubConfig", + "description": "Policy Controller configuration for the cluster." + }, + "version": { + "description": "Version of Policy Controller installed.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerState": { + "description": "**Policy Controller**: State for a single cluster.", + "id": "PolicyControllerState", + "properties": { + "componentStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "Currently these include (also serving as map keys): 1. \"admission\" 2. \"audit\" 3. \"mutation\"", + "type": "object" + }, + "policyContentState": { + "$ref": "PolicyControllerPolicyContentState", + "description": "The overall content state observed by the Hub Feature controller." + }, + "state": { + "description": "The overall Policy Controller lifecycle state observed by the Hub Feature controller.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerTemplateLibraryConfig": { + "description": "The config specifying which default library templates to install.", + "id": "PolicyControllerTemplateLibraryConfig", + "properties": { + "installation": { + "description": "Configures the manner in which the template library is installed on the cluster.", + "enum": [ + "INSTALLATION_UNSPECIFIED", + "NOT_INSTALLED", + "ALL" + ], + "enumDescriptions": [ + "No installation strategy has been specified.", + "Do not install the template library.", + "Install the entire template library." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerToleration": { + "description": "Toleration of a node taint.", + "id": "PolicyControllerToleration", + "properties": { + "effect": { + "description": "Matches a taint effect.", + "type": "string" + }, + "key": { + "description": "Matches a taint key (not necessarily unique).", + "type": "string" + }, + "operator": { + "description": "Matches a taint operator.", + "type": "string" + }, + "value": { + "description": "Matches a taint value.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessage": { + "description": "AnalysisMessage is a single message produced by an analyzer, and it used to communicate to the end user about the state of their Service Mesh configuration.", + "id": "ServiceMeshAnalysisMessage", + "properties": { + "args": { + "additionalProperties": { + "description": "Properties of the object.", + "type": "any" + }, + "description": "A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.", + "type": "object" + }, + "description": { + "description": "A human readable description of what the error means. It is suitable for non-internationalize display purposes.", + "type": "string" + }, + "messageBase": { + "$ref": "ServiceMeshAnalysisMessageBase", + "description": "Details common to all types of Istio and ServiceMesh analysis messages." + }, + "resourcePaths": { + "description": "A list of strings specifying the resource identifiers that were the cause of message generation. A \"path\" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE\\/)?RESOURCETYPE/NAME if the cause is a resource in a cluster", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessageBase": { + "description": "AnalysisMessageBase describes some common information that is needed for all messages.", + "id": "ServiceMeshAnalysisMessageBase", + "properties": { + "documentationUrl": { + "description": "A url pointing to the Service Mesh or Istio documentation for this specific error type.", + "type": "string" + }, + "level": { + "description": "Represents how severe a message is.", + "enum": [ + "LEVEL_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Illegal. Same istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN.", + "ERROR represents a misconfiguration that must be fixed.", + "WARNING represents a misconfiguration that should be fixed.", + "INFO represents an informational finding." + ], + "type": "string" + }, + "type": { + "$ref": "ServiceMeshType", + "description": "Represents the specific type of a message." + } + }, + "type": "object" + }, + "ServiceMeshCondition": { + "description": "Condition being reported.", + "id": "ServiceMeshCondition", + "properties": { + "code": { + "description": "Unique identifier of the condition which describes the condition recognizable to the user.", + "enum": [ + "CODE_UNSPECIFIED", + "MESH_IAM_PERMISSION_DENIED", + "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED", + "CNI_CONFIG_UNSUPPORTED", + "GKE_SANDBOX_UNSUPPORTED", + "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED", + "CNI_INSTALLATION_FAILED", + "CNI_POD_UNSCHEDULABLE", + "CLUSTER_HAS_ZERO_NODES", + "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", + "VPCSC_GA_SUPPORTED", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS", + "MODERNIZATION_SCHEDULED", + "MODERNIZATION_IN_PROGRESS", + "MODERNIZATION_COMPLETED", + "MODERNIZATION_ABORTED" + ], + "enumDescriptions": [ + "Default Unspecified code", + "Mesh IAM permission denied error code", + "Permission denied error code for cross-project", + "CNI config unsupported error code", + "GKE sandbox unsupported error code", + "Nodepool workload identity federation required error code", + "CNI installation failed error code", + "CNI pod unschedulable error code", + "Cluster has zero node code", + "Multiple control planes unsupported error code", + "VPC-SC GA is supported for this control plane.", + "User is using deprecated ControlPlaneManagement and they have not yet set Management.", + "User is using deprecated ControlPlaneManagement and they have already set Management.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code.", + "Modernization is scheduled for a cluster.", + "Modernization is in progress for a cluster.", + "Modernization is completed for a cluster.", + "Modernization is aborted for a cluster." + ], + "type": "string" + }, + "details": { + "description": "A short summary about the issue.", + "type": "string" + }, + "documentationLink": { + "description": "Links contains actionable information.", + "type": "string" + }, + "severity": { + "description": "Severity level of the condition.", + "enum": [ + "SEVERITY_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Unspecified severity", + "Indicates an issue that prevents the mesh from operating correctly", + "Indicates a setting is likely wrong, but the mesh is still able to operate", + "An informational message, not requiring any action" + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshControlPlaneManagement": { + "description": "Status of control plane management.", + "id": "ServiceMeshControlPlaneManagement", + "properties": { + "details": { + "description": "Explanation of state.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "implementation": { + "description": "Output only. Implementation of managed control plane.", + "enum": [ + "IMPLEMENTATION_UNSPECIFIED", + "ISTIOD", + "TRAFFIC_DIRECTOR", + "UPDATING" + ], + "enumDescriptions": [ + "Unspecified", + "A Google build of istiod is used for the managed control plane.", + "Traffic director is used for the managed control plane.", + "The control plane implementation is being updated." + ], + "readOnly": true, + "type": "string" + }, + "state": { + "description": "LifecycleState of control plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshDataPlaneManagement": { + "description": "Status of data plane management. Only reported per-member.", + "id": "ServiceMeshDataPlaneManagement", + "properties": { + "details": { + "description": "Explanation of the status.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "state": { + "description": "Lifecycle status of data plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshSpec": { + "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", + "id": "ServiceMeshSpec", + "properties": { + "configApi": { + "description": "Optional. Specifies the API that will be used for configuring the mesh workloads.", + "enum": [ + "CONFIG_API_UNSPECIFIED", + "CONFIG_API_ISTIO", + "CONFIG_API_GATEWAY" + ], + "enumDescriptions": [ + "Unspecified", + "Use the Istio API for configuration.", + "Use the K8s Gateway API for configuration." + ], + "type": "string" + }, + "controlPlane": { + "deprecated": true, + "description": "Deprecated: use `management` instead Enables automatic control plane management.", + "enum": [ + "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED", + "AUTOMATIC", + "MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", + "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)" + ], + "type": "string" + }, + "defaultChannel": { + "deprecated": true, + "description": "Determines which release channel to use for default injection and service mesh APIs.", + "enum": [ + "CHANNEL_UNSPECIFIED", + "RAPID", + "REGULAR", + "STABLE" + ], + "enumDescriptions": [ + "Unspecified", + "RAPID channel is offered on an early access basis for customers who want to test new releases.", + "REGULAR channel is intended for production users who want to take advantage of new features.", + "STABLE channel includes versions that are known to be stable and reliable in production." + ], + "type": "string" + }, + "management": { + "description": "Optional. Enables automatic Service Mesh management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should manage my Service Mesh for the cluster.", + "User will manually configure their service mesh components." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshState": { + "description": "**Service Mesh**: State for a single Membership, as analyzed by the Service Mesh Hub Controller.", + "id": "ServiceMeshState", + "properties": { + "analysisMessages": { + "description": "Output only. Results of running Service Mesh analyzers.", + "items": { + "$ref": "ServiceMeshAnalysisMessage" + }, + "readOnly": true, + "type": "array" + }, + "conditions": { + "description": "Output only. List of conditions reported for this membership.", + "items": { + "$ref": "ServiceMeshCondition" + }, + "readOnly": true, + "type": "array" + }, + "configApiVersion": { + "description": "The API version (i.e. Istio CRD version) for configuring service mesh in this cluster. This version is influenced by the `default_channel` field.", + "type": "string" + }, + "controlPlaneManagement": { + "$ref": "ServiceMeshControlPlaneManagement", + "description": "Output only. Status of control plane management", + "readOnly": true + }, + "dataPlaneManagement": { + "$ref": "ServiceMeshDataPlaneManagement", + "description": "Output only. Status of data plane management.", + "readOnly": true + } + }, + "type": "object" + }, + "ServiceMeshStatusDetails": { + "description": "Structured and human-readable details for a status.", + "id": "ServiceMeshStatusDetails", + "properties": { + "code": { + "description": "A machine-readable code that further describes a broad status.", + "type": "string" + }, + "details": { + "description": "Human-readable explanation of code.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshType": { + "description": "A unique identifier for the type of message. Display_name is intended to be human-readable, code is intended to be machine readable. There should be a one-to-one mapping between display_name and code. (i.e. do not re-use display_names or codes between message types.) See istio.analysis.v1alpha1.AnalysisMessageBase.Type", + "id": "ServiceMeshType", + "properties": { + "code": { + "description": "A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, intended to uniquely identify the message type. (e.g. \"IST0001\" is mapped to the \"InternalError\" message type.)", + "type": "string" + }, + "displayName": { + "description": "A human-readable name for the message type. e.g. \"InternalError\", \"PodMissingProxy\". This should be the same for all messages of the same type. (This corresponds to the `name` field in open-source Istio.)", + "type": "string" + } + }, + "type": "object" + }, + "State": { + "description": "High-level state of a MembershipFeature.", + "id": "State", + "properties": { + "code": { + "description": "The high-level, machine-readable status of this MembershipFeature.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "WARNING", + "ERROR" + ], + "enumDescriptions": [ + "Unknown or not set.", + "The MembershipFeature is operating normally.", + "The MembershipFeature has encountered an issue, and is operating in a degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information.", + "The MembershipFeature is not operating or is in a severely degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information." + ], + "type": "string" + }, + "description": { + "description": "A human-readable description of the current status.", + "type": "string" + }, + "updateTime": { + "description": "The time this status and any related Feature-specific details were updated.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "WorkloadCertificateSpec": { + "description": "**WorkloadCertificate**: The membership-specific input for WorkloadCertificate feature.", + "id": "WorkloadCertificateSpec", + "properties": { + "certificateManagement": { + "description": "CertificateManagement specifies workload certificate management.", + "enum": [ + "CERTIFICATE_MANAGEMENT_UNSPECIFIED", + "DISABLED", + "ENABLED" + ], + "enumDescriptions": [ + "Disable workload certificate feature.", + "Disable workload certificate feature.", + "Enable workload certificate feature." + ], + "type": "string" } }, "type": "object" diff --git a/gkehub/v2/gkehub-gen.go b/gkehub/v2/gkehub-gen.go index 81a76b4eafb..efec1d81217 100644 --- a/gkehub/v2/gkehub-gen.go +++ b/gkehub/v2/gkehub-gen.go @@ -168,6 +168,7 @@ type ProjectsService struct { func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs := &ProjectsLocationsService{s: s} + rs.Memberships = NewProjectsLocationsMembershipsService(s) rs.Operations = NewProjectsLocationsOperationsService(s) return rs } @@ -175,9 +176,32 @@ func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { type ProjectsLocationsService struct { s *Service + Memberships *ProjectsLocationsMembershipsService + Operations *ProjectsLocationsOperationsService } +func NewProjectsLocationsMembershipsService(s *Service) *ProjectsLocationsMembershipsService { + rs := &ProjectsLocationsMembershipsService{s: s} + rs.Features = NewProjectsLocationsMembershipsFeaturesService(s) + return rs +} + +type ProjectsLocationsMembershipsService struct { + s *Service + + Features *ProjectsLocationsMembershipsFeaturesService +} + +func NewProjectsLocationsMembershipsFeaturesService(s *Service) *ProjectsLocationsMembershipsFeaturesService { + rs := &ProjectsLocationsMembershipsFeaturesService{s: s} + return rs +} + +type ProjectsLocationsMembershipsFeaturesService struct { + s *Service +} + func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService { rs := &ProjectsLocationsOperationsService{s: s} return rs @@ -187,35 +211,46 @@ type ProjectsLocationsOperationsService struct { s *Service } -// CancelOperationRequest: The request message for Operations.CancelOperation. -type CancelOperationRequest struct { +// AppDevExperienceState: State for App Dev Exp Feature. +type AppDevExperienceState struct { + // NetworkingInstallSucceeded: Status of subcomponent that detects configured + // Service Mesh resources. + NetworkingInstallSucceeded *AppDevExperienceStatus `json:"networkingInstallSucceeded,omitempty"` + // ForceSendFields is a list of field names (e.g. "NetworkingInstallSucceeded") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NetworkingInstallSucceeded") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` } -// Empty: A generic empty message that you can re-use to avoid defining -// duplicated empty messages in your APIs. A typical example is to use it as -// the request or the response type of an API method. For instance: service Foo -// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } -type Empty struct { - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` +func (s AppDevExperienceState) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// GoogleRpcStatus: The `Status` type defines a logical error model that is -// suitable for different programming environments, including REST APIs and RPC -// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message -// contains three pieces of data: error code, error message, and error details. -// You can find out more about this error model and how to work with it in the -// API Design Guide (https://cloud.google.com/apis/design/errors). -type GoogleRpcStatus struct { - // Code: The status code, which should be an enum value of google.rpc.Code. - Code int64 `json:"code,omitempty"` - // Details: A list of messages that carry the error details. There is a common - // set of message types for APIs to use. - Details []googleapi.RawMessage `json:"details,omitempty"` - // Message: A developer-facing error message, which should be in English. Any - // user-facing error message should be localized and sent in the - // google.rpc.Status.details field, or localized by the client. - Message string `json:"message,omitempty"` +// AppDevExperienceStatus: Status specifies state for the subcomponent. +type AppDevExperienceStatus struct { + // Code: Code specifies AppDevExperienceFeature's subcomponent ready state. + // + // Possible values: + // "CODE_UNSPECIFIED" - Not set. + // "OK" - AppDevExperienceFeature's specified subcomponent is ready. + // "FAILED" - AppDevExperienceFeature's specified subcomponent ready state is + // false. This means AppDevExperienceFeature has encountered an issue that + // blocks all, or a portion, of its normal operation. See the `description` for + // more details. + // "UNKNOWN" - AppDevExperienceFeature's specified subcomponent has a pending + // or unknown state. + Code string `json:"code,omitempty"` + // Description: Description is populated if Code is Failed, explaining why it + // has failed. + Description string `json:"description,omitempty"` // ForceSendFields is a list of field names (e.g. "Code") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See @@ -229,153 +264,3665 @@ type GoogleRpcStatus struct { NullFields []string `json:"-"` } -func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { - type NoMethod GoogleRpcStatus +func (s AppDevExperienceStatus) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceStatus return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListLocationsResponse: The response message for Locations.ListLocations. -type ListLocationsResponse struct { - // Locations: A list of locations that matches the specified filter in the - // request. - Locations []*Location `json:"locations,omitempty"` - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` +// CancelOperationRequest: The request message for Operations.CancelOperation. +type CancelOperationRequest struct { +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Locations") to +// CloudBuildSpec: **Cloud Build**: Configurations for each Cloud Build enabled +// cluster. +type CloudBuildSpec struct { + // SecurityPolicy: Whether it is allowed to run the privileged builds on the + // cluster or not. + // + // Possible values: + // "SECURITY_POLICY_UNSPECIFIED" - Unspecified policy + // "NON_PRIVILEGED" - Privileged build pods are disallowed + // "PRIVILEGED" - Privileged build pods are allowed + SecurityPolicy string `json:"securityPolicy,omitempty"` + // Version: Version of the cloud build software on the cluster. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "SecurityPolicy") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Locations") to include in API + // NullFields is a list of field names (e.g. "SecurityPolicy") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s CloudBuildSpec) MarshalJSON() ([]byte, error) { + type NoMethod CloudBuildSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeGKEUpgrade: GKEUpgrade represents a GKE provided upgrade, +// e.g., control plane upgrade. +type ClusterUpgradeGKEUpgrade struct { + // Name: Name of the upgrade, e.g., "k8s_control_plane". + Name string `json:"name,omitempty"` + // Version: Version of the upgrade, e.g., "1.22.1-gke.100". + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Name") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Name") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeGKEUpgrade) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeGKEUpgrade + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeIgnoredMembership: IgnoredMembership represents a membership +// ignored by the feature. A membership can be ignored because it was manually +// upgraded to a newer version than RC default. +type ClusterUpgradeIgnoredMembership struct { + // IgnoredTime: Time when the membership was first set to ignored. + IgnoredTime string `json:"ignoredTime,omitempty"` + // Reason: Reason why the membership is ignored. + Reason string `json:"reason,omitempty"` + // ForceSendFields is a list of field names (e.g. "IgnoredTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "IgnoredTime") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListLocationsResponse +func (s ClusterUpgradeIgnoredMembership) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeIgnoredMembership return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListOperationsResponse: The response message for Operations.ListOperations. -type ListOperationsResponse struct { - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` - // Operations: A list of operations that matches the specified filter in the - // request. - Operations []*Operation `json:"operations,omitempty"` +// ClusterUpgradeMembershipGKEUpgradeState: MembershipGKEUpgradeState is a +// GKEUpgrade and its state per-membership. +type ClusterUpgradeMembershipGKEUpgradeState struct { + // Status: Status of the upgrade. + Status *ClusterUpgradeUpgradeStatus `json:"status,omitempty"` + // Upgrade: Which upgrade to track the state. + Upgrade *ClusterUpgradeGKEUpgrade `json:"upgrade,omitempty"` + // ForceSendFields is a list of field names (e.g. "Status") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Status") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "NextPageToken") to +func (s ClusterUpgradeMembershipGKEUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeMembershipGKEUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeState: Per-membership state for this feature. +type ClusterUpgradeState struct { + // Ignored: Whether this membership is ignored by the feature. For example, + // manually upgraded clusters can be ignored if they are newer than the default + // versions of its release channel. + Ignored *ClusterUpgradeIgnoredMembership `json:"ignored,omitempty"` + // Upgrades: Actual upgrade state against desired. + Upgrades []*ClusterUpgradeMembershipGKEUpgradeState `json:"upgrades,omitempty"` + // ForceSendFields is a list of field names (e.g. "Ignored") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Ignored") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeUpgradeStatus: UpgradeStatus provides status information for +// each upgrade. +type ClusterUpgradeUpgradeStatus struct { + // Code: Status code of the upgrade. + // + // Possible values: + // "CODE_UNSPECIFIED" - Required by https://linter.aip.dev/126/unspecified. + // "INELIGIBLE" - The upgrade is ineligible. At the scope level, this means + // the upgrade is ineligible for all the clusters in the scope. + // "PENDING" - The upgrade is pending. At the scope level, this means the + // upgrade is pending for all the clusters in the scope. + // "IN_PROGRESS" - The upgrade is in progress. At the scope level, this means + // the upgrade is in progress for at least one cluster in the scope. + // "SOAKING" - The upgrade has finished and is soaking until the soaking time + // is up. At the scope level, this means at least one cluster is in soaking + // while the rest are either soaking or complete. + // "FORCED_SOAKING" - A cluster will be forced to enter soaking if an upgrade + // doesn't finish within a certain limit, despite it's actual status. + // "COMPLETE" - The upgrade has passed all post conditions (soaking). At the + // scope level, this means all eligible clusters are in COMPLETE status. + Code string `json:"code,omitempty"` + // Reason: Reason for this status. + Reason string `json:"reason,omitempty"` + // UpdateTime: Last timestamp the status was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeUpgradeStatus) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeUpgradeStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzConfig: Configuration for Binauthz. +type ConfigManagementBinauthzConfig struct { + // Enabled: Whether binauthz is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzState: State for Binauthz. +type ConfigManagementBinauthzState struct { + // Version: The version of binauthz that is installed. + Version *ConfigManagementBinauthzVersion `json:"version,omitempty"` + // Webhook: The state of the binauthz webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Webhook string `json:"webhook,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzVersion: The version of binauthz. +type ConfigManagementBinauthzVersion struct { + // WebhookVersion: The version of the binauthz webhook. + WebhookVersion string `json:"webhookVersion,omitempty"` + // ForceSendFields is a list of field names (e.g. "WebhookVersion") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // NullFields is a list of field names (e.g. "WebhookVersion") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSync: Configuration for Config Sync +type ConfigManagementConfigSync struct { + // AllowVerticalScale: Set to true to allow the vertical scaling. Defaults to + // false which disallows vertical scaling. This field is deprecated. + AllowVerticalScale bool `json:"allowVerticalScale,omitempty"` + // Enabled: Enables the installation of ConfigSync. If set to true, ConfigSync + // resources will be created and the other ConfigSync fields will be applied if + // exist. If set to false, all other ConfigSync fields will be ignored, + // ConfigSync resources will be deleted. If omitted, ConfigSync resources will + // be managed depends on the presence of the git or oci field. + Enabled bool `json:"enabled,omitempty"` + // Git: Git repo configuration for the cluster. + Git *ConfigManagementGitConfig `json:"git,omitempty"` + // MetricsGcpServiceAccountEmail: The Email of the Google Cloud Service Account + // (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud + // Monarch when Workload Identity is enabled. The GSA should have the + // Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The + // Kubernetes ServiceAccount `default` in the namespace + // `config-management-monitoring` should be bound to the GSA. + MetricsGcpServiceAccountEmail string `json:"metricsGcpServiceAccountEmail,omitempty"` + // Oci: OCI repo configuration for the cluster. + Oci *ConfigManagementOciConfig `json:"oci,omitempty"` + // PreventDrift: Set to true to enable the Config Sync admission webhook to + // prevent drifts. If set to `false`, disables the Config Sync admission + // webhook and does not prevent drifts. + PreventDrift bool `json:"preventDrift,omitempty"` + // SourceFormat: Specifies whether the Config Sync Repo is in "hierarchical" or + // "unstructured" mode. + SourceFormat string `json:"sourceFormat,omitempty"` + // ForceSendFields is a list of field names (e.g. "AllowVerticalScale") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AllowVerticalScale") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSync) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSync + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncDeploymentState: The state of ConfigSync's +// deployment on a cluster. +type ConfigManagementConfigSyncDeploymentState struct { + // AdmissionWebhook: Deployment state of admission-webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Deployment state of the git-sync pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GitSync string `json:"gitSync,omitempty"` + // Importer: Deployment state of the importer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Importer string `json:"importer,omitempty"` + // Monitor: Deployment state of the monitor pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Deployment state of otel-collector + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Deployment state of reconciler-manager pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Deployment state of + // resource-group-controller-manager + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Deployment state of root-reconciler. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Deployment state of the syncer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncError: Errors pertaining to the installation of +// Config Sync +type ConfigManagementConfigSyncError struct { + // ErrorMessage: A string representing the user facing error message + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListOperationsResponse +func (s ConfigManagementConfigSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncError return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// Location: A resource that represents a Google Cloud location. -type Location struct { - // DisplayName: The friendly name for this location, typically a nearby city - // name. For example, "Tokyo". - DisplayName string `json:"displayName,omitempty"` - // Labels: Cross-service attributes for the location. For example - // {"cloud.googleapis.com/region": "us-east1"} - Labels map[string]string `json:"labels,omitempty"` - // LocationId: The canonical id for this location. For example: "us-east1". - LocationId string `json:"locationId,omitempty"` - // Metadata: Service-specific metadata. For example the available capacity at - // the given location. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: Resource name for the location, which may vary between - // implementations. For example: - // "projects/example-project/locations/us-east1" - Name string `json:"name,omitempty"` +// ConfigManagementConfigSyncState: State information for ConfigSync. +type ConfigManagementConfigSyncState struct { + // DeploymentState: Information about the deployment of ConfigSync, including + // the version. of the various Pods deployed + DeploymentState *ConfigManagementConfigSyncDeploymentState `json:"deploymentState,omitempty"` + // Errors: Errors pertaining to the installation of Config Sync. + Errors []*ConfigManagementConfigSyncError `json:"errors,omitempty"` + // ReposyncCrd: The state of the Reposync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + ReposyncCrd string `json:"reposyncCrd,omitempty"` + // RootsyncCrd: The state of the RootSync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + RootsyncCrd string `json:"rootsyncCrd,omitempty"` + // State: The state of CS This field summarizes the other fields in this + // message. + // + // Possible values: + // "STATE_UNSPECIFIED" - CS's state cannot be determined. + // "CONFIG_SYNC_NOT_INSTALLED" - CS is not installed. + // "CONFIG_SYNC_INSTALLED" - The expected CS version is installed + // successfully. + // "CONFIG_SYNC_ERROR" - CS encounters errors. + // "CONFIG_SYNC_PENDING" - CS is installing or terminating. + State string `json:"state,omitempty"` + // SyncState: The state of ConfigSync's process to sync configs to a cluster. + SyncState *ConfigManagementSyncState `json:"syncState,omitempty"` + // Version: The version of ConfigSync deployed. + Version *ConfigManagementConfigSyncVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "DisplayName") to +func (s ConfigManagementConfigSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncVersion: Specific versioning information +// pertaining to ConfigSync's Pods. +type ConfigManagementConfigSyncVersion struct { + // AdmissionWebhook: Version of the deployed admission-webhook pod. + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Version of the deployed git-sync pod. + GitSync string `json:"gitSync,omitempty"` + // Importer: Version of the deployed importer pod. + Importer string `json:"importer,omitempty"` + // Monitor: Version of the deployed monitor pod. + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Version of the deployed otel-collector pod + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Version of the deployed reconciler-manager pod. + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Version of the deployed + // resource-group-controller-manager pod + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Version of the deployed reconciler container in + // root-reconciler pod. + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Version of the deployed syncer pod. + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DisplayName") to include in API + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementErrorResource: Model for a config file in the git repo with +// an associated Sync error. +type ConfigManagementErrorResource struct { + // ResourceGvk: Group/version/kind of the resource that is causing an error + ResourceGvk *ConfigManagementGroupVersionKind `json:"resourceGvk,omitempty"` + // ResourceName: Metadata name of the resource that is causing an error + ResourceName string `json:"resourceName,omitempty"` + // ResourceNamespace: Namespace of the resource that is causing an error + ResourceNamespace string `json:"resourceNamespace,omitempty"` + // SourcePath: Path in the git repo of the erroneous config + SourcePath string `json:"sourcePath,omitempty"` + // ForceSendFields is a list of field names (e.g. "ResourceGvk") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ResourceGvk") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s Location) MarshalJSON() ([]byte, error) { - type NoMethod Location - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +func (s ConfigManagementErrorResource) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementErrorResource + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGatekeeperDeploymentState: State of Policy Controller +// installation. +type ConfigManagementGatekeeperDeploymentState struct { + // GatekeeperAudit: Status of gatekeeper-audit deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperAudit string `json:"gatekeeperAudit,omitempty"` + // GatekeeperControllerManagerState: Status of gatekeeper-controller-manager + // pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperControllerManagerState string `json:"gatekeeperControllerManagerState,omitempty"` + // GatekeeperMutation: Status of the pod serving the mutation webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperMutation string `json:"gatekeeperMutation,omitempty"` + // ForceSendFields is a list of field names (e.g. "GatekeeperAudit") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GatekeeperAudit") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGatekeeperDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGatekeeperDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGitConfig: Git repo configuration for a single cluster. +type ConfigManagementGitConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // HttpsProxy: URL for the HTTPS proxy to be used when communicating with the + // Git repo. + HttpsProxy string `json:"httpsProxy,omitempty"` + // PolicyDir: The path within the Git repository that represents the top level + // of the repo to sync. Default: the root directory of the repository. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. Must be + // one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The + // validation of this is case-sensitive. Required. + SecretType string `json:"secretType,omitempty"` + // SyncBranch: The branch of the repository to sync from. Default: master. + SyncBranch string `json:"syncBranch,omitempty"` + // SyncRepo: The URL of the Git repository to use as the source of truth. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncRev: Git revision (tag or hash) to check out. Default HEAD. + SyncRev string `json:"syncRev,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGitConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGitConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGroupVersionKind: A Kubernetes object's GVK. +type ConfigManagementGroupVersionKind struct { + // Group: Kubernetes Group + Group string `json:"group,omitempty"` + // Kind: Kubernetes Kind + Kind string `json:"kind,omitempty"` + // Version: Kubernetes Version + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGroupVersionKind) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGroupVersionKind + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerConfig: Configuration for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerConfig struct { + // EnableHierarchicalResourceQuota: Whether hierarchical resource quota is + // enabled in this cluster. + EnableHierarchicalResourceQuota bool `json:"enableHierarchicalResourceQuota,omitempty"` + // EnablePodTreeLabels: Whether pod tree labels are enabled in this cluster. + EnablePodTreeLabels bool `json:"enablePodTreeLabels,omitempty"` + // Enabled: Whether Hierarchy Controller is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. + // "EnableHierarchicalResourceQuota") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted from + // API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "EnableHierarchicalResourceQuota") + // to include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerDeploymentState: Deployment state for +// Hierarchy Controller +type ConfigManagementHierarchyControllerDeploymentState struct { + // Extension: The deployment state for Hierarchy Controller extension (e.g. + // v0.7.0-hc.1). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Extension string `json:"extension,omitempty"` + // Hnc: The deployment state for open source HNC (e.g. v0.7.0-hc.0). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerState: State for Hierarchy Controller. +type ConfigManagementHierarchyControllerState struct { + // State: The deployment state for Hierarchy Controller. + State *ConfigManagementHierarchyControllerDeploymentState `json:"state,omitempty"` + // Version: The version for Hierarchy Controller. + Version *ConfigManagementHierarchyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerVersion: Version for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerVersion struct { + // Extension: Version for Hierarchy Controller extension. + Extension string `json:"extension,omitempty"` + // Hnc: Version for open source HNC. + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementInstallError: Errors pertaining to the installation of ACM. +type ConfigManagementInstallError struct { + // ErrorMessage: A string representing the user facing error message. + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementInstallError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementInstallError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOciConfig: OCI repo configuration for a single cluster. +type ConfigManagementOciConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // PolicyDir: The absolute path of the directory that contains the local + // resources. Default: the root directory of the image. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. + SecretType string `json:"secretType,omitempty"` + // SyncRepo: The OCI image repository URL for the package to sync from. e.g. + // `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOciConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOciConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOperatorState: State information for an ACM's Operator. +type ConfigManagementOperatorState struct { + // DeploymentState: The state of the Operator's deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + DeploymentState string `json:"deploymentState,omitempty"` + // Errors: Install errors. + Errors []*ConfigManagementInstallError `json:"errors,omitempty"` + // Version: The semenatic version number of the operator. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOperatorState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOperatorState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyController: Configuration for Policy Controller +type ConfigManagementPolicyController struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // Enabled: Enables the installation of Policy Controller. If false, the rest + // of PolicyController fields take no effect. + Enabled bool `json:"enabled,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *ConfigManagementPolicyControllerMonitoring `json:"monitoring,omitempty"` + // MutationEnabled: Enable or disable mutation in policy controller. If true, + // mutation CRDs, webhook and controller deployment will be deployed to the + // cluster. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // TemplateLibraryInstalled: Installs the default template library along with + // Policy Controller. + TemplateLibraryInstalled bool `json:"templateLibraryInstalled,omitempty"` + // UpdateTime: Output only. Last time this membership spec was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyController) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyController + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMigration: State for the migration of +// PolicyController from ACM -> PoCo Hub. +type ConfigManagementPolicyControllerMigration struct { + // CopyTime: Last time this membership spec was copied to PoCo feature. + CopyTime string `json:"copyTime,omitempty"` + // Stage: Stage of the migration. + // + // Possible values: + // "STAGE_UNSPECIFIED" - Unknown state of migration. + // "ACM_MANAGED" - ACM Hub/Operator manages policycontroller. No migration + // yet completed. + // "POCO_MANAGED" - All migrations steps complete; Poco Hub now manages + // policycontroller. + Stage string `json:"stage,omitempty"` + // ForceSendFields is a list of field names (e.g. "CopyTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CopyTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMigration) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMigration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMonitoring: PolicyControllerMonitoring +// specifies the backends Policy Controller should export metrics to. For +// example, to specify metrics should be exported to Cloud Monitoring and +// Prometheus, specify backends: ["cloudmonitoring", "prometheus"] +type ConfigManagementPolicyControllerMonitoring struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMonitoring) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMonitoring + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerState: State for PolicyControllerState. +type ConfigManagementPolicyControllerState struct { + // DeploymentState: The state about the policy controller installation. + DeploymentState *ConfigManagementGatekeeperDeploymentState `json:"deploymentState,omitempty"` + // Migration: Record state of ACM -> PoCo Hub migration for this feature. + Migration *ConfigManagementPolicyControllerMigration `json:"migration,omitempty"` + // Version: The version of Gatekeeper Policy Controller deployed. + Version *ConfigManagementPolicyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerVersion: The build version of Gatekeeper +// Policy Controller is using. +type ConfigManagementPolicyControllerVersion struct { + // Version: The gatekeeper image tag that is composed of ACM version, git tag, + // build number. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSpec: **Anthos Config Management**: Configuration for a +// single cluster. Intended to parallel the ConfigManagement CR. +type ConfigManagementSpec struct { + // Binauthz: Binauthz conifguration for the cluster. Deprecated: This field + // will be ignored and should not be set. + Binauthz *ConfigManagementBinauthzConfig `json:"binauthz,omitempty"` + // Cluster: The user-specified cluster name used by Config Sync + // cluster-name-selector annotation or ClusterSelector, for applying configs to + // only a subset of clusters. Omit this field if the cluster's fleet membership + // name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. Set this field if a name different from the cluster's fleet + // membership name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. + Cluster string `json:"cluster,omitempty"` + // ConfigSync: Config Sync configuration for the cluster. + ConfigSync *ConfigManagementConfigSync `json:"configSync,omitempty"` + // HierarchyController: Hierarchy Controller configuration for the cluster. + // Deprecated: Configuring Hierarchy Controller through the configmanagement + // feature is no longer recommended. Use + // https://github.com/kubernetes-sigs/hierarchical-namespaces instead. + HierarchyController *ConfigManagementHierarchyControllerConfig `json:"hierarchyController,omitempty"` + // Management: Enables automatic Feature management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google will manage the Feature for the cluster. + // "MANAGEMENT_MANUAL" - User will manually manage the Feature for the + // cluster. + Management string `json:"management,omitempty"` + // PolicyController: Policy Controller configuration for the cluster. + // Deprecated: Configuring Policy Controller through the configmanagement + // feature is no longer recommended. Use the policycontroller feature instead. + PolicyController *ConfigManagementPolicyController `json:"policyController,omitempty"` + // Version: Version of ACM installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Binauthz") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Binauthz") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSpec) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementState: **Anthos Config Management**: State for a single +// cluster. +type ConfigManagementState struct { + // BinauthzState: Binauthz status. + BinauthzState *ConfigManagementBinauthzState `json:"binauthzState,omitempty"` + // ClusterName: This field is set to the `cluster_name` field of the Membership + // Spec if it is not empty. Otherwise, it is set to the cluster's fleet + // membership name. + ClusterName string `json:"clusterName,omitempty"` + // ConfigSyncState: Current sync status. + ConfigSyncState *ConfigManagementConfigSyncState `json:"configSyncState,omitempty"` + // HierarchyControllerState: Hierarchy Controller status. + HierarchyControllerState *ConfigManagementHierarchyControllerState `json:"hierarchyControllerState,omitempty"` + // MembershipSpec: Membership configuration in the cluster. This represents the + // actual state in the cluster, while the MembershipSpec in the FeatureSpec + // represents the intended state. + MembershipSpec *ConfigManagementSpec `json:"membershipSpec,omitempty"` + // OperatorState: Current install status of ACM's Operator. + OperatorState *ConfigManagementOperatorState `json:"operatorState,omitempty"` + // PolicyControllerState: PolicyController status. + PolicyControllerState *ConfigManagementPolicyControllerState `json:"policyControllerState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BinauthzState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BinauthzState") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncError: An ACM created error representing a problem +// syncing configurations. +type ConfigManagementSyncError struct { + // Code: An ACM defined error code + Code string `json:"code,omitempty"` + // ErrorMessage: A description of the error + ErrorMessage string `json:"errorMessage,omitempty"` + // ErrorResources: A list of config(s) associated with the error, if any + ErrorResources []*ConfigManagementErrorResource `json:"errorResources,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncState: State indicating an ACM's progress syncing +// configurations to a cluster. +type ConfigManagementSyncState struct { + // Code: Sync status code. + // + // Possible values: + // "SYNC_CODE_UNSPECIFIED" - Config Sync cannot determine a sync code + // "SYNCED" - Config Sync successfully synced the git Repo with the cluster + // "PENDING" - Config Sync is in the progress of syncing a new change + // "ERROR" - Indicates an error configuring Config Sync, and user action is + // required + // "NOT_CONFIGURED" - Config Sync has been installed but not configured + // "NOT_INSTALLED" - Config Sync has not been installed + // "UNAUTHORIZED" - Error authorizing with the cluster + // "UNREACHABLE" - Cluster could not be reached + Code string `json:"code,omitempty"` + // Errors: A list of errors resulting from problematic configs. This list will + // be truncated after 100 errors, although it is unlikely for that many errors + // to simultaneously exist. + Errors []*ConfigManagementSyncError `json:"errors,omitempty"` + // ImportToken: Token indicating the state of the importer. + ImportToken string `json:"importToken,omitempty"` + // LastSync: Deprecated: use last_sync_time instead. Timestamp of when ACM last + // successfully synced the repo. The time format is specified in + // https://golang.org/pkg/time/#Time.String + LastSync string `json:"lastSync,omitempty"` + // LastSyncTime: Timestamp type of when ACM last successfully synced the repo. + LastSyncTime string `json:"lastSyncTime,omitempty"` + // SourceToken: Token indicating the state of the repo. + SourceToken string `json:"sourceToken,omitempty"` + // SyncToken: Token indicating the state of the syncer. + SyncToken string `json:"syncToken,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Empty: A generic empty message that you can re-use to avoid defining +// duplicated empty messages in your APIs. A typical example is to use it as +// the request or the response type of an API method. For instance: service Foo +// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } +type Empty struct { + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` +} + +// FeatureConfigRef: Information of the FeatureConfig applied on the +// MembershipFeature. +type FeatureConfigRef struct { + // Config: Input only. Resource name of FeatureConfig, in the format: + // `projects/{project}/locations/global/featureConfigs/{feature_config}`. + Config string `json:"config,omitempty"` + // ConfigUpdateTime: Output only. When the FeatureConfig was last applied and + // copied to FeatureSpec. + ConfigUpdateTime string `json:"configUpdateTime,omitempty"` + // Uuid: Output only. An id that uniquely identify a FeatureConfig object. + Uuid string `json:"uuid,omitempty"` + // ForceSendFields is a list of field names (e.g. "Config") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Config") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureConfigRef) MarshalJSON() ([]byte, error) { + type NoMethod FeatureConfigRef + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureSpec: FeatureSpec contains user input per-feature spec information. +type FeatureSpec struct { + // Cloudbuild: Cloudbuild-specific FeatureSpec. + Cloudbuild *CloudBuildSpec `json:"cloudbuild,omitempty"` + // Configmanagement: Config Management FeatureSpec. + Configmanagement *ConfigManagementSpec `json:"configmanagement,omitempty"` + // Identityservice: IdentityService FeatureSpec. + Identityservice *IdentityServiceSpec `json:"identityservice,omitempty"` + // Origin: Whether this per-Feature spec was inherited from a fleet-level + // default. This field can be updated by users by either overriding a Feature + // config (updated to USER implicitly) or setting to FLEET explicitly. + Origin *Origin `json:"origin,omitempty"` + // Policycontroller: Policycontroller-specific FeatureSpec. + Policycontroller *PolicyControllerSpec `json:"policycontroller,omitempty"` + // Servicemesh: ServiceMesh Feature Spec. + Servicemesh *ServiceMeshSpec `json:"servicemesh,omitempty"` + // Workloadcertificate: Workloadcertificate-specific FeatureSpec. + Workloadcertificate *WorkloadCertificateSpec `json:"workloadcertificate,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cloudbuild") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cloudbuild") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureSpec) MarshalJSON() ([]byte, error) { + type NoMethod FeatureSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureState: FeatureState contains high-level state information and +// per-feature state information for this MembershipFeature. +type FeatureState struct { + // Appdevexperience: Appdevexperience specific state. + Appdevexperience *AppDevExperienceState `json:"appdevexperience,omitempty"` + // Clusterupgrade: Cluster upgrade state. + Clusterupgrade *ClusterUpgradeState `json:"clusterupgrade,omitempty"` + // Configmanagement: Config Management state + Configmanagement *ConfigManagementState `json:"configmanagement,omitempty"` + // Identityservice: Identity service state + Identityservice *IdentityServiceState `json:"identityservice,omitempty"` + // Metering: Metering state + Metering *MeteringState `json:"metering,omitempty"` + // Policycontroller: Policy Controller state + Policycontroller *PolicyControllerState `json:"policycontroller,omitempty"` + // Servicemesh: Service mesh state + Servicemesh *ServiceMeshState `json:"servicemesh,omitempty"` + // State: The high-level state of this MembershipFeature. + State *State `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Appdevexperience") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Appdevexperience") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureState) MarshalJSON() ([]byte, error) { + type NoMethod FeatureState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// GoogleRpcStatus: The `Status` type defines a logical error model that is +// suitable for different programming environments, including REST APIs and RPC +// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message +// contains three pieces of data: error code, error message, and error details. +// You can find out more about this error model and how to work with it in the +// API Design Guide (https://cloud.google.com/apis/design/errors). +type GoogleRpcStatus struct { + // Code: The status code, which should be an enum value of google.rpc.Code. + Code int64 `json:"code,omitempty"` + // Details: A list of messages that carry the error details. There is a common + // set of message types for APIs to use. + Details []googleapi.RawMessage `json:"details,omitempty"` + // Message: A developer-facing error message, which should be in English. Any + // user-facing error message should be localized and sent in the + // google.rpc.Status.details field, or localized by the client. + Message string `json:"message,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { + type NoMethod GoogleRpcStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAuthMethod: Configuration of an auth method for a +// member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be +// set per AuthMethod. +type IdentityServiceAuthMethod struct { + // AzureadConfig: AzureAD specific Configuration. + AzureadConfig *IdentityServiceAzureADConfig `json:"azureadConfig,omitempty"` + // GoogleConfig: GoogleConfig specific configuration + GoogleConfig *IdentityServiceGoogleConfig `json:"googleConfig,omitempty"` + // LdapConfig: LDAP specific configuration. + LdapConfig *IdentityServiceLdapConfig `json:"ldapConfig,omitempty"` + // Name: Identifier for auth config. + Name string `json:"name,omitempty"` + // OidcConfig: OIDC specific configuration. + OidcConfig *IdentityServiceOidcConfig `json:"oidcConfig,omitempty"` + // Proxy: Proxy server address to use for auth method. + Proxy string `json:"proxy,omitempty"` + // SamlConfig: SAML specific configuration. + SamlConfig *IdentityServiceSamlConfig `json:"samlConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "AzureadConfig") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AzureadConfig") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAuthMethod) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAuthMethod + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAzureADConfig: Configuration for the AzureAD Auth flow. +type IdentityServiceAzureADConfig struct { + // ClientId: ID for the registered client application that makes authentication + // requests to the Azure AD identity provider. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted AzureAD client secret will be passed + // to the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // EncryptedClientSecret: Output only. Encrypted AzureAD client secret. + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // GroupFormat: Optional. Format of the AzureAD groups that the client wants + // for auth. + GroupFormat string `json:"groupFormat,omitempty"` + // KubectlRedirectUri: The redirect URL that kubectl uses for authorization. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Tenant: Kind of Azure AD account to be authenticated. Supported values are + // or for accounts belonging to a specific tenant. + Tenant string `json:"tenant,omitempty"` + // UserClaim: Optional. Claim in the AzureAD ID Token that holds the user + // details. + UserClaim string `json:"userClaim,omitempty"` + // ForceSendFields is a list of field names (e.g. "ClientId") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ClientId") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAzureADConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAzureADConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceDiagnosticInterface: Configuration options for the AIS +// diagnostic interface. +type IdentityServiceDiagnosticInterface struct { + // Enabled: Determines whether to enable the diagnostic interface. + Enabled bool `json:"enabled,omitempty"` + // ExpirationTime: Determines the expiration time of the diagnostic interface + // enablement. When reached, requests to the interface would be automatically + // rejected. + ExpirationTime string `json:"expirationTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceDiagnosticInterface) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceDiagnosticInterface + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGoogleConfig: Configuration for the Google Plugin Auth flow. +type IdentityServiceGoogleConfig struct { + // Disable: Disable automatic configuration of Google Plugin on supported + // platforms. + Disable bool `json:"disable,omitempty"` + // ForceSendFields is a list of field names (e.g. "Disable") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Disable") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGoogleConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGoogleConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGroupConfig: Contains the properties for locating and +// authenticating groups in the directory. +type IdentityServiceGroupConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for group entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Optional filter to be used when searching for groups a + // user belongs to. This can be used to explicitly match only certain groups in + // order to reduce the amount of groups returned for each user. This defaults + // to "(objectClass=Group)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. The identifying name of each group a user belongs to. + // For example, if this is set to "distinguishedName" then RBACs and other + // group expectations should be written as full DNs. This defaults to + // "distinguishedName". + IdAttribute string `json:"idAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGroupConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // DiagnosticInterface: Configuration options for the AIS diagnostic interface. + DiagnosticInterface *IdentityServiceDiagnosticInterface `json:"diagnosticInterface,omitempty"` + // SessionDuration: Determines the lifespan of STS tokens issued by Anthos + // Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "DiagnosticInterface") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DiagnosticInterface") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. +type IdentityServiceLdapConfig struct { + // Group: Optional. Contains the properties for locating and authenticating + // groups in the directory. + Group *IdentityServiceGroupConfig `json:"group,omitempty"` + // Server: Required. Server settings for the external LDAP server. + Server *IdentityServiceServerConfig `json:"server,omitempty"` + // ServiceAccount: Required. Contains the credentials of the service account + // which is authorized to perform the LDAP search in the directory. The + // credentials can be supplied by the combination of the DN and password or the + // client certificate. + ServiceAccount *IdentityServiceServiceAccountConfig `json:"serviceAccount,omitempty"` + // User: Required. Defines where users exist in the LDAP directory. + User *IdentityServiceUserConfig `json:"user,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceLdapConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceOidcConfig: Configuration for OIDC Auth flow. +type IdentityServiceOidcConfig struct { + // CertificateAuthorityData: PEM-encoded CA for OIDC provider. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ClientId: ID for OIDC client application. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted OIDC client secret will be passed to + // the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // DeployCloudConsoleProxy: Flag to denote if reverse proxy is used to connect + // to auth provider. This flag should be set to true when provider is not + // reachable by Google Cloud Console. + DeployCloudConsoleProxy bool `json:"deployCloudConsoleProxy,omitempty"` + // EnableAccessToken: Enable access token. + EnableAccessToken bool `json:"enableAccessToken,omitempty"` + // EncryptedClientSecret: Output only. Encrypted OIDC Client secret + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // ExtraParams: Comma-separated list of key-value pairs. + ExtraParams string `json:"extraParams,omitempty"` + // GroupPrefix: Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsClaim: Claim in OIDC ID token that holds group information. + GroupsClaim string `json:"groupsClaim,omitempty"` + // IssuerUri: URI for the OIDC provider. This should point to the level below + // .well-known/openid-configuration. + IssuerUri string `json:"issuerUri,omitempty"` + // KubectlRedirectUri: Registered redirect uri to redirect users going through + // OAuth flow using kubectl plugin. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Scopes: Comma-separated list of identifiers. + Scopes string `json:"scopes,omitempty"` + // UserClaim: Claim in OIDC ID token that holds username. + UserClaim string `json:"userClaim,omitempty"` + // UserPrefix: Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceOidcConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceOidcConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSamlConfig: Configuration for the SAML Auth flow. +type IdentityServiceSamlConfig struct { + // AttributeMapping: Optional. The mapping of additional user attributes like + // nickname, birthday and address etc.. `key` is the name of this additional + // attribute. `value` is a string presenting as CEL(common expression language, + // go/cel) used for getting the value from the resources. Take nickname as an + // example, in this case, `key` is "attribute.nickname" and `value` is + // "assertion.nickname". + AttributeMapping map[string]string `json:"attributeMapping,omitempty"` + // GroupPrefix: Optional. Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsAttribute: Optional. The SAML attribute to read groups from. This + // value is expected to be a string and will be passed along as-is (with the + // option of being prefixed by the `group_prefix`). + GroupsAttribute string `json:"groupsAttribute,omitempty"` + // IdentityProviderCertificates: Required. The list of IdP certificates to + // validate the SAML response against. + IdentityProviderCertificates []string `json:"identityProviderCertificates,omitempty"` + // IdentityProviderId: Required. The entity ID of the SAML IdP. + IdentityProviderId string `json:"identityProviderId,omitempty"` + // IdentityProviderSsoUri: Required. The URI where the SAML IdP exposes the SSO + // service. + IdentityProviderSsoUri string `json:"identityProviderSsoUri,omitempty"` + // UserAttribute: Optional. The SAML attribute to read username from. If + // unspecified, the username will be read from the NameID element of the + // assertion in SAML response. This value is expected to be a string and will + // be passed along as-is (with the option of being prefixed by the + // `user_prefix`). + UserAttribute string `json:"userAttribute,omitempty"` + // UserPrefix: Optional. Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "AttributeMapping") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AttributeMapping") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSamlConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSamlConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServerConfig: Server settings for the external LDAP server. +type IdentityServiceServerConfig struct { + // CertificateAuthorityData: Optional. Contains a Base64 encoded, PEM formatted + // certificate authority certificate for the LDAP server. This must be provided + // for the "ldaps" and "startTLS" connections. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ConnectionType: Optional. Defines the connection type to communicate with + // the LDAP server. If `starttls` or `ldaps` is specified, the + // certificate_authority_data should not be empty. + ConnectionType string `json:"connectionType,omitempty"` + // Host: Required. Defines the hostname or IP of the LDAP server. Port is + // optional and will default to 389, if unspecified. For example, + // "ldap.server.example" or "10.10.10.10:389". + Host string `json:"host,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServerConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServiceAccountConfig: Contains the credentials of the service +// account which is authorized to perform the LDAP search in the directory. The +// credentials can be supplied by the combination of the DN and password or the +// client certificate. +type IdentityServiceServiceAccountConfig struct { + // SimpleBindCredentials: Credentials for basic auth. + SimpleBindCredentials *IdentityServiceSimpleBindCredentials `json:"simpleBindCredentials,omitempty"` + // ForceSendFields is a list of field names (e.g. "SimpleBindCredentials") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SimpleBindCredentials") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServiceAccountConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServiceAccountConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSimpleBindCredentials: The structure holds the LDAP simple +// binding credential. +type IdentityServiceSimpleBindCredentials struct { + // Dn: Required. The distinguished name(DN) of the service account object/user. + Dn string `json:"dn,omitempty"` + // EncryptedPassword: Output only. The encrypted password of the service + // account object/user. + EncryptedPassword string `json:"encryptedPassword,omitempty"` + // Password: Required. Input only. The password of the service account + // object/user. + Password string `json:"password,omitempty"` + // ForceSendFields is a list of field names (e.g. "Dn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Dn") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSimpleBindCredentials) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSimpleBindCredentials + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSpec: **IdentityService**: Configuration for a single +// membership. +type IdentityServiceSpec struct { + // AuthMethods: A member may support multiple auth methods. + AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuthMethods") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuthMethods") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSpec) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceState: **IdentityService**: State for a single membership, +// analyzed and reported by feature controller. +type IdentityServiceState struct { + // FailureReason: The reason of the failure. + FailureReason string `json:"failureReason,omitempty"` + // InstalledVersion: Installed AIS version. This is the AIS version installed + // on this member. The values makes sense iff state is OK. + InstalledVersion string `json:"installedVersion,omitempty"` + // MemberConfig: Last reconciled membership configuration + MemberConfig *IdentityServiceSpec `json:"memberConfig,omitempty"` + // State: Deployment state on this member + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Unspecified state + // "OK" - deployment succeeds + // "ERROR" - Failure with error. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "FailureReason") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "FailureReason") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceState) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceUserConfig: Defines where users exist in the LDAP directory. +type IdentityServiceUserConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for user entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Filter to apply when searching for the user. This can be + // used to further restrict the user accounts which are allowed to login. This + // defaults to "(objectClass=User)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. Determines which attribute to use as the user's + // identity after they are authenticated. This is distinct from the + // loginAttribute field to allow users to login with a username, but then have + // their actual identifier be an email address or full Distinguished Name (DN). + // For example, setting loginAttribute to "sAMAccountName" and + // identifierAttribute to "userPrincipalName" would allow a user to login as + // "bsmith", but actual RBAC policies for the user would be written as + // "bsmith@example.com". Using "userPrincipalName" is recommended since this + // will be unique for each user. This defaults to "userPrincipalName". + IdAttribute string `json:"idAttribute,omitempty"` + // LoginAttribute: Optional. The name of the attribute which matches against + // the input username. This is used to find the user in the LDAP database e.g. + // "(=)" and is combined with the optional filter field. This defaults to + // "userPrincipalName". + LoginAttribute string `json:"loginAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceUserConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceUserConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// LifecycleState: LifecycleState describes the state of a MembershipFeature +// *resource* in the GkeHub API. See `FeatureState` for the "running state" of +// the MembershipFeature. +type LifecycleState struct { + // State: Output only. The current state of the Feature resource in the Hub + // API. + // + // Possible values: + // "STATE_UNSPECIFIED" - State is unknown or not set. + // "ENABLING" - The MembershipFeature is being enabled, and the + // MembershipFeature resource is being created. Once complete, the + // corresponding MembershipFeature will be enabled in this Hub. + // "ACTIVE" - The MembershipFeature is enabled in this Hub, and the + // MembershipFeature resource is fully available. + // "DISABLING" - The MembershipFeature is being disabled in this Hub, and the + // MembershipFeature resource is being deleted. + // "UPDATING" - The MembershipFeature resource is being updated. + // "SERVICE_UPDATING" - The MembershipFeature resource is being updated by + // the Hub Service. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s LifecycleState) MarshalJSON() ([]byte, error) { + type NoMethod LifecycleState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListLocationsResponse: The response message for Locations.ListLocations. +type ListLocationsResponse struct { + // Locations: A list of locations that matches the specified filter in the + // request. + Locations []*Location `json:"locations,omitempty"` + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Locations") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Locations") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListLocationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListMembershipFeaturesResponse: Response message for the +// `GkeHubFeature.ListMembershipFeatures` method. +type ListMembershipFeaturesResponse struct { + // MembershipFeatures: The list of matching MembershipFeatures. + MembershipFeatures []*MembershipFeature `json:"membershipFeatures,omitempty"` + // NextPageToken: A token to request the next page of resources from the + // `ListMembershipFeatures` method. The value of an empty string means that + // there are no more resources to return. + NextPageToken string `json:"nextPageToken,omitempty"` + // Unreachable: List of locations that could not be reached while fetching this + // list. + Unreachable []string `json:"unreachable,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "MembershipFeatures") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "MembershipFeatures") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListMembershipFeaturesResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListMembershipFeaturesResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListOperationsResponse: The response message for Operations.ListOperations. +type ListOperationsResponse struct { + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + // Operations: A list of operations that matches the specified filter in the + // request. + Operations []*Operation `json:"operations,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListOperationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Location: A resource that represents a Google Cloud location. +type Location struct { + // DisplayName: The friendly name for this location, typically a nearby city + // name. For example, "Tokyo". + DisplayName string `json:"displayName,omitempty"` + // Labels: Cross-service attributes for the location. For example + // {"cloud.googleapis.com/region": "us-east1"} + Labels map[string]string `json:"labels,omitempty"` + // LocationId: The canonical id for this location. For example: "us-east1". + LocationId string `json:"locationId,omitempty"` + // Metadata: Service-specific metadata. For example the available capacity at + // the given location. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: Resource name for the location, which may vary between + // implementations. For example: + // "projects/example-project/locations/us-east1" + Name string `json:"name,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "DisplayName") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DisplayName") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Location) MarshalJSON() ([]byte, error) { + type NoMethod Location + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MembershipFeature: MembershipFeature represents the settings and status of a +// Fleet Feature enabled on a single Fleet Membership. +type MembershipFeature struct { + // CreateTime: Output only. When the MembershipFeature resource was created. + CreateTime string `json:"createTime,omitempty"` + // DeleteTime: Output only. When the MembershipFeature resource was deleted. + DeleteTime string `json:"deleteTime,omitempty"` + // FeatureConfigRef: Reference information for a FeatureConfig applied on the + // MembershipFeature. + FeatureConfigRef *FeatureConfigRef `json:"featureConfigRef,omitempty"` + // Labels: GCP labels for this MembershipFeature. + Labels map[string]string `json:"labels,omitempty"` + // LifecycleState: Output only. Lifecycle information of the resource itself. + LifecycleState *LifecycleState `json:"lifecycleState,omitempty"` + // Name: Output only. The resource name of the membershipFeature, in the + // format: + // `projects/{project}/locations/{location}/memberships/{membership}/features/{f + // eature}`. Note that `membershipFeatures` is shortened to `features` in the + // resource name. (see http://go/aip/122#collection-identifiers) + Name string `json:"name,omitempty"` + // Spec: Spec of this membershipFeature. + Spec *FeatureSpec `json:"spec,omitempty"` + // State: Output only. State of the this membershipFeature. + State *FeatureState `json:"state,omitempty"` + // UpdateTime: Output only. When the MembershipFeature resource was last + // updated. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CreateTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MembershipFeature) MarshalJSON() ([]byte, error) { + type NoMethod MembershipFeature + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MeteringState: **Metering**: State for a single membership, analyzed and +// reported by feature controller. +type MeteringState struct { + // LastMeasurementTime: The time stamp of the most recent measurement of the + // number of vCPUs in the cluster. + LastMeasurementTime string `json:"lastMeasurementTime,omitempty"` + // PreciseLastMeasuredClusterVcpuCapacity: The vCPUs capacity in the cluster + // according to the most recent measurement (1/1000 precision). + PreciseLastMeasuredClusterVcpuCapacity float64 `json:"preciseLastMeasuredClusterVcpuCapacity,omitempty"` + // ForceSendFields is a list of field names (e.g. "LastMeasurementTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "LastMeasurementTime") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MeteringState) MarshalJSON() ([]byte, error) { + type NoMethod MeteringState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +func (s *MeteringState) UnmarshalJSON(data []byte) error { + type NoMethod MeteringState + var s1 struct { + PreciseLastMeasuredClusterVcpuCapacity gensupport.JSONFloat64 `json:"preciseLastMeasuredClusterVcpuCapacity"` + *NoMethod + } + s1.NoMethod = (*NoMethod)(s) + if err := json.Unmarshal(data, &s1); err != nil { + return err + } + s.PreciseLastMeasuredClusterVcpuCapacity = float64(s1.PreciseLastMeasuredClusterVcpuCapacity) + return nil +} + +// Operation: This resource represents a long-running operation that is the +// result of a network API call. +type Operation struct { + // Done: If the value is `false`, it means the operation is still in progress. + // If `true`, the operation is completed, and either `error` or `response` is + // available. + Done bool `json:"done,omitempty"` + // Error: The error result of the operation in case of failure or cancellation. + Error *GoogleRpcStatus `json:"error,omitempty"` + // Metadata: Service-specific metadata associated with the operation. It + // typically contains progress information and common metadata such as create + // time. Some services might not provide such metadata. Any method that returns + // a long-running operation should document the metadata type, if any. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: The server-assigned name, which is only unique within the same service + // that originally returns it. If you use the default HTTP mapping, the `name` + // should be a resource name ending with `operations/{unique_id}`. + Name string `json:"name,omitempty"` + // Response: The normal, successful response of the operation. If the original + // method returns no data on success, such as `Delete`, the response is + // `google.protobuf.Empty`. If the original method is standard + // `Get`/`Create`/`Update`, the response should be the resource. For other + // methods, the response should have the type `XxxResponse`, where `Xxx` is the + // original method name. For example, if the original method name is + // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. + Response googleapi.RawMessage `json:"response,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Done") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Done") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Operation) MarshalJSON() ([]byte, error) { + type NoMethod Operation + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// OperationMetadata: Metadata of the long-running operation. +type OperationMetadata struct { + // ApiVersion: Output only. API version used to start the operation. + ApiVersion string `json:"apiVersion,omitempty"` + // CancelRequested: Output only. Identifies whether the user has requested + // cancellation of the operation. Operations that have successfully been + // cancelled have Operation.error value with a google.rpc.Status.code of 1, + // corresponding to `Code.CANCELLED`. + CancelRequested bool `json:"cancelRequested,omitempty"` + // CreateTime: Output only. The time the operation was created. + CreateTime string `json:"createTime,omitempty"` + // EndTime: Output only. The time the operation finished running. + EndTime string `json:"endTime,omitempty"` + // StatusDetail: Output only. Human-readable status of the operation, if any. + StatusDetail string `json:"statusDetail,omitempty"` + // Target: Output only. Server-defined resource path for the target of the + // operation. + Target string `json:"target,omitempty"` + // Verb: Output only. Name of the verb executed by the operation. + Verb string `json:"verb,omitempty"` + // ForceSendFields is a list of field names (e.g. "ApiVersion") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ApiVersion") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s OperationMetadata) MarshalJSON() ([]byte, error) { + type NoMethod OperationMetadata + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Origin: Origin defines where this FeatureSpec originated from. +type Origin struct { + // Type: Type specifies which type of origin is set. + // + // Possible values: + // "TYPE_UNSPECIFIED" - Type is unknown or not set. + // "FLEET" - Per-Feature spec was inherited from the fleet-level default. + // "FLEET_OUT_OF_SYNC" - Per-Feature spec was inherited from the fleet-level + // default but is now out of sync with the current default. + // "USER" - Per-Feature spec was inherited from a user specification. + Type string `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "Type") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Type") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Origin) MarshalJSON() ([]byte, error) { + type NoMethod Origin + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerBundleInstallSpec: BundleInstallSpec is the specification +// configuration for a single managed bundle. +type PolicyControllerBundleInstallSpec struct { + // ExemptedNamespaces: the set of namespaces to be exempted from the bundle + ExemptedNamespaces []string `json:"exemptedNamespaces,omitempty"` + // ForceSendFields is a list of field names (e.g. "ExemptedNamespaces") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ExemptedNamespaces") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerBundleInstallSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerBundleInstallSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerHubConfig: Configuration for Policy Controller +type PolicyControllerHubConfig struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // ConstraintViolationLimit: The maximum number of audit violations to be + // stored in a constraint. If not set, the internal default (currently 20) will + // be used. + ConstraintViolationLimit int64 `json:"constraintViolationLimit,omitempty,string"` + // DeploymentConfigs: Map of deployment configs to deployments + // (“admission”, “audit”, “mutation”). + DeploymentConfigs map[string]PolicyControllerPolicyControllerDeploymentConfig `json:"deploymentConfigs,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // InstallSpec: The install_spec represents the intended state specified by the + // latest request that mutated install_spec in the feature spec, not the + // lifecycle state of the feature observed by the Hub feature controller that + // is reported in the feature state. + // + // Possible values: + // "INSTALL_SPEC_UNSPECIFIED" - Spec is unknown. + // "INSTALL_SPEC_NOT_INSTALLED" - Request to uninstall Policy Controller. + // "INSTALL_SPEC_ENABLED" - Request to install and enable Policy Controller. + // "INSTALL_SPEC_SUSPENDED" - Request to suspend Policy Controller i.e. its + // webhooks. If Policy Controller is not installed, it will be installed but + // suspended. + // "INSTALL_SPEC_DETACHED" - Request to stop all reconciliation actions by + // PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from + // affecting cluster resources. + InstallSpec string `json:"installSpec,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *PolicyControllerMonitoringConfig `json:"monitoring,omitempty"` + // MutationEnabled: Enables the ability to mutate resources using Policy + // Controller. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // PolicyContent: Specifies the desired policy content on the cluster + PolicyContent *PolicyControllerPolicyContentSpec `json:"policyContent,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerHubConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerHubConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerMonitoringConfig: MonitoringConfig specifies the backends +// Policy Controller should export metrics to. For example, to specify metrics +// should be exported to Cloud Monitoring and Prometheus, specify backends: +// ["cloudmonitoring", "prometheus"] +type PolicyControllerMonitoringConfig struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerMonitoringConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerMonitoringConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerOnClusterState: OnClusterState represents the state of a +// sub-component of Policy Controller. +type PolicyControllerOnClusterState struct { + // Details: Surface potential errors or information logs. + Details string `json:"details,omitempty"` + // State: The lifecycle state of this component. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerOnClusterState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerOnClusterState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentSpec: PolicyContentSpec defines the user's +// desired content configuration on the cluster. +type PolicyControllerPolicyContentSpec struct { + // Bundles: map of bundle name to BundleInstallSpec. The bundle name maps to + // the `bundleName` key in the `policycontroller.gke.io/constraintData` + // annotation on a constraint. + Bundles map[string]PolicyControllerBundleInstallSpec `json:"bundles,omitempty"` + // TemplateLibrary: Configures the installation of the Template Library. + TemplateLibrary *PolicyControllerTemplateLibraryConfig `json:"templateLibrary,omitempty"` + // ForceSendFields is a list of field names (e.g. "Bundles") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Bundles") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentState: The state of the policy controller +// policy content +type PolicyControllerPolicyContentState struct { + // BundleStates: The state of the any bundles included in the chosen version of + // the manifest + BundleStates map[string]PolicyControllerOnClusterState `json:"bundleStates,omitempty"` + // ReferentialSyncConfigState: The state of the referential data sync + // configuration. This could represent the state of either the syncSet + // object(s) or the config object, depending on the version of PoCo configured + // by the user. + ReferentialSyncConfigState *PolicyControllerOnClusterState `json:"referentialSyncConfigState,omitempty"` + // TemplateLibraryState: The state of the template library + TemplateLibraryState *PolicyControllerOnClusterState `json:"templateLibraryState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BundleStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BundleStates") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyControllerDeploymentConfig: Deployment-specific +// configuration. +type PolicyControllerPolicyControllerDeploymentConfig struct { + // ContainerResources: Container resource requirements. + ContainerResources *PolicyControllerResourceRequirements `json:"containerResources,omitempty"` + // PodAffinity: Pod affinity configuration. + // + // Possible values: + // "AFFINITY_UNSPECIFIED" - No affinity configuration has been specified. + // "NO_AFFINITY" - Affinity configurations will be removed from the + // deployment. + // "ANTI_AFFINITY" - Anti-affinity configuration will be applied to this + // deployment. Default for admissions deployment. + PodAffinity string `json:"podAffinity,omitempty"` + // PodAntiAffinity: Pod anti-affinity enablement. Deprecated: use + // `pod_affinity` instead. + PodAntiAffinity bool `json:"podAntiAffinity,omitempty"` + // PodTolerations: Pod tolerations of node taints. + PodTolerations []*PolicyControllerToleration `json:"podTolerations,omitempty"` + // ReplicaCount: Pod replica count. + ReplicaCount int64 `json:"replicaCount,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "ContainerResources") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ContainerResources") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyControllerDeploymentConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyControllerDeploymentConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceList: ResourceList contains container resource +// requirements. +type PolicyControllerResourceList struct { + // Cpu: CPU requirement expressed in Kubernetes resource units. + Cpu string `json:"cpu,omitempty"` + // Memory: Memory requirement expressed in Kubernetes resource units. + Memory string `json:"memory,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cpu") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cpu") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceList) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceList + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceRequirements: ResourceRequirements describes the +// compute resource requirements. +type PolicyControllerResourceRequirements struct { + // Limits: Limits describes the maximum amount of compute resources allowed for + // use by the running container. + Limits *PolicyControllerResourceList `json:"limits,omitempty"` + // Requests: Requests describes the amount of compute resources reserved for + // the container by the kube-scheduler. + Requests *PolicyControllerResourceList `json:"requests,omitempty"` + // ForceSendFields is a list of field names (e.g. "Limits") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Limits") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceRequirements) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceRequirements + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerSpec: **Policy Controller**: Configuration for a single +// cluster. Intended to parallel the PolicyController CR. +type PolicyControllerSpec struct { + // PolicyControllerHubConfig: Policy Controller configuration for the cluster. + PolicyControllerHubConfig *PolicyControllerHubConfig `json:"policyControllerHubConfig,omitempty"` + // Version: Version of Policy Controller installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "PolicyControllerHubConfig") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "PolicyControllerHubConfig") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerState: **Policy Controller**: State for a single cluster. +type PolicyControllerState struct { + // ComponentStates: Currently these include (also serving as map keys): 1. + // "admission" 2. "audit" 3. "mutation" + ComponentStates map[string]PolicyControllerOnClusterState `json:"componentStates,omitempty"` + // PolicyContentState: The overall content state observed by the Hub Feature + // controller. + PolicyContentState *PolicyControllerPolicyContentState `json:"policyContentState,omitempty"` + // State: The overall Policy Controller lifecycle state observed by the Hub + // Feature controller. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "ComponentStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ComponentStates") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerTemplateLibraryConfig: The config specifying which default +// library templates to install. +type PolicyControllerTemplateLibraryConfig struct { + // Installation: Configures the manner in which the template library is + // installed on the cluster. + // + // Possible values: + // "INSTALLATION_UNSPECIFIED" - No installation strategy has been specified. + // "NOT_INSTALLED" - Do not install the template library. + // "ALL" - Install the entire template library. + Installation string `json:"installation,omitempty"` + // ForceSendFields is a list of field names (e.g. "Installation") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Installation") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerTemplateLibraryConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerTemplateLibraryConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerToleration: Toleration of a node taint. +type PolicyControllerToleration struct { + // Effect: Matches a taint effect. + Effect string `json:"effect,omitempty"` + // Key: Matches a taint key (not necessarily unique). + Key string `json:"key,omitempty"` + // Operator: Matches a taint operator. + Operator string `json:"operator,omitempty"` + // Value: Matches a taint value. + Value string `json:"value,omitempty"` + // ForceSendFields is a list of field names (e.g. "Effect") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Effect") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerToleration) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerToleration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessage: AnalysisMessage is a single message produced by +// an analyzer, and it used to communicate to the end user about the state of +// their Service Mesh configuration. +type ServiceMeshAnalysisMessage struct { + // Args: A UI can combine these args with a template (based on + // message_base.type) to produce an internationalized message. + Args googleapi.RawMessage `json:"args,omitempty"` + // Description: A human readable description of what the error means. It is + // suitable for non-internationalize display purposes. + Description string `json:"description,omitempty"` + // MessageBase: Details common to all types of Istio and ServiceMesh analysis + // messages. + MessageBase *ServiceMeshAnalysisMessageBase `json:"messageBase,omitempty"` + // ResourcePaths: A list of strings specifying the resource identifiers that + // were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID + // if the cause is a specific member cluster * + // MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the cause is a resource in + // a cluster + ResourcePaths []string `json:"resourcePaths,omitempty"` + // ForceSendFields is a list of field names (e.g. "Args") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Args") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessage) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessage + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessageBase: AnalysisMessageBase describes some common +// information that is needed for all messages. +type ServiceMeshAnalysisMessageBase struct { + // DocumentationUrl: A url pointing to the Service Mesh or Istio documentation + // for this specific error type. + DocumentationUrl string `json:"documentationUrl,omitempty"` + // Level: Represents how severe a message is. + // + // Possible values: + // "LEVEL_UNSPECIFIED" - Illegal. Same + // istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN. + // "ERROR" - ERROR represents a misconfiguration that must be fixed. + // "WARNING" - WARNING represents a misconfiguration that should be fixed. + // "INFO" - INFO represents an informational finding. + Level string `json:"level,omitempty"` + // Type: Represents the specific type of a message. + Type *ServiceMeshType `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "DocumentationUrl") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DocumentationUrl") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessageBase) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessageBase + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshCondition: Condition being reported. +type ServiceMeshCondition struct { + // Code: Unique identifier of the condition which describes the condition + // recognizable to the user. + // + // Possible values: + // "CODE_UNSPECIFIED" - Default Unspecified code + // "MESH_IAM_PERMISSION_DENIED" - Mesh IAM permission denied error code + // "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED" - Permission denied error code + // for cross-project + // "CNI_CONFIG_UNSUPPORTED" - CNI config unsupported error code + // "GKE_SANDBOX_UNSUPPORTED" - GKE sandbox unsupported error code + // "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED" - Nodepool workload + // identity federation required error code + // "CNI_INSTALLATION_FAILED" - CNI installation failed error code + // "CNI_POD_UNSCHEDULABLE" - CNI pod unschedulable error code + // "CLUSTER_HAS_ZERO_NODES" - Cluster has zero node code + // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes + // unsupported error code + // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT" - User is using deprecated + // ControlPlaneManagement and they have not yet set Management. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE" - User is using deprecated + // ControlPlaneManagement and they have already set Management. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. + // "MODERNIZATION_SCHEDULED" - Modernization is scheduled for a cluster. + // "MODERNIZATION_IN_PROGRESS" - Modernization is in progress for a cluster. + // "MODERNIZATION_COMPLETED" - Modernization is completed for a cluster. + // "MODERNIZATION_ABORTED" - Modernization is aborted for a cluster. + Code string `json:"code,omitempty"` + // Details: A short summary about the issue. + Details string `json:"details,omitempty"` + // DocumentationLink: Links contains actionable information. + DocumentationLink string `json:"documentationLink,omitempty"` + // Severity: Severity level of the condition. + // + // Possible values: + // "SEVERITY_UNSPECIFIED" - Unspecified severity + // "ERROR" - Indicates an issue that prevents the mesh from operating + // correctly + // "WARNING" - Indicates a setting is likely wrong, but the mesh is still + // able to operate + // "INFO" - An informational message, not requiring any action + Severity string `json:"severity,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshCondition) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshCondition + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshControlPlaneManagement: Status of control plane management. +type ServiceMeshControlPlaneManagement struct { + // Details: Explanation of state. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // Implementation: Output only. Implementation of managed control plane. + // + // Possible values: + // "IMPLEMENTATION_UNSPECIFIED" - Unspecified + // "ISTIOD" - A Google build of istiod is used for the managed control plane. + // "TRAFFIC_DIRECTOR" - Traffic director is used for the managed control + // plane. + // "UPDATING" - The control plane implementation is being updated. + Implementation string `json:"implementation,omitempty"` + // State: LifecycleState of control plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshControlPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshControlPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshDataPlaneManagement: Status of data plane management. Only +// reported per-member. +type ServiceMeshDataPlaneManagement struct { + // Details: Explanation of the status. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // State: Lifecycle status of data plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshDataPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshDataPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshSpec: **Service Mesh**: Spec for a single Membership for the +// servicemesh feature +type ServiceMeshSpec struct { + // ConfigApi: Optional. Specifies the API that will be used for configuring the + // mesh workloads. + // + // Possible values: + // "CONFIG_API_UNSPECIFIED" - Unspecified + // "CONFIG_API_ISTIO" - Use the Istio API for configuration. + // "CONFIG_API_GATEWAY" - Use the K8s Gateway API for configuration. + ConfigApi string `json:"configApi,omitempty"` + // ControlPlane: Deprecated: use `management` instead Enables automatic control + // plane management. + // + // Possible values: + // "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" - Unspecified + // "AUTOMATIC" - Google should provision a control plane revision and make it + // available in the cluster. Google will enroll this revision in a release + // channel and keep it up to date. The control plane revision may be a managed + // service, or a managed install. + // "MANUAL" - User will manually configure the control plane (e.g. via CLI, + // or via the ControlPlaneRevision KRM API) + ControlPlane string `json:"controlPlane,omitempty"` + // DefaultChannel: Determines which release channel to use for default + // injection and service mesh APIs. + // + // Possible values: + // "CHANNEL_UNSPECIFIED" - Unspecified + // "RAPID" - RAPID channel is offered on an early access basis for customers + // who want to test new releases. + // "REGULAR" - REGULAR channel is intended for production users who want to + // take advantage of new features. + // "STABLE" - STABLE channel includes versions that are known to be stable + // and reliable in production. + DefaultChannel string `json:"defaultChannel,omitempty"` + // Management: Optional. Enables automatic Service Mesh management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google should manage my Service Mesh for the + // cluster. + // "MANAGEMENT_MANUAL" - User will manually configure their service mesh + // components. + Management string `json:"management,omitempty"` + // ForceSendFields is a list of field names (e.g. "ConfigApi") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ConfigApi") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshSpec) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshState: **Service Mesh**: State for a single Membership, as +// analyzed by the Service Mesh Hub Controller. +type ServiceMeshState struct { + // AnalysisMessages: Output only. Results of running Service Mesh analyzers. + AnalysisMessages []*ServiceMeshAnalysisMessage `json:"analysisMessages,omitempty"` + // Conditions: Output only. List of conditions reported for this membership. + Conditions []*ServiceMeshCondition `json:"conditions,omitempty"` + // ConfigApiVersion: The API version (i.e. Istio CRD version) for configuring + // service mesh in this cluster. This version is influenced by the + // `default_channel` field. + ConfigApiVersion string `json:"configApiVersion,omitempty"` + // ControlPlaneManagement: Output only. Status of control plane management + ControlPlaneManagement *ServiceMeshControlPlaneManagement `json:"controlPlaneManagement,omitempty"` + // DataPlaneManagement: Output only. Status of data plane management. + DataPlaneManagement *ServiceMeshDataPlaneManagement `json:"dataPlaneManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "AnalysisMessages") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AnalysisMessages") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshState) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshStatusDetails: Structured and human-readable details for a +// status. +type ServiceMeshStatusDetails struct { + // Code: A machine-readable code that further describes a broad status. + Code string `json:"code,omitempty"` + // Details: Human-readable explanation of code. + Details string `json:"details,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshStatusDetails) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshStatusDetails + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshType: A unique identifier for the type of message. Display_name +// is intended to be human-readable, code is intended to be machine readable. +// There should be a one-to-one mapping between display_name and code. (i.e. do +// not re-use display_names or codes between message types.) See +// istio.analysis.v1alpha1.AnalysisMessageBase.Type +type ServiceMeshType struct { + // Code: A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, + // intended to uniquely identify the message type. (e.g. "IST0001" is mapped to + // the "InternalError" message type.) + Code string `json:"code,omitempty"` + // DisplayName: A human-readable name for the message type. e.g. + // "InternalError", "PodMissingProxy". This should be the same for all messages + // of the same type. (This corresponds to the `name` field in open-source + // Istio.) + DisplayName string `json:"displayName,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshType) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshType + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// State: High-level state of a MembershipFeature. +type State struct { + // Code: The high-level, machine-readable status of this MembershipFeature. + // + // Possible values: + // "CODE_UNSPECIFIED" - Unknown or not set. + // "OK" - The MembershipFeature is operating normally. + // "WARNING" - The MembershipFeature has encountered an issue, and is + // operating in a degraded state. The MembershipFeature may need intervention + // to return to normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + // "ERROR" - The MembershipFeature is not operating or is in a severely + // degraded state. The MembershipFeature may need intervention to return to + // normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + Code string `json:"code,omitempty"` + // Description: A human-readable description of the current status. + Description string `json:"description,omitempty"` + // UpdateTime: The time this status and any related Feature-specific details + // were updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s State) MarshalJSON() ([]byte, error) { + type NoMethod State + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// WorkloadCertificateSpec: **WorkloadCertificate**: The membership-specific +// input for WorkloadCertificate feature. +type WorkloadCertificateSpec struct { + // CertificateManagement: CertificateManagement specifies workload certificate + // management. + // + // Possible values: + // "CERTIFICATE_MANAGEMENT_UNSPECIFIED" - Disable workload certificate + // feature. + // "DISABLED" - Disable workload certificate feature. + // "ENABLED" - Enable workload certificate feature. + CertificateManagement string `json:"certificateManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateManagement") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateManagement") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s WorkloadCertificateSpec) MarshalJSON() ([]byte, error) { + type NoMethod WorkloadCertificateSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +type ProjectsLocationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets information about a location. +// +// - name: Resource name for the location. +func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { + c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.get" call. +// Any non-2xx status code is an error. Response headers are in either +// *Location.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Location{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsListCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists information about the supported locations for this service. +// +// - name: The resource that owns the locations collection, if applicable. +func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { + c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Filter sets the optional parameter "filter": A filter to narrow down results +// to a preferred subset. The filtering language accepts strings like +// "displayName=tokyo", and is documented in more detail in AIP-160 +// (https://google.aip.dev/160). +func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number of +// results to return. If not set, the service selects a default. +func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A page token received +// from the `next_page_token` field in the response. Send that page token to +// receive the subsequent page. +func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}/locations") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.list" call. +// Any non-2xx status code is an error. Response headers are in either +// *ListLocationsResponse.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListLocationsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +type ProjectsLocationsMembershipsFeaturesCreateCall struct { + s *Service + parent string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates membershipFeature under a given parent. +// +// - parent: The name of parent where the MembershipFeature will be created. +// Specified in the format `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Create(parent string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesCreateCall { + c := &ProjectsLocationsMembershipsFeaturesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.membershipfeature = membershipfeature + return c +} + +// FeatureId sets the optional parameter "featureId": Required. The ID of the +// membership_feature to create. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) FeatureId(featureId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("featureId", featureId) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+parent}/features") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.create" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Removes a membershipFeature. +// +// - name: The name of the membershipFeature to be deleted. Specified in the +// format `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Delete(name string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c := &ProjectsLocationsMembershipsFeaturesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("requestId", requestId) + return c } -// Operation: This resource represents a long-running operation that is the -// result of a network API call. -type Operation struct { - // Done: If the value is `false`, it means the operation is still in progress. - // If `true`, the operation is completed, and either `error` or `response` is - // available. - Done bool `json:"done,omitempty"` - // Error: The error result of the operation in case of failure or cancellation. - Error *GoogleRpcStatus `json:"error,omitempty"` - // Metadata: Service-specific metadata associated with the operation. It - // typically contains progress information and common metadata such as create - // time. Some services might not provide such metadata. Any method that returns - // a long-running operation should document the metadata type, if any. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: The server-assigned name, which is only unique within the same service - // that originally returns it. If you use the default HTTP mapping, the `name` - // should be a resource name ending with `operations/{unique_id}`. - Name string `json:"name,omitempty"` - // Response: The normal, successful response of the operation. If the original - // method returns no data on success, such as `Delete`, the response is - // `google.protobuf.Empty`. If the original method is standard - // `Get`/`Create`/`Update`, the response should be the resource. For other - // methods, the response should have the type `XxxResponse`, where `Xxx` is the - // original method name. For example, if the original method name is - // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. - Response googleapi.RawMessage `json:"response,omitempty"` +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Done") to unconditionally - // include in API requests. By default, fields with empty or default values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more - // details. - ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Done") to include in API requests - // with the JSON null value. By default, fields with empty values are omitted - // from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. - NullFields []string `json:"-"` +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.ctx_ = ctx + return c } -func (s Operation) MarshalJSON() ([]byte, error) { - type NoMethod Operation - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ } -type ProjectsLocationsGetCall struct { +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.delete" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesGetCall struct { s *Service name string urlParams_ gensupport.URLParams @@ -384,11 +3931,13 @@ type ProjectsLocationsGetCall struct { header_ http.Header } -// Get: Gets information about a location. +// Get: ========= MembershipFeature Services ========= Gets details of a +// membershipFeature. // -// - name: Resource name for the location. -func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { - c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - name: The MembershipFeature resource name in the format +// `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Get(name string) *ProjectsLocationsMembershipsFeaturesGetCall { + c := &ProjectsLocationsMembershipsFeaturesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name return c } @@ -396,7 +3945,7 @@ func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -404,27 +3953,27 @@ func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocatio // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesGetCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGetCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -445,12 +3994,13 @@ func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.get" call. +// Do executes the "gkehub.projects.locations.memberships.features.get" call. // Any non-2xx status code is an error. Response headers are in either -// *Location.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { +// *MembershipFeature.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Do(opts ...googleapi.CallOption) (*MembershipFeature, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -469,7 +4019,7 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Location{ + ret := &MembershipFeature{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -482,44 +4032,56 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, return ret, nil } -type ProjectsLocationsListCall struct { +type ProjectsLocationsMembershipsFeaturesListCall struct { s *Service - name string + parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// List: Lists information about the supported locations for this service. +// List: Lists MembershipFeatures in a given project and location. // -// - name: The resource that owns the locations collection, if applicable. -func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { - c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - parent: The parent where the MembershipFeature will be listed. In the +// format: `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) List(parent string) *ProjectsLocationsMembershipsFeaturesListCall { + c := &ProjectsLocationsMembershipsFeaturesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent return c } -// Filter sets the optional parameter "filter": A filter to narrow down results -// to a preferred subset. The filtering language accepts strings like -// "displayName=tokyo", and is documented in more detail in AIP-160 -// (https://google.aip.dev/160). -func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { +// Filter sets the optional parameter "filter": Lists MembershipFeatures that +// match the filter expression, following the syntax outlined in +// https://google.aip.dev/160. Examples: - Feature with the name "helloworld" +// in project "foo-proj" and membership "member-bar": name = +// "projects/foo-proj/locations/global/memberships/member-bar/features/helloworl +// d" - Features that have a label called `foo`: labels.foo:* - Features that +// have a label called `foo` whose value is `bar`: labels.foo = bar +func (c *ProjectsLocationsMembershipsFeaturesListCall) Filter(filter string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("filter", filter) return c } -// PageSize sets the optional parameter "pageSize": The maximum number of -// results to return. If not set, the service selects a default. -func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { +// OrderBy sets the optional parameter "orderBy": One or more fields to compare +// and use to sort the output. See https://google.aip.dev/132#ordering. +func (c *ProjectsLocationsMembershipsFeaturesListCall) OrderBy(orderBy string) *ProjectsLocationsMembershipsFeaturesListCall { + c.urlParams_.Set("orderBy", orderBy) + return c +} + +// PageSize sets the optional parameter "pageSize": When requesting a 'page' of +// resources, `page_size` specifies number of resources to return. If +// unspecified or set to 0, all resources will be returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageSize(pageSize int64) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) return c } -// PageToken sets the optional parameter "pageToken": A page token received -// from the `next_page_token` field in the response. Send that page token to -// receive the subsequent page. -func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { +// PageToken sets the optional parameter "pageToken": Token returned by +// previous call to `ListFeatures` which specifies the position in the list +// from where to continue listing the resources. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageToken(pageToken string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageToken", pageToken) return c } @@ -527,7 +4089,7 @@ func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocatio // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -535,27 +4097,27 @@ func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocati // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesListCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsListCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesListCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -563,7 +4125,7 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}/locations") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+parent}/features") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -571,18 +4133,18 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.list" call. +// Do executes the "gkehub.projects.locations.memberships.features.list" call. // Any non-2xx status code is an error. Response headers are in either -// *ListLocationsResponse.ServerResponse.Header or (if a response was returned -// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified was -// returned. -func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { +// *ListMembershipFeaturesResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) Do(opts ...googleapi.CallOption) (*ListMembershipFeaturesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -601,7 +4163,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &ListLocationsResponse{ + ret := &ListMembershipFeaturesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -617,7 +4179,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat // Pages invokes f for each page of results. // A non-nil error returned from f will halt the iteration. // The provided context supersedes any context provided to the Context method. -func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Pages(ctx context.Context, f func(*ListMembershipFeaturesResponse) error) error { c.ctx_ = ctx defer c.PageToken(c.urlParams_.Get("pageToken")) for { @@ -635,6 +4197,132 @@ func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocat } } +type ProjectsLocationsMembershipsFeaturesPatchCall struct { + s *Service + nameid string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates an existing MembershipFeature. +// +// - name: Output only. The resource name of the membershipFeature, in the +// format: +// `projects/{project}/locations/{location}/memberships/{membership}/features/ +// {feature}`. Note that `membershipFeatures` is shortened to `features` in +// the resource name. (see http://go/aip/122#collection-identifiers). +func (r *ProjectsLocationsMembershipsFeaturesService) Patch(nameid string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesPatchCall { + c := &ProjectsLocationsMembershipsFeaturesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.nameid = nameid + c.membershipfeature = membershipfeature + return c +} + +// AllowMissing sets the optional parameter "allowMissing": If set to true, and +// the MembershipFeature is not found, a new MembershipFeature will be created. +// In this situation, `update_mask` is ignored. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) AllowMissing(allowMissing bool) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("allowMissing", fmt.Sprint(allowMissing)) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. Mask of +// fields to update. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.nameid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.patch" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type ProjectsLocationsOperationsCancelCall struct { s *Service name string diff --git a/gkehub/v2alpha/gkehub-api.json b/gkehub/v2alpha/gkehub-api.json index c2fd470d914..92b5e1fd3d4 100644 --- a/gkehub/v2alpha/gkehub-api.json +++ b/gkehub/v2alpha/gkehub-api.json @@ -177,6 +177,197 @@ } }, "resources": { + "memberships": { + "resources": { + "features": { + "methods": { + "create": { + "description": "Creates membershipFeature under a given parent.", + "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "POST", + "id": "gkehub.projects.locations.memberships.features.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "featureId": { + "description": "Required. The ID of the membership_feature to create.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of parent where the MembershipFeature will be created. Specified in the format `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2alpha/{+parent}/features", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Removes a membershipFeature.", + "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "DELETE", + "id": "gkehub.projects.locations.memberships.features.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the membershipFeature to be deleted. Specified in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2alpha/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "========= MembershipFeature Services ========= Gets details of a membershipFeature.", + "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The MembershipFeature resource name in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2alpha/{+name}", + "response": { + "$ref": "MembershipFeature" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists MembershipFeatures in a given project and location.", + "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Lists MembershipFeatures that match the filter expression, following the syntax outlined in https://google.aip.dev/160. Examples: - Feature with the name \"helloworld\" in project \"foo-proj\" and membership \"member-bar\": name = \"projects/foo-proj/locations/global/memberships/member-bar/features/helloworld\" - Features that have a label called `foo`: labels.foo:* - Features that have a label called `foo` whose value is `bar`: labels.foo = bar", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "One or more fields to compare and use to sort the output. See https://google.aip.dev/132#ordering.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "When requesting a 'page' of resources, `page_size` specifies number of resources to return. If unspecified or set to 0, all resources will be returned.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Token returned by previous call to `ListFeatures` which specifies the position in the list from where to continue listing the resources.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The parent where the MembershipFeature will be listed. In the format: `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2alpha/{+parent}/features", + "response": { + "$ref": "ListMembershipFeaturesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates an existing MembershipFeature.", + "flatPath": "v2alpha/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "PATCH", + "id": "gkehub.projects.locations.memberships.features.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "allowMissing": { + "description": "Optional. If set to true, and the MembershipFeature is not found, a new MembershipFeature will be created. In this situation, `update_mask` is ignored.", + "location": "query", + "type": "boolean" + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. Mask of fields to update.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v2alpha/{+name}", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } + }, "operations": { "methods": { "cancel": { @@ -280,149 +471,2800 @@ } } }, - "revision": "20230804", + "revision": "20241006", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { + "AppDevExperienceState": { + "description": "State for App Dev Exp Feature.", + "id": "AppDevExperienceState", + "properties": { + "networkingInstallSucceeded": { + "$ref": "AppDevExperienceStatus", + "description": "Status of subcomponent that detects configured Service Mesh resources." + } + }, + "type": "object" + }, + "AppDevExperienceStatus": { + "description": "Status specifies state for the subcomponent.", + "id": "AppDevExperienceStatus", + "properties": { + "code": { + "description": "Code specifies AppDevExperienceFeature's subcomponent ready state.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "FAILED", + "UNKNOWN" + ], + "enumDescriptions": [ + "Not set.", + "AppDevExperienceFeature's specified subcomponent is ready.", + "AppDevExperienceFeature's specified subcomponent ready state is false. This means AppDevExperienceFeature has encountered an issue that blocks all, or a portion, of its normal operation. See the `description` for more details.", + "AppDevExperienceFeature's specified subcomponent has a pending or unknown state." + ], + "type": "string" + }, + "description": { + "description": "Description is populated if Code is Failed, explaining why it has failed.", + "type": "string" + } + }, + "type": "object" + }, "CancelOperationRequest": { "description": "The request message for Operations.CancelOperation.", "id": "CancelOperationRequest", "properties": {}, "type": "object" }, - "Empty": { - "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", - "id": "Empty", - "properties": {}, + "CloudBuildSpec": { + "description": "**Cloud Build**: Configurations for each Cloud Build enabled cluster.", + "id": "CloudBuildSpec", + "properties": { + "securityPolicy": { + "description": "Whether it is allowed to run the privileged builds on the cluster or not.", + "enum": [ + "SECURITY_POLICY_UNSPECIFIED", + "NON_PRIVILEGED", + "PRIVILEGED" + ], + "enumDescriptions": [ + "Unspecified policy", + "Privileged build pods are disallowed", + "Privileged build pods are allowed" + ], + "type": "string" + }, + "version": { + "description": "Version of the cloud build software on the cluster.", + "type": "string" + } + }, "type": "object" }, - "GoogleRpcStatus": { - "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", - "id": "GoogleRpcStatus", + "ClusterUpgradeGKEUpgrade": { + "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", + "id": "ClusterUpgradeGKEUpgrade", "properties": { - "code": { - "description": "The status code, which should be an enum value of google.rpc.Code.", - "format": "int32", - "type": "integer" + "name": { + "description": "Name of the upgrade, e.g., \"k8s_control_plane\".", + "type": "string" }, - "details": { - "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", - "items": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "type": "object" - }, - "type": "array" + "version": { + "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\".", + "type": "string" + } + }, + "type": "object" + }, + "ClusterUpgradeIgnoredMembership": { + "description": "IgnoredMembership represents a membership ignored by the feature. A membership can be ignored because it was manually upgraded to a newer version than RC default.", + "id": "ClusterUpgradeIgnoredMembership", + "properties": { + "ignoredTime": { + "description": "Time when the membership was first set to ignored.", + "format": "google-datetime", + "type": "string" }, - "message": { - "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "reason": { + "description": "Reason why the membership is ignored.", "type": "string" } }, "type": "object" }, - "ListLocationsResponse": { - "description": "The response message for Locations.ListLocations.", - "id": "ListLocationsResponse", + "ClusterUpgradeMembershipGKEUpgradeState": { + "description": "MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership.", + "id": "ClusterUpgradeMembershipGKEUpgradeState", "properties": { - "locations": { - "description": "A list of locations that matches the specified filter in the request.", + "status": { + "$ref": "ClusterUpgradeUpgradeStatus", + "description": "Status of the upgrade." + }, + "upgrade": { + "$ref": "ClusterUpgradeGKEUpgrade", + "description": "Which upgrade to track the state." + } + }, + "type": "object" + }, + "ClusterUpgradeState": { + "description": "Per-membership state for this feature.", + "id": "ClusterUpgradeState", + "properties": { + "ignored": { + "$ref": "ClusterUpgradeIgnoredMembership", + "description": "Whether this membership is ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel." + }, + "upgrades": { + "description": "Actual upgrade state against desired.", "items": { - "$ref": "Location" + "$ref": "ClusterUpgradeMembershipGKEUpgradeState" }, "type": "array" + } + }, + "type": "object" + }, + "ClusterUpgradeUpgradeStatus": { + "description": "UpgradeStatus provides status information for each upgrade.", + "id": "ClusterUpgradeUpgradeStatus", + "properties": { + "code": { + "description": "Status code of the upgrade.", + "enum": [ + "CODE_UNSPECIFIED", + "INELIGIBLE", + "PENDING", + "IN_PROGRESS", + "SOAKING", + "FORCED_SOAKING", + "COMPLETE" + ], + "enumDescriptions": [ + "Required by https://linter.aip.dev/126/unspecified.", + "The upgrade is ineligible. At the scope level, this means the upgrade is ineligible for all the clusters in the scope.", + "The upgrade is pending. At the scope level, this means the upgrade is pending for all the clusters in the scope.", + "The upgrade is in progress. At the scope level, this means the upgrade is in progress for at least one cluster in the scope.", + "The upgrade has finished and is soaking until the soaking time is up. At the scope level, this means at least one cluster is in soaking while the rest are either soaking or complete.", + "A cluster will be forced to enter soaking if an upgrade doesn't finish within a certain limit, despite it's actual status.", + "The upgrade has passed all post conditions (soaking). At the scope level, this means all eligible clusters are in COMPLETE status." + ], + "type": "string" }, - "nextPageToken": { - "description": "The standard List next-page token.", + "reason": { + "description": "Reason for this status.", + "type": "string" + }, + "updateTime": { + "description": "Last timestamp the status was updated.", + "format": "google-datetime", "type": "string" } }, "type": "object" }, - "ListOperationsResponse": { - "description": "The response message for Operations.ListOperations.", - "id": "ListOperationsResponse", + "ConfigManagementBinauthzConfig": { + "description": "Configuration for Binauthz.", + "id": "ConfigManagementBinauthzConfig", "properties": { - "nextPageToken": { - "description": "The standard List next-page token.", + "enabled": { + "description": "Whether binauthz is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzState": { + "description": "State for Binauthz.", + "id": "ConfigManagementBinauthzState", + "properties": { + "version": { + "$ref": "ConfigManagementBinauthzVersion", + "description": "The version of binauthz that is installed." + }, + "webhook": { + "description": "The state of the binauthz webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzVersion": { + "description": "The version of binauthz.", + "id": "ConfigManagementBinauthzVersion", + "properties": { + "webhookVersion": { + "description": "The version of the binauthz webhook.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSync": { + "description": "Configuration for Config Sync", + "id": "ConfigManagementConfigSync", + "properties": { + "allowVerticalScale": { + "deprecated": true, + "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", + "type": "boolean" }, - "operations": { - "description": "A list of operations that matches the specified filter in the request.", + "enabled": { + "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + "type": "boolean" + }, + "git": { + "$ref": "ConfigManagementGitConfig", + "description": "Git repo configuration for the cluster." + }, + "metricsGcpServiceAccountEmail": { + "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA.", + "type": "string" + }, + "oci": { + "$ref": "ConfigManagementOciConfig", + "description": "OCI repo configuration for the cluster." + }, + "preventDrift": { + "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.", + "type": "boolean" + }, + "sourceFormat": { + "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncDeploymentState": { + "description": "The state of ConfigSync's deployment on a cluster.", + "id": "ConfigManagementConfigSyncDeploymentState", + "properties": { + "admissionWebhook": { + "description": "Deployment state of admission-webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gitSync": { + "description": "Deployment state of the git-sync pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "importer": { + "description": "Deployment state of the importer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "monitor": { + "description": "Deployment state of the monitor pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "otelCollector": { + "description": "Deployment state of otel-collector", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "reconcilerManager": { + "description": "Deployment state of reconciler-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Deployment state of resource-group-controller-manager", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "rootReconciler": { + "description": "Deployment state of root-reconciler.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "syncer": { + "description": "Deployment state of the syncer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncError": { + "description": "Errors pertaining to the installation of Config Sync", + "id": "ConfigManagementConfigSyncError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncState": { + "description": "State information for ConfigSync.", + "id": "ConfigManagementConfigSyncState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementConfigSyncDeploymentState", + "description": "Information about the deployment of ConfigSync, including the version. of the various Pods deployed" + }, + "errors": { + "description": "Errors pertaining to the installation of Config Sync.", "items": { - "$ref": "Operation" + "$ref": "ConfigManagementConfigSyncError" }, "type": "array" + }, + "reposyncCrd": { + "description": "The state of the Reposync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "rootsyncCrd": { + "description": "The state of the RootSync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "state": { + "description": "The state of CS This field summarizes the other fields in this message.", + "enum": [ + "STATE_UNSPECIFIED", + "CONFIG_SYNC_NOT_INSTALLED", + "CONFIG_SYNC_INSTALLED", + "CONFIG_SYNC_ERROR", + "CONFIG_SYNC_PENDING" + ], + "enumDescriptions": [ + "CS's state cannot be determined.", + "CS is not installed.", + "The expected CS version is installed successfully.", + "CS encounters errors.", + "CS is installing or terminating." + ], + "type": "string" + }, + "syncState": { + "$ref": "ConfigManagementSyncState", + "description": "The state of ConfigSync's process to sync configs to a cluster." + }, + "version": { + "$ref": "ConfigManagementConfigSyncVersion", + "description": "The version of ConfigSync deployed." } }, "type": "object" }, - "Location": { - "description": "A resource that represents a Google Cloud location.", - "id": "Location", + "ConfigManagementConfigSyncVersion": { + "description": "Specific versioning information pertaining to ConfigSync's Pods.", + "id": "ConfigManagementConfigSyncVersion", "properties": { - "displayName": { - "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "admissionWebhook": { + "description": "Version of the deployed admission-webhook pod.", "type": "string" }, - "labels": { - "additionalProperties": { - "type": "string" - }, - "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", - "type": "object" + "gitSync": { + "description": "Version of the deployed git-sync pod.", + "type": "string" }, - "locationId": { - "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "importer": { + "description": "Version of the deployed importer pod.", "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata. For example the available capacity at the given location.", - "type": "object" + "monitor": { + "description": "Version of the deployed monitor pod.", + "type": "string" }, - "name": { - "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "otelCollector": { + "description": "Version of the deployed otel-collector pod", + "type": "string" + }, + "reconcilerManager": { + "description": "Version of the deployed reconciler-manager pod.", + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Version of the deployed resource-group-controller-manager pod", + "type": "string" + }, + "rootReconciler": { + "description": "Version of the deployed reconciler container in root-reconciler pod.", + "type": "string" + }, + "syncer": { + "description": "Version of the deployed syncer pod.", "type": "string" } }, "type": "object" }, - "Operation": { - "description": "This resource represents a long-running operation that is the result of a network API call.", - "id": "Operation", + "ConfigManagementErrorResource": { + "description": "Model for a config file in the git repo with an associated Sync error.", + "id": "ConfigManagementErrorResource", "properties": { - "done": { - "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", - "type": "boolean" + "resourceGvk": { + "$ref": "ConfigManagementGroupVersionKind", + "description": "Group/version/kind of the resource that is causing an error" }, - "error": { - "$ref": "GoogleRpcStatus", - "description": "The error result of the operation in case of failure or cancellation." + "resourceName": { + "description": "Metadata name of the resource that is causing an error", + "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", - "type": "object" + "resourceNamespace": { + "description": "Namespace of the resource that is causing an error", + "type": "string" }, - "name": { - "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "sourcePath": { + "description": "Path in the git repo of the erroneous config", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGatekeeperDeploymentState": { + "description": "State of Policy Controller installation.", + "id": "ConfigManagementGatekeeperDeploymentState", + "properties": { + "gatekeeperAudit": { + "description": "Status of gatekeeper-audit deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" }, - "response": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", - "type": "object" + "gatekeeperControllerManagerState": { + "description": "Status of gatekeeper-controller-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gatekeeperMutation": { + "description": "Status of the pod serving the mutation webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGitConfig": { + "description": "Git repo configuration for a single cluster.", + "id": "ConfigManagementGitConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "httpsProxy": { + "description": "URL for the HTTPS proxy to be used when communicating with the Git repo.", + "type": "string" + }, + "policyDir": { + "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.", + "type": "string" + }, + "syncBranch": { + "description": "The branch of the repository to sync from. Default: master.", + "type": "string" + }, + "syncRepo": { + "description": "The URL of the Git repository to use as the source of truth.", + "type": "string" + }, + "syncRev": { + "description": "Git revision (tag or hash) to check out. Default HEAD.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGroupVersionKind": { + "description": "A Kubernetes object's GVK.", + "id": "ConfigManagementGroupVersionKind", + "properties": { + "group": { + "description": "Kubernetes Group", + "type": "string" + }, + "kind": { + "description": "Kubernetes Kind", + "type": "string" + }, + "version": { + "description": "Kubernetes Version", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerConfig": { + "description": "Configuration for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerConfig", + "properties": { + "enableHierarchicalResourceQuota": { + "description": "Whether hierarchical resource quota is enabled in this cluster.", + "type": "boolean" + }, + "enablePodTreeLabels": { + "description": "Whether pod tree labels are enabled in this cluster.", + "type": "boolean" + }, + "enabled": { + "description": "Whether Hierarchy Controller is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerDeploymentState": { + "description": "Deployment state for Hierarchy Controller", + "id": "ConfigManagementHierarchyControllerDeploymentState", + "properties": { + "extension": { + "description": "The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "hnc": { + "description": "The deployment state for open source HNC (e.g. v0.7.0-hc.0).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerState": { + "description": "State for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerState", + "properties": { + "state": { + "$ref": "ConfigManagementHierarchyControllerDeploymentState", + "description": "The deployment state for Hierarchy Controller." + }, + "version": { + "$ref": "ConfigManagementHierarchyControllerVersion", + "description": "The version for Hierarchy Controller." + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerVersion": { + "description": "Version for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerVersion", + "properties": { + "extension": { + "description": "Version for Hierarchy Controller extension.", + "type": "string" + }, + "hnc": { + "description": "Version for open source HNC.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementInstallError": { + "description": "Errors pertaining to the installation of ACM.", + "id": "ConfigManagementInstallError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOciConfig": { + "description": "OCI repo configuration for a single cluster.", + "id": "ConfigManagementOciConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "policyDir": { + "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo.", + "type": "string" + }, + "syncRepo": { + "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOperatorState": { + "description": "State information for an ACM's Operator.", + "id": "ConfigManagementOperatorState", + "properties": { + "deploymentState": { + "description": "The state of the Operator's deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "errors": { + "description": "Install errors.", + "items": { + "$ref": "ConfigManagementInstallError" + }, + "type": "array" + }, + "version": { + "description": "The semenatic version number of the operator.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyController": { + "description": "Configuration for Policy Controller", + "id": "ConfigManagementPolicyController", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "enabled": { + "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.", + "type": "boolean" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "ConfigManagementPolicyControllerMonitoring", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.", + "type": "boolean" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + }, + "templateLibraryInstalled": { + "description": "Installs the default template library along with Policy Controller.", + "type": "boolean" + }, + "updateTime": { + "description": "Output only. Last time this membership spec was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMigration": { + "description": "State for the migration of PolicyController from ACM -\u003e PoCo Hub.", + "id": "ConfigManagementPolicyControllerMigration", + "properties": { + "copyTime": { + "description": "Last time this membership spec was copied to PoCo feature.", + "format": "google-datetime", + "type": "string" + }, + "stage": { + "description": "Stage of the migration.", + "enum": [ + "STAGE_UNSPECIFIED", + "ACM_MANAGED", + "POCO_MANAGED" + ], + "enumDescriptions": [ + "Unknown state of migration.", + "ACM Hub/Operator manages policycontroller. No migration yet completed.", + "All migrations steps complete; Poco Hub now manages policycontroller." + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMonitoring": { + "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "ConfigManagementPolicyControllerMonitoring", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerState": { + "description": "State for PolicyControllerState.", + "id": "ConfigManagementPolicyControllerState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementGatekeeperDeploymentState", + "description": "The state about the policy controller installation." + }, + "migration": { + "$ref": "ConfigManagementPolicyControllerMigration", + "description": "Record state of ACM -\u003e PoCo Hub migration for this feature." + }, + "version": { + "$ref": "ConfigManagementPolicyControllerVersion", + "description": "The version of Gatekeeper Policy Controller deployed." + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerVersion": { + "description": "The build version of Gatekeeper Policy Controller is using.", + "id": "ConfigManagementPolicyControllerVersion", + "properties": { + "version": { + "description": "The gatekeeper image tag that is composed of ACM version, git tag, build number.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementSpec": { + "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", + "id": "ConfigManagementSpec", + "properties": { + "binauthz": { + "$ref": "ConfigManagementBinauthzConfig", + "deprecated": true, + "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." + }, + "cluster": { + "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.", + "type": "string" + }, + "configSync": { + "$ref": "ConfigManagementConfigSync", + "description": "Config Sync configuration for the cluster." + }, + "hierarchyController": { + "$ref": "ConfigManagementHierarchyControllerConfig", + "description": "Hierarchy Controller configuration for the cluster. Deprecated: Configuring Hierarchy Controller through the configmanagement feature is no longer recommended. Use https://github.com/kubernetes-sigs/hierarchical-namespaces instead." + }, + "management": { + "description": "Enables automatic Feature management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google will manage the Feature for the cluster.", + "User will manually manage the Feature for the cluster." + ], + "type": "string" + }, + "policyController": { + "$ref": "ConfigManagementPolicyController", + "description": "Policy Controller configuration for the cluster. Deprecated: Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the policycontroller feature instead." + }, + "version": { + "description": "Version of ACM installed.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementState": { + "description": "**Anthos Config Management**: State for a single cluster.", + "id": "ConfigManagementState", + "properties": { + "binauthzState": { + "$ref": "ConfigManagementBinauthzState", + "description": "Binauthz status." + }, + "clusterName": { + "description": "This field is set to the `cluster_name` field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.", + "type": "string" + }, + "configSyncState": { + "$ref": "ConfigManagementConfigSyncState", + "description": "Current sync status." + }, + "hierarchyControllerState": { + "$ref": "ConfigManagementHierarchyControllerState", + "description": "Hierarchy Controller status." + }, + "membershipSpec": { + "$ref": "ConfigManagementSpec", + "description": "Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state." + }, + "operatorState": { + "$ref": "ConfigManagementOperatorState", + "description": "Current install status of ACM's Operator." + }, + "policyControllerState": { + "$ref": "ConfigManagementPolicyControllerState", + "description": "PolicyController status." + } + }, + "type": "object" + }, + "ConfigManagementSyncError": { + "description": "An ACM created error representing a problem syncing configurations.", + "id": "ConfigManagementSyncError", + "properties": { + "code": { + "description": "An ACM defined error code", + "type": "string" + }, + "errorMessage": { + "description": "A description of the error", + "type": "string" + }, + "errorResources": { + "description": "A list of config(s) associated with the error, if any", + "items": { + "$ref": "ConfigManagementErrorResource" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementSyncState": { + "description": "State indicating an ACM's progress syncing configurations to a cluster.", + "id": "ConfigManagementSyncState", + "properties": { + "code": { + "description": "Sync status code.", + "enum": [ + "SYNC_CODE_UNSPECIFIED", + "SYNCED", + "PENDING", + "ERROR", + "NOT_CONFIGURED", + "NOT_INSTALLED", + "UNAUTHORIZED", + "UNREACHABLE" + ], + "enumDescriptions": [ + "Config Sync cannot determine a sync code", + "Config Sync successfully synced the git Repo with the cluster", + "Config Sync is in the progress of syncing a new change", + "Indicates an error configuring Config Sync, and user action is required", + "Config Sync has been installed but not configured", + "Config Sync has not been installed", + "Error authorizing with the cluster", + "Cluster could not be reached" + ], + "type": "string" + }, + "errors": { + "description": "A list of errors resulting from problematic configs. This list will be truncated after 100 errors, although it is unlikely for that many errors to simultaneously exist.", + "items": { + "$ref": "ConfigManagementSyncError" + }, + "type": "array" + }, + "importToken": { + "description": "Token indicating the state of the importer.", + "type": "string" + }, + "lastSync": { + "deprecated": true, + "description": "Deprecated: use last_sync_time instead. Timestamp of when ACM last successfully synced the repo. The time format is specified in https://golang.org/pkg/time/#Time.String", + "type": "string" + }, + "lastSyncTime": { + "description": "Timestamp type of when ACM last successfully synced the repo.", + "format": "google-datetime", + "type": "string" + }, + "sourceToken": { + "description": "Token indicating the state of the repo.", + "type": "string" + }, + "syncToken": { + "description": "Token indicating the state of the syncer.", + "type": "string" + } + }, + "type": "object" + }, + "Empty": { + "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", + "id": "Empty", + "properties": {}, + "type": "object" + }, + "FeatureConfigRef": { + "description": "Information of the FeatureConfig applied on the MembershipFeature.", + "id": "FeatureConfigRef", + "properties": { + "config": { + "description": "Input only. Resource name of FeatureConfig, in the format: `projects/{project}/locations/global/featureConfigs/{feature_config}`.", + "type": "string" + }, + "configUpdateTime": { + "description": "Output only. When the FeatureConfig was last applied and copied to FeatureSpec.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "uuid": { + "description": "Output only. An id that uniquely identify a FeatureConfig object.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "FeatureSpec": { + "description": "FeatureSpec contains user input per-feature spec information.", + "id": "FeatureSpec", + "properties": { + "cloudbuild": { + "$ref": "CloudBuildSpec", + "description": "Cloudbuild-specific FeatureSpec." + }, + "configmanagement": { + "$ref": "ConfigManagementSpec", + "description": "Config Management FeatureSpec." + }, + "identityservice": { + "$ref": "IdentityServiceSpec", + "description": "IdentityService FeatureSpec." + }, + "origin": { + "$ref": "Origin", + "description": "Whether this per-Feature spec was inherited from a fleet-level default. This field can be updated by users by either overriding a Feature config (updated to USER implicitly) or setting to FLEET explicitly." + }, + "policycontroller": { + "$ref": "PolicyControllerSpec", + "description": "Policycontroller-specific FeatureSpec." + }, + "servicemesh": { + "$ref": "ServiceMeshSpec", + "description": "ServiceMesh Feature Spec." + }, + "workloadcertificate": { + "$ref": "WorkloadCertificateSpec", + "description": "Workloadcertificate-specific FeatureSpec." + } + }, + "type": "object" + }, + "FeatureState": { + "description": "FeatureState contains high-level state information and per-feature state information for this MembershipFeature.", + "id": "FeatureState", + "properties": { + "appdevexperience": { + "$ref": "AppDevExperienceState", + "description": "Appdevexperience specific state." + }, + "clusterupgrade": { + "$ref": "ClusterUpgradeState", + "description": "Cluster upgrade state." + }, + "configmanagement": { + "$ref": "ConfigManagementState", + "description": "Config Management state" + }, + "identityservice": { + "$ref": "IdentityServiceState", + "description": "Identity service state" + }, + "metering": { + "$ref": "MeteringState", + "description": "Metering state" + }, + "policycontroller": { + "$ref": "PolicyControllerState", + "description": "Policy Controller state" + }, + "servicemesh": { + "$ref": "ServiceMeshState", + "description": "Service mesh state" + }, + "state": { + "$ref": "State", + "description": "The high-level state of this MembershipFeature." + } + }, + "type": "object" + }, + "GoogleRpcStatus": { + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", + "id": "GoogleRpcStatus", + "properties": { + "code": { + "description": "The status code, which should be an enum value of google.rpc.Code.", + "format": "int32", + "type": "integer" + }, + "details": { + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", + "items": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "type": "object" + }, + "type": "array" + }, + "message": { + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceAuthMethod": { + "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", + "id": "IdentityServiceAuthMethod", + "properties": { + "azureadConfig": { + "$ref": "IdentityServiceAzureADConfig", + "description": "AzureAD specific Configuration." + }, + "googleConfig": { + "$ref": "IdentityServiceGoogleConfig", + "description": "GoogleConfig specific configuration" + }, + "ldapConfig": { + "$ref": "IdentityServiceLdapConfig", + "description": "LDAP specific configuration." + }, + "name": { + "description": "Identifier for auth config.", + "type": "string" + }, + "oidcConfig": { + "$ref": "IdentityServiceOidcConfig", + "description": "OIDC specific configuration." + }, + "proxy": { + "description": "Proxy server address to use for auth method.", + "type": "string" + }, + "samlConfig": { + "$ref": "IdentityServiceSamlConfig", + "description": "SAML specific configuration." + } + }, + "type": "object" + }, + "IdentityServiceAzureADConfig": { + "description": "Configuration for the AzureAD Auth flow.", + "id": "IdentityServiceAzureADConfig", + "properties": { + "clientId": { + "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted AzureAD client secret.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "groupFormat": { + "description": "Optional. Format of the AzureAD groups that the client wants for auth.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "The redirect URL that kubectl uses for authorization.", + "type": "string" + }, + "tenant": { + "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.", + "type": "string" + }, + "userClaim": { + "description": "Optional. Claim in the AzureAD ID Token that holds the user details.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceDiagnosticInterface": { + "description": "Configuration options for the AIS diagnostic interface.", + "id": "IdentityServiceDiagnosticInterface", + "properties": { + "enabled": { + "description": "Determines whether to enable the diagnostic interface.", + "type": "boolean" + }, + "expirationTime": { + "description": "Determines the expiration time of the diagnostic interface enablement. When reached, requests to the interface would be automatically rejected.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceGoogleConfig": { + "description": "Configuration for the Google Plugin Auth flow.", + "id": "IdentityServiceGoogleConfig", + "properties": { + "disable": { + "description": "Disable automatic configuration of Google Plugin on supported platforms.", + "type": "boolean" + } + }, + "type": "object" + }, + "IdentityServiceGroupConfig": { + "description": "Contains the properties for locating and authenticating groups in the directory.", + "id": "IdentityServiceGroupConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for group entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Optional filter to be used when searching for groups a user belongs to. This can be used to explicitly match only certain groups in order to reduce the amount of groups returned for each user. This defaults to \"(objectClass=Group)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. The identifying name of each group a user belongs to. For example, if this is set to \"distinguishedName\" then RBACs and other group expectations should be written as full DNs. This defaults to \"distinguishedName\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "diagnosticInterface": { + "$ref": "IdentityServiceDiagnosticInterface", + "description": "Configuration options for the AIS diagnostic interface." + }, + "sessionDuration": { + "description": "Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceLdapConfig": { + "description": "Configuration for the LDAP Auth flow.", + "id": "IdentityServiceLdapConfig", + "properties": { + "group": { + "$ref": "IdentityServiceGroupConfig", + "description": "Optional. Contains the properties for locating and authenticating groups in the directory." + }, + "server": { + "$ref": "IdentityServiceServerConfig", + "description": "Required. Server settings for the external LDAP server." + }, + "serviceAccount": { + "$ref": "IdentityServiceServiceAccountConfig", + "description": "Required. Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate." + }, + "user": { + "$ref": "IdentityServiceUserConfig", + "description": "Required. Defines where users exist in the LDAP directory." + } + }, + "type": "object" + }, + "IdentityServiceOidcConfig": { + "description": "Configuration for OIDC Auth flow.", + "id": "IdentityServiceOidcConfig", + "properties": { + "certificateAuthorityData": { + "description": "PEM-encoded CA for OIDC provider.", + "type": "string" + }, + "clientId": { + "description": "ID for OIDC client application.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "deployCloudConsoleProxy": { + "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.", + "type": "boolean" + }, + "enableAccessToken": { + "description": "Enable access token.", + "type": "boolean" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted OIDC Client secret", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "extraParams": { + "description": "Comma-separated list of key-value pairs.", + "type": "string" + }, + "groupPrefix": { + "description": "Prefix to prepend to group name.", + "type": "string" + }, + "groupsClaim": { + "description": "Claim in OIDC ID token that holds group information.", + "type": "string" + }, + "issuerUri": { + "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.", + "type": "string" + }, + "scopes": { + "description": "Comma-separated list of identifiers.", + "type": "string" + }, + "userClaim": { + "description": "Claim in OIDC ID token that holds username.", + "type": "string" + }, + "userPrefix": { + "description": "Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSamlConfig": { + "description": "Configuration for the SAML Auth flow.", + "id": "IdentityServiceSamlConfig", + "properties": { + "attributeMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".", + "type": "object" + }, + "groupPrefix": { + "description": "Optional. Prefix to prepend to group name.", + "type": "string" + }, + "groupsAttribute": { + "description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).", + "type": "string" + }, + "identityProviderCertificates": { + "description": "Required. The list of IdP certificates to validate the SAML response against.", + "items": { + "type": "string" + }, + "type": "array" + }, + "identityProviderId": { + "description": "Required. The entity ID of the SAML IdP.", + "type": "string" + }, + "identityProviderSsoUri": { + "description": "Required. The URI where the SAML IdP exposes the SSO service.", + "type": "string" + }, + "userAttribute": { + "description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).", + "type": "string" + }, + "userPrefix": { + "description": "Optional. Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServerConfig": { + "description": "Server settings for the external LDAP server.", + "id": "IdentityServiceServerConfig", + "properties": { + "certificateAuthorityData": { + "description": "Optional. Contains a Base64 encoded, PEM formatted certificate authority certificate for the LDAP server. This must be provided for the \"ldaps\" and \"startTLS\" connections.", + "format": "byte", + "type": "string" + }, + "connectionType": { + "description": "Optional. Defines the connection type to communicate with the LDAP server. If `starttls` or `ldaps` is specified, the certificate_authority_data should not be empty.", + "type": "string" + }, + "host": { + "description": "Required. Defines the hostname or IP of the LDAP server. Port is optional and will default to 389, if unspecified. For example, \"ldap.server.example\" or \"10.10.10.10:389\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServiceAccountConfig": { + "description": "Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate.", + "id": "IdentityServiceServiceAccountConfig", + "properties": { + "simpleBindCredentials": { + "$ref": "IdentityServiceSimpleBindCredentials", + "description": "Credentials for basic auth." + } + }, + "type": "object" + }, + "IdentityServiceSimpleBindCredentials": { + "description": "The structure holds the LDAP simple binding credential.", + "id": "IdentityServiceSimpleBindCredentials", + "properties": { + "dn": { + "description": "Required. The distinguished name(DN) of the service account object/user.", + "type": "string" + }, + "encryptedPassword": { + "description": "Output only. The encrypted password of the service account object/user.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "password": { + "description": "Required. Input only. The password of the service account object/user.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSpec": { + "description": "**IdentityService**: Configuration for a single membership.", + "id": "IdentityServiceSpec", + "properties": { + "authMethods": { + "description": "A member may support multiple auth methods.", + "items": { + "$ref": "IdentityServiceAuthMethod" + }, + "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." + } + }, + "type": "object" + }, + "IdentityServiceState": { + "description": "**IdentityService**: State for a single membership, analyzed and reported by feature controller.", + "id": "IdentityServiceState", + "properties": { + "failureReason": { + "description": "The reason of the failure.", + "type": "string" + }, + "installedVersion": { + "description": "Installed AIS version. This is the AIS version installed on this member. The values makes sense iff state is OK.", + "type": "string" + }, + "memberConfig": { + "$ref": "IdentityServiceSpec", + "description": "Last reconciled membership configuration" + }, + "state": { + "description": "Deployment state on this member", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "OK", + "ERROR" + ], + "enumDescriptions": [ + "Unspecified state", + "deployment succeeds", + "Failure with error." + ], + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceUserConfig": { + "description": "Defines where users exist in the LDAP directory.", + "id": "IdentityServiceUserConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for user entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Filter to apply when searching for the user. This can be used to further restrict the user accounts which are allowed to login. This defaults to \"(objectClass=User)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. Determines which attribute to use as the user's identity after they are authenticated. This is distinct from the loginAttribute field to allow users to login with a username, but then have their actual identifier be an email address or full Distinguished Name (DN). For example, setting loginAttribute to \"sAMAccountName\" and identifierAttribute to \"userPrincipalName\" would allow a user to login as \"bsmith\", but actual RBAC policies for the user would be written as \"bsmith@example.com\". Using \"userPrincipalName\" is recommended since this will be unique for each user. This defaults to \"userPrincipalName\".", + "type": "string" + }, + "loginAttribute": { + "description": "Optional. The name of the attribute which matches against the input username. This is used to find the user in the LDAP database e.g. \"(=)\" and is combined with the optional filter field. This defaults to \"userPrincipalName\".", + "type": "string" + } + }, + "type": "object" + }, + "LifecycleState": { + "description": "LifecycleState describes the state of a MembershipFeature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the MembershipFeature.", + "id": "LifecycleState", + "properties": { + "state": { + "description": "Output only. The current state of the Feature resource in the Hub API.", + "enum": [ + "STATE_UNSPECIFIED", + "ENABLING", + "ACTIVE", + "DISABLING", + "UPDATING", + "SERVICE_UPDATING" + ], + "enumDescriptions": [ + "State is unknown or not set.", + "The MembershipFeature is being enabled, and the MembershipFeature resource is being created. Once complete, the corresponding MembershipFeature will be enabled in this Hub.", + "The MembershipFeature is enabled in this Hub, and the MembershipFeature resource is fully available.", + "The MembershipFeature is being disabled in this Hub, and the MembershipFeature resource is being deleted.", + "The MembershipFeature resource is being updated.", + "The MembershipFeature resource is being updated by the Hub Service." + ], + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ListLocationsResponse": { + "description": "The response message for Locations.ListLocations.", + "id": "ListLocationsResponse", + "properties": { + "locations": { + "description": "A list of locations that matches the specified filter in the request.", + "items": { + "$ref": "Location" + }, + "type": "array" + }, + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + } + }, + "type": "object" + }, + "ListMembershipFeaturesResponse": { + "description": "Response message for the `GkeHubFeature.ListMembershipFeatures` method.", + "id": "ListMembershipFeaturesResponse", + "properties": { + "membershipFeatures": { + "description": "The list of matching MembershipFeatures.", + "items": { + "$ref": "MembershipFeature" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to request the next page of resources from the `ListMembershipFeatures` method. The value of an empty string means that there are no more resources to return.", + "type": "string" + }, + "unreachable": { + "description": "List of locations that could not be reached while fetching this list.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListOperationsResponse": { + "description": "The response message for Operations.ListOperations.", + "id": "ListOperationsResponse", + "properties": { + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + }, + "operations": { + "description": "A list of operations that matches the specified filter in the request.", + "items": { + "$ref": "Operation" + }, + "type": "array" + } + }, + "type": "object" + }, + "Location": { + "description": "A resource that represents a Google Cloud location.", + "id": "Location", + "properties": { + "displayName": { + "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", + "type": "object" + }, + "locationId": { + "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "type": "string" + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata. For example the available capacity at the given location.", + "type": "object" + }, + "name": { + "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "type": "string" + } + }, + "type": "object" + }, + "MembershipFeature": { + "description": "MembershipFeature represents the settings and status of a Fleet Feature enabled on a single Fleet Membership.", + "id": "MembershipFeature", + "properties": { + "createTime": { + "description": "Output only. When the MembershipFeature resource was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. When the MembershipFeature resource was deleted.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "featureConfigRef": { + "$ref": "FeatureConfigRef", + "description": "Reference information for a FeatureConfig applied on the MembershipFeature." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "GCP labels for this MembershipFeature.", + "type": "object" + }, + "lifecycleState": { + "$ref": "LifecycleState", + "description": "Output only. Lifecycle information of the resource itself.", + "readOnly": true + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "readOnly": true, + "type": "string" + }, + "spec": { + "$ref": "FeatureSpec", + "description": "Spec of this membershipFeature." + }, + "state": { + "$ref": "FeatureState", + "description": "Output only. State of the this membershipFeature.", + "readOnly": true + }, + "updateTime": { + "description": "Output only. When the MembershipFeature resource was last updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "MeteringState": { + "description": "**Metering**: State for a single membership, analyzed and reported by feature controller.", + "id": "MeteringState", + "properties": { + "lastMeasurementTime": { + "description": "The time stamp of the most recent measurement of the number of vCPUs in the cluster.", + "format": "google-datetime", + "type": "string" + }, + "preciseLastMeasuredClusterVcpuCapacity": { + "description": "The vCPUs capacity in the cluster according to the most recent measurement (1/1000 precision).", + "format": "float", + "type": "number" + } + }, + "type": "object" + }, + "Operation": { + "description": "This resource represents a long-running operation that is the result of a network API call.", + "id": "Operation", + "properties": { + "done": { + "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", + "type": "boolean" + }, + "error": { + "$ref": "GoogleRpcStatus", + "description": "The error result of the operation in case of failure or cancellation." + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", + "type": "object" + }, + "name": { + "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "type": "string" + }, + "response": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", + "type": "object" + } + }, + "type": "object" + }, + "OperationMetadata": { + "description": "Metadata of the long-running operation.", + "id": "OperationMetadata", + "properties": { + "apiVersion": { + "description": "Output only. API version used to start the operation.", + "readOnly": true, + "type": "string" + }, + "cancelRequested": { + "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "readOnly": true, + "type": "boolean" + }, + "createTime": { + "description": "Output only. The time the operation was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "endTime": { + "description": "Output only. The time the operation finished running.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "statusDetail": { + "description": "Output only. Human-readable status of the operation, if any.", + "readOnly": true, + "type": "string" + }, + "target": { + "description": "Output only. Server-defined resource path for the target of the operation.", + "readOnly": true, + "type": "string" + }, + "verb": { + "description": "Output only. Name of the verb executed by the operation.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "Origin": { + "description": "Origin defines where this FeatureSpec originated from.", + "id": "Origin", + "properties": { + "type": { + "description": "Type specifies which type of origin is set.", + "enum": [ + "TYPE_UNSPECIFIED", + "FLEET", + "FLEET_OUT_OF_SYNC", + "USER" + ], + "enumDescriptions": [ + "Type is unknown or not set.", + "Per-Feature spec was inherited from the fleet-level default.", + "Per-Feature spec was inherited from the fleet-level default but is now out of sync with the current default.", + "Per-Feature spec was inherited from a user specification." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerBundleInstallSpec": { + "description": "BundleInstallSpec is the specification configuration for a single managed bundle.", + "id": "PolicyControllerBundleInstallSpec", + "properties": { + "exemptedNamespaces": { + "description": "the set of namespaces to be exempted from the bundle", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerHubConfig": { + "description": "Configuration for Policy Controller", + "id": "PolicyControllerHubConfig", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "constraintViolationLimit": { + "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.", + "format": "int64", + "type": "string" + }, + "deploymentConfigs": { + "additionalProperties": { + "$ref": "PolicyControllerPolicyControllerDeploymentConfig" + }, + "description": "Map of deployment configs to deployments (“admission”, “audit”, “mutation”).", + "type": "object" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "installSpec": { + "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", + "enum": [ + "INSTALL_SPEC_UNSPECIFIED", + "INSTALL_SPEC_NOT_INSTALLED", + "INSTALL_SPEC_ENABLED", + "INSTALL_SPEC_SUSPENDED", + "INSTALL_SPEC_DETACHED" + ], + "enumDescriptions": [ + "Spec is unknown.", + "Request to uninstall Policy Controller.", + "Request to install and enable Policy Controller.", + "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", + "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources." + ], + "type": "string" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "PolicyControllerMonitoringConfig", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enables the ability to mutate resources using Policy Controller.", + "type": "boolean" + }, + "policyContent": { + "$ref": "PolicyControllerPolicyContentSpec", + "description": "Specifies the desired policy content on the cluster" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + } + }, + "type": "object" + }, + "PolicyControllerMonitoringConfig": { + "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "PolicyControllerMonitoringConfig", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerOnClusterState": { + "description": "OnClusterState represents the state of a sub-component of Policy Controller.", + "id": "PolicyControllerOnClusterState", + "properties": { + "details": { + "description": "Surface potential errors or information logs.", + "type": "string" + }, + "state": { + "description": "The lifecycle state of this component.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentSpec": { + "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", + "id": "PolicyControllerPolicyContentSpec", + "properties": { + "bundles": { + "additionalProperties": { + "$ref": "PolicyControllerBundleInstallSpec" + }, + "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint.", + "type": "object" + }, + "templateLibrary": { + "$ref": "PolicyControllerTemplateLibraryConfig", + "description": "Configures the installation of the Template Library." + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentState": { + "description": "The state of the policy controller policy content", + "id": "PolicyControllerPolicyContentState", + "properties": { + "bundleStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "The state of the any bundles included in the chosen version of the manifest", + "type": "object" + }, + "referentialSyncConfigState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the referential data sync configuration. This could represent the state of either the syncSet object(s) or the config object, depending on the version of PoCo configured by the user." + }, + "templateLibraryState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the template library" + } + }, + "type": "object" + }, + "PolicyControllerPolicyControllerDeploymentConfig": { + "description": "Deployment-specific configuration.", + "id": "PolicyControllerPolicyControllerDeploymentConfig", + "properties": { + "containerResources": { + "$ref": "PolicyControllerResourceRequirements", + "description": "Container resource requirements." + }, + "podAffinity": { + "description": "Pod affinity configuration.", + "enum": [ + "AFFINITY_UNSPECIFIED", + "NO_AFFINITY", + "ANTI_AFFINITY" + ], + "enumDescriptions": [ + "No affinity configuration has been specified.", + "Affinity configurations will be removed from the deployment.", + "Anti-affinity configuration will be applied to this deployment. Default for admissions deployment." + ], + "type": "string" + }, + "podAntiAffinity": { + "deprecated": true, + "description": "Pod anti-affinity enablement. Deprecated: use `pod_affinity` instead.", + "type": "boolean" + }, + "podTolerations": { + "description": "Pod tolerations of node taints.", + "items": { + "$ref": "PolicyControllerToleration" + }, + "type": "array" + }, + "replicaCount": { + "description": "Pod replica count.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceList": { + "description": "ResourceList contains container resource requirements.", + "id": "PolicyControllerResourceList", + "properties": { + "cpu": { + "description": "CPU requirement expressed in Kubernetes resource units.", + "type": "string" + }, + "memory": { + "description": "Memory requirement expressed in Kubernetes resource units.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceRequirements": { + "description": "ResourceRequirements describes the compute resource requirements.", + "id": "PolicyControllerResourceRequirements", + "properties": { + "limits": { + "$ref": "PolicyControllerResourceList", + "description": "Limits describes the maximum amount of compute resources allowed for use by the running container." + }, + "requests": { + "$ref": "PolicyControllerResourceList", + "description": "Requests describes the amount of compute resources reserved for the container by the kube-scheduler." + } + }, + "type": "object" + }, + "PolicyControllerSpec": { + "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", + "id": "PolicyControllerSpec", + "properties": { + "policyControllerHubConfig": { + "$ref": "PolicyControllerHubConfig", + "description": "Policy Controller configuration for the cluster." + }, + "version": { + "description": "Version of Policy Controller installed.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerState": { + "description": "**Policy Controller**: State for a single cluster.", + "id": "PolicyControllerState", + "properties": { + "componentStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "Currently these include (also serving as map keys): 1. \"admission\" 2. \"audit\" 3. \"mutation\"", + "type": "object" + }, + "policyContentState": { + "$ref": "PolicyControllerPolicyContentState", + "description": "The overall content state observed by the Hub Feature controller." + }, + "state": { + "description": "The overall Policy Controller lifecycle state observed by the Hub Feature controller.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerTemplateLibraryConfig": { + "description": "The config specifying which default library templates to install.", + "id": "PolicyControllerTemplateLibraryConfig", + "properties": { + "installation": { + "description": "Configures the manner in which the template library is installed on the cluster.", + "enum": [ + "INSTALLATION_UNSPECIFIED", + "NOT_INSTALLED", + "ALL" + ], + "enumDescriptions": [ + "No installation strategy has been specified.", + "Do not install the template library.", + "Install the entire template library." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerToleration": { + "description": "Toleration of a node taint.", + "id": "PolicyControllerToleration", + "properties": { + "effect": { + "description": "Matches a taint effect.", + "type": "string" + }, + "key": { + "description": "Matches a taint key (not necessarily unique).", + "type": "string" + }, + "operator": { + "description": "Matches a taint operator.", + "type": "string" + }, + "value": { + "description": "Matches a taint value.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessage": { + "description": "AnalysisMessage is a single message produced by an analyzer, and it used to communicate to the end user about the state of their Service Mesh configuration.", + "id": "ServiceMeshAnalysisMessage", + "properties": { + "args": { + "additionalProperties": { + "description": "Properties of the object.", + "type": "any" + }, + "description": "A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.", + "type": "object" + }, + "description": { + "description": "A human readable description of what the error means. It is suitable for non-internationalize display purposes.", + "type": "string" + }, + "messageBase": { + "$ref": "ServiceMeshAnalysisMessageBase", + "description": "Details common to all types of Istio and ServiceMesh analysis messages." + }, + "resourcePaths": { + "description": "A list of strings specifying the resource identifiers that were the cause of message generation. A \"path\" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE\\/)?RESOURCETYPE/NAME if the cause is a resource in a cluster", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessageBase": { + "description": "AnalysisMessageBase describes some common information that is needed for all messages.", + "id": "ServiceMeshAnalysisMessageBase", + "properties": { + "documentationUrl": { + "description": "A url pointing to the Service Mesh or Istio documentation for this specific error type.", + "type": "string" + }, + "level": { + "description": "Represents how severe a message is.", + "enum": [ + "LEVEL_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Illegal. Same istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN.", + "ERROR represents a misconfiguration that must be fixed.", + "WARNING represents a misconfiguration that should be fixed.", + "INFO represents an informational finding." + ], + "type": "string" + }, + "type": { + "$ref": "ServiceMeshType", + "description": "Represents the specific type of a message." + } + }, + "type": "object" + }, + "ServiceMeshCondition": { + "description": "Condition being reported.", + "id": "ServiceMeshCondition", + "properties": { + "code": { + "description": "Unique identifier of the condition which describes the condition recognizable to the user.", + "enum": [ + "CODE_UNSPECIFIED", + "MESH_IAM_PERMISSION_DENIED", + "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED", + "CNI_CONFIG_UNSUPPORTED", + "GKE_SANDBOX_UNSUPPORTED", + "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED", + "CNI_INSTALLATION_FAILED", + "CNI_POD_UNSCHEDULABLE", + "CLUSTER_HAS_ZERO_NODES", + "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", + "VPCSC_GA_SUPPORTED", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS", + "MODERNIZATION_SCHEDULED", + "MODERNIZATION_IN_PROGRESS", + "MODERNIZATION_COMPLETED", + "MODERNIZATION_ABORTED" + ], + "enumDescriptions": [ + "Default Unspecified code", + "Mesh IAM permission denied error code", + "Permission denied error code for cross-project", + "CNI config unsupported error code", + "GKE sandbox unsupported error code", + "Nodepool workload identity federation required error code", + "CNI installation failed error code", + "CNI pod unschedulable error code", + "Cluster has zero node code", + "Multiple control planes unsupported error code", + "VPC-SC GA is supported for this control plane.", + "User is using deprecated ControlPlaneManagement and they have not yet set Management.", + "User is using deprecated ControlPlaneManagement and they have already set Management.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code.", + "Modernization is scheduled for a cluster.", + "Modernization is in progress for a cluster.", + "Modernization is completed for a cluster.", + "Modernization is aborted for a cluster." + ], + "type": "string" + }, + "details": { + "description": "A short summary about the issue.", + "type": "string" + }, + "documentationLink": { + "description": "Links contains actionable information.", + "type": "string" + }, + "severity": { + "description": "Severity level of the condition.", + "enum": [ + "SEVERITY_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Unspecified severity", + "Indicates an issue that prevents the mesh from operating correctly", + "Indicates a setting is likely wrong, but the mesh is still able to operate", + "An informational message, not requiring any action" + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshControlPlaneManagement": { + "description": "Status of control plane management.", + "id": "ServiceMeshControlPlaneManagement", + "properties": { + "details": { + "description": "Explanation of state.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "implementation": { + "description": "Output only. Implementation of managed control plane.", + "enum": [ + "IMPLEMENTATION_UNSPECIFIED", + "ISTIOD", + "TRAFFIC_DIRECTOR", + "UPDATING" + ], + "enumDescriptions": [ + "Unspecified", + "A Google build of istiod is used for the managed control plane.", + "Traffic director is used for the managed control plane.", + "The control plane implementation is being updated." + ], + "readOnly": true, + "type": "string" + }, + "state": { + "description": "LifecycleState of control plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshDataPlaneManagement": { + "description": "Status of data plane management. Only reported per-member.", + "id": "ServiceMeshDataPlaneManagement", + "properties": { + "details": { + "description": "Explanation of the status.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "state": { + "description": "Lifecycle status of data plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshSpec": { + "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", + "id": "ServiceMeshSpec", + "properties": { + "configApi": { + "description": "Optional. Specifies the API that will be used for configuring the mesh workloads.", + "enum": [ + "CONFIG_API_UNSPECIFIED", + "CONFIG_API_ISTIO", + "CONFIG_API_GATEWAY" + ], + "enumDescriptions": [ + "Unspecified", + "Use the Istio API for configuration.", + "Use the K8s Gateway API for configuration." + ], + "type": "string" + }, + "controlPlane": { + "deprecated": true, + "description": "Deprecated: use `management` instead Enables automatic control plane management.", + "enum": [ + "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED", + "AUTOMATIC", + "MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", + "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)" + ], + "type": "string" + }, + "defaultChannel": { + "deprecated": true, + "description": "Determines which release channel to use for default injection and service mesh APIs.", + "enum": [ + "CHANNEL_UNSPECIFIED", + "RAPID", + "REGULAR", + "STABLE" + ], + "enumDescriptions": [ + "Unspecified", + "RAPID channel is offered on an early access basis for customers who want to test new releases.", + "REGULAR channel is intended for production users who want to take advantage of new features.", + "STABLE channel includes versions that are known to be stable and reliable in production." + ], + "type": "string" + }, + "management": { + "description": "Optional. Enables automatic Service Mesh management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should manage my Service Mesh for the cluster.", + "User will manually configure their service mesh components." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshState": { + "description": "**Service Mesh**: State for a single Membership, as analyzed by the Service Mesh Hub Controller.", + "id": "ServiceMeshState", + "properties": { + "analysisMessages": { + "description": "Output only. Results of running Service Mesh analyzers.", + "items": { + "$ref": "ServiceMeshAnalysisMessage" + }, + "readOnly": true, + "type": "array" + }, + "conditions": { + "description": "Output only. List of conditions reported for this membership.", + "items": { + "$ref": "ServiceMeshCondition" + }, + "readOnly": true, + "type": "array" + }, + "configApiVersion": { + "description": "The API version (i.e. Istio CRD version) for configuring service mesh in this cluster. This version is influenced by the `default_channel` field.", + "type": "string" + }, + "controlPlaneManagement": { + "$ref": "ServiceMeshControlPlaneManagement", + "description": "Output only. Status of control plane management", + "readOnly": true + }, + "dataPlaneManagement": { + "$ref": "ServiceMeshDataPlaneManagement", + "description": "Output only. Status of data plane management.", + "readOnly": true + } + }, + "type": "object" + }, + "ServiceMeshStatusDetails": { + "description": "Structured and human-readable details for a status.", + "id": "ServiceMeshStatusDetails", + "properties": { + "code": { + "description": "A machine-readable code that further describes a broad status.", + "type": "string" + }, + "details": { + "description": "Human-readable explanation of code.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshType": { + "description": "A unique identifier for the type of message. Display_name is intended to be human-readable, code is intended to be machine readable. There should be a one-to-one mapping between display_name and code. (i.e. do not re-use display_names or codes between message types.) See istio.analysis.v1alpha1.AnalysisMessageBase.Type", + "id": "ServiceMeshType", + "properties": { + "code": { + "description": "A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, intended to uniquely identify the message type. (e.g. \"IST0001\" is mapped to the \"InternalError\" message type.)", + "type": "string" + }, + "displayName": { + "description": "A human-readable name for the message type. e.g. \"InternalError\", \"PodMissingProxy\". This should be the same for all messages of the same type. (This corresponds to the `name` field in open-source Istio.)", + "type": "string" + } + }, + "type": "object" + }, + "State": { + "description": "High-level state of a MembershipFeature.", + "id": "State", + "properties": { + "code": { + "description": "The high-level, machine-readable status of this MembershipFeature.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "WARNING", + "ERROR" + ], + "enumDescriptions": [ + "Unknown or not set.", + "The MembershipFeature is operating normally.", + "The MembershipFeature has encountered an issue, and is operating in a degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information.", + "The MembershipFeature is not operating or is in a severely degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information." + ], + "type": "string" + }, + "description": { + "description": "A human-readable description of the current status.", + "type": "string" + }, + "updateTime": { + "description": "The time this status and any related Feature-specific details were updated.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "WorkloadCertificateSpec": { + "description": "**WorkloadCertificate**: The membership-specific input for WorkloadCertificate feature.", + "id": "WorkloadCertificateSpec", + "properties": { + "certificateManagement": { + "description": "CertificateManagement specifies workload certificate management.", + "enum": [ + "CERTIFICATE_MANAGEMENT_UNSPECIFIED", + "DISABLED", + "ENABLED" + ], + "enumDescriptions": [ + "Disable workload certificate feature.", + "Disable workload certificate feature.", + "Enable workload certificate feature." + ], + "type": "string" } }, "type": "object" diff --git a/gkehub/v2alpha/gkehub-gen.go b/gkehub/v2alpha/gkehub-gen.go index 3e8718c7e4b..bc47253bc9a 100644 --- a/gkehub/v2alpha/gkehub-gen.go +++ b/gkehub/v2alpha/gkehub-gen.go @@ -168,6 +168,7 @@ type ProjectsService struct { func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs := &ProjectsLocationsService{s: s} + rs.Memberships = NewProjectsLocationsMembershipsService(s) rs.Operations = NewProjectsLocationsOperationsService(s) return rs } @@ -175,9 +176,32 @@ func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { type ProjectsLocationsService struct { s *Service + Memberships *ProjectsLocationsMembershipsService + Operations *ProjectsLocationsOperationsService } +func NewProjectsLocationsMembershipsService(s *Service) *ProjectsLocationsMembershipsService { + rs := &ProjectsLocationsMembershipsService{s: s} + rs.Features = NewProjectsLocationsMembershipsFeaturesService(s) + return rs +} + +type ProjectsLocationsMembershipsService struct { + s *Service + + Features *ProjectsLocationsMembershipsFeaturesService +} + +func NewProjectsLocationsMembershipsFeaturesService(s *Service) *ProjectsLocationsMembershipsFeaturesService { + rs := &ProjectsLocationsMembershipsFeaturesService{s: s} + return rs +} + +type ProjectsLocationsMembershipsFeaturesService struct { + s *Service +} + func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService { rs := &ProjectsLocationsOperationsService{s: s} return rs @@ -187,35 +211,46 @@ type ProjectsLocationsOperationsService struct { s *Service } -// CancelOperationRequest: The request message for Operations.CancelOperation. -type CancelOperationRequest struct { +// AppDevExperienceState: State for App Dev Exp Feature. +type AppDevExperienceState struct { + // NetworkingInstallSucceeded: Status of subcomponent that detects configured + // Service Mesh resources. + NetworkingInstallSucceeded *AppDevExperienceStatus `json:"networkingInstallSucceeded,omitempty"` + // ForceSendFields is a list of field names (e.g. "NetworkingInstallSucceeded") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NetworkingInstallSucceeded") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` } -// Empty: A generic empty message that you can re-use to avoid defining -// duplicated empty messages in your APIs. A typical example is to use it as -// the request or the response type of an API method. For instance: service Foo -// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } -type Empty struct { - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` +func (s AppDevExperienceState) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// GoogleRpcStatus: The `Status` type defines a logical error model that is -// suitable for different programming environments, including REST APIs and RPC -// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message -// contains three pieces of data: error code, error message, and error details. -// You can find out more about this error model and how to work with it in the -// API Design Guide (https://cloud.google.com/apis/design/errors). -type GoogleRpcStatus struct { - // Code: The status code, which should be an enum value of google.rpc.Code. - Code int64 `json:"code,omitempty"` - // Details: A list of messages that carry the error details. There is a common - // set of message types for APIs to use. - Details []googleapi.RawMessage `json:"details,omitempty"` - // Message: A developer-facing error message, which should be in English. Any - // user-facing error message should be localized and sent in the - // google.rpc.Status.details field, or localized by the client. - Message string `json:"message,omitempty"` +// AppDevExperienceStatus: Status specifies state for the subcomponent. +type AppDevExperienceStatus struct { + // Code: Code specifies AppDevExperienceFeature's subcomponent ready state. + // + // Possible values: + // "CODE_UNSPECIFIED" - Not set. + // "OK" - AppDevExperienceFeature's specified subcomponent is ready. + // "FAILED" - AppDevExperienceFeature's specified subcomponent ready state is + // false. This means AppDevExperienceFeature has encountered an issue that + // blocks all, or a portion, of its normal operation. See the `description` for + // more details. + // "UNKNOWN" - AppDevExperienceFeature's specified subcomponent has a pending + // or unknown state. + Code string `json:"code,omitempty"` + // Description: Description is populated if Code is Failed, explaining why it + // has failed. + Description string `json:"description,omitempty"` // ForceSendFields is a list of field names (e.g. "Code") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See @@ -229,153 +264,3665 @@ type GoogleRpcStatus struct { NullFields []string `json:"-"` } -func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { - type NoMethod GoogleRpcStatus +func (s AppDevExperienceStatus) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceStatus return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListLocationsResponse: The response message for Locations.ListLocations. -type ListLocationsResponse struct { - // Locations: A list of locations that matches the specified filter in the - // request. - Locations []*Location `json:"locations,omitempty"` - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` +// CancelOperationRequest: The request message for Operations.CancelOperation. +type CancelOperationRequest struct { +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Locations") to +// CloudBuildSpec: **Cloud Build**: Configurations for each Cloud Build enabled +// cluster. +type CloudBuildSpec struct { + // SecurityPolicy: Whether it is allowed to run the privileged builds on the + // cluster or not. + // + // Possible values: + // "SECURITY_POLICY_UNSPECIFIED" - Unspecified policy + // "NON_PRIVILEGED" - Privileged build pods are disallowed + // "PRIVILEGED" - Privileged build pods are allowed + SecurityPolicy string `json:"securityPolicy,omitempty"` + // Version: Version of the cloud build software on the cluster. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "SecurityPolicy") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Locations") to include in API + // NullFields is a list of field names (e.g. "SecurityPolicy") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s CloudBuildSpec) MarshalJSON() ([]byte, error) { + type NoMethod CloudBuildSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeGKEUpgrade: GKEUpgrade represents a GKE provided upgrade, +// e.g., control plane upgrade. +type ClusterUpgradeGKEUpgrade struct { + // Name: Name of the upgrade, e.g., "k8s_control_plane". + Name string `json:"name,omitempty"` + // Version: Version of the upgrade, e.g., "1.22.1-gke.100". + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Name") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Name") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeGKEUpgrade) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeGKEUpgrade + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeIgnoredMembership: IgnoredMembership represents a membership +// ignored by the feature. A membership can be ignored because it was manually +// upgraded to a newer version than RC default. +type ClusterUpgradeIgnoredMembership struct { + // IgnoredTime: Time when the membership was first set to ignored. + IgnoredTime string `json:"ignoredTime,omitempty"` + // Reason: Reason why the membership is ignored. + Reason string `json:"reason,omitempty"` + // ForceSendFields is a list of field names (e.g. "IgnoredTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "IgnoredTime") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListLocationsResponse +func (s ClusterUpgradeIgnoredMembership) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeIgnoredMembership return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListOperationsResponse: The response message for Operations.ListOperations. -type ListOperationsResponse struct { - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` - // Operations: A list of operations that matches the specified filter in the - // request. - Operations []*Operation `json:"operations,omitempty"` +// ClusterUpgradeMembershipGKEUpgradeState: MembershipGKEUpgradeState is a +// GKEUpgrade and its state per-membership. +type ClusterUpgradeMembershipGKEUpgradeState struct { + // Status: Status of the upgrade. + Status *ClusterUpgradeUpgradeStatus `json:"status,omitempty"` + // Upgrade: Which upgrade to track the state. + Upgrade *ClusterUpgradeGKEUpgrade `json:"upgrade,omitempty"` + // ForceSendFields is a list of field names (e.g. "Status") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Status") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "NextPageToken") to +func (s ClusterUpgradeMembershipGKEUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeMembershipGKEUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeState: Per-membership state for this feature. +type ClusterUpgradeState struct { + // Ignored: Whether this membership is ignored by the feature. For example, + // manually upgraded clusters can be ignored if they are newer than the default + // versions of its release channel. + Ignored *ClusterUpgradeIgnoredMembership `json:"ignored,omitempty"` + // Upgrades: Actual upgrade state against desired. + Upgrades []*ClusterUpgradeMembershipGKEUpgradeState `json:"upgrades,omitempty"` + // ForceSendFields is a list of field names (e.g. "Ignored") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Ignored") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeUpgradeStatus: UpgradeStatus provides status information for +// each upgrade. +type ClusterUpgradeUpgradeStatus struct { + // Code: Status code of the upgrade. + // + // Possible values: + // "CODE_UNSPECIFIED" - Required by https://linter.aip.dev/126/unspecified. + // "INELIGIBLE" - The upgrade is ineligible. At the scope level, this means + // the upgrade is ineligible for all the clusters in the scope. + // "PENDING" - The upgrade is pending. At the scope level, this means the + // upgrade is pending for all the clusters in the scope. + // "IN_PROGRESS" - The upgrade is in progress. At the scope level, this means + // the upgrade is in progress for at least one cluster in the scope. + // "SOAKING" - The upgrade has finished and is soaking until the soaking time + // is up. At the scope level, this means at least one cluster is in soaking + // while the rest are either soaking or complete. + // "FORCED_SOAKING" - A cluster will be forced to enter soaking if an upgrade + // doesn't finish within a certain limit, despite it's actual status. + // "COMPLETE" - The upgrade has passed all post conditions (soaking). At the + // scope level, this means all eligible clusters are in COMPLETE status. + Code string `json:"code,omitempty"` + // Reason: Reason for this status. + Reason string `json:"reason,omitempty"` + // UpdateTime: Last timestamp the status was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeUpgradeStatus) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeUpgradeStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzConfig: Configuration for Binauthz. +type ConfigManagementBinauthzConfig struct { + // Enabled: Whether binauthz is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzState: State for Binauthz. +type ConfigManagementBinauthzState struct { + // Version: The version of binauthz that is installed. + Version *ConfigManagementBinauthzVersion `json:"version,omitempty"` + // Webhook: The state of the binauthz webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Webhook string `json:"webhook,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzVersion: The version of binauthz. +type ConfigManagementBinauthzVersion struct { + // WebhookVersion: The version of the binauthz webhook. + WebhookVersion string `json:"webhookVersion,omitempty"` + // ForceSendFields is a list of field names (e.g. "WebhookVersion") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // NullFields is a list of field names (e.g. "WebhookVersion") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSync: Configuration for Config Sync +type ConfigManagementConfigSync struct { + // AllowVerticalScale: Set to true to allow the vertical scaling. Defaults to + // false which disallows vertical scaling. This field is deprecated. + AllowVerticalScale bool `json:"allowVerticalScale,omitempty"` + // Enabled: Enables the installation of ConfigSync. If set to true, ConfigSync + // resources will be created and the other ConfigSync fields will be applied if + // exist. If set to false, all other ConfigSync fields will be ignored, + // ConfigSync resources will be deleted. If omitted, ConfigSync resources will + // be managed depends on the presence of the git or oci field. + Enabled bool `json:"enabled,omitempty"` + // Git: Git repo configuration for the cluster. + Git *ConfigManagementGitConfig `json:"git,omitempty"` + // MetricsGcpServiceAccountEmail: The Email of the Google Cloud Service Account + // (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud + // Monarch when Workload Identity is enabled. The GSA should have the + // Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The + // Kubernetes ServiceAccount `default` in the namespace + // `config-management-monitoring` should be bound to the GSA. + MetricsGcpServiceAccountEmail string `json:"metricsGcpServiceAccountEmail,omitempty"` + // Oci: OCI repo configuration for the cluster. + Oci *ConfigManagementOciConfig `json:"oci,omitempty"` + // PreventDrift: Set to true to enable the Config Sync admission webhook to + // prevent drifts. If set to `false`, disables the Config Sync admission + // webhook and does not prevent drifts. + PreventDrift bool `json:"preventDrift,omitempty"` + // SourceFormat: Specifies whether the Config Sync Repo is in "hierarchical" or + // "unstructured" mode. + SourceFormat string `json:"sourceFormat,omitempty"` + // ForceSendFields is a list of field names (e.g. "AllowVerticalScale") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AllowVerticalScale") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSync) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSync + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncDeploymentState: The state of ConfigSync's +// deployment on a cluster. +type ConfigManagementConfigSyncDeploymentState struct { + // AdmissionWebhook: Deployment state of admission-webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Deployment state of the git-sync pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GitSync string `json:"gitSync,omitempty"` + // Importer: Deployment state of the importer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Importer string `json:"importer,omitempty"` + // Monitor: Deployment state of the monitor pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Deployment state of otel-collector + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Deployment state of reconciler-manager pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Deployment state of + // resource-group-controller-manager + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Deployment state of root-reconciler. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Deployment state of the syncer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncError: Errors pertaining to the installation of +// Config Sync +type ConfigManagementConfigSyncError struct { + // ErrorMessage: A string representing the user facing error message + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListOperationsResponse +func (s ConfigManagementConfigSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncError return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// Location: A resource that represents a Google Cloud location. -type Location struct { - // DisplayName: The friendly name for this location, typically a nearby city - // name. For example, "Tokyo". - DisplayName string `json:"displayName,omitempty"` - // Labels: Cross-service attributes for the location. For example - // {"cloud.googleapis.com/region": "us-east1"} - Labels map[string]string `json:"labels,omitempty"` - // LocationId: The canonical id for this location. For example: "us-east1". - LocationId string `json:"locationId,omitempty"` - // Metadata: Service-specific metadata. For example the available capacity at - // the given location. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: Resource name for the location, which may vary between - // implementations. For example: - // "projects/example-project/locations/us-east1" - Name string `json:"name,omitempty"` +// ConfigManagementConfigSyncState: State information for ConfigSync. +type ConfigManagementConfigSyncState struct { + // DeploymentState: Information about the deployment of ConfigSync, including + // the version. of the various Pods deployed + DeploymentState *ConfigManagementConfigSyncDeploymentState `json:"deploymentState,omitempty"` + // Errors: Errors pertaining to the installation of Config Sync. + Errors []*ConfigManagementConfigSyncError `json:"errors,omitempty"` + // ReposyncCrd: The state of the Reposync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + ReposyncCrd string `json:"reposyncCrd,omitempty"` + // RootsyncCrd: The state of the RootSync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + RootsyncCrd string `json:"rootsyncCrd,omitempty"` + // State: The state of CS This field summarizes the other fields in this + // message. + // + // Possible values: + // "STATE_UNSPECIFIED" - CS's state cannot be determined. + // "CONFIG_SYNC_NOT_INSTALLED" - CS is not installed. + // "CONFIG_SYNC_INSTALLED" - The expected CS version is installed + // successfully. + // "CONFIG_SYNC_ERROR" - CS encounters errors. + // "CONFIG_SYNC_PENDING" - CS is installing or terminating. + State string `json:"state,omitempty"` + // SyncState: The state of ConfigSync's process to sync configs to a cluster. + SyncState *ConfigManagementSyncState `json:"syncState,omitempty"` + // Version: The version of ConfigSync deployed. + Version *ConfigManagementConfigSyncVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "DisplayName") to +func (s ConfigManagementConfigSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncVersion: Specific versioning information +// pertaining to ConfigSync's Pods. +type ConfigManagementConfigSyncVersion struct { + // AdmissionWebhook: Version of the deployed admission-webhook pod. + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Version of the deployed git-sync pod. + GitSync string `json:"gitSync,omitempty"` + // Importer: Version of the deployed importer pod. + Importer string `json:"importer,omitempty"` + // Monitor: Version of the deployed monitor pod. + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Version of the deployed otel-collector pod + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Version of the deployed reconciler-manager pod. + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Version of the deployed + // resource-group-controller-manager pod + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Version of the deployed reconciler container in + // root-reconciler pod. + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Version of the deployed syncer pod. + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DisplayName") to include in API + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementErrorResource: Model for a config file in the git repo with +// an associated Sync error. +type ConfigManagementErrorResource struct { + // ResourceGvk: Group/version/kind of the resource that is causing an error + ResourceGvk *ConfigManagementGroupVersionKind `json:"resourceGvk,omitempty"` + // ResourceName: Metadata name of the resource that is causing an error + ResourceName string `json:"resourceName,omitempty"` + // ResourceNamespace: Namespace of the resource that is causing an error + ResourceNamespace string `json:"resourceNamespace,omitempty"` + // SourcePath: Path in the git repo of the erroneous config + SourcePath string `json:"sourcePath,omitempty"` + // ForceSendFields is a list of field names (e.g. "ResourceGvk") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ResourceGvk") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s Location) MarshalJSON() ([]byte, error) { - type NoMethod Location - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +func (s ConfigManagementErrorResource) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementErrorResource + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGatekeeperDeploymentState: State of Policy Controller +// installation. +type ConfigManagementGatekeeperDeploymentState struct { + // GatekeeperAudit: Status of gatekeeper-audit deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperAudit string `json:"gatekeeperAudit,omitempty"` + // GatekeeperControllerManagerState: Status of gatekeeper-controller-manager + // pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperControllerManagerState string `json:"gatekeeperControllerManagerState,omitempty"` + // GatekeeperMutation: Status of the pod serving the mutation webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperMutation string `json:"gatekeeperMutation,omitempty"` + // ForceSendFields is a list of field names (e.g. "GatekeeperAudit") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GatekeeperAudit") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGatekeeperDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGatekeeperDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGitConfig: Git repo configuration for a single cluster. +type ConfigManagementGitConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // HttpsProxy: URL for the HTTPS proxy to be used when communicating with the + // Git repo. + HttpsProxy string `json:"httpsProxy,omitempty"` + // PolicyDir: The path within the Git repository that represents the top level + // of the repo to sync. Default: the root directory of the repository. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. Must be + // one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The + // validation of this is case-sensitive. Required. + SecretType string `json:"secretType,omitempty"` + // SyncBranch: The branch of the repository to sync from. Default: master. + SyncBranch string `json:"syncBranch,omitempty"` + // SyncRepo: The URL of the Git repository to use as the source of truth. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncRev: Git revision (tag or hash) to check out. Default HEAD. + SyncRev string `json:"syncRev,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGitConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGitConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGroupVersionKind: A Kubernetes object's GVK. +type ConfigManagementGroupVersionKind struct { + // Group: Kubernetes Group + Group string `json:"group,omitempty"` + // Kind: Kubernetes Kind + Kind string `json:"kind,omitempty"` + // Version: Kubernetes Version + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGroupVersionKind) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGroupVersionKind + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerConfig: Configuration for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerConfig struct { + // EnableHierarchicalResourceQuota: Whether hierarchical resource quota is + // enabled in this cluster. + EnableHierarchicalResourceQuota bool `json:"enableHierarchicalResourceQuota,omitempty"` + // EnablePodTreeLabels: Whether pod tree labels are enabled in this cluster. + EnablePodTreeLabels bool `json:"enablePodTreeLabels,omitempty"` + // Enabled: Whether Hierarchy Controller is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. + // "EnableHierarchicalResourceQuota") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted from + // API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "EnableHierarchicalResourceQuota") + // to include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerDeploymentState: Deployment state for +// Hierarchy Controller +type ConfigManagementHierarchyControllerDeploymentState struct { + // Extension: The deployment state for Hierarchy Controller extension (e.g. + // v0.7.0-hc.1). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Extension string `json:"extension,omitempty"` + // Hnc: The deployment state for open source HNC (e.g. v0.7.0-hc.0). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerState: State for Hierarchy Controller. +type ConfigManagementHierarchyControllerState struct { + // State: The deployment state for Hierarchy Controller. + State *ConfigManagementHierarchyControllerDeploymentState `json:"state,omitempty"` + // Version: The version for Hierarchy Controller. + Version *ConfigManagementHierarchyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerVersion: Version for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerVersion struct { + // Extension: Version for Hierarchy Controller extension. + Extension string `json:"extension,omitempty"` + // Hnc: Version for open source HNC. + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementInstallError: Errors pertaining to the installation of ACM. +type ConfigManagementInstallError struct { + // ErrorMessage: A string representing the user facing error message. + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementInstallError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementInstallError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOciConfig: OCI repo configuration for a single cluster. +type ConfigManagementOciConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // PolicyDir: The absolute path of the directory that contains the local + // resources. Default: the root directory of the image. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. + SecretType string `json:"secretType,omitempty"` + // SyncRepo: The OCI image repository URL for the package to sync from. e.g. + // `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOciConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOciConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOperatorState: State information for an ACM's Operator. +type ConfigManagementOperatorState struct { + // DeploymentState: The state of the Operator's deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + DeploymentState string `json:"deploymentState,omitempty"` + // Errors: Install errors. + Errors []*ConfigManagementInstallError `json:"errors,omitempty"` + // Version: The semenatic version number of the operator. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOperatorState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOperatorState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyController: Configuration for Policy Controller +type ConfigManagementPolicyController struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // Enabled: Enables the installation of Policy Controller. If false, the rest + // of PolicyController fields take no effect. + Enabled bool `json:"enabled,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *ConfigManagementPolicyControllerMonitoring `json:"monitoring,omitempty"` + // MutationEnabled: Enable or disable mutation in policy controller. If true, + // mutation CRDs, webhook and controller deployment will be deployed to the + // cluster. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // TemplateLibraryInstalled: Installs the default template library along with + // Policy Controller. + TemplateLibraryInstalled bool `json:"templateLibraryInstalled,omitempty"` + // UpdateTime: Output only. Last time this membership spec was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyController) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyController + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMigration: State for the migration of +// PolicyController from ACM -> PoCo Hub. +type ConfigManagementPolicyControllerMigration struct { + // CopyTime: Last time this membership spec was copied to PoCo feature. + CopyTime string `json:"copyTime,omitempty"` + // Stage: Stage of the migration. + // + // Possible values: + // "STAGE_UNSPECIFIED" - Unknown state of migration. + // "ACM_MANAGED" - ACM Hub/Operator manages policycontroller. No migration + // yet completed. + // "POCO_MANAGED" - All migrations steps complete; Poco Hub now manages + // policycontroller. + Stage string `json:"stage,omitempty"` + // ForceSendFields is a list of field names (e.g. "CopyTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CopyTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMigration) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMigration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMonitoring: PolicyControllerMonitoring +// specifies the backends Policy Controller should export metrics to. For +// example, to specify metrics should be exported to Cloud Monitoring and +// Prometheus, specify backends: ["cloudmonitoring", "prometheus"] +type ConfigManagementPolicyControllerMonitoring struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMonitoring) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMonitoring + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerState: State for PolicyControllerState. +type ConfigManagementPolicyControllerState struct { + // DeploymentState: The state about the policy controller installation. + DeploymentState *ConfigManagementGatekeeperDeploymentState `json:"deploymentState,omitempty"` + // Migration: Record state of ACM -> PoCo Hub migration for this feature. + Migration *ConfigManagementPolicyControllerMigration `json:"migration,omitempty"` + // Version: The version of Gatekeeper Policy Controller deployed. + Version *ConfigManagementPolicyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerVersion: The build version of Gatekeeper +// Policy Controller is using. +type ConfigManagementPolicyControllerVersion struct { + // Version: The gatekeeper image tag that is composed of ACM version, git tag, + // build number. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSpec: **Anthos Config Management**: Configuration for a +// single cluster. Intended to parallel the ConfigManagement CR. +type ConfigManagementSpec struct { + // Binauthz: Binauthz conifguration for the cluster. Deprecated: This field + // will be ignored and should not be set. + Binauthz *ConfigManagementBinauthzConfig `json:"binauthz,omitempty"` + // Cluster: The user-specified cluster name used by Config Sync + // cluster-name-selector annotation or ClusterSelector, for applying configs to + // only a subset of clusters. Omit this field if the cluster's fleet membership + // name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. Set this field if a name different from the cluster's fleet + // membership name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. + Cluster string `json:"cluster,omitempty"` + // ConfigSync: Config Sync configuration for the cluster. + ConfigSync *ConfigManagementConfigSync `json:"configSync,omitempty"` + // HierarchyController: Hierarchy Controller configuration for the cluster. + // Deprecated: Configuring Hierarchy Controller through the configmanagement + // feature is no longer recommended. Use + // https://github.com/kubernetes-sigs/hierarchical-namespaces instead. + HierarchyController *ConfigManagementHierarchyControllerConfig `json:"hierarchyController,omitempty"` + // Management: Enables automatic Feature management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google will manage the Feature for the cluster. + // "MANAGEMENT_MANUAL" - User will manually manage the Feature for the + // cluster. + Management string `json:"management,omitempty"` + // PolicyController: Policy Controller configuration for the cluster. + // Deprecated: Configuring Policy Controller through the configmanagement + // feature is no longer recommended. Use the policycontroller feature instead. + PolicyController *ConfigManagementPolicyController `json:"policyController,omitempty"` + // Version: Version of ACM installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Binauthz") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Binauthz") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSpec) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementState: **Anthos Config Management**: State for a single +// cluster. +type ConfigManagementState struct { + // BinauthzState: Binauthz status. + BinauthzState *ConfigManagementBinauthzState `json:"binauthzState,omitempty"` + // ClusterName: This field is set to the `cluster_name` field of the Membership + // Spec if it is not empty. Otherwise, it is set to the cluster's fleet + // membership name. + ClusterName string `json:"clusterName,omitempty"` + // ConfigSyncState: Current sync status. + ConfigSyncState *ConfigManagementConfigSyncState `json:"configSyncState,omitempty"` + // HierarchyControllerState: Hierarchy Controller status. + HierarchyControllerState *ConfigManagementHierarchyControllerState `json:"hierarchyControllerState,omitempty"` + // MembershipSpec: Membership configuration in the cluster. This represents the + // actual state in the cluster, while the MembershipSpec in the FeatureSpec + // represents the intended state. + MembershipSpec *ConfigManagementSpec `json:"membershipSpec,omitempty"` + // OperatorState: Current install status of ACM's Operator. + OperatorState *ConfigManagementOperatorState `json:"operatorState,omitempty"` + // PolicyControllerState: PolicyController status. + PolicyControllerState *ConfigManagementPolicyControllerState `json:"policyControllerState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BinauthzState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BinauthzState") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncError: An ACM created error representing a problem +// syncing configurations. +type ConfigManagementSyncError struct { + // Code: An ACM defined error code + Code string `json:"code,omitempty"` + // ErrorMessage: A description of the error + ErrorMessage string `json:"errorMessage,omitempty"` + // ErrorResources: A list of config(s) associated with the error, if any + ErrorResources []*ConfigManagementErrorResource `json:"errorResources,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncState: State indicating an ACM's progress syncing +// configurations to a cluster. +type ConfigManagementSyncState struct { + // Code: Sync status code. + // + // Possible values: + // "SYNC_CODE_UNSPECIFIED" - Config Sync cannot determine a sync code + // "SYNCED" - Config Sync successfully synced the git Repo with the cluster + // "PENDING" - Config Sync is in the progress of syncing a new change + // "ERROR" - Indicates an error configuring Config Sync, and user action is + // required + // "NOT_CONFIGURED" - Config Sync has been installed but not configured + // "NOT_INSTALLED" - Config Sync has not been installed + // "UNAUTHORIZED" - Error authorizing with the cluster + // "UNREACHABLE" - Cluster could not be reached + Code string `json:"code,omitempty"` + // Errors: A list of errors resulting from problematic configs. This list will + // be truncated after 100 errors, although it is unlikely for that many errors + // to simultaneously exist. + Errors []*ConfigManagementSyncError `json:"errors,omitempty"` + // ImportToken: Token indicating the state of the importer. + ImportToken string `json:"importToken,omitempty"` + // LastSync: Deprecated: use last_sync_time instead. Timestamp of when ACM last + // successfully synced the repo. The time format is specified in + // https://golang.org/pkg/time/#Time.String + LastSync string `json:"lastSync,omitempty"` + // LastSyncTime: Timestamp type of when ACM last successfully synced the repo. + LastSyncTime string `json:"lastSyncTime,omitempty"` + // SourceToken: Token indicating the state of the repo. + SourceToken string `json:"sourceToken,omitempty"` + // SyncToken: Token indicating the state of the syncer. + SyncToken string `json:"syncToken,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Empty: A generic empty message that you can re-use to avoid defining +// duplicated empty messages in your APIs. A typical example is to use it as +// the request or the response type of an API method. For instance: service Foo +// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } +type Empty struct { + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` +} + +// FeatureConfigRef: Information of the FeatureConfig applied on the +// MembershipFeature. +type FeatureConfigRef struct { + // Config: Input only. Resource name of FeatureConfig, in the format: + // `projects/{project}/locations/global/featureConfigs/{feature_config}`. + Config string `json:"config,omitempty"` + // ConfigUpdateTime: Output only. When the FeatureConfig was last applied and + // copied to FeatureSpec. + ConfigUpdateTime string `json:"configUpdateTime,omitempty"` + // Uuid: Output only. An id that uniquely identify a FeatureConfig object. + Uuid string `json:"uuid,omitempty"` + // ForceSendFields is a list of field names (e.g. "Config") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Config") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureConfigRef) MarshalJSON() ([]byte, error) { + type NoMethod FeatureConfigRef + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureSpec: FeatureSpec contains user input per-feature spec information. +type FeatureSpec struct { + // Cloudbuild: Cloudbuild-specific FeatureSpec. + Cloudbuild *CloudBuildSpec `json:"cloudbuild,omitempty"` + // Configmanagement: Config Management FeatureSpec. + Configmanagement *ConfigManagementSpec `json:"configmanagement,omitempty"` + // Identityservice: IdentityService FeatureSpec. + Identityservice *IdentityServiceSpec `json:"identityservice,omitempty"` + // Origin: Whether this per-Feature spec was inherited from a fleet-level + // default. This field can be updated by users by either overriding a Feature + // config (updated to USER implicitly) or setting to FLEET explicitly. + Origin *Origin `json:"origin,omitempty"` + // Policycontroller: Policycontroller-specific FeatureSpec. + Policycontroller *PolicyControllerSpec `json:"policycontroller,omitempty"` + // Servicemesh: ServiceMesh Feature Spec. + Servicemesh *ServiceMeshSpec `json:"servicemesh,omitempty"` + // Workloadcertificate: Workloadcertificate-specific FeatureSpec. + Workloadcertificate *WorkloadCertificateSpec `json:"workloadcertificate,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cloudbuild") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cloudbuild") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureSpec) MarshalJSON() ([]byte, error) { + type NoMethod FeatureSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureState: FeatureState contains high-level state information and +// per-feature state information for this MembershipFeature. +type FeatureState struct { + // Appdevexperience: Appdevexperience specific state. + Appdevexperience *AppDevExperienceState `json:"appdevexperience,omitempty"` + // Clusterupgrade: Cluster upgrade state. + Clusterupgrade *ClusterUpgradeState `json:"clusterupgrade,omitempty"` + // Configmanagement: Config Management state + Configmanagement *ConfigManagementState `json:"configmanagement,omitempty"` + // Identityservice: Identity service state + Identityservice *IdentityServiceState `json:"identityservice,omitempty"` + // Metering: Metering state + Metering *MeteringState `json:"metering,omitempty"` + // Policycontroller: Policy Controller state + Policycontroller *PolicyControllerState `json:"policycontroller,omitempty"` + // Servicemesh: Service mesh state + Servicemesh *ServiceMeshState `json:"servicemesh,omitempty"` + // State: The high-level state of this MembershipFeature. + State *State `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Appdevexperience") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Appdevexperience") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureState) MarshalJSON() ([]byte, error) { + type NoMethod FeatureState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// GoogleRpcStatus: The `Status` type defines a logical error model that is +// suitable for different programming environments, including REST APIs and RPC +// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message +// contains three pieces of data: error code, error message, and error details. +// You can find out more about this error model and how to work with it in the +// API Design Guide (https://cloud.google.com/apis/design/errors). +type GoogleRpcStatus struct { + // Code: The status code, which should be an enum value of google.rpc.Code. + Code int64 `json:"code,omitempty"` + // Details: A list of messages that carry the error details. There is a common + // set of message types for APIs to use. + Details []googleapi.RawMessage `json:"details,omitempty"` + // Message: A developer-facing error message, which should be in English. Any + // user-facing error message should be localized and sent in the + // google.rpc.Status.details field, or localized by the client. + Message string `json:"message,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { + type NoMethod GoogleRpcStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAuthMethod: Configuration of an auth method for a +// member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be +// set per AuthMethod. +type IdentityServiceAuthMethod struct { + // AzureadConfig: AzureAD specific Configuration. + AzureadConfig *IdentityServiceAzureADConfig `json:"azureadConfig,omitempty"` + // GoogleConfig: GoogleConfig specific configuration + GoogleConfig *IdentityServiceGoogleConfig `json:"googleConfig,omitempty"` + // LdapConfig: LDAP specific configuration. + LdapConfig *IdentityServiceLdapConfig `json:"ldapConfig,omitempty"` + // Name: Identifier for auth config. + Name string `json:"name,omitempty"` + // OidcConfig: OIDC specific configuration. + OidcConfig *IdentityServiceOidcConfig `json:"oidcConfig,omitempty"` + // Proxy: Proxy server address to use for auth method. + Proxy string `json:"proxy,omitempty"` + // SamlConfig: SAML specific configuration. + SamlConfig *IdentityServiceSamlConfig `json:"samlConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "AzureadConfig") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AzureadConfig") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAuthMethod) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAuthMethod + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAzureADConfig: Configuration for the AzureAD Auth flow. +type IdentityServiceAzureADConfig struct { + // ClientId: ID for the registered client application that makes authentication + // requests to the Azure AD identity provider. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted AzureAD client secret will be passed + // to the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // EncryptedClientSecret: Output only. Encrypted AzureAD client secret. + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // GroupFormat: Optional. Format of the AzureAD groups that the client wants + // for auth. + GroupFormat string `json:"groupFormat,omitempty"` + // KubectlRedirectUri: The redirect URL that kubectl uses for authorization. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Tenant: Kind of Azure AD account to be authenticated. Supported values are + // or for accounts belonging to a specific tenant. + Tenant string `json:"tenant,omitempty"` + // UserClaim: Optional. Claim in the AzureAD ID Token that holds the user + // details. + UserClaim string `json:"userClaim,omitempty"` + // ForceSendFields is a list of field names (e.g. "ClientId") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ClientId") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAzureADConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAzureADConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceDiagnosticInterface: Configuration options for the AIS +// diagnostic interface. +type IdentityServiceDiagnosticInterface struct { + // Enabled: Determines whether to enable the diagnostic interface. + Enabled bool `json:"enabled,omitempty"` + // ExpirationTime: Determines the expiration time of the diagnostic interface + // enablement. When reached, requests to the interface would be automatically + // rejected. + ExpirationTime string `json:"expirationTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceDiagnosticInterface) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceDiagnosticInterface + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGoogleConfig: Configuration for the Google Plugin Auth flow. +type IdentityServiceGoogleConfig struct { + // Disable: Disable automatic configuration of Google Plugin on supported + // platforms. + Disable bool `json:"disable,omitempty"` + // ForceSendFields is a list of field names (e.g. "Disable") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Disable") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGoogleConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGoogleConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGroupConfig: Contains the properties for locating and +// authenticating groups in the directory. +type IdentityServiceGroupConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for group entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Optional filter to be used when searching for groups a + // user belongs to. This can be used to explicitly match only certain groups in + // order to reduce the amount of groups returned for each user. This defaults + // to "(objectClass=Group)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. The identifying name of each group a user belongs to. + // For example, if this is set to "distinguishedName" then RBACs and other + // group expectations should be written as full DNs. This defaults to + // "distinguishedName". + IdAttribute string `json:"idAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGroupConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // DiagnosticInterface: Configuration options for the AIS diagnostic interface. + DiagnosticInterface *IdentityServiceDiagnosticInterface `json:"diagnosticInterface,omitempty"` + // SessionDuration: Determines the lifespan of STS tokens issued by Anthos + // Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "DiagnosticInterface") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DiagnosticInterface") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. +type IdentityServiceLdapConfig struct { + // Group: Optional. Contains the properties for locating and authenticating + // groups in the directory. + Group *IdentityServiceGroupConfig `json:"group,omitempty"` + // Server: Required. Server settings for the external LDAP server. + Server *IdentityServiceServerConfig `json:"server,omitempty"` + // ServiceAccount: Required. Contains the credentials of the service account + // which is authorized to perform the LDAP search in the directory. The + // credentials can be supplied by the combination of the DN and password or the + // client certificate. + ServiceAccount *IdentityServiceServiceAccountConfig `json:"serviceAccount,omitempty"` + // User: Required. Defines where users exist in the LDAP directory. + User *IdentityServiceUserConfig `json:"user,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceLdapConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceOidcConfig: Configuration for OIDC Auth flow. +type IdentityServiceOidcConfig struct { + // CertificateAuthorityData: PEM-encoded CA for OIDC provider. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ClientId: ID for OIDC client application. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted OIDC client secret will be passed to + // the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // DeployCloudConsoleProxy: Flag to denote if reverse proxy is used to connect + // to auth provider. This flag should be set to true when provider is not + // reachable by Google Cloud Console. + DeployCloudConsoleProxy bool `json:"deployCloudConsoleProxy,omitempty"` + // EnableAccessToken: Enable access token. + EnableAccessToken bool `json:"enableAccessToken,omitempty"` + // EncryptedClientSecret: Output only. Encrypted OIDC Client secret + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // ExtraParams: Comma-separated list of key-value pairs. + ExtraParams string `json:"extraParams,omitempty"` + // GroupPrefix: Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsClaim: Claim in OIDC ID token that holds group information. + GroupsClaim string `json:"groupsClaim,omitempty"` + // IssuerUri: URI for the OIDC provider. This should point to the level below + // .well-known/openid-configuration. + IssuerUri string `json:"issuerUri,omitempty"` + // KubectlRedirectUri: Registered redirect uri to redirect users going through + // OAuth flow using kubectl plugin. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Scopes: Comma-separated list of identifiers. + Scopes string `json:"scopes,omitempty"` + // UserClaim: Claim in OIDC ID token that holds username. + UserClaim string `json:"userClaim,omitempty"` + // UserPrefix: Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceOidcConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceOidcConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSamlConfig: Configuration for the SAML Auth flow. +type IdentityServiceSamlConfig struct { + // AttributeMapping: Optional. The mapping of additional user attributes like + // nickname, birthday and address etc.. `key` is the name of this additional + // attribute. `value` is a string presenting as CEL(common expression language, + // go/cel) used for getting the value from the resources. Take nickname as an + // example, in this case, `key` is "attribute.nickname" and `value` is + // "assertion.nickname". + AttributeMapping map[string]string `json:"attributeMapping,omitempty"` + // GroupPrefix: Optional. Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsAttribute: Optional. The SAML attribute to read groups from. This + // value is expected to be a string and will be passed along as-is (with the + // option of being prefixed by the `group_prefix`). + GroupsAttribute string `json:"groupsAttribute,omitempty"` + // IdentityProviderCertificates: Required. The list of IdP certificates to + // validate the SAML response against. + IdentityProviderCertificates []string `json:"identityProviderCertificates,omitempty"` + // IdentityProviderId: Required. The entity ID of the SAML IdP. + IdentityProviderId string `json:"identityProviderId,omitempty"` + // IdentityProviderSsoUri: Required. The URI where the SAML IdP exposes the SSO + // service. + IdentityProviderSsoUri string `json:"identityProviderSsoUri,omitempty"` + // UserAttribute: Optional. The SAML attribute to read username from. If + // unspecified, the username will be read from the NameID element of the + // assertion in SAML response. This value is expected to be a string and will + // be passed along as-is (with the option of being prefixed by the + // `user_prefix`). + UserAttribute string `json:"userAttribute,omitempty"` + // UserPrefix: Optional. Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "AttributeMapping") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AttributeMapping") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSamlConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSamlConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServerConfig: Server settings for the external LDAP server. +type IdentityServiceServerConfig struct { + // CertificateAuthorityData: Optional. Contains a Base64 encoded, PEM formatted + // certificate authority certificate for the LDAP server. This must be provided + // for the "ldaps" and "startTLS" connections. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ConnectionType: Optional. Defines the connection type to communicate with + // the LDAP server. If `starttls` or `ldaps` is specified, the + // certificate_authority_data should not be empty. + ConnectionType string `json:"connectionType,omitempty"` + // Host: Required. Defines the hostname or IP of the LDAP server. Port is + // optional and will default to 389, if unspecified. For example, + // "ldap.server.example" or "10.10.10.10:389". + Host string `json:"host,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServerConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServiceAccountConfig: Contains the credentials of the service +// account which is authorized to perform the LDAP search in the directory. The +// credentials can be supplied by the combination of the DN and password or the +// client certificate. +type IdentityServiceServiceAccountConfig struct { + // SimpleBindCredentials: Credentials for basic auth. + SimpleBindCredentials *IdentityServiceSimpleBindCredentials `json:"simpleBindCredentials,omitempty"` + // ForceSendFields is a list of field names (e.g. "SimpleBindCredentials") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SimpleBindCredentials") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServiceAccountConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServiceAccountConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSimpleBindCredentials: The structure holds the LDAP simple +// binding credential. +type IdentityServiceSimpleBindCredentials struct { + // Dn: Required. The distinguished name(DN) of the service account object/user. + Dn string `json:"dn,omitempty"` + // EncryptedPassword: Output only. The encrypted password of the service + // account object/user. + EncryptedPassword string `json:"encryptedPassword,omitempty"` + // Password: Required. Input only. The password of the service account + // object/user. + Password string `json:"password,omitempty"` + // ForceSendFields is a list of field names (e.g. "Dn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Dn") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSimpleBindCredentials) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSimpleBindCredentials + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSpec: **IdentityService**: Configuration for a single +// membership. +type IdentityServiceSpec struct { + // AuthMethods: A member may support multiple auth methods. + AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuthMethods") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuthMethods") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSpec) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceState: **IdentityService**: State for a single membership, +// analyzed and reported by feature controller. +type IdentityServiceState struct { + // FailureReason: The reason of the failure. + FailureReason string `json:"failureReason,omitempty"` + // InstalledVersion: Installed AIS version. This is the AIS version installed + // on this member. The values makes sense iff state is OK. + InstalledVersion string `json:"installedVersion,omitempty"` + // MemberConfig: Last reconciled membership configuration + MemberConfig *IdentityServiceSpec `json:"memberConfig,omitempty"` + // State: Deployment state on this member + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Unspecified state + // "OK" - deployment succeeds + // "ERROR" - Failure with error. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "FailureReason") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "FailureReason") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceState) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceUserConfig: Defines where users exist in the LDAP directory. +type IdentityServiceUserConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for user entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Filter to apply when searching for the user. This can be + // used to further restrict the user accounts which are allowed to login. This + // defaults to "(objectClass=User)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. Determines which attribute to use as the user's + // identity after they are authenticated. This is distinct from the + // loginAttribute field to allow users to login with a username, but then have + // their actual identifier be an email address or full Distinguished Name (DN). + // For example, setting loginAttribute to "sAMAccountName" and + // identifierAttribute to "userPrincipalName" would allow a user to login as + // "bsmith", but actual RBAC policies for the user would be written as + // "bsmith@example.com". Using "userPrincipalName" is recommended since this + // will be unique for each user. This defaults to "userPrincipalName". + IdAttribute string `json:"idAttribute,omitempty"` + // LoginAttribute: Optional. The name of the attribute which matches against + // the input username. This is used to find the user in the LDAP database e.g. + // "(=)" and is combined with the optional filter field. This defaults to + // "userPrincipalName". + LoginAttribute string `json:"loginAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceUserConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceUserConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// LifecycleState: LifecycleState describes the state of a MembershipFeature +// *resource* in the GkeHub API. See `FeatureState` for the "running state" of +// the MembershipFeature. +type LifecycleState struct { + // State: Output only. The current state of the Feature resource in the Hub + // API. + // + // Possible values: + // "STATE_UNSPECIFIED" - State is unknown or not set. + // "ENABLING" - The MembershipFeature is being enabled, and the + // MembershipFeature resource is being created. Once complete, the + // corresponding MembershipFeature will be enabled in this Hub. + // "ACTIVE" - The MembershipFeature is enabled in this Hub, and the + // MembershipFeature resource is fully available. + // "DISABLING" - The MembershipFeature is being disabled in this Hub, and the + // MembershipFeature resource is being deleted. + // "UPDATING" - The MembershipFeature resource is being updated. + // "SERVICE_UPDATING" - The MembershipFeature resource is being updated by + // the Hub Service. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s LifecycleState) MarshalJSON() ([]byte, error) { + type NoMethod LifecycleState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListLocationsResponse: The response message for Locations.ListLocations. +type ListLocationsResponse struct { + // Locations: A list of locations that matches the specified filter in the + // request. + Locations []*Location `json:"locations,omitempty"` + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Locations") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Locations") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListLocationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListMembershipFeaturesResponse: Response message for the +// `GkeHubFeature.ListMembershipFeatures` method. +type ListMembershipFeaturesResponse struct { + // MembershipFeatures: The list of matching MembershipFeatures. + MembershipFeatures []*MembershipFeature `json:"membershipFeatures,omitempty"` + // NextPageToken: A token to request the next page of resources from the + // `ListMembershipFeatures` method. The value of an empty string means that + // there are no more resources to return. + NextPageToken string `json:"nextPageToken,omitempty"` + // Unreachable: List of locations that could not be reached while fetching this + // list. + Unreachable []string `json:"unreachable,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "MembershipFeatures") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "MembershipFeatures") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListMembershipFeaturesResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListMembershipFeaturesResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListOperationsResponse: The response message for Operations.ListOperations. +type ListOperationsResponse struct { + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + // Operations: A list of operations that matches the specified filter in the + // request. + Operations []*Operation `json:"operations,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListOperationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Location: A resource that represents a Google Cloud location. +type Location struct { + // DisplayName: The friendly name for this location, typically a nearby city + // name. For example, "Tokyo". + DisplayName string `json:"displayName,omitempty"` + // Labels: Cross-service attributes for the location. For example + // {"cloud.googleapis.com/region": "us-east1"} + Labels map[string]string `json:"labels,omitempty"` + // LocationId: The canonical id for this location. For example: "us-east1". + LocationId string `json:"locationId,omitempty"` + // Metadata: Service-specific metadata. For example the available capacity at + // the given location. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: Resource name for the location, which may vary between + // implementations. For example: + // "projects/example-project/locations/us-east1" + Name string `json:"name,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "DisplayName") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DisplayName") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Location) MarshalJSON() ([]byte, error) { + type NoMethod Location + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MembershipFeature: MembershipFeature represents the settings and status of a +// Fleet Feature enabled on a single Fleet Membership. +type MembershipFeature struct { + // CreateTime: Output only. When the MembershipFeature resource was created. + CreateTime string `json:"createTime,omitempty"` + // DeleteTime: Output only. When the MembershipFeature resource was deleted. + DeleteTime string `json:"deleteTime,omitempty"` + // FeatureConfigRef: Reference information for a FeatureConfig applied on the + // MembershipFeature. + FeatureConfigRef *FeatureConfigRef `json:"featureConfigRef,omitempty"` + // Labels: GCP labels for this MembershipFeature. + Labels map[string]string `json:"labels,omitempty"` + // LifecycleState: Output only. Lifecycle information of the resource itself. + LifecycleState *LifecycleState `json:"lifecycleState,omitempty"` + // Name: Output only. The resource name of the membershipFeature, in the + // format: + // `projects/{project}/locations/{location}/memberships/{membership}/features/{f + // eature}`. Note that `membershipFeatures` is shortened to `features` in the + // resource name. (see http://go/aip/122#collection-identifiers) + Name string `json:"name,omitempty"` + // Spec: Spec of this membershipFeature. + Spec *FeatureSpec `json:"spec,omitempty"` + // State: Output only. State of the this membershipFeature. + State *FeatureState `json:"state,omitempty"` + // UpdateTime: Output only. When the MembershipFeature resource was last + // updated. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CreateTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MembershipFeature) MarshalJSON() ([]byte, error) { + type NoMethod MembershipFeature + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MeteringState: **Metering**: State for a single membership, analyzed and +// reported by feature controller. +type MeteringState struct { + // LastMeasurementTime: The time stamp of the most recent measurement of the + // number of vCPUs in the cluster. + LastMeasurementTime string `json:"lastMeasurementTime,omitempty"` + // PreciseLastMeasuredClusterVcpuCapacity: The vCPUs capacity in the cluster + // according to the most recent measurement (1/1000 precision). + PreciseLastMeasuredClusterVcpuCapacity float64 `json:"preciseLastMeasuredClusterVcpuCapacity,omitempty"` + // ForceSendFields is a list of field names (e.g. "LastMeasurementTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "LastMeasurementTime") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MeteringState) MarshalJSON() ([]byte, error) { + type NoMethod MeteringState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +func (s *MeteringState) UnmarshalJSON(data []byte) error { + type NoMethod MeteringState + var s1 struct { + PreciseLastMeasuredClusterVcpuCapacity gensupport.JSONFloat64 `json:"preciseLastMeasuredClusterVcpuCapacity"` + *NoMethod + } + s1.NoMethod = (*NoMethod)(s) + if err := json.Unmarshal(data, &s1); err != nil { + return err + } + s.PreciseLastMeasuredClusterVcpuCapacity = float64(s1.PreciseLastMeasuredClusterVcpuCapacity) + return nil +} + +// Operation: This resource represents a long-running operation that is the +// result of a network API call. +type Operation struct { + // Done: If the value is `false`, it means the operation is still in progress. + // If `true`, the operation is completed, and either `error` or `response` is + // available. + Done bool `json:"done,omitempty"` + // Error: The error result of the operation in case of failure or cancellation. + Error *GoogleRpcStatus `json:"error,omitempty"` + // Metadata: Service-specific metadata associated with the operation. It + // typically contains progress information and common metadata such as create + // time. Some services might not provide such metadata. Any method that returns + // a long-running operation should document the metadata type, if any. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: The server-assigned name, which is only unique within the same service + // that originally returns it. If you use the default HTTP mapping, the `name` + // should be a resource name ending with `operations/{unique_id}`. + Name string `json:"name,omitempty"` + // Response: The normal, successful response of the operation. If the original + // method returns no data on success, such as `Delete`, the response is + // `google.protobuf.Empty`. If the original method is standard + // `Get`/`Create`/`Update`, the response should be the resource. For other + // methods, the response should have the type `XxxResponse`, where `Xxx` is the + // original method name. For example, if the original method name is + // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. + Response googleapi.RawMessage `json:"response,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Done") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Done") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Operation) MarshalJSON() ([]byte, error) { + type NoMethod Operation + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// OperationMetadata: Metadata of the long-running operation. +type OperationMetadata struct { + // ApiVersion: Output only. API version used to start the operation. + ApiVersion string `json:"apiVersion,omitempty"` + // CancelRequested: Output only. Identifies whether the user has requested + // cancellation of the operation. Operations that have successfully been + // cancelled have Operation.error value with a google.rpc.Status.code of 1, + // corresponding to `Code.CANCELLED`. + CancelRequested bool `json:"cancelRequested,omitempty"` + // CreateTime: Output only. The time the operation was created. + CreateTime string `json:"createTime,omitempty"` + // EndTime: Output only. The time the operation finished running. + EndTime string `json:"endTime,omitempty"` + // StatusDetail: Output only. Human-readable status of the operation, if any. + StatusDetail string `json:"statusDetail,omitempty"` + // Target: Output only. Server-defined resource path for the target of the + // operation. + Target string `json:"target,omitempty"` + // Verb: Output only. Name of the verb executed by the operation. + Verb string `json:"verb,omitempty"` + // ForceSendFields is a list of field names (e.g. "ApiVersion") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ApiVersion") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s OperationMetadata) MarshalJSON() ([]byte, error) { + type NoMethod OperationMetadata + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Origin: Origin defines where this FeatureSpec originated from. +type Origin struct { + // Type: Type specifies which type of origin is set. + // + // Possible values: + // "TYPE_UNSPECIFIED" - Type is unknown or not set. + // "FLEET" - Per-Feature spec was inherited from the fleet-level default. + // "FLEET_OUT_OF_SYNC" - Per-Feature spec was inherited from the fleet-level + // default but is now out of sync with the current default. + // "USER" - Per-Feature spec was inherited from a user specification. + Type string `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "Type") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Type") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Origin) MarshalJSON() ([]byte, error) { + type NoMethod Origin + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerBundleInstallSpec: BundleInstallSpec is the specification +// configuration for a single managed bundle. +type PolicyControllerBundleInstallSpec struct { + // ExemptedNamespaces: the set of namespaces to be exempted from the bundle + ExemptedNamespaces []string `json:"exemptedNamespaces,omitempty"` + // ForceSendFields is a list of field names (e.g. "ExemptedNamespaces") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ExemptedNamespaces") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerBundleInstallSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerBundleInstallSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerHubConfig: Configuration for Policy Controller +type PolicyControllerHubConfig struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // ConstraintViolationLimit: The maximum number of audit violations to be + // stored in a constraint. If not set, the internal default (currently 20) will + // be used. + ConstraintViolationLimit int64 `json:"constraintViolationLimit,omitempty,string"` + // DeploymentConfigs: Map of deployment configs to deployments + // (“admission”, “audit”, “mutation”). + DeploymentConfigs map[string]PolicyControllerPolicyControllerDeploymentConfig `json:"deploymentConfigs,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // InstallSpec: The install_spec represents the intended state specified by the + // latest request that mutated install_spec in the feature spec, not the + // lifecycle state of the feature observed by the Hub feature controller that + // is reported in the feature state. + // + // Possible values: + // "INSTALL_SPEC_UNSPECIFIED" - Spec is unknown. + // "INSTALL_SPEC_NOT_INSTALLED" - Request to uninstall Policy Controller. + // "INSTALL_SPEC_ENABLED" - Request to install and enable Policy Controller. + // "INSTALL_SPEC_SUSPENDED" - Request to suspend Policy Controller i.e. its + // webhooks. If Policy Controller is not installed, it will be installed but + // suspended. + // "INSTALL_SPEC_DETACHED" - Request to stop all reconciliation actions by + // PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from + // affecting cluster resources. + InstallSpec string `json:"installSpec,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *PolicyControllerMonitoringConfig `json:"monitoring,omitempty"` + // MutationEnabled: Enables the ability to mutate resources using Policy + // Controller. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // PolicyContent: Specifies the desired policy content on the cluster + PolicyContent *PolicyControllerPolicyContentSpec `json:"policyContent,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerHubConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerHubConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerMonitoringConfig: MonitoringConfig specifies the backends +// Policy Controller should export metrics to. For example, to specify metrics +// should be exported to Cloud Monitoring and Prometheus, specify backends: +// ["cloudmonitoring", "prometheus"] +type PolicyControllerMonitoringConfig struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerMonitoringConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerMonitoringConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerOnClusterState: OnClusterState represents the state of a +// sub-component of Policy Controller. +type PolicyControllerOnClusterState struct { + // Details: Surface potential errors or information logs. + Details string `json:"details,omitempty"` + // State: The lifecycle state of this component. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerOnClusterState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerOnClusterState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentSpec: PolicyContentSpec defines the user's +// desired content configuration on the cluster. +type PolicyControllerPolicyContentSpec struct { + // Bundles: map of bundle name to BundleInstallSpec. The bundle name maps to + // the `bundleName` key in the `policycontroller.gke.io/constraintData` + // annotation on a constraint. + Bundles map[string]PolicyControllerBundleInstallSpec `json:"bundles,omitempty"` + // TemplateLibrary: Configures the installation of the Template Library. + TemplateLibrary *PolicyControllerTemplateLibraryConfig `json:"templateLibrary,omitempty"` + // ForceSendFields is a list of field names (e.g. "Bundles") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Bundles") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentState: The state of the policy controller +// policy content +type PolicyControllerPolicyContentState struct { + // BundleStates: The state of the any bundles included in the chosen version of + // the manifest + BundleStates map[string]PolicyControllerOnClusterState `json:"bundleStates,omitempty"` + // ReferentialSyncConfigState: The state of the referential data sync + // configuration. This could represent the state of either the syncSet + // object(s) or the config object, depending on the version of PoCo configured + // by the user. + ReferentialSyncConfigState *PolicyControllerOnClusterState `json:"referentialSyncConfigState,omitempty"` + // TemplateLibraryState: The state of the template library + TemplateLibraryState *PolicyControllerOnClusterState `json:"templateLibraryState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BundleStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BundleStates") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyControllerDeploymentConfig: Deployment-specific +// configuration. +type PolicyControllerPolicyControllerDeploymentConfig struct { + // ContainerResources: Container resource requirements. + ContainerResources *PolicyControllerResourceRequirements `json:"containerResources,omitempty"` + // PodAffinity: Pod affinity configuration. + // + // Possible values: + // "AFFINITY_UNSPECIFIED" - No affinity configuration has been specified. + // "NO_AFFINITY" - Affinity configurations will be removed from the + // deployment. + // "ANTI_AFFINITY" - Anti-affinity configuration will be applied to this + // deployment. Default for admissions deployment. + PodAffinity string `json:"podAffinity,omitempty"` + // PodAntiAffinity: Pod anti-affinity enablement. Deprecated: use + // `pod_affinity` instead. + PodAntiAffinity bool `json:"podAntiAffinity,omitempty"` + // PodTolerations: Pod tolerations of node taints. + PodTolerations []*PolicyControllerToleration `json:"podTolerations,omitempty"` + // ReplicaCount: Pod replica count. + ReplicaCount int64 `json:"replicaCount,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "ContainerResources") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ContainerResources") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyControllerDeploymentConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyControllerDeploymentConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceList: ResourceList contains container resource +// requirements. +type PolicyControllerResourceList struct { + // Cpu: CPU requirement expressed in Kubernetes resource units. + Cpu string `json:"cpu,omitempty"` + // Memory: Memory requirement expressed in Kubernetes resource units. + Memory string `json:"memory,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cpu") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cpu") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceList) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceList + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceRequirements: ResourceRequirements describes the +// compute resource requirements. +type PolicyControllerResourceRequirements struct { + // Limits: Limits describes the maximum amount of compute resources allowed for + // use by the running container. + Limits *PolicyControllerResourceList `json:"limits,omitempty"` + // Requests: Requests describes the amount of compute resources reserved for + // the container by the kube-scheduler. + Requests *PolicyControllerResourceList `json:"requests,omitempty"` + // ForceSendFields is a list of field names (e.g. "Limits") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Limits") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceRequirements) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceRequirements + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerSpec: **Policy Controller**: Configuration for a single +// cluster. Intended to parallel the PolicyController CR. +type PolicyControllerSpec struct { + // PolicyControllerHubConfig: Policy Controller configuration for the cluster. + PolicyControllerHubConfig *PolicyControllerHubConfig `json:"policyControllerHubConfig,omitempty"` + // Version: Version of Policy Controller installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "PolicyControllerHubConfig") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "PolicyControllerHubConfig") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerState: **Policy Controller**: State for a single cluster. +type PolicyControllerState struct { + // ComponentStates: Currently these include (also serving as map keys): 1. + // "admission" 2. "audit" 3. "mutation" + ComponentStates map[string]PolicyControllerOnClusterState `json:"componentStates,omitempty"` + // PolicyContentState: The overall content state observed by the Hub Feature + // controller. + PolicyContentState *PolicyControllerPolicyContentState `json:"policyContentState,omitempty"` + // State: The overall Policy Controller lifecycle state observed by the Hub + // Feature controller. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "ComponentStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ComponentStates") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerTemplateLibraryConfig: The config specifying which default +// library templates to install. +type PolicyControllerTemplateLibraryConfig struct { + // Installation: Configures the manner in which the template library is + // installed on the cluster. + // + // Possible values: + // "INSTALLATION_UNSPECIFIED" - No installation strategy has been specified. + // "NOT_INSTALLED" - Do not install the template library. + // "ALL" - Install the entire template library. + Installation string `json:"installation,omitempty"` + // ForceSendFields is a list of field names (e.g. "Installation") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Installation") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerTemplateLibraryConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerTemplateLibraryConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerToleration: Toleration of a node taint. +type PolicyControllerToleration struct { + // Effect: Matches a taint effect. + Effect string `json:"effect,omitempty"` + // Key: Matches a taint key (not necessarily unique). + Key string `json:"key,omitempty"` + // Operator: Matches a taint operator. + Operator string `json:"operator,omitempty"` + // Value: Matches a taint value. + Value string `json:"value,omitempty"` + // ForceSendFields is a list of field names (e.g. "Effect") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Effect") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerToleration) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerToleration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessage: AnalysisMessage is a single message produced by +// an analyzer, and it used to communicate to the end user about the state of +// their Service Mesh configuration. +type ServiceMeshAnalysisMessage struct { + // Args: A UI can combine these args with a template (based on + // message_base.type) to produce an internationalized message. + Args googleapi.RawMessage `json:"args,omitempty"` + // Description: A human readable description of what the error means. It is + // suitable for non-internationalize display purposes. + Description string `json:"description,omitempty"` + // MessageBase: Details common to all types of Istio and ServiceMesh analysis + // messages. + MessageBase *ServiceMeshAnalysisMessageBase `json:"messageBase,omitempty"` + // ResourcePaths: A list of strings specifying the resource identifiers that + // were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID + // if the cause is a specific member cluster * + // MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the cause is a resource in + // a cluster + ResourcePaths []string `json:"resourcePaths,omitempty"` + // ForceSendFields is a list of field names (e.g. "Args") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Args") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessage) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessage + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessageBase: AnalysisMessageBase describes some common +// information that is needed for all messages. +type ServiceMeshAnalysisMessageBase struct { + // DocumentationUrl: A url pointing to the Service Mesh or Istio documentation + // for this specific error type. + DocumentationUrl string `json:"documentationUrl,omitempty"` + // Level: Represents how severe a message is. + // + // Possible values: + // "LEVEL_UNSPECIFIED" - Illegal. Same + // istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN. + // "ERROR" - ERROR represents a misconfiguration that must be fixed. + // "WARNING" - WARNING represents a misconfiguration that should be fixed. + // "INFO" - INFO represents an informational finding. + Level string `json:"level,omitempty"` + // Type: Represents the specific type of a message. + Type *ServiceMeshType `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "DocumentationUrl") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DocumentationUrl") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessageBase) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessageBase + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshCondition: Condition being reported. +type ServiceMeshCondition struct { + // Code: Unique identifier of the condition which describes the condition + // recognizable to the user. + // + // Possible values: + // "CODE_UNSPECIFIED" - Default Unspecified code + // "MESH_IAM_PERMISSION_DENIED" - Mesh IAM permission denied error code + // "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED" - Permission denied error code + // for cross-project + // "CNI_CONFIG_UNSUPPORTED" - CNI config unsupported error code + // "GKE_SANDBOX_UNSUPPORTED" - GKE sandbox unsupported error code + // "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED" - Nodepool workload + // identity federation required error code + // "CNI_INSTALLATION_FAILED" - CNI installation failed error code + // "CNI_POD_UNSCHEDULABLE" - CNI pod unschedulable error code + // "CLUSTER_HAS_ZERO_NODES" - Cluster has zero node code + // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes + // unsupported error code + // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT" - User is using deprecated + // ControlPlaneManagement and they have not yet set Management. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE" - User is using deprecated + // ControlPlaneManagement and they have already set Management. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. + // "MODERNIZATION_SCHEDULED" - Modernization is scheduled for a cluster. + // "MODERNIZATION_IN_PROGRESS" - Modernization is in progress for a cluster. + // "MODERNIZATION_COMPLETED" - Modernization is completed for a cluster. + // "MODERNIZATION_ABORTED" - Modernization is aborted for a cluster. + Code string `json:"code,omitempty"` + // Details: A short summary about the issue. + Details string `json:"details,omitempty"` + // DocumentationLink: Links contains actionable information. + DocumentationLink string `json:"documentationLink,omitempty"` + // Severity: Severity level of the condition. + // + // Possible values: + // "SEVERITY_UNSPECIFIED" - Unspecified severity + // "ERROR" - Indicates an issue that prevents the mesh from operating + // correctly + // "WARNING" - Indicates a setting is likely wrong, but the mesh is still + // able to operate + // "INFO" - An informational message, not requiring any action + Severity string `json:"severity,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshCondition) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshCondition + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshControlPlaneManagement: Status of control plane management. +type ServiceMeshControlPlaneManagement struct { + // Details: Explanation of state. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // Implementation: Output only. Implementation of managed control plane. + // + // Possible values: + // "IMPLEMENTATION_UNSPECIFIED" - Unspecified + // "ISTIOD" - A Google build of istiod is used for the managed control plane. + // "TRAFFIC_DIRECTOR" - Traffic director is used for the managed control + // plane. + // "UPDATING" - The control plane implementation is being updated. + Implementation string `json:"implementation,omitempty"` + // State: LifecycleState of control plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshControlPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshControlPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshDataPlaneManagement: Status of data plane management. Only +// reported per-member. +type ServiceMeshDataPlaneManagement struct { + // Details: Explanation of the status. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // State: Lifecycle status of data plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshDataPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshDataPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshSpec: **Service Mesh**: Spec for a single Membership for the +// servicemesh feature +type ServiceMeshSpec struct { + // ConfigApi: Optional. Specifies the API that will be used for configuring the + // mesh workloads. + // + // Possible values: + // "CONFIG_API_UNSPECIFIED" - Unspecified + // "CONFIG_API_ISTIO" - Use the Istio API for configuration. + // "CONFIG_API_GATEWAY" - Use the K8s Gateway API for configuration. + ConfigApi string `json:"configApi,omitempty"` + // ControlPlane: Deprecated: use `management` instead Enables automatic control + // plane management. + // + // Possible values: + // "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" - Unspecified + // "AUTOMATIC" - Google should provision a control plane revision and make it + // available in the cluster. Google will enroll this revision in a release + // channel and keep it up to date. The control plane revision may be a managed + // service, or a managed install. + // "MANUAL" - User will manually configure the control plane (e.g. via CLI, + // or via the ControlPlaneRevision KRM API) + ControlPlane string `json:"controlPlane,omitempty"` + // DefaultChannel: Determines which release channel to use for default + // injection and service mesh APIs. + // + // Possible values: + // "CHANNEL_UNSPECIFIED" - Unspecified + // "RAPID" - RAPID channel is offered on an early access basis for customers + // who want to test new releases. + // "REGULAR" - REGULAR channel is intended for production users who want to + // take advantage of new features. + // "STABLE" - STABLE channel includes versions that are known to be stable + // and reliable in production. + DefaultChannel string `json:"defaultChannel,omitempty"` + // Management: Optional. Enables automatic Service Mesh management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google should manage my Service Mesh for the + // cluster. + // "MANAGEMENT_MANUAL" - User will manually configure their service mesh + // components. + Management string `json:"management,omitempty"` + // ForceSendFields is a list of field names (e.g. "ConfigApi") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ConfigApi") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshSpec) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshState: **Service Mesh**: State for a single Membership, as +// analyzed by the Service Mesh Hub Controller. +type ServiceMeshState struct { + // AnalysisMessages: Output only. Results of running Service Mesh analyzers. + AnalysisMessages []*ServiceMeshAnalysisMessage `json:"analysisMessages,omitempty"` + // Conditions: Output only. List of conditions reported for this membership. + Conditions []*ServiceMeshCondition `json:"conditions,omitempty"` + // ConfigApiVersion: The API version (i.e. Istio CRD version) for configuring + // service mesh in this cluster. This version is influenced by the + // `default_channel` field. + ConfigApiVersion string `json:"configApiVersion,omitempty"` + // ControlPlaneManagement: Output only. Status of control plane management + ControlPlaneManagement *ServiceMeshControlPlaneManagement `json:"controlPlaneManagement,omitempty"` + // DataPlaneManagement: Output only. Status of data plane management. + DataPlaneManagement *ServiceMeshDataPlaneManagement `json:"dataPlaneManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "AnalysisMessages") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AnalysisMessages") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshState) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshStatusDetails: Structured and human-readable details for a +// status. +type ServiceMeshStatusDetails struct { + // Code: A machine-readable code that further describes a broad status. + Code string `json:"code,omitempty"` + // Details: Human-readable explanation of code. + Details string `json:"details,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshStatusDetails) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshStatusDetails + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshType: A unique identifier for the type of message. Display_name +// is intended to be human-readable, code is intended to be machine readable. +// There should be a one-to-one mapping between display_name and code. (i.e. do +// not re-use display_names or codes between message types.) See +// istio.analysis.v1alpha1.AnalysisMessageBase.Type +type ServiceMeshType struct { + // Code: A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, + // intended to uniquely identify the message type. (e.g. "IST0001" is mapped to + // the "InternalError" message type.) + Code string `json:"code,omitempty"` + // DisplayName: A human-readable name for the message type. e.g. + // "InternalError", "PodMissingProxy". This should be the same for all messages + // of the same type. (This corresponds to the `name` field in open-source + // Istio.) + DisplayName string `json:"displayName,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshType) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshType + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// State: High-level state of a MembershipFeature. +type State struct { + // Code: The high-level, machine-readable status of this MembershipFeature. + // + // Possible values: + // "CODE_UNSPECIFIED" - Unknown or not set. + // "OK" - The MembershipFeature is operating normally. + // "WARNING" - The MembershipFeature has encountered an issue, and is + // operating in a degraded state. The MembershipFeature may need intervention + // to return to normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + // "ERROR" - The MembershipFeature is not operating or is in a severely + // degraded state. The MembershipFeature may need intervention to return to + // normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + Code string `json:"code,omitempty"` + // Description: A human-readable description of the current status. + Description string `json:"description,omitempty"` + // UpdateTime: The time this status and any related Feature-specific details + // were updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s State) MarshalJSON() ([]byte, error) { + type NoMethod State + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// WorkloadCertificateSpec: **WorkloadCertificate**: The membership-specific +// input for WorkloadCertificate feature. +type WorkloadCertificateSpec struct { + // CertificateManagement: CertificateManagement specifies workload certificate + // management. + // + // Possible values: + // "CERTIFICATE_MANAGEMENT_UNSPECIFIED" - Disable workload certificate + // feature. + // "DISABLED" - Disable workload certificate feature. + // "ENABLED" - Enable workload certificate feature. + CertificateManagement string `json:"certificateManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateManagement") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateManagement") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s WorkloadCertificateSpec) MarshalJSON() ([]byte, error) { + type NoMethod WorkloadCertificateSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +type ProjectsLocationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets information about a location. +// +// - name: Resource name for the location. +func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { + c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.get" call. +// Any non-2xx status code is an error. Response headers are in either +// *Location.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Location{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsListCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists information about the supported locations for this service. +// +// - name: The resource that owns the locations collection, if applicable. +func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { + c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Filter sets the optional parameter "filter": A filter to narrow down results +// to a preferred subset. The filtering language accepts strings like +// "displayName=tokyo", and is documented in more detail in AIP-160 +// (https://google.aip.dev/160). +func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number of +// results to return. If not set, the service selects a default. +func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A page token received +// from the `next_page_token` field in the response. Send that page token to +// receive the subsequent page. +func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+name}/locations") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.list" call. +// Any non-2xx status code is an error. Response headers are in either +// *ListLocationsResponse.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListLocationsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +type ProjectsLocationsMembershipsFeaturesCreateCall struct { + s *Service + parent string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates membershipFeature under a given parent. +// +// - parent: The name of parent where the MembershipFeature will be created. +// Specified in the format `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Create(parent string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesCreateCall { + c := &ProjectsLocationsMembershipsFeaturesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.membershipfeature = membershipfeature + return c +} + +// FeatureId sets the optional parameter "featureId": Required. The ID of the +// membership_feature to create. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) FeatureId(featureId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("featureId", featureId) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+parent}/features") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.create" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Removes a membershipFeature. +// +// - name: The name of the membershipFeature to be deleted. Specified in the +// format `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Delete(name string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c := &ProjectsLocationsMembershipsFeaturesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("requestId", requestId) + return c } -// Operation: This resource represents a long-running operation that is the -// result of a network API call. -type Operation struct { - // Done: If the value is `false`, it means the operation is still in progress. - // If `true`, the operation is completed, and either `error` or `response` is - // available. - Done bool `json:"done,omitempty"` - // Error: The error result of the operation in case of failure or cancellation. - Error *GoogleRpcStatus `json:"error,omitempty"` - // Metadata: Service-specific metadata associated with the operation. It - // typically contains progress information and common metadata such as create - // time. Some services might not provide such metadata. Any method that returns - // a long-running operation should document the metadata type, if any. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: The server-assigned name, which is only unique within the same service - // that originally returns it. If you use the default HTTP mapping, the `name` - // should be a resource name ending with `operations/{unique_id}`. - Name string `json:"name,omitempty"` - // Response: The normal, successful response of the operation. If the original - // method returns no data on success, such as `Delete`, the response is - // `google.protobuf.Empty`. If the original method is standard - // `Get`/`Create`/`Update`, the response should be the resource. For other - // methods, the response should have the type `XxxResponse`, where `Xxx` is the - // original method name. For example, if the original method name is - // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. - Response googleapi.RawMessage `json:"response,omitempty"` +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Done") to unconditionally - // include in API requests. By default, fields with empty or default values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more - // details. - ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Done") to include in API requests - // with the JSON null value. By default, fields with empty values are omitted - // from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. - NullFields []string `json:"-"` +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.ctx_ = ctx + return c } -func (s Operation) MarshalJSON() ([]byte, error) { - type NoMethod Operation - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ } -type ProjectsLocationsGetCall struct { +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.delete" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesGetCall struct { s *Service name string urlParams_ gensupport.URLParams @@ -384,11 +3931,13 @@ type ProjectsLocationsGetCall struct { header_ http.Header } -// Get: Gets information about a location. +// Get: ========= MembershipFeature Services ========= Gets details of a +// membershipFeature. // -// - name: Resource name for the location. -func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { - c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - name: The MembershipFeature resource name in the format +// `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Get(name string) *ProjectsLocationsMembershipsFeaturesGetCall { + c := &ProjectsLocationsMembershipsFeaturesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name return c } @@ -396,7 +3945,7 @@ func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -404,27 +3953,27 @@ func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocatio // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesGetCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGetCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -445,12 +3994,13 @@ func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.get" call. +// Do executes the "gkehub.projects.locations.memberships.features.get" call. // Any non-2xx status code is an error. Response headers are in either -// *Location.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { +// *MembershipFeature.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Do(opts ...googleapi.CallOption) (*MembershipFeature, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -469,7 +4019,7 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Location{ + ret := &MembershipFeature{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -482,44 +4032,56 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, return ret, nil } -type ProjectsLocationsListCall struct { +type ProjectsLocationsMembershipsFeaturesListCall struct { s *Service - name string + parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// List: Lists information about the supported locations for this service. +// List: Lists MembershipFeatures in a given project and location. // -// - name: The resource that owns the locations collection, if applicable. -func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { - c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - parent: The parent where the MembershipFeature will be listed. In the +// format: `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) List(parent string) *ProjectsLocationsMembershipsFeaturesListCall { + c := &ProjectsLocationsMembershipsFeaturesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent return c } -// Filter sets the optional parameter "filter": A filter to narrow down results -// to a preferred subset. The filtering language accepts strings like -// "displayName=tokyo", and is documented in more detail in AIP-160 -// (https://google.aip.dev/160). -func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { +// Filter sets the optional parameter "filter": Lists MembershipFeatures that +// match the filter expression, following the syntax outlined in +// https://google.aip.dev/160. Examples: - Feature with the name "helloworld" +// in project "foo-proj" and membership "member-bar": name = +// "projects/foo-proj/locations/global/memberships/member-bar/features/helloworl +// d" - Features that have a label called `foo`: labels.foo:* - Features that +// have a label called `foo` whose value is `bar`: labels.foo = bar +func (c *ProjectsLocationsMembershipsFeaturesListCall) Filter(filter string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("filter", filter) return c } -// PageSize sets the optional parameter "pageSize": The maximum number of -// results to return. If not set, the service selects a default. -func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { +// OrderBy sets the optional parameter "orderBy": One or more fields to compare +// and use to sort the output. See https://google.aip.dev/132#ordering. +func (c *ProjectsLocationsMembershipsFeaturesListCall) OrderBy(orderBy string) *ProjectsLocationsMembershipsFeaturesListCall { + c.urlParams_.Set("orderBy", orderBy) + return c +} + +// PageSize sets the optional parameter "pageSize": When requesting a 'page' of +// resources, `page_size` specifies number of resources to return. If +// unspecified or set to 0, all resources will be returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageSize(pageSize int64) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) return c } -// PageToken sets the optional parameter "pageToken": A page token received -// from the `next_page_token` field in the response. Send that page token to -// receive the subsequent page. -func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { +// PageToken sets the optional parameter "pageToken": Token returned by +// previous call to `ListFeatures` which specifies the position in the list +// from where to continue listing the resources. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageToken(pageToken string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageToken", pageToken) return c } @@ -527,7 +4089,7 @@ func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocatio // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -535,27 +4097,27 @@ func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocati // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesListCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsListCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesListCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -563,7 +4125,7 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+name}/locations") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+parent}/features") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -571,18 +4133,18 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.list" call. +// Do executes the "gkehub.projects.locations.memberships.features.list" call. // Any non-2xx status code is an error. Response headers are in either -// *ListLocationsResponse.ServerResponse.Header or (if a response was returned -// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified was -// returned. -func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { +// *ListMembershipFeaturesResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) Do(opts ...googleapi.CallOption) (*ListMembershipFeaturesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -601,7 +4163,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &ListLocationsResponse{ + ret := &ListMembershipFeaturesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -617,7 +4179,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat // Pages invokes f for each page of results. // A non-nil error returned from f will halt the iteration. // The provided context supersedes any context provided to the Context method. -func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Pages(ctx context.Context, f func(*ListMembershipFeaturesResponse) error) error { c.ctx_ = ctx defer c.PageToken(c.urlParams_.Get("pageToken")) for { @@ -635,6 +4197,132 @@ func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocat } } +type ProjectsLocationsMembershipsFeaturesPatchCall struct { + s *Service + nameid string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates an existing MembershipFeature. +// +// - name: Output only. The resource name of the membershipFeature, in the +// format: +// `projects/{project}/locations/{location}/memberships/{membership}/features/ +// {feature}`. Note that `membershipFeatures` is shortened to `features` in +// the resource name. (see http://go/aip/122#collection-identifiers). +func (r *ProjectsLocationsMembershipsFeaturesService) Patch(nameid string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesPatchCall { + c := &ProjectsLocationsMembershipsFeaturesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.nameid = nameid + c.membershipfeature = membershipfeature + return c +} + +// AllowMissing sets the optional parameter "allowMissing": If set to true, and +// the MembershipFeature is not found, a new MembershipFeature will be created. +// In this situation, `update_mask` is ignored. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) AllowMissing(allowMissing bool) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("allowMissing", fmt.Sprint(allowMissing)) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. Mask of +// fields to update. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.nameid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.patch" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type ProjectsLocationsOperationsCancelCall struct { s *Service name string diff --git a/gkehub/v2beta/gkehub-api.json b/gkehub/v2beta/gkehub-api.json index a587b00fb0a..0c0f9857505 100644 --- a/gkehub/v2beta/gkehub-api.json +++ b/gkehub/v2beta/gkehub-api.json @@ -177,6 +177,197 @@ } }, "resources": { + "memberships": { + "resources": { + "features": { + "methods": { + "create": { + "description": "Creates membershipFeature under a given parent.", + "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "POST", + "id": "gkehub.projects.locations.memberships.features.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "featureId": { + "description": "Required. The ID of the membership_feature to create.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of parent where the MembershipFeature will be created. Specified in the format `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2beta/{+parent}/features", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Removes a membershipFeature.", + "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "DELETE", + "id": "gkehub.projects.locations.memberships.features.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the membershipFeature to be deleted. Specified in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + } + }, + "path": "v2beta/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "========= MembershipFeature Services ========= Gets details of a membershipFeature.", + "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The MembershipFeature resource name in the format `projects/*/locations/*/memberships/*/features/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2beta/{+name}", + "response": { + "$ref": "MembershipFeature" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists MembershipFeatures in a given project and location.", + "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features", + "httpMethod": "GET", + "id": "gkehub.projects.locations.memberships.features.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Lists MembershipFeatures that match the filter expression, following the syntax outlined in https://google.aip.dev/160. Examples: - Feature with the name \"helloworld\" in project \"foo-proj\" and membership \"member-bar\": name = \"projects/foo-proj/locations/global/memberships/member-bar/features/helloworld\" - Features that have a label called `foo`: labels.foo:* - Features that have a label called `foo` whose value is `bar`: labels.foo = bar", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "One or more fields to compare and use to sort the output. See https://google.aip.dev/132#ordering.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "When requesting a 'page' of resources, `page_size` specifies number of resources to return. If unspecified or set to 0, all resources will be returned.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Token returned by previous call to `ListFeatures` which specifies the position in the list from where to continue listing the resources.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The parent where the MembershipFeature will be listed. In the format: `projects/*/locations/*/memberships/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v2beta/{+parent}/features", + "response": { + "$ref": "ListMembershipFeaturesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates an existing MembershipFeature.", + "flatPath": "v2beta/projects/{projectsId}/locations/{locationsId}/memberships/{membershipsId}/features/{featuresId}", + "httpMethod": "PATCH", + "id": "gkehub.projects.locations.memberships.features.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "allowMissing": { + "description": "Optional. If set to true, and the MembershipFeature is not found, a new MembershipFeature will be created. In this situation, `update_mask` is ignored.", + "location": "query", + "type": "boolean" + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/memberships/[^/]+/features/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Idempotent request UUID.", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. Mask of fields to update.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v2beta/{+name}", + "request": { + "$ref": "MembershipFeature" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } + }, "operations": { "methods": { "cancel": { @@ -280,149 +471,2800 @@ } } }, - "revision": "20240809", + "revision": "20241006", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { + "AppDevExperienceState": { + "description": "State for App Dev Exp Feature.", + "id": "AppDevExperienceState", + "properties": { + "networkingInstallSucceeded": { + "$ref": "AppDevExperienceStatus", + "description": "Status of subcomponent that detects configured Service Mesh resources." + } + }, + "type": "object" + }, + "AppDevExperienceStatus": { + "description": "Status specifies state for the subcomponent.", + "id": "AppDevExperienceStatus", + "properties": { + "code": { + "description": "Code specifies AppDevExperienceFeature's subcomponent ready state.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "FAILED", + "UNKNOWN" + ], + "enumDescriptions": [ + "Not set.", + "AppDevExperienceFeature's specified subcomponent is ready.", + "AppDevExperienceFeature's specified subcomponent ready state is false. This means AppDevExperienceFeature has encountered an issue that blocks all, or a portion, of its normal operation. See the `description` for more details.", + "AppDevExperienceFeature's specified subcomponent has a pending or unknown state." + ], + "type": "string" + }, + "description": { + "description": "Description is populated if Code is Failed, explaining why it has failed.", + "type": "string" + } + }, + "type": "object" + }, "CancelOperationRequest": { "description": "The request message for Operations.CancelOperation.", "id": "CancelOperationRequest", "properties": {}, "type": "object" }, - "Empty": { - "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", - "id": "Empty", - "properties": {}, + "CloudBuildSpec": { + "description": "**Cloud Build**: Configurations for each Cloud Build enabled cluster.", + "id": "CloudBuildSpec", + "properties": { + "securityPolicy": { + "description": "Whether it is allowed to run the privileged builds on the cluster or not.", + "enum": [ + "SECURITY_POLICY_UNSPECIFIED", + "NON_PRIVILEGED", + "PRIVILEGED" + ], + "enumDescriptions": [ + "Unspecified policy", + "Privileged build pods are disallowed", + "Privileged build pods are allowed" + ], + "type": "string" + }, + "version": { + "description": "Version of the cloud build software on the cluster.", + "type": "string" + } + }, "type": "object" }, - "GoogleRpcStatus": { - "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", - "id": "GoogleRpcStatus", + "ClusterUpgradeGKEUpgrade": { + "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", + "id": "ClusterUpgradeGKEUpgrade", "properties": { - "code": { - "description": "The status code, which should be an enum value of google.rpc.Code.", - "format": "int32", - "type": "integer" + "name": { + "description": "Name of the upgrade, e.g., \"k8s_control_plane\".", + "type": "string" }, - "details": { - "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", - "items": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "type": "object" - }, - "type": "array" + "version": { + "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\".", + "type": "string" + } + }, + "type": "object" + }, + "ClusterUpgradeIgnoredMembership": { + "description": "IgnoredMembership represents a membership ignored by the feature. A membership can be ignored because it was manually upgraded to a newer version than RC default.", + "id": "ClusterUpgradeIgnoredMembership", + "properties": { + "ignoredTime": { + "description": "Time when the membership was first set to ignored.", + "format": "google-datetime", + "type": "string" }, - "message": { - "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "reason": { + "description": "Reason why the membership is ignored.", "type": "string" } }, "type": "object" }, - "ListLocationsResponse": { - "description": "The response message for Locations.ListLocations.", - "id": "ListLocationsResponse", + "ClusterUpgradeMembershipGKEUpgradeState": { + "description": "MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership.", + "id": "ClusterUpgradeMembershipGKEUpgradeState", "properties": { - "locations": { - "description": "A list of locations that matches the specified filter in the request.", + "status": { + "$ref": "ClusterUpgradeUpgradeStatus", + "description": "Status of the upgrade." + }, + "upgrade": { + "$ref": "ClusterUpgradeGKEUpgrade", + "description": "Which upgrade to track the state." + } + }, + "type": "object" + }, + "ClusterUpgradeState": { + "description": "Per-membership state for this feature.", + "id": "ClusterUpgradeState", + "properties": { + "ignored": { + "$ref": "ClusterUpgradeIgnoredMembership", + "description": "Whether this membership is ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel." + }, + "upgrades": { + "description": "Actual upgrade state against desired.", "items": { - "$ref": "Location" + "$ref": "ClusterUpgradeMembershipGKEUpgradeState" }, "type": "array" + } + }, + "type": "object" + }, + "ClusterUpgradeUpgradeStatus": { + "description": "UpgradeStatus provides status information for each upgrade.", + "id": "ClusterUpgradeUpgradeStatus", + "properties": { + "code": { + "description": "Status code of the upgrade.", + "enum": [ + "CODE_UNSPECIFIED", + "INELIGIBLE", + "PENDING", + "IN_PROGRESS", + "SOAKING", + "FORCED_SOAKING", + "COMPLETE" + ], + "enumDescriptions": [ + "Required by https://linter.aip.dev/126/unspecified.", + "The upgrade is ineligible. At the scope level, this means the upgrade is ineligible for all the clusters in the scope.", + "The upgrade is pending. At the scope level, this means the upgrade is pending for all the clusters in the scope.", + "The upgrade is in progress. At the scope level, this means the upgrade is in progress for at least one cluster in the scope.", + "The upgrade has finished and is soaking until the soaking time is up. At the scope level, this means at least one cluster is in soaking while the rest are either soaking or complete.", + "A cluster will be forced to enter soaking if an upgrade doesn't finish within a certain limit, despite it's actual status.", + "The upgrade has passed all post conditions (soaking). At the scope level, this means all eligible clusters are in COMPLETE status." + ], + "type": "string" }, - "nextPageToken": { - "description": "The standard List next-page token.", + "reason": { + "description": "Reason for this status.", + "type": "string" + }, + "updateTime": { + "description": "Last timestamp the status was updated.", + "format": "google-datetime", "type": "string" } }, "type": "object" }, - "ListOperationsResponse": { - "description": "The response message for Operations.ListOperations.", - "id": "ListOperationsResponse", + "ConfigManagementBinauthzConfig": { + "description": "Configuration for Binauthz.", + "id": "ConfigManagementBinauthzConfig", "properties": { - "nextPageToken": { - "description": "The standard List next-page token.", + "enabled": { + "description": "Whether binauthz is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzState": { + "description": "State for Binauthz.", + "id": "ConfigManagementBinauthzState", + "properties": { + "version": { + "$ref": "ConfigManagementBinauthzVersion", + "description": "The version of binauthz that is installed." + }, + "webhook": { + "description": "The state of the binauthz webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementBinauthzVersion": { + "description": "The version of binauthz.", + "id": "ConfigManagementBinauthzVersion", + "properties": { + "webhookVersion": { + "description": "The version of the binauthz webhook.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSync": { + "description": "Configuration for Config Sync", + "id": "ConfigManagementConfigSync", + "properties": { + "allowVerticalScale": { + "deprecated": true, + "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", + "type": "boolean" }, - "operations": { - "description": "A list of operations that matches the specified filter in the request.", + "enabled": { + "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + "type": "boolean" + }, + "git": { + "$ref": "ConfigManagementGitConfig", + "description": "Git repo configuration for the cluster." + }, + "metricsGcpServiceAccountEmail": { + "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA.", + "type": "string" + }, + "oci": { + "$ref": "ConfigManagementOciConfig", + "description": "OCI repo configuration for the cluster." + }, + "preventDrift": { + "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.", + "type": "boolean" + }, + "sourceFormat": { + "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncDeploymentState": { + "description": "The state of ConfigSync's deployment on a cluster.", + "id": "ConfigManagementConfigSyncDeploymentState", + "properties": { + "admissionWebhook": { + "description": "Deployment state of admission-webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gitSync": { + "description": "Deployment state of the git-sync pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "importer": { + "description": "Deployment state of the importer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "monitor": { + "description": "Deployment state of the monitor pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "otelCollector": { + "description": "Deployment state of otel-collector", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "reconcilerManager": { + "description": "Deployment state of reconciler-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Deployment state of resource-group-controller-manager", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "rootReconciler": { + "description": "Deployment state of root-reconciler.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "syncer": { + "description": "Deployment state of the syncer pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncError": { + "description": "Errors pertaining to the installation of Config Sync", + "id": "ConfigManagementConfigSyncError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementConfigSyncState": { + "description": "State information for ConfigSync.", + "id": "ConfigManagementConfigSyncState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementConfigSyncDeploymentState", + "description": "Information about the deployment of ConfigSync, including the version. of the various Pods deployed" + }, + "errors": { + "description": "Errors pertaining to the installation of Config Sync.", "items": { - "$ref": "Operation" + "$ref": "ConfigManagementConfigSyncError" }, "type": "array" + }, + "reposyncCrd": { + "description": "The state of the Reposync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "rootsyncCrd": { + "description": "The state of the RootSync CRD", + "enum": [ + "CRD_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "TERMINATING", + "INSTALLING" + ], + "enumDescriptions": [ + "CRD's state cannot be determined", + "CRD is not installed", + "CRD is installed", + "CRD is terminating (i.e., it has been deleted and is cleaning up)", + "CRD is installing" + ], + "type": "string" + }, + "state": { + "description": "The state of CS This field summarizes the other fields in this message.", + "enum": [ + "STATE_UNSPECIFIED", + "CONFIG_SYNC_NOT_INSTALLED", + "CONFIG_SYNC_INSTALLED", + "CONFIG_SYNC_ERROR", + "CONFIG_SYNC_PENDING" + ], + "enumDescriptions": [ + "CS's state cannot be determined.", + "CS is not installed.", + "The expected CS version is installed successfully.", + "CS encounters errors.", + "CS is installing or terminating." + ], + "type": "string" + }, + "syncState": { + "$ref": "ConfigManagementSyncState", + "description": "The state of ConfigSync's process to sync configs to a cluster." + }, + "version": { + "$ref": "ConfigManagementConfigSyncVersion", + "description": "The version of ConfigSync deployed." } }, "type": "object" }, - "Location": { - "description": "A resource that represents a Google Cloud location.", - "id": "Location", + "ConfigManagementConfigSyncVersion": { + "description": "Specific versioning information pertaining to ConfigSync's Pods.", + "id": "ConfigManagementConfigSyncVersion", "properties": { - "displayName": { - "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "admissionWebhook": { + "description": "Version of the deployed admission-webhook pod.", "type": "string" }, - "labels": { - "additionalProperties": { - "type": "string" - }, - "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", - "type": "object" + "gitSync": { + "description": "Version of the deployed git-sync pod.", + "type": "string" }, - "locationId": { - "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "importer": { + "description": "Version of the deployed importer pod.", "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata. For example the available capacity at the given location.", - "type": "object" + "monitor": { + "description": "Version of the deployed monitor pod.", + "type": "string" }, - "name": { - "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "otelCollector": { + "description": "Version of the deployed otel-collector pod", + "type": "string" + }, + "reconcilerManager": { + "description": "Version of the deployed reconciler-manager pod.", + "type": "string" + }, + "resourceGroupControllerManager": { + "description": "Version of the deployed resource-group-controller-manager pod", + "type": "string" + }, + "rootReconciler": { + "description": "Version of the deployed reconciler container in root-reconciler pod.", + "type": "string" + }, + "syncer": { + "description": "Version of the deployed syncer pod.", "type": "string" } }, "type": "object" }, - "Operation": { - "description": "This resource represents a long-running operation that is the result of a network API call.", - "id": "Operation", + "ConfigManagementErrorResource": { + "description": "Model for a config file in the git repo with an associated Sync error.", + "id": "ConfigManagementErrorResource", "properties": { - "done": { - "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", - "type": "boolean" + "resourceGvk": { + "$ref": "ConfigManagementGroupVersionKind", + "description": "Group/version/kind of the resource that is causing an error" }, - "error": { - "$ref": "GoogleRpcStatus", - "description": "The error result of the operation in case of failure or cancellation." + "resourceName": { + "description": "Metadata name of the resource that is causing an error", + "type": "string" }, - "metadata": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", - "type": "object" + "resourceNamespace": { + "description": "Namespace of the resource that is causing an error", + "type": "string" }, - "name": { - "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "sourcePath": { + "description": "Path in the git repo of the erroneous config", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGatekeeperDeploymentState": { + "description": "State of Policy Controller installation.", + "id": "ConfigManagementGatekeeperDeploymentState", + "properties": { + "gatekeeperAudit": { + "description": "Status of gatekeeper-audit deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], "type": "string" }, - "response": { - "additionalProperties": { - "description": "Properties of the object. Contains field @type with type URL.", - "type": "any" - }, - "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", - "type": "object" + "gatekeeperControllerManagerState": { + "description": "Status of gatekeeper-controller-manager pod.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "gatekeeperMutation": { + "description": "Status of the pod serving the mutation webhook.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGitConfig": { + "description": "Git repo configuration for a single cluster.", + "id": "ConfigManagementGitConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "httpsProxy": { + "description": "URL for the HTTPS proxy to be used when communicating with the Git repo.", + "type": "string" + }, + "policyDir": { + "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.", + "type": "string" + }, + "syncBranch": { + "description": "The branch of the repository to sync from. Default: master.", + "type": "string" + }, + "syncRepo": { + "description": "The URL of the Git repository to use as the source of truth.", + "type": "string" + }, + "syncRev": { + "description": "Git revision (tag or hash) to check out. Default HEAD.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementGroupVersionKind": { + "description": "A Kubernetes object's GVK.", + "id": "ConfigManagementGroupVersionKind", + "properties": { + "group": { + "description": "Kubernetes Group", + "type": "string" + }, + "kind": { + "description": "Kubernetes Kind", + "type": "string" + }, + "version": { + "description": "Kubernetes Version", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerConfig": { + "description": "Configuration for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerConfig", + "properties": { + "enableHierarchicalResourceQuota": { + "description": "Whether hierarchical resource quota is enabled in this cluster.", + "type": "boolean" + }, + "enablePodTreeLabels": { + "description": "Whether pod tree labels are enabled in this cluster.", + "type": "boolean" + }, + "enabled": { + "description": "Whether Hierarchy Controller is enabled in this cluster.", + "type": "boolean" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerDeploymentState": { + "description": "Deployment state for Hierarchy Controller", + "id": "ConfigManagementHierarchyControllerDeploymentState", + "properties": { + "extension": { + "description": "The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "hnc": { + "description": "The deployment state for open source HNC (e.g. v0.7.0-hc.0).", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerState": { + "description": "State for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerState", + "properties": { + "state": { + "$ref": "ConfigManagementHierarchyControllerDeploymentState", + "description": "The deployment state for Hierarchy Controller." + }, + "version": { + "$ref": "ConfigManagementHierarchyControllerVersion", + "description": "The version for Hierarchy Controller." + } + }, + "type": "object" + }, + "ConfigManagementHierarchyControllerVersion": { + "description": "Version for Hierarchy Controller.", + "id": "ConfigManagementHierarchyControllerVersion", + "properties": { + "extension": { + "description": "Version for Hierarchy Controller extension.", + "type": "string" + }, + "hnc": { + "description": "Version for open source HNC.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementInstallError": { + "description": "Errors pertaining to the installation of ACM.", + "id": "ConfigManagementInstallError", + "properties": { + "errorMessage": { + "description": "A string representing the user facing error message.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOciConfig": { + "description": "OCI repo configuration for a single cluster.", + "id": "ConfigManagementOciConfig", + "properties": { + "gcpServiceAccountEmail": { + "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "type": "string" + }, + "policyDir": { + "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image.", + "type": "string" + }, + "secretType": { + "description": "Type of secret configured for access to the Git repo.", + "type": "string" + }, + "syncRepo": { + "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.", + "type": "string" + }, + "syncWaitSecs": { + "description": "Period in seconds between consecutive syncs. Default: 15.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementOperatorState": { + "description": "State information for an ACM's Operator.", + "id": "ConfigManagementOperatorState", + "properties": { + "deploymentState": { + "description": "The state of the Operator's deployment.", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLED", + "ERROR", + "PENDING" + ], + "enumDescriptions": [ + "Deployment's state cannot be determined.", + "Deployment is not installed.", + "Deployment is installed.", + "Deployment was attempted to be installed, but has errors.", + "Deployment is installing or terminating" + ], + "type": "string" + }, + "errors": { + "description": "Install errors.", + "items": { + "$ref": "ConfigManagementInstallError" + }, + "type": "array" + }, + "version": { + "description": "The semenatic version number of the operator.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyController": { + "description": "Configuration for Policy Controller", + "id": "ConfigManagementPolicyController", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "enabled": { + "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.", + "type": "boolean" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "ConfigManagementPolicyControllerMonitoring", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.", + "type": "boolean" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + }, + "templateLibraryInstalled": { + "description": "Installs the default template library along with Policy Controller.", + "type": "boolean" + }, + "updateTime": { + "description": "Output only. Last time this membership spec was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMigration": { + "description": "State for the migration of PolicyController from ACM -\u003e PoCo Hub.", + "id": "ConfigManagementPolicyControllerMigration", + "properties": { + "copyTime": { + "description": "Last time this membership spec was copied to PoCo feature.", + "format": "google-datetime", + "type": "string" + }, + "stage": { + "description": "Stage of the migration.", + "enum": [ + "STAGE_UNSPECIFIED", + "ACM_MANAGED", + "POCO_MANAGED" + ], + "enumDescriptions": [ + "Unknown state of migration.", + "ACM Hub/Operator manages policycontroller. No migration yet completed.", + "All migrations steps complete; Poco Hub now manages policycontroller." + ], + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerMonitoring": { + "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "ConfigManagementPolicyControllerMonitoring", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerState": { + "description": "State for PolicyControllerState.", + "id": "ConfigManagementPolicyControllerState", + "properties": { + "deploymentState": { + "$ref": "ConfigManagementGatekeeperDeploymentState", + "description": "The state about the policy controller installation." + }, + "migration": { + "$ref": "ConfigManagementPolicyControllerMigration", + "description": "Record state of ACM -\u003e PoCo Hub migration for this feature." + }, + "version": { + "$ref": "ConfigManagementPolicyControllerVersion", + "description": "The version of Gatekeeper Policy Controller deployed." + } + }, + "type": "object" + }, + "ConfigManagementPolicyControllerVersion": { + "description": "The build version of Gatekeeper Policy Controller is using.", + "id": "ConfigManagementPolicyControllerVersion", + "properties": { + "version": { + "description": "The gatekeeper image tag that is composed of ACM version, git tag, build number.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementSpec": { + "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", + "id": "ConfigManagementSpec", + "properties": { + "binauthz": { + "$ref": "ConfigManagementBinauthzConfig", + "deprecated": true, + "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." + }, + "cluster": { + "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.", + "type": "string" + }, + "configSync": { + "$ref": "ConfigManagementConfigSync", + "description": "Config Sync configuration for the cluster." + }, + "hierarchyController": { + "$ref": "ConfigManagementHierarchyControllerConfig", + "description": "Hierarchy Controller configuration for the cluster. Deprecated: Configuring Hierarchy Controller through the configmanagement feature is no longer recommended. Use https://github.com/kubernetes-sigs/hierarchical-namespaces instead." + }, + "management": { + "description": "Enables automatic Feature management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google will manage the Feature for the cluster.", + "User will manually manage the Feature for the cluster." + ], + "type": "string" + }, + "policyController": { + "$ref": "ConfigManagementPolicyController", + "description": "Policy Controller configuration for the cluster. Deprecated: Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the policycontroller feature instead." + }, + "version": { + "description": "Version of ACM installed.", + "type": "string" + } + }, + "type": "object" + }, + "ConfigManagementState": { + "description": "**Anthos Config Management**: State for a single cluster.", + "id": "ConfigManagementState", + "properties": { + "binauthzState": { + "$ref": "ConfigManagementBinauthzState", + "description": "Binauthz status." + }, + "clusterName": { + "description": "This field is set to the `cluster_name` field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.", + "type": "string" + }, + "configSyncState": { + "$ref": "ConfigManagementConfigSyncState", + "description": "Current sync status." + }, + "hierarchyControllerState": { + "$ref": "ConfigManagementHierarchyControllerState", + "description": "Hierarchy Controller status." + }, + "membershipSpec": { + "$ref": "ConfigManagementSpec", + "description": "Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state." + }, + "operatorState": { + "$ref": "ConfigManagementOperatorState", + "description": "Current install status of ACM's Operator." + }, + "policyControllerState": { + "$ref": "ConfigManagementPolicyControllerState", + "description": "PolicyController status." + } + }, + "type": "object" + }, + "ConfigManagementSyncError": { + "description": "An ACM created error representing a problem syncing configurations.", + "id": "ConfigManagementSyncError", + "properties": { + "code": { + "description": "An ACM defined error code", + "type": "string" + }, + "errorMessage": { + "description": "A description of the error", + "type": "string" + }, + "errorResources": { + "description": "A list of config(s) associated with the error, if any", + "items": { + "$ref": "ConfigManagementErrorResource" + }, + "type": "array" + } + }, + "type": "object" + }, + "ConfigManagementSyncState": { + "description": "State indicating an ACM's progress syncing configurations to a cluster.", + "id": "ConfigManagementSyncState", + "properties": { + "code": { + "description": "Sync status code.", + "enum": [ + "SYNC_CODE_UNSPECIFIED", + "SYNCED", + "PENDING", + "ERROR", + "NOT_CONFIGURED", + "NOT_INSTALLED", + "UNAUTHORIZED", + "UNREACHABLE" + ], + "enumDescriptions": [ + "Config Sync cannot determine a sync code", + "Config Sync successfully synced the git Repo with the cluster", + "Config Sync is in the progress of syncing a new change", + "Indicates an error configuring Config Sync, and user action is required", + "Config Sync has been installed but not configured", + "Config Sync has not been installed", + "Error authorizing with the cluster", + "Cluster could not be reached" + ], + "type": "string" + }, + "errors": { + "description": "A list of errors resulting from problematic configs. This list will be truncated after 100 errors, although it is unlikely for that many errors to simultaneously exist.", + "items": { + "$ref": "ConfigManagementSyncError" + }, + "type": "array" + }, + "importToken": { + "description": "Token indicating the state of the importer.", + "type": "string" + }, + "lastSync": { + "deprecated": true, + "description": "Deprecated: use last_sync_time instead. Timestamp of when ACM last successfully synced the repo. The time format is specified in https://golang.org/pkg/time/#Time.String", + "type": "string" + }, + "lastSyncTime": { + "description": "Timestamp type of when ACM last successfully synced the repo.", + "format": "google-datetime", + "type": "string" + }, + "sourceToken": { + "description": "Token indicating the state of the repo.", + "type": "string" + }, + "syncToken": { + "description": "Token indicating the state of the syncer.", + "type": "string" + } + }, + "type": "object" + }, + "Empty": { + "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", + "id": "Empty", + "properties": {}, + "type": "object" + }, + "FeatureConfigRef": { + "description": "Information of the FeatureConfig applied on the MembershipFeature.", + "id": "FeatureConfigRef", + "properties": { + "config": { + "description": "Input only. Resource name of FeatureConfig, in the format: `projects/{project}/locations/global/featureConfigs/{feature_config}`.", + "type": "string" + }, + "configUpdateTime": { + "description": "Output only. When the FeatureConfig was last applied and copied to FeatureSpec.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "uuid": { + "description": "Output only. An id that uniquely identify a FeatureConfig object.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "FeatureSpec": { + "description": "FeatureSpec contains user input per-feature spec information.", + "id": "FeatureSpec", + "properties": { + "cloudbuild": { + "$ref": "CloudBuildSpec", + "description": "Cloudbuild-specific FeatureSpec." + }, + "configmanagement": { + "$ref": "ConfigManagementSpec", + "description": "Config Management FeatureSpec." + }, + "identityservice": { + "$ref": "IdentityServiceSpec", + "description": "IdentityService FeatureSpec." + }, + "origin": { + "$ref": "Origin", + "description": "Whether this per-Feature spec was inherited from a fleet-level default. This field can be updated by users by either overriding a Feature config (updated to USER implicitly) or setting to FLEET explicitly." + }, + "policycontroller": { + "$ref": "PolicyControllerSpec", + "description": "Policycontroller-specific FeatureSpec." + }, + "servicemesh": { + "$ref": "ServiceMeshSpec", + "description": "ServiceMesh Feature Spec." + }, + "workloadcertificate": { + "$ref": "WorkloadCertificateSpec", + "description": "Workloadcertificate-specific FeatureSpec." + } + }, + "type": "object" + }, + "FeatureState": { + "description": "FeatureState contains high-level state information and per-feature state information for this MembershipFeature.", + "id": "FeatureState", + "properties": { + "appdevexperience": { + "$ref": "AppDevExperienceState", + "description": "Appdevexperience specific state." + }, + "clusterupgrade": { + "$ref": "ClusterUpgradeState", + "description": "Cluster upgrade state." + }, + "configmanagement": { + "$ref": "ConfigManagementState", + "description": "Config Management state" + }, + "identityservice": { + "$ref": "IdentityServiceState", + "description": "Identity service state" + }, + "metering": { + "$ref": "MeteringState", + "description": "Metering state" + }, + "policycontroller": { + "$ref": "PolicyControllerState", + "description": "Policy Controller state" + }, + "servicemesh": { + "$ref": "ServiceMeshState", + "description": "Service mesh state" + }, + "state": { + "$ref": "State", + "description": "The high-level state of this MembershipFeature." + } + }, + "type": "object" + }, + "GoogleRpcStatus": { + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", + "id": "GoogleRpcStatus", + "properties": { + "code": { + "description": "The status code, which should be an enum value of google.rpc.Code.", + "format": "int32", + "type": "integer" + }, + "details": { + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", + "items": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "type": "object" + }, + "type": "array" + }, + "message": { + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceAuthMethod": { + "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", + "id": "IdentityServiceAuthMethod", + "properties": { + "azureadConfig": { + "$ref": "IdentityServiceAzureADConfig", + "description": "AzureAD specific Configuration." + }, + "googleConfig": { + "$ref": "IdentityServiceGoogleConfig", + "description": "GoogleConfig specific configuration" + }, + "ldapConfig": { + "$ref": "IdentityServiceLdapConfig", + "description": "LDAP specific configuration." + }, + "name": { + "description": "Identifier for auth config.", + "type": "string" + }, + "oidcConfig": { + "$ref": "IdentityServiceOidcConfig", + "description": "OIDC specific configuration." + }, + "proxy": { + "description": "Proxy server address to use for auth method.", + "type": "string" + }, + "samlConfig": { + "$ref": "IdentityServiceSamlConfig", + "description": "SAML specific configuration." + } + }, + "type": "object" + }, + "IdentityServiceAzureADConfig": { + "description": "Configuration for the AzureAD Auth flow.", + "id": "IdentityServiceAzureADConfig", + "properties": { + "clientId": { + "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted AzureAD client secret.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "groupFormat": { + "description": "Optional. Format of the AzureAD groups that the client wants for auth.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "The redirect URL that kubectl uses for authorization.", + "type": "string" + }, + "tenant": { + "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.", + "type": "string" + }, + "userClaim": { + "description": "Optional. Claim in the AzureAD ID Token that holds the user details.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceDiagnosticInterface": { + "description": "Configuration options for the AIS diagnostic interface.", + "id": "IdentityServiceDiagnosticInterface", + "properties": { + "enabled": { + "description": "Determines whether to enable the diagnostic interface.", + "type": "boolean" + }, + "expirationTime": { + "description": "Determines the expiration time of the diagnostic interface enablement. When reached, requests to the interface would be automatically rejected.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceGoogleConfig": { + "description": "Configuration for the Google Plugin Auth flow.", + "id": "IdentityServiceGoogleConfig", + "properties": { + "disable": { + "description": "Disable automatic configuration of Google Plugin on supported platforms.", + "type": "boolean" + } + }, + "type": "object" + }, + "IdentityServiceGroupConfig": { + "description": "Contains the properties for locating and authenticating groups in the directory.", + "id": "IdentityServiceGroupConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for group entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Optional filter to be used when searching for groups a user belongs to. This can be used to explicitly match only certain groups in order to reduce the amount of groups returned for each user. This defaults to \"(objectClass=Group)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. The identifying name of each group a user belongs to. For example, if this is set to \"distinguishedName\" then RBACs and other group expectations should be written as full DNs. This defaults to \"distinguishedName\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceIdentityServiceOptions": { + "description": "Holds non-protocol-related configuration options.", + "id": "IdentityServiceIdentityServiceOptions", + "properties": { + "diagnosticInterface": { + "$ref": "IdentityServiceDiagnosticInterface", + "description": "Configuration options for the AIS diagnostic interface." + }, + "sessionDuration": { + "description": "Determines the lifespan of STS tokens issued by Anthos Identity Service.", + "format": "google-duration", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceLdapConfig": { + "description": "Configuration for the LDAP Auth flow.", + "id": "IdentityServiceLdapConfig", + "properties": { + "group": { + "$ref": "IdentityServiceGroupConfig", + "description": "Optional. Contains the properties for locating and authenticating groups in the directory." + }, + "server": { + "$ref": "IdentityServiceServerConfig", + "description": "Required. Server settings for the external LDAP server." + }, + "serviceAccount": { + "$ref": "IdentityServiceServiceAccountConfig", + "description": "Required. Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate." + }, + "user": { + "$ref": "IdentityServiceUserConfig", + "description": "Required. Defines where users exist in the LDAP directory." + } + }, + "type": "object" + }, + "IdentityServiceOidcConfig": { + "description": "Configuration for OIDC Auth flow.", + "id": "IdentityServiceOidcConfig", + "properties": { + "certificateAuthorityData": { + "description": "PEM-encoded CA for OIDC provider.", + "type": "string" + }, + "clientId": { + "description": "ID for OIDC client application.", + "type": "string" + }, + "clientSecret": { + "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.", + "type": "string" + }, + "deployCloudConsoleProxy": { + "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.", + "type": "boolean" + }, + "enableAccessToken": { + "description": "Enable access token.", + "type": "boolean" + }, + "encryptedClientSecret": { + "description": "Output only. Encrypted OIDC Client secret", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "extraParams": { + "description": "Comma-separated list of key-value pairs.", + "type": "string" + }, + "groupPrefix": { + "description": "Prefix to prepend to group name.", + "type": "string" + }, + "groupsClaim": { + "description": "Claim in OIDC ID token that holds group information.", + "type": "string" + }, + "issuerUri": { + "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.", + "type": "string" + }, + "kubectlRedirectUri": { + "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.", + "type": "string" + }, + "scopes": { + "description": "Comma-separated list of identifiers.", + "type": "string" + }, + "userClaim": { + "description": "Claim in OIDC ID token that holds username.", + "type": "string" + }, + "userPrefix": { + "description": "Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSamlConfig": { + "description": "Configuration for the SAML Auth flow.", + "id": "IdentityServiceSamlConfig", + "properties": { + "attributeMapping": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".", + "type": "object" + }, + "groupPrefix": { + "description": "Optional. Prefix to prepend to group name.", + "type": "string" + }, + "groupsAttribute": { + "description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).", + "type": "string" + }, + "identityProviderCertificates": { + "description": "Required. The list of IdP certificates to validate the SAML response against.", + "items": { + "type": "string" + }, + "type": "array" + }, + "identityProviderId": { + "description": "Required. The entity ID of the SAML IdP.", + "type": "string" + }, + "identityProviderSsoUri": { + "description": "Required. The URI where the SAML IdP exposes the SSO service.", + "type": "string" + }, + "userAttribute": { + "description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).", + "type": "string" + }, + "userPrefix": { + "description": "Optional. Prefix to prepend to user name.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServerConfig": { + "description": "Server settings for the external LDAP server.", + "id": "IdentityServiceServerConfig", + "properties": { + "certificateAuthorityData": { + "description": "Optional. Contains a Base64 encoded, PEM formatted certificate authority certificate for the LDAP server. This must be provided for the \"ldaps\" and \"startTLS\" connections.", + "format": "byte", + "type": "string" + }, + "connectionType": { + "description": "Optional. Defines the connection type to communicate with the LDAP server. If `starttls` or `ldaps` is specified, the certificate_authority_data should not be empty.", + "type": "string" + }, + "host": { + "description": "Required. Defines the hostname or IP of the LDAP server. Port is optional and will default to 389, if unspecified. For example, \"ldap.server.example\" or \"10.10.10.10:389\".", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceServiceAccountConfig": { + "description": "Contains the credentials of the service account which is authorized to perform the LDAP search in the directory. The credentials can be supplied by the combination of the DN and password or the client certificate.", + "id": "IdentityServiceServiceAccountConfig", + "properties": { + "simpleBindCredentials": { + "$ref": "IdentityServiceSimpleBindCredentials", + "description": "Credentials for basic auth." + } + }, + "type": "object" + }, + "IdentityServiceSimpleBindCredentials": { + "description": "The structure holds the LDAP simple binding credential.", + "id": "IdentityServiceSimpleBindCredentials", + "properties": { + "dn": { + "description": "Required. The distinguished name(DN) of the service account object/user.", + "type": "string" + }, + "encryptedPassword": { + "description": "Output only. The encrypted password of the service account object/user.", + "format": "byte", + "readOnly": true, + "type": "string" + }, + "password": { + "description": "Required. Input only. The password of the service account object/user.", + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceSpec": { + "description": "**IdentityService**: Configuration for a single membership.", + "id": "IdentityServiceSpec", + "properties": { + "authMethods": { + "description": "A member may support multiple auth methods.", + "items": { + "$ref": "IdentityServiceAuthMethod" + }, + "type": "array" + }, + "identityServiceOptions": { + "$ref": "IdentityServiceIdentityServiceOptions", + "description": "Optional. non-protocol-related configuration options." + } + }, + "type": "object" + }, + "IdentityServiceState": { + "description": "**IdentityService**: State for a single membership, analyzed and reported by feature controller.", + "id": "IdentityServiceState", + "properties": { + "failureReason": { + "description": "The reason of the failure.", + "type": "string" + }, + "installedVersion": { + "description": "Installed AIS version. This is the AIS version installed on this member. The values makes sense iff state is OK.", + "type": "string" + }, + "memberConfig": { + "$ref": "IdentityServiceSpec", + "description": "Last reconciled membership configuration" + }, + "state": { + "description": "Deployment state on this member", + "enum": [ + "DEPLOYMENT_STATE_UNSPECIFIED", + "OK", + "ERROR" + ], + "enumDescriptions": [ + "Unspecified state", + "deployment succeeds", + "Failure with error." + ], + "type": "string" + } + }, + "type": "object" + }, + "IdentityServiceUserConfig": { + "description": "Defines where users exist in the LDAP directory.", + "id": "IdentityServiceUserConfig", + "properties": { + "baseDn": { + "description": "Required. The location of the subtree in the LDAP directory to search for user entries.", + "type": "string" + }, + "filter": { + "description": "Optional. Filter to apply when searching for the user. This can be used to further restrict the user accounts which are allowed to login. This defaults to \"(objectClass=User)\".", + "type": "string" + }, + "idAttribute": { + "description": "Optional. Determines which attribute to use as the user's identity after they are authenticated. This is distinct from the loginAttribute field to allow users to login with a username, but then have their actual identifier be an email address or full Distinguished Name (DN). For example, setting loginAttribute to \"sAMAccountName\" and identifierAttribute to \"userPrincipalName\" would allow a user to login as \"bsmith\", but actual RBAC policies for the user would be written as \"bsmith@example.com\". Using \"userPrincipalName\" is recommended since this will be unique for each user. This defaults to \"userPrincipalName\".", + "type": "string" + }, + "loginAttribute": { + "description": "Optional. The name of the attribute which matches against the input username. This is used to find the user in the LDAP database e.g. \"(=)\" and is combined with the optional filter field. This defaults to \"userPrincipalName\".", + "type": "string" + } + }, + "type": "object" + }, + "LifecycleState": { + "description": "LifecycleState describes the state of a MembershipFeature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the MembershipFeature.", + "id": "LifecycleState", + "properties": { + "state": { + "description": "Output only. The current state of the Feature resource in the Hub API.", + "enum": [ + "STATE_UNSPECIFIED", + "ENABLING", + "ACTIVE", + "DISABLING", + "UPDATING", + "SERVICE_UPDATING" + ], + "enumDescriptions": [ + "State is unknown or not set.", + "The MembershipFeature is being enabled, and the MembershipFeature resource is being created. Once complete, the corresponding MembershipFeature will be enabled in this Hub.", + "The MembershipFeature is enabled in this Hub, and the MembershipFeature resource is fully available.", + "The MembershipFeature is being disabled in this Hub, and the MembershipFeature resource is being deleted.", + "The MembershipFeature resource is being updated.", + "The MembershipFeature resource is being updated by the Hub Service." + ], + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ListLocationsResponse": { + "description": "The response message for Locations.ListLocations.", + "id": "ListLocationsResponse", + "properties": { + "locations": { + "description": "A list of locations that matches the specified filter in the request.", + "items": { + "$ref": "Location" + }, + "type": "array" + }, + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + } + }, + "type": "object" + }, + "ListMembershipFeaturesResponse": { + "description": "Response message for the `GkeHubFeature.ListMembershipFeatures` method.", + "id": "ListMembershipFeaturesResponse", + "properties": { + "membershipFeatures": { + "description": "The list of matching MembershipFeatures.", + "items": { + "$ref": "MembershipFeature" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to request the next page of resources from the `ListMembershipFeatures` method. The value of an empty string means that there are no more resources to return.", + "type": "string" + }, + "unreachable": { + "description": "List of locations that could not be reached while fetching this list.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListOperationsResponse": { + "description": "The response message for Operations.ListOperations.", + "id": "ListOperationsResponse", + "properties": { + "nextPageToken": { + "description": "The standard List next-page token.", + "type": "string" + }, + "operations": { + "description": "A list of operations that matches the specified filter in the request.", + "items": { + "$ref": "Operation" + }, + "type": "array" + } + }, + "type": "object" + }, + "Location": { + "description": "A resource that represents a Google Cloud location.", + "id": "Location", + "properties": { + "displayName": { + "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}", + "type": "object" + }, + "locationId": { + "description": "The canonical id for this location. For example: `\"us-east1\"`.", + "type": "string" + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata. For example the available capacity at the given location.", + "type": "object" + }, + "name": { + "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`", + "type": "string" + } + }, + "type": "object" + }, + "MembershipFeature": { + "description": "MembershipFeature represents the settings and status of a Fleet Feature enabled on a single Fleet Membership.", + "id": "MembershipFeature", + "properties": { + "createTime": { + "description": "Output only. When the MembershipFeature resource was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. When the MembershipFeature resource was deleted.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "featureConfigRef": { + "$ref": "FeatureConfigRef", + "description": "Reference information for a FeatureConfig applied on the MembershipFeature." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "GCP labels for this MembershipFeature.", + "type": "object" + }, + "lifecycleState": { + "$ref": "LifecycleState", + "description": "Output only. Lifecycle information of the resource itself.", + "readOnly": true + }, + "name": { + "description": "Output only. The resource name of the membershipFeature, in the format: `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. Note that `membershipFeatures` is shortened to `features` in the resource name. (see http://go/aip/122#collection-identifiers)", + "readOnly": true, + "type": "string" + }, + "spec": { + "$ref": "FeatureSpec", + "description": "Spec of this membershipFeature." + }, + "state": { + "$ref": "FeatureState", + "description": "Output only. State of the this membershipFeature.", + "readOnly": true + }, + "updateTime": { + "description": "Output only. When the MembershipFeature resource was last updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "MeteringState": { + "description": "**Metering**: State for a single membership, analyzed and reported by feature controller.", + "id": "MeteringState", + "properties": { + "lastMeasurementTime": { + "description": "The time stamp of the most recent measurement of the number of vCPUs in the cluster.", + "format": "google-datetime", + "type": "string" + }, + "preciseLastMeasuredClusterVcpuCapacity": { + "description": "The vCPUs capacity in the cluster according to the most recent measurement (1/1000 precision).", + "format": "float", + "type": "number" + } + }, + "type": "object" + }, + "Operation": { + "description": "This resource represents a long-running operation that is the result of a network API call.", + "id": "Operation", + "properties": { + "done": { + "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", + "type": "boolean" + }, + "error": { + "$ref": "GoogleRpcStatus", + "description": "The error result of the operation in case of failure or cancellation." + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", + "type": "object" + }, + "name": { + "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "type": "string" + }, + "response": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", + "type": "object" + } + }, + "type": "object" + }, + "OperationMetadata": { + "description": "Metadata of the long-running operation.", + "id": "OperationMetadata", + "properties": { + "apiVersion": { + "description": "Output only. API version used to start the operation.", + "readOnly": true, + "type": "string" + }, + "cancelRequested": { + "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", + "readOnly": true, + "type": "boolean" + }, + "createTime": { + "description": "Output only. The time the operation was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "endTime": { + "description": "Output only. The time the operation finished running.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "statusDetail": { + "description": "Output only. Human-readable status of the operation, if any.", + "readOnly": true, + "type": "string" + }, + "target": { + "description": "Output only. Server-defined resource path for the target of the operation.", + "readOnly": true, + "type": "string" + }, + "verb": { + "description": "Output only. Name of the verb executed by the operation.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "Origin": { + "description": "Origin defines where this FeatureSpec originated from.", + "id": "Origin", + "properties": { + "type": { + "description": "Type specifies which type of origin is set.", + "enum": [ + "TYPE_UNSPECIFIED", + "FLEET", + "FLEET_OUT_OF_SYNC", + "USER" + ], + "enumDescriptions": [ + "Type is unknown or not set.", + "Per-Feature spec was inherited from the fleet-level default.", + "Per-Feature spec was inherited from the fleet-level default but is now out of sync with the current default.", + "Per-Feature spec was inherited from a user specification." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerBundleInstallSpec": { + "description": "BundleInstallSpec is the specification configuration for a single managed bundle.", + "id": "PolicyControllerBundleInstallSpec", + "properties": { + "exemptedNamespaces": { + "description": "the set of namespaces to be exempted from the bundle", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerHubConfig": { + "description": "Configuration for Policy Controller", + "id": "PolicyControllerHubConfig", + "properties": { + "auditIntervalSeconds": { + "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.", + "format": "int64", + "type": "string" + }, + "constraintViolationLimit": { + "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.", + "format": "int64", + "type": "string" + }, + "deploymentConfigs": { + "additionalProperties": { + "$ref": "PolicyControllerPolicyControllerDeploymentConfig" + }, + "description": "Map of deployment configs to deployments (“admission”, “audit”, “mutation”).", + "type": "object" + }, + "exemptableNamespaces": { + "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "installSpec": { + "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", + "enum": [ + "INSTALL_SPEC_UNSPECIFIED", + "INSTALL_SPEC_NOT_INSTALLED", + "INSTALL_SPEC_ENABLED", + "INSTALL_SPEC_SUSPENDED", + "INSTALL_SPEC_DETACHED" + ], + "enumDescriptions": [ + "Spec is unknown.", + "Request to uninstall Policy Controller.", + "Request to install and enable Policy Controller.", + "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", + "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources." + ], + "type": "string" + }, + "logDeniesEnabled": { + "description": "Logs all denies and dry run failures.", + "type": "boolean" + }, + "monitoring": { + "$ref": "PolicyControllerMonitoringConfig", + "description": "Monitoring specifies the configuration of monitoring." + }, + "mutationEnabled": { + "description": "Enables the ability to mutate resources using Policy Controller.", + "type": "boolean" + }, + "policyContent": { + "$ref": "PolicyControllerPolicyContentSpec", + "description": "Specifies the desired policy content on the cluster" + }, + "referentialRulesEnabled": { + "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.", + "type": "boolean" + } + }, + "type": "object" + }, + "PolicyControllerMonitoringConfig": { + "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", + "id": "PolicyControllerMonitoringConfig", + "properties": { + "backends": { + "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.", + "items": { + "enum": [ + "MONITORING_BACKEND_UNSPECIFIED", + "PROMETHEUS", + "CLOUD_MONITORING" + ], + "enumDescriptions": [ + "Backend cannot be determined", + "Prometheus backend for monitoring", + "Stackdriver/Cloud Monitoring backend for monitoring" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "PolicyControllerOnClusterState": { + "description": "OnClusterState represents the state of a sub-component of Policy Controller.", + "id": "PolicyControllerOnClusterState", + "properties": { + "details": { + "description": "Surface potential errors or information logs.", + "type": "string" + }, + "state": { + "description": "The lifecycle state of this component.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentSpec": { + "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", + "id": "PolicyControllerPolicyContentSpec", + "properties": { + "bundles": { + "additionalProperties": { + "$ref": "PolicyControllerBundleInstallSpec" + }, + "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint.", + "type": "object" + }, + "templateLibrary": { + "$ref": "PolicyControllerTemplateLibraryConfig", + "description": "Configures the installation of the Template Library." + } + }, + "type": "object" + }, + "PolicyControllerPolicyContentState": { + "description": "The state of the policy controller policy content", + "id": "PolicyControllerPolicyContentState", + "properties": { + "bundleStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "The state of the any bundles included in the chosen version of the manifest", + "type": "object" + }, + "referentialSyncConfigState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the referential data sync configuration. This could represent the state of either the syncSet object(s) or the config object, depending on the version of PoCo configured by the user." + }, + "templateLibraryState": { + "$ref": "PolicyControllerOnClusterState", + "description": "The state of the template library" + } + }, + "type": "object" + }, + "PolicyControllerPolicyControllerDeploymentConfig": { + "description": "Deployment-specific configuration.", + "id": "PolicyControllerPolicyControllerDeploymentConfig", + "properties": { + "containerResources": { + "$ref": "PolicyControllerResourceRequirements", + "description": "Container resource requirements." + }, + "podAffinity": { + "description": "Pod affinity configuration.", + "enum": [ + "AFFINITY_UNSPECIFIED", + "NO_AFFINITY", + "ANTI_AFFINITY" + ], + "enumDescriptions": [ + "No affinity configuration has been specified.", + "Affinity configurations will be removed from the deployment.", + "Anti-affinity configuration will be applied to this deployment. Default for admissions deployment." + ], + "type": "string" + }, + "podAntiAffinity": { + "deprecated": true, + "description": "Pod anti-affinity enablement. Deprecated: use `pod_affinity` instead.", + "type": "boolean" + }, + "podTolerations": { + "description": "Pod tolerations of node taints.", + "items": { + "$ref": "PolicyControllerToleration" + }, + "type": "array" + }, + "replicaCount": { + "description": "Pod replica count.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceList": { + "description": "ResourceList contains container resource requirements.", + "id": "PolicyControllerResourceList", + "properties": { + "cpu": { + "description": "CPU requirement expressed in Kubernetes resource units.", + "type": "string" + }, + "memory": { + "description": "Memory requirement expressed in Kubernetes resource units.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerResourceRequirements": { + "description": "ResourceRequirements describes the compute resource requirements.", + "id": "PolicyControllerResourceRequirements", + "properties": { + "limits": { + "$ref": "PolicyControllerResourceList", + "description": "Limits describes the maximum amount of compute resources allowed for use by the running container." + }, + "requests": { + "$ref": "PolicyControllerResourceList", + "description": "Requests describes the amount of compute resources reserved for the container by the kube-scheduler." + } + }, + "type": "object" + }, + "PolicyControllerSpec": { + "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", + "id": "PolicyControllerSpec", + "properties": { + "policyControllerHubConfig": { + "$ref": "PolicyControllerHubConfig", + "description": "Policy Controller configuration for the cluster." + }, + "version": { + "description": "Version of Policy Controller installed.", + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerState": { + "description": "**Policy Controller**: State for a single cluster.", + "id": "PolicyControllerState", + "properties": { + "componentStates": { + "additionalProperties": { + "$ref": "PolicyControllerOnClusterState" + }, + "description": "Currently these include (also serving as map keys): 1. \"admission\" 2. \"audit\" 3. \"mutation\"", + "type": "object" + }, + "policyContentState": { + "$ref": "PolicyControllerPolicyContentState", + "description": "The overall content state observed by the Hub Feature controller." + }, + "state": { + "description": "The overall Policy Controller lifecycle state observed by the Hub Feature controller.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "NOT_INSTALLED", + "INSTALLING", + "ACTIVE", + "UPDATING", + "DECOMMISSIONING", + "CLUSTER_ERROR", + "HUB_ERROR", + "SUSPENDED", + "DETACHED" + ], + "enumDescriptions": [ + "The lifecycle state is unspecified.", + "The PC does not exist on the given cluster, and no k8s resources of any type that are associated with the PC should exist there. The cluster does not possess a membership with the PCH.", + "The PCH possesses a Membership, however the PC is not fully installed on the cluster. In this state the hub can be expected to be taking actions to install the PC on the cluster.", + "The PC is fully installed on the cluster and in an operational mode. In this state PCH will be reconciling state with the PC, and the PC will be performing it's operational tasks per that software. Entering a READY state requires that the hub has confirmed the PC is installed and its pods are operational with the version of the PC the PCH expects.", + "The PC is fully installed, but in the process of changing the configuration (including changing the version of PC either up and down, or modifying the manifests of PC) of the resources running on the cluster. The PCH has a Membership, is aware of the version the cluster should be running in, but has not confirmed for itself that the PC is running with that version.", + "The PC may have resources on the cluster, but the PCH wishes to remove the Membership. The Membership still exists.", + "The PC is not operational, and the PCH is unable to act to make it operational. Entering a CLUSTER_ERROR state happens automatically when the PCH determines that a PC installed on the cluster is non-operative or that the cluster does not meet requirements set for the PCH to administer the cluster but has nevertheless been given an instruction to do so (such as ‘install').", + "In this state, the PC may still be operational, and only the PCH is unable to act. The hub should not issue instructions to change the PC state, or otherwise interfere with the on-cluster resources. Entering a HUB_ERROR state happens automatically when the PCH determines the hub is in an unhealthy state and it wishes to ‘take hands off' to avoid corrupting the PC or other data.", + "Policy Controller (PC) is installed but suspended. This means that the policies are not enforced, but violations are still recorded (through audit).", + "PoCo Hub is not taking any action to reconcile cluster objects. Changes to those objects will not be overwritten by PoCo Hub." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerTemplateLibraryConfig": { + "description": "The config specifying which default library templates to install.", + "id": "PolicyControllerTemplateLibraryConfig", + "properties": { + "installation": { + "description": "Configures the manner in which the template library is installed on the cluster.", + "enum": [ + "INSTALLATION_UNSPECIFIED", + "NOT_INSTALLED", + "ALL" + ], + "enumDescriptions": [ + "No installation strategy has been specified.", + "Do not install the template library.", + "Install the entire template library." + ], + "type": "string" + } + }, + "type": "object" + }, + "PolicyControllerToleration": { + "description": "Toleration of a node taint.", + "id": "PolicyControllerToleration", + "properties": { + "effect": { + "description": "Matches a taint effect.", + "type": "string" + }, + "key": { + "description": "Matches a taint key (not necessarily unique).", + "type": "string" + }, + "operator": { + "description": "Matches a taint operator.", + "type": "string" + }, + "value": { + "description": "Matches a taint value.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessage": { + "description": "AnalysisMessage is a single message produced by an analyzer, and it used to communicate to the end user about the state of their Service Mesh configuration.", + "id": "ServiceMeshAnalysisMessage", + "properties": { + "args": { + "additionalProperties": { + "description": "Properties of the object.", + "type": "any" + }, + "description": "A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.", + "type": "object" + }, + "description": { + "description": "A human readable description of what the error means. It is suitable for non-internationalize display purposes.", + "type": "string" + }, + "messageBase": { + "$ref": "ServiceMeshAnalysisMessageBase", + "description": "Details common to all types of Istio and ServiceMesh analysis messages." + }, + "resourcePaths": { + "description": "A list of strings specifying the resource identifiers that were the cause of message generation. A \"path\" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE\\/)?RESOURCETYPE/NAME if the cause is a resource in a cluster", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ServiceMeshAnalysisMessageBase": { + "description": "AnalysisMessageBase describes some common information that is needed for all messages.", + "id": "ServiceMeshAnalysisMessageBase", + "properties": { + "documentationUrl": { + "description": "A url pointing to the Service Mesh or Istio documentation for this specific error type.", + "type": "string" + }, + "level": { + "description": "Represents how severe a message is.", + "enum": [ + "LEVEL_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Illegal. Same istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN.", + "ERROR represents a misconfiguration that must be fixed.", + "WARNING represents a misconfiguration that should be fixed.", + "INFO represents an informational finding." + ], + "type": "string" + }, + "type": { + "$ref": "ServiceMeshType", + "description": "Represents the specific type of a message." + } + }, + "type": "object" + }, + "ServiceMeshCondition": { + "description": "Condition being reported.", + "id": "ServiceMeshCondition", + "properties": { + "code": { + "description": "Unique identifier of the condition which describes the condition recognizable to the user.", + "enum": [ + "CODE_UNSPECIFIED", + "MESH_IAM_PERMISSION_DENIED", + "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED", + "CNI_CONFIG_UNSUPPORTED", + "GKE_SANDBOX_UNSUPPORTED", + "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED", + "CNI_INSTALLATION_FAILED", + "CNI_POD_UNSCHEDULABLE", + "CLUSTER_HAS_ZERO_NODES", + "UNSUPPORTED_MULTIPLE_CONTROL_PLANES", + "VPCSC_GA_SUPPORTED", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT", + "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE", + "CONFIG_APPLY_INTERNAL_ERROR", + "CONFIG_VALIDATION_ERROR", + "CONFIG_VALIDATION_WARNING", + "QUOTA_EXCEEDED_BACKEND_SERVICES", + "QUOTA_EXCEEDED_HEALTH_CHECKS", + "QUOTA_EXCEEDED_HTTP_ROUTES", + "QUOTA_EXCEEDED_TCP_ROUTES", + "QUOTA_EXCEEDED_TLS_ROUTES", + "QUOTA_EXCEEDED_TRAFFIC_POLICIES", + "QUOTA_EXCEEDED_ENDPOINT_POLICIES", + "QUOTA_EXCEEDED_GATEWAYS", + "QUOTA_EXCEEDED_MESHES", + "QUOTA_EXCEEDED_SERVER_TLS_POLICIES", + "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES", + "QUOTA_EXCEEDED_SERVICE_LB_POLICIES", + "QUOTA_EXCEEDED_HTTP_FILTERS", + "QUOTA_EXCEEDED_TCP_FILTERS", + "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS", + "MODERNIZATION_SCHEDULED", + "MODERNIZATION_IN_PROGRESS", + "MODERNIZATION_COMPLETED", + "MODERNIZATION_ABORTED" + ], + "enumDescriptions": [ + "Default Unspecified code", + "Mesh IAM permission denied error code", + "Permission denied error code for cross-project", + "CNI config unsupported error code", + "GKE sandbox unsupported error code", + "Nodepool workload identity federation required error code", + "CNI installation failed error code", + "CNI pod unschedulable error code", + "Cluster has zero node code", + "Multiple control planes unsupported error code", + "VPC-SC GA is supported for this control plane.", + "User is using deprecated ControlPlaneManagement and they have not yet set Management.", + "User is using deprecated ControlPlaneManagement and they have already set Management.", + "Configuration (Istio/k8s resources) failed to apply due to internal error.", + "Configuration failed to be applied due to being invalid.", + "Encountered configuration(s) with possible unintended behavior or invalid configuration. These configs may not have been applied.", + "BackendService quota exceeded error code.", + "HealthCheck quota exceeded error code.", + "HTTPRoute quota exceeded error code.", + "TCPRoute quota exceeded error code.", + "TLS routes quota exceeded error code.", + "TrafficPolicy quota exceeded error code.", + "EndpointPolicy quota exceeded error code.", + "Gateway quota exceeded error code.", + "Mesh quota exceeded error code.", + "ServerTLSPolicy quota exceeded error code.", + "ClientTLSPolicy quota exceeded error code.", + "ServiceLBPolicy quota exceeded error code.", + "HTTPFilter quota exceeded error code.", + "TCPFilter quota exceeded error code.", + "NetworkEndpointGroup quota exceeded error code.", + "Modernization is scheduled for a cluster.", + "Modernization is in progress for a cluster.", + "Modernization is completed for a cluster.", + "Modernization is aborted for a cluster." + ], + "type": "string" + }, + "details": { + "description": "A short summary about the issue.", + "type": "string" + }, + "documentationLink": { + "description": "Links contains actionable information.", + "type": "string" + }, + "severity": { + "description": "Severity level of the condition.", + "enum": [ + "SEVERITY_UNSPECIFIED", + "ERROR", + "WARNING", + "INFO" + ], + "enumDescriptions": [ + "Unspecified severity", + "Indicates an issue that prevents the mesh from operating correctly", + "Indicates a setting is likely wrong, but the mesh is still able to operate", + "An informational message, not requiring any action" + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshControlPlaneManagement": { + "description": "Status of control plane management.", + "id": "ServiceMeshControlPlaneManagement", + "properties": { + "details": { + "description": "Explanation of state.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "implementation": { + "description": "Output only. Implementation of managed control plane.", + "enum": [ + "IMPLEMENTATION_UNSPECIFIED", + "ISTIOD", + "TRAFFIC_DIRECTOR", + "UPDATING" + ], + "enumDescriptions": [ + "Unspecified", + "A Google build of istiod is used for the managed control plane.", + "Traffic director is used for the managed control plane.", + "The control plane implementation is being updated." + ], + "readOnly": true, + "type": "string" + }, + "state": { + "description": "LifecycleState of control plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshDataPlaneManagement": { + "description": "Status of data plane management. Only reported per-member.", + "id": "ServiceMeshDataPlaneManagement", + "properties": { + "details": { + "description": "Explanation of the status.", + "items": { + "$ref": "ServiceMeshStatusDetails" + }, + "type": "array" + }, + "state": { + "description": "Lifecycle status of data plane management.", + "enum": [ + "LIFECYCLE_STATE_UNSPECIFIED", + "DISABLED", + "FAILED_PRECONDITION", + "PROVISIONING", + "ACTIVE", + "STALLED", + "NEEDS_ATTENTION", + "DEGRADED" + ], + "enumDescriptions": [ + "Unspecified", + "DISABLED means that the component is not enabled.", + "FAILED_PRECONDITION means that provisioning cannot proceed because of some characteristic of the member cluster.", + "PROVISIONING means that provisioning is in progress.", + "ACTIVE means that the component is ready for use.", + "STALLED means that provisioning could not be done.", + "NEEDS_ATTENTION means that the component is ready, but some user intervention is required. (For example that the user should migrate workloads to a new control plane revision.)", + "DEGRADED means that the component is ready, but operating in a degraded state." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshSpec": { + "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", + "id": "ServiceMeshSpec", + "properties": { + "configApi": { + "description": "Optional. Specifies the API that will be used for configuring the mesh workloads.", + "enum": [ + "CONFIG_API_UNSPECIFIED", + "CONFIG_API_ISTIO", + "CONFIG_API_GATEWAY" + ], + "enumDescriptions": [ + "Unspecified", + "Use the Istio API for configuration.", + "Use the K8s Gateway API for configuration." + ], + "type": "string" + }, + "controlPlane": { + "deprecated": true, + "description": "Deprecated: use `management` instead Enables automatic control plane management.", + "enum": [ + "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED", + "AUTOMATIC", + "MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", + "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)" + ], + "type": "string" + }, + "defaultChannel": { + "deprecated": true, + "description": "Determines which release channel to use for default injection and service mesh APIs.", + "enum": [ + "CHANNEL_UNSPECIFIED", + "RAPID", + "REGULAR", + "STABLE" + ], + "enumDescriptions": [ + "Unspecified", + "RAPID channel is offered on an early access basis for customers who want to test new releases.", + "REGULAR channel is intended for production users who want to take advantage of new features.", + "STABLE channel includes versions that are known to be stable and reliable in production." + ], + "type": "string" + }, + "management": { + "description": "Optional. Enables automatic Service Mesh management.", + "enum": [ + "MANAGEMENT_UNSPECIFIED", + "MANAGEMENT_AUTOMATIC", + "MANAGEMENT_MANUAL" + ], + "enumDescriptions": [ + "Unspecified", + "Google should manage my Service Mesh for the cluster.", + "User will manually configure their service mesh components." + ], + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshState": { + "description": "**Service Mesh**: State for a single Membership, as analyzed by the Service Mesh Hub Controller.", + "id": "ServiceMeshState", + "properties": { + "analysisMessages": { + "description": "Output only. Results of running Service Mesh analyzers.", + "items": { + "$ref": "ServiceMeshAnalysisMessage" + }, + "readOnly": true, + "type": "array" + }, + "conditions": { + "description": "Output only. List of conditions reported for this membership.", + "items": { + "$ref": "ServiceMeshCondition" + }, + "readOnly": true, + "type": "array" + }, + "configApiVersion": { + "description": "The API version (i.e. Istio CRD version) for configuring service mesh in this cluster. This version is influenced by the `default_channel` field.", + "type": "string" + }, + "controlPlaneManagement": { + "$ref": "ServiceMeshControlPlaneManagement", + "description": "Output only. Status of control plane management", + "readOnly": true + }, + "dataPlaneManagement": { + "$ref": "ServiceMeshDataPlaneManagement", + "description": "Output only. Status of data plane management.", + "readOnly": true + } + }, + "type": "object" + }, + "ServiceMeshStatusDetails": { + "description": "Structured and human-readable details for a status.", + "id": "ServiceMeshStatusDetails", + "properties": { + "code": { + "description": "A machine-readable code that further describes a broad status.", + "type": "string" + }, + "details": { + "description": "Human-readable explanation of code.", + "type": "string" + } + }, + "type": "object" + }, + "ServiceMeshType": { + "description": "A unique identifier for the type of message. Display_name is intended to be human-readable, code is intended to be machine readable. There should be a one-to-one mapping between display_name and code. (i.e. do not re-use display_names or codes between message types.) See istio.analysis.v1alpha1.AnalysisMessageBase.Type", + "id": "ServiceMeshType", + "properties": { + "code": { + "description": "A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, intended to uniquely identify the message type. (e.g. \"IST0001\" is mapped to the \"InternalError\" message type.)", + "type": "string" + }, + "displayName": { + "description": "A human-readable name for the message type. e.g. \"InternalError\", \"PodMissingProxy\". This should be the same for all messages of the same type. (This corresponds to the `name` field in open-source Istio.)", + "type": "string" + } + }, + "type": "object" + }, + "State": { + "description": "High-level state of a MembershipFeature.", + "id": "State", + "properties": { + "code": { + "description": "The high-level, machine-readable status of this MembershipFeature.", + "enum": [ + "CODE_UNSPECIFIED", + "OK", + "WARNING", + "ERROR" + ], + "enumDescriptions": [ + "Unknown or not set.", + "The MembershipFeature is operating normally.", + "The MembershipFeature has encountered an issue, and is operating in a degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information.", + "The MembershipFeature is not operating or is in a severely degraded state. The MembershipFeature may need intervention to return to normal operation. See the description and any associated MembershipFeature-specific details for more information." + ], + "type": "string" + }, + "description": { + "description": "A human-readable description of the current status.", + "type": "string" + }, + "updateTime": { + "description": "The time this status and any related Feature-specific details were updated.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "WorkloadCertificateSpec": { + "description": "**WorkloadCertificate**: The membership-specific input for WorkloadCertificate feature.", + "id": "WorkloadCertificateSpec", + "properties": { + "certificateManagement": { + "description": "CertificateManagement specifies workload certificate management.", + "enum": [ + "CERTIFICATE_MANAGEMENT_UNSPECIFIED", + "DISABLED", + "ENABLED" + ], + "enumDescriptions": [ + "Disable workload certificate feature.", + "Disable workload certificate feature.", + "Enable workload certificate feature." + ], + "type": "string" } }, "type": "object" diff --git a/gkehub/v2beta/gkehub-gen.go b/gkehub/v2beta/gkehub-gen.go index 65b2ca83dc2..43de18d5f8d 100644 --- a/gkehub/v2beta/gkehub-gen.go +++ b/gkehub/v2beta/gkehub-gen.go @@ -168,6 +168,7 @@ type ProjectsService struct { func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs := &ProjectsLocationsService{s: s} + rs.Memberships = NewProjectsLocationsMembershipsService(s) rs.Operations = NewProjectsLocationsOperationsService(s) return rs } @@ -175,9 +176,32 @@ func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { type ProjectsLocationsService struct { s *Service + Memberships *ProjectsLocationsMembershipsService + Operations *ProjectsLocationsOperationsService } +func NewProjectsLocationsMembershipsService(s *Service) *ProjectsLocationsMembershipsService { + rs := &ProjectsLocationsMembershipsService{s: s} + rs.Features = NewProjectsLocationsMembershipsFeaturesService(s) + return rs +} + +type ProjectsLocationsMembershipsService struct { + s *Service + + Features *ProjectsLocationsMembershipsFeaturesService +} + +func NewProjectsLocationsMembershipsFeaturesService(s *Service) *ProjectsLocationsMembershipsFeaturesService { + rs := &ProjectsLocationsMembershipsFeaturesService{s: s} + return rs +} + +type ProjectsLocationsMembershipsFeaturesService struct { + s *Service +} + func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService { rs := &ProjectsLocationsOperationsService{s: s} return rs @@ -187,35 +211,46 @@ type ProjectsLocationsOperationsService struct { s *Service } -// CancelOperationRequest: The request message for Operations.CancelOperation. -type CancelOperationRequest struct { +// AppDevExperienceState: State for App Dev Exp Feature. +type AppDevExperienceState struct { + // NetworkingInstallSucceeded: Status of subcomponent that detects configured + // Service Mesh resources. + NetworkingInstallSucceeded *AppDevExperienceStatus `json:"networkingInstallSucceeded,omitempty"` + // ForceSendFields is a list of field names (e.g. "NetworkingInstallSucceeded") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NetworkingInstallSucceeded") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` } -// Empty: A generic empty message that you can re-use to avoid defining -// duplicated empty messages in your APIs. A typical example is to use it as -// the request or the response type of an API method. For instance: service Foo -// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } -type Empty struct { - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` +func (s AppDevExperienceState) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// GoogleRpcStatus: The `Status` type defines a logical error model that is -// suitable for different programming environments, including REST APIs and RPC -// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message -// contains three pieces of data: error code, error message, and error details. -// You can find out more about this error model and how to work with it in the -// API Design Guide (https://cloud.google.com/apis/design/errors). -type GoogleRpcStatus struct { - // Code: The status code, which should be an enum value of google.rpc.Code. - Code int64 `json:"code,omitempty"` - // Details: A list of messages that carry the error details. There is a common - // set of message types for APIs to use. - Details []googleapi.RawMessage `json:"details,omitempty"` - // Message: A developer-facing error message, which should be in English. Any - // user-facing error message should be localized and sent in the - // google.rpc.Status.details field, or localized by the client. - Message string `json:"message,omitempty"` +// AppDevExperienceStatus: Status specifies state for the subcomponent. +type AppDevExperienceStatus struct { + // Code: Code specifies AppDevExperienceFeature's subcomponent ready state. + // + // Possible values: + // "CODE_UNSPECIFIED" - Not set. + // "OK" - AppDevExperienceFeature's specified subcomponent is ready. + // "FAILED" - AppDevExperienceFeature's specified subcomponent ready state is + // false. This means AppDevExperienceFeature has encountered an issue that + // blocks all, or a portion, of its normal operation. See the `description` for + // more details. + // "UNKNOWN" - AppDevExperienceFeature's specified subcomponent has a pending + // or unknown state. + Code string `json:"code,omitempty"` + // Description: Description is populated if Code is Failed, explaining why it + // has failed. + Description string `json:"description,omitempty"` // ForceSendFields is a list of field names (e.g. "Code") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See @@ -229,153 +264,3665 @@ type GoogleRpcStatus struct { NullFields []string `json:"-"` } -func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { - type NoMethod GoogleRpcStatus +func (s AppDevExperienceStatus) MarshalJSON() ([]byte, error) { + type NoMethod AppDevExperienceStatus return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListLocationsResponse: The response message for Locations.ListLocations. -type ListLocationsResponse struct { - // Locations: A list of locations that matches the specified filter in the - // request. - Locations []*Location `json:"locations,omitempty"` - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` +// CancelOperationRequest: The request message for Operations.CancelOperation. +type CancelOperationRequest struct { +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Locations") to +// CloudBuildSpec: **Cloud Build**: Configurations for each Cloud Build enabled +// cluster. +type CloudBuildSpec struct { + // SecurityPolicy: Whether it is allowed to run the privileged builds on the + // cluster or not. + // + // Possible values: + // "SECURITY_POLICY_UNSPECIFIED" - Unspecified policy + // "NON_PRIVILEGED" - Privileged build pods are disallowed + // "PRIVILEGED" - Privileged build pods are allowed + SecurityPolicy string `json:"securityPolicy,omitempty"` + // Version: Version of the cloud build software on the cluster. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "SecurityPolicy") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Locations") to include in API + // NullFields is a list of field names (e.g. "SecurityPolicy") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s CloudBuildSpec) MarshalJSON() ([]byte, error) { + type NoMethod CloudBuildSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeGKEUpgrade: GKEUpgrade represents a GKE provided upgrade, +// e.g., control plane upgrade. +type ClusterUpgradeGKEUpgrade struct { + // Name: Name of the upgrade, e.g., "k8s_control_plane". + Name string `json:"name,omitempty"` + // Version: Version of the upgrade, e.g., "1.22.1-gke.100". + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Name") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Name") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeGKEUpgrade) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeGKEUpgrade + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeIgnoredMembership: IgnoredMembership represents a membership +// ignored by the feature. A membership can be ignored because it was manually +// upgraded to a newer version than RC default. +type ClusterUpgradeIgnoredMembership struct { + // IgnoredTime: Time when the membership was first set to ignored. + IgnoredTime string `json:"ignoredTime,omitempty"` + // Reason: Reason why the membership is ignored. + Reason string `json:"reason,omitempty"` + // ForceSendFields is a list of field names (e.g. "IgnoredTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "IgnoredTime") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListLocationsResponse +func (s ClusterUpgradeIgnoredMembership) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeIgnoredMembership return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// ListOperationsResponse: The response message for Operations.ListOperations. -type ListOperationsResponse struct { - // NextPageToken: The standard List next-page token. - NextPageToken string `json:"nextPageToken,omitempty"` - // Operations: A list of operations that matches the specified filter in the - // request. - Operations []*Operation `json:"operations,omitempty"` +// ClusterUpgradeMembershipGKEUpgradeState: MembershipGKEUpgradeState is a +// GKEUpgrade and its state per-membership. +type ClusterUpgradeMembershipGKEUpgradeState struct { + // Status: Status of the upgrade. + Status *ClusterUpgradeUpgradeStatus `json:"status,omitempty"` + // Upgrade: Which upgrade to track the state. + Upgrade *ClusterUpgradeGKEUpgrade `json:"upgrade,omitempty"` + // ForceSendFields is a list of field names (e.g. "Status") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Status") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "NextPageToken") to +func (s ClusterUpgradeMembershipGKEUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeMembershipGKEUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeState: Per-membership state for this feature. +type ClusterUpgradeState struct { + // Ignored: Whether this membership is ignored by the feature. For example, + // manually upgraded clusters can be ignored if they are newer than the default + // versions of its release channel. + Ignored *ClusterUpgradeIgnoredMembership `json:"ignored,omitempty"` + // Upgrades: Actual upgrade state against desired. + Upgrades []*ClusterUpgradeMembershipGKEUpgradeState `json:"upgrades,omitempty"` + // ForceSendFields is a list of field names (e.g. "Ignored") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Ignored") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeState) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ClusterUpgradeUpgradeStatus: UpgradeStatus provides status information for +// each upgrade. +type ClusterUpgradeUpgradeStatus struct { + // Code: Status code of the upgrade. + // + // Possible values: + // "CODE_UNSPECIFIED" - Required by https://linter.aip.dev/126/unspecified. + // "INELIGIBLE" - The upgrade is ineligible. At the scope level, this means + // the upgrade is ineligible for all the clusters in the scope. + // "PENDING" - The upgrade is pending. At the scope level, this means the + // upgrade is pending for all the clusters in the scope. + // "IN_PROGRESS" - The upgrade is in progress. At the scope level, this means + // the upgrade is in progress for at least one cluster in the scope. + // "SOAKING" - The upgrade has finished and is soaking until the soaking time + // is up. At the scope level, this means at least one cluster is in soaking + // while the rest are either soaking or complete. + // "FORCED_SOAKING" - A cluster will be forced to enter soaking if an upgrade + // doesn't finish within a certain limit, despite it's actual status. + // "COMPLETE" - The upgrade has passed all post conditions (soaking). At the + // scope level, this means all eligible clusters are in COMPLETE status. + Code string `json:"code,omitempty"` + // Reason: Reason for this status. + Reason string `json:"reason,omitempty"` + // UpdateTime: Last timestamp the status was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ClusterUpgradeUpgradeStatus) MarshalJSON() ([]byte, error) { + type NoMethod ClusterUpgradeUpgradeStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzConfig: Configuration for Binauthz. +type ConfigManagementBinauthzConfig struct { + // Enabled: Whether binauthz is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzState: State for Binauthz. +type ConfigManagementBinauthzState struct { + // Version: The version of binauthz that is installed. + Version *ConfigManagementBinauthzVersion `json:"version,omitempty"` + // Webhook: The state of the binauthz webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Webhook string `json:"webhook,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementBinauthzVersion: The version of binauthz. +type ConfigManagementBinauthzVersion struct { + // WebhookVersion: The version of the binauthz webhook. + WebhookVersion string `json:"webhookVersion,omitempty"` + // ForceSendFields is a list of field names (e.g. "WebhookVersion") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // NullFields is a list of field names (e.g. "WebhookVersion") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementBinauthzVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementBinauthzVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSync: Configuration for Config Sync +type ConfigManagementConfigSync struct { + // AllowVerticalScale: Set to true to allow the vertical scaling. Defaults to + // false which disallows vertical scaling. This field is deprecated. + AllowVerticalScale bool `json:"allowVerticalScale,omitempty"` + // Enabled: Enables the installation of ConfigSync. If set to true, ConfigSync + // resources will be created and the other ConfigSync fields will be applied if + // exist. If set to false, all other ConfigSync fields will be ignored, + // ConfigSync resources will be deleted. If omitted, ConfigSync resources will + // be managed depends on the presence of the git or oci field. + Enabled bool `json:"enabled,omitempty"` + // Git: Git repo configuration for the cluster. + Git *ConfigManagementGitConfig `json:"git,omitempty"` + // MetricsGcpServiceAccountEmail: The Email of the Google Cloud Service Account + // (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud + // Monarch when Workload Identity is enabled. The GSA should have the + // Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The + // Kubernetes ServiceAccount `default` in the namespace + // `config-management-monitoring` should be bound to the GSA. + MetricsGcpServiceAccountEmail string `json:"metricsGcpServiceAccountEmail,omitempty"` + // Oci: OCI repo configuration for the cluster. + Oci *ConfigManagementOciConfig `json:"oci,omitempty"` + // PreventDrift: Set to true to enable the Config Sync admission webhook to + // prevent drifts. If set to `false`, disables the Config Sync admission + // webhook and does not prevent drifts. + PreventDrift bool `json:"preventDrift,omitempty"` + // SourceFormat: Specifies whether the Config Sync Repo is in "hierarchical" or + // "unstructured" mode. + SourceFormat string `json:"sourceFormat,omitempty"` + // ForceSendFields is a list of field names (e.g. "AllowVerticalScale") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AllowVerticalScale") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSync) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSync + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncDeploymentState: The state of ConfigSync's +// deployment on a cluster. +type ConfigManagementConfigSyncDeploymentState struct { + // AdmissionWebhook: Deployment state of admission-webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Deployment state of the git-sync pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GitSync string `json:"gitSync,omitempty"` + // Importer: Deployment state of the importer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Importer string `json:"importer,omitempty"` + // Monitor: Deployment state of the monitor pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Deployment state of otel-collector + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Deployment state of reconciler-manager pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Deployment state of + // resource-group-controller-manager + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Deployment state of root-reconciler. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Deployment state of the syncer pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncError: Errors pertaining to the installation of +// Config Sync +type ConfigManagementConfigSyncError struct { + // ErrorMessage: A string representing the user facing error message + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { - type NoMethod ListOperationsResponse +func (s ConfigManagementConfigSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncError return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) } -// Location: A resource that represents a Google Cloud location. -type Location struct { - // DisplayName: The friendly name for this location, typically a nearby city - // name. For example, "Tokyo". - DisplayName string `json:"displayName,omitempty"` - // Labels: Cross-service attributes for the location. For example - // {"cloud.googleapis.com/region": "us-east1"} - Labels map[string]string `json:"labels,omitempty"` - // LocationId: The canonical id for this location. For example: "us-east1". - LocationId string `json:"locationId,omitempty"` - // Metadata: Service-specific metadata. For example the available capacity at - // the given location. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: Resource name for the location, which may vary between - // implementations. For example: - // "projects/example-project/locations/us-east1" - Name string `json:"name,omitempty"` +// ConfigManagementConfigSyncState: State information for ConfigSync. +type ConfigManagementConfigSyncState struct { + // DeploymentState: Information about the deployment of ConfigSync, including + // the version. of the various Pods deployed + DeploymentState *ConfigManagementConfigSyncDeploymentState `json:"deploymentState,omitempty"` + // Errors: Errors pertaining to the installation of Config Sync. + Errors []*ConfigManagementConfigSyncError `json:"errors,omitempty"` + // ReposyncCrd: The state of the Reposync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + ReposyncCrd string `json:"reposyncCrd,omitempty"` + // RootsyncCrd: The state of the RootSync CRD + // + // Possible values: + // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined + // "NOT_INSTALLED" - CRD is not installed + // "INSTALLED" - CRD is installed + // "TERMINATING" - CRD is terminating (i.e., it has been deleted and is + // cleaning up) + // "INSTALLING" - CRD is installing + RootsyncCrd string `json:"rootsyncCrd,omitempty"` + // State: The state of CS This field summarizes the other fields in this + // message. + // + // Possible values: + // "STATE_UNSPECIFIED" - CS's state cannot be determined. + // "CONFIG_SYNC_NOT_INSTALLED" - CS is not installed. + // "CONFIG_SYNC_INSTALLED" - The expected CS version is installed + // successfully. + // "CONFIG_SYNC_ERROR" - CS encounters errors. + // "CONFIG_SYNC_PENDING" - CS is installing or terminating. + State string `json:"state,omitempty"` + // SyncState: The state of ConfigSync's process to sync configs to a cluster. + SyncState *ConfigManagementSyncState `json:"syncState,omitempty"` + // Version: The version of ConfigSync deployed. + Version *ConfigManagementConfigSyncVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "DisplayName") to +func (s ConfigManagementConfigSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementConfigSyncVersion: Specific versioning information +// pertaining to ConfigSync's Pods. +type ConfigManagementConfigSyncVersion struct { + // AdmissionWebhook: Version of the deployed admission-webhook pod. + AdmissionWebhook string `json:"admissionWebhook,omitempty"` + // GitSync: Version of the deployed git-sync pod. + GitSync string `json:"gitSync,omitempty"` + // Importer: Version of the deployed importer pod. + Importer string `json:"importer,omitempty"` + // Monitor: Version of the deployed monitor pod. + Monitor string `json:"monitor,omitempty"` + // OtelCollector: Version of the deployed otel-collector pod + OtelCollector string `json:"otelCollector,omitempty"` + // ReconcilerManager: Version of the deployed reconciler-manager pod. + ReconcilerManager string `json:"reconcilerManager,omitempty"` + // ResourceGroupControllerManager: Version of the deployed + // resource-group-controller-manager pod + ResourceGroupControllerManager string `json:"resourceGroupControllerManager,omitempty"` + // RootReconciler: Version of the deployed reconciler container in + // root-reconciler pod. + RootReconciler string `json:"rootReconciler,omitempty"` + // Syncer: Version of the deployed syncer pod. + Syncer string `json:"syncer,omitempty"` + // ForceSendFields is a list of field names (e.g. "AdmissionWebhook") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DisplayName") to include in API + // NullFields is a list of field names (e.g. "AdmissionWebhook") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementConfigSyncVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementConfigSyncVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementErrorResource: Model for a config file in the git repo with +// an associated Sync error. +type ConfigManagementErrorResource struct { + // ResourceGvk: Group/version/kind of the resource that is causing an error + ResourceGvk *ConfigManagementGroupVersionKind `json:"resourceGvk,omitempty"` + // ResourceName: Metadata name of the resource that is causing an error + ResourceName string `json:"resourceName,omitempty"` + // ResourceNamespace: Namespace of the resource that is causing an error + ResourceNamespace string `json:"resourceNamespace,omitempty"` + // SourcePath: Path in the git repo of the erroneous config + SourcePath string `json:"sourcePath,omitempty"` + // ForceSendFields is a list of field names (e.g. "ResourceGvk") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ResourceGvk") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } -func (s Location) MarshalJSON() ([]byte, error) { - type NoMethod Location - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +func (s ConfigManagementErrorResource) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementErrorResource + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGatekeeperDeploymentState: State of Policy Controller +// installation. +type ConfigManagementGatekeeperDeploymentState struct { + // GatekeeperAudit: Status of gatekeeper-audit deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperAudit string `json:"gatekeeperAudit,omitempty"` + // GatekeeperControllerManagerState: Status of gatekeeper-controller-manager + // pod. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperControllerManagerState string `json:"gatekeeperControllerManagerState,omitempty"` + // GatekeeperMutation: Status of the pod serving the mutation webhook. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + GatekeeperMutation string `json:"gatekeeperMutation,omitempty"` + // ForceSendFields is a list of field names (e.g. "GatekeeperAudit") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GatekeeperAudit") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGatekeeperDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGatekeeperDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGitConfig: Git repo configuration for a single cluster. +type ConfigManagementGitConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // HttpsProxy: URL for the HTTPS proxy to be used when communicating with the + // Git repo. + HttpsProxy string `json:"httpsProxy,omitempty"` + // PolicyDir: The path within the Git repository that represents the top level + // of the repo to sync. Default: the root directory of the repository. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. Must be + // one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The + // validation of this is case-sensitive. Required. + SecretType string `json:"secretType,omitempty"` + // SyncBranch: The branch of the repository to sync from. Default: master. + SyncBranch string `json:"syncBranch,omitempty"` + // SyncRepo: The URL of the Git repository to use as the source of truth. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncRev: Git revision (tag or hash) to check out. Default HEAD. + SyncRev string `json:"syncRev,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGitConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGitConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementGroupVersionKind: A Kubernetes object's GVK. +type ConfigManagementGroupVersionKind struct { + // Group: Kubernetes Group + Group string `json:"group,omitempty"` + // Kind: Kubernetes Kind + Kind string `json:"kind,omitempty"` + // Version: Kubernetes Version + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementGroupVersionKind) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementGroupVersionKind + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerConfig: Configuration for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerConfig struct { + // EnableHierarchicalResourceQuota: Whether hierarchical resource quota is + // enabled in this cluster. + EnableHierarchicalResourceQuota bool `json:"enableHierarchicalResourceQuota,omitempty"` + // EnablePodTreeLabels: Whether pod tree labels are enabled in this cluster. + EnablePodTreeLabels bool `json:"enablePodTreeLabels,omitempty"` + // Enabled: Whether Hierarchy Controller is enabled in this cluster. + Enabled bool `json:"enabled,omitempty"` + // ForceSendFields is a list of field names (e.g. + // "EnableHierarchicalResourceQuota") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted from + // API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "EnableHierarchicalResourceQuota") + // to include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerDeploymentState: Deployment state for +// Hierarchy Controller +type ConfigManagementHierarchyControllerDeploymentState struct { + // Extension: The deployment state for Hierarchy Controller extension (e.g. + // v0.7.0-hc.1). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Extension string `json:"extension,omitempty"` + // Hnc: The deployment state for open source HNC (e.g. v0.7.0-hc.0). + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerDeploymentState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerDeploymentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerState: State for Hierarchy Controller. +type ConfigManagementHierarchyControllerState struct { + // State: The deployment state for Hierarchy Controller. + State *ConfigManagementHierarchyControllerDeploymentState `json:"state,omitempty"` + // Version: The version for Hierarchy Controller. + Version *ConfigManagementHierarchyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementHierarchyControllerVersion: Version for Hierarchy +// Controller. +type ConfigManagementHierarchyControllerVersion struct { + // Extension: Version for Hierarchy Controller extension. + Extension string `json:"extension,omitempty"` + // Hnc: Version for open source HNC. + Hnc string `json:"hnc,omitempty"` + // ForceSendFields is a list of field names (e.g. "Extension") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Extension") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementHierarchyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementHierarchyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementInstallError: Errors pertaining to the installation of ACM. +type ConfigManagementInstallError struct { + // ErrorMessage: A string representing the user facing error message. + ErrorMessage string `json:"errorMessage,omitempty"` + // ForceSendFields is a list of field names (e.g. "ErrorMessage") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ErrorMessage") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementInstallError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementInstallError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOciConfig: OCI repo configuration for a single cluster. +type ConfigManagementOciConfig struct { + // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth + // when secret_type is gcpServiceAccount. + GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` + // PolicyDir: The absolute path of the directory that contains the local + // resources. Default: the root directory of the image. + PolicyDir string `json:"policyDir,omitempty"` + // SecretType: Type of secret configured for access to the Git repo. + SecretType string `json:"secretType,omitempty"` + // SyncRepo: The OCI image repository URL for the package to sync from. e.g. + // `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. + SyncRepo string `json:"syncRepo,omitempty"` + // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "GcpServiceAccountEmail") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOciConfig) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOciConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementOperatorState: State information for an ACM's Operator. +type ConfigManagementOperatorState struct { + // DeploymentState: The state of the Operator's deployment. + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Deployment's state cannot be determined. + // "NOT_INSTALLED" - Deployment is not installed. + // "INSTALLED" - Deployment is installed. + // "ERROR" - Deployment was attempted to be installed, but has errors. + // "PENDING" - Deployment is installing or terminating + DeploymentState string `json:"deploymentState,omitempty"` + // Errors: Install errors. + Errors []*ConfigManagementInstallError `json:"errors,omitempty"` + // Version: The semenatic version number of the operator. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementOperatorState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementOperatorState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyController: Configuration for Policy Controller +type ConfigManagementPolicyController struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // Enabled: Enables the installation of Policy Controller. If false, the rest + // of PolicyController fields take no effect. + Enabled bool `json:"enabled,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *ConfigManagementPolicyControllerMonitoring `json:"monitoring,omitempty"` + // MutationEnabled: Enable or disable mutation in policy controller. If true, + // mutation CRDs, webhook and controller deployment will be deployed to the + // cluster. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // TemplateLibraryInstalled: Installs the default template library along with + // Policy Controller. + TemplateLibraryInstalled bool `json:"templateLibraryInstalled,omitempty"` + // UpdateTime: Output only. Last time this membership spec was updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyController) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyController + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMigration: State for the migration of +// PolicyController from ACM -> PoCo Hub. +type ConfigManagementPolicyControllerMigration struct { + // CopyTime: Last time this membership spec was copied to PoCo feature. + CopyTime string `json:"copyTime,omitempty"` + // Stage: Stage of the migration. + // + // Possible values: + // "STAGE_UNSPECIFIED" - Unknown state of migration. + // "ACM_MANAGED" - ACM Hub/Operator manages policycontroller. No migration + // yet completed. + // "POCO_MANAGED" - All migrations steps complete; Poco Hub now manages + // policycontroller. + Stage string `json:"stage,omitempty"` + // ForceSendFields is a list of field names (e.g. "CopyTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CopyTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMigration) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMigration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerMonitoring: PolicyControllerMonitoring +// specifies the backends Policy Controller should export metrics to. For +// example, to specify metrics should be exported to Cloud Monitoring and +// Prometheus, specify backends: ["cloudmonitoring", "prometheus"] +type ConfigManagementPolicyControllerMonitoring struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerMonitoring) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerMonitoring + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerState: State for PolicyControllerState. +type ConfigManagementPolicyControllerState struct { + // DeploymentState: The state about the policy controller installation. + DeploymentState *ConfigManagementGatekeeperDeploymentState `json:"deploymentState,omitempty"` + // Migration: Record state of ACM -> PoCo Hub migration for this feature. + Migration *ConfigManagementPolicyControllerMigration `json:"migration,omitempty"` + // Version: The version of Gatekeeper Policy Controller deployed. + Version *ConfigManagementPolicyControllerVersion `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "DeploymentState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DeploymentState") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementPolicyControllerVersion: The build version of Gatekeeper +// Policy Controller is using. +type ConfigManagementPolicyControllerVersion struct { + // Version: The gatekeeper image tag that is composed of ACM version, git tag, + // build number. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Version") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Version") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementPolicyControllerVersion) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementPolicyControllerVersion + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSpec: **Anthos Config Management**: Configuration for a +// single cluster. Intended to parallel the ConfigManagement CR. +type ConfigManagementSpec struct { + // Binauthz: Binauthz conifguration for the cluster. Deprecated: This field + // will be ignored and should not be set. + Binauthz *ConfigManagementBinauthzConfig `json:"binauthz,omitempty"` + // Cluster: The user-specified cluster name used by Config Sync + // cluster-name-selector annotation or ClusterSelector, for applying configs to + // only a subset of clusters. Omit this field if the cluster's fleet membership + // name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. Set this field if a name different from the cluster's fleet + // membership name is used by Config Sync cluster-name-selector annotation or + // ClusterSelector. + Cluster string `json:"cluster,omitempty"` + // ConfigSync: Config Sync configuration for the cluster. + ConfigSync *ConfigManagementConfigSync `json:"configSync,omitempty"` + // HierarchyController: Hierarchy Controller configuration for the cluster. + // Deprecated: Configuring Hierarchy Controller through the configmanagement + // feature is no longer recommended. Use + // https://github.com/kubernetes-sigs/hierarchical-namespaces instead. + HierarchyController *ConfigManagementHierarchyControllerConfig `json:"hierarchyController,omitempty"` + // Management: Enables automatic Feature management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google will manage the Feature for the cluster. + // "MANAGEMENT_MANUAL" - User will manually manage the Feature for the + // cluster. + Management string `json:"management,omitempty"` + // PolicyController: Policy Controller configuration for the cluster. + // Deprecated: Configuring Policy Controller through the configmanagement + // feature is no longer recommended. Use the policycontroller feature instead. + PolicyController *ConfigManagementPolicyController `json:"policyController,omitempty"` + // Version: Version of ACM installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "Binauthz") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Binauthz") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSpec) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementState: **Anthos Config Management**: State for a single +// cluster. +type ConfigManagementState struct { + // BinauthzState: Binauthz status. + BinauthzState *ConfigManagementBinauthzState `json:"binauthzState,omitempty"` + // ClusterName: This field is set to the `cluster_name` field of the Membership + // Spec if it is not empty. Otherwise, it is set to the cluster's fleet + // membership name. + ClusterName string `json:"clusterName,omitempty"` + // ConfigSyncState: Current sync status. + ConfigSyncState *ConfigManagementConfigSyncState `json:"configSyncState,omitempty"` + // HierarchyControllerState: Hierarchy Controller status. + HierarchyControllerState *ConfigManagementHierarchyControllerState `json:"hierarchyControllerState,omitempty"` + // MembershipSpec: Membership configuration in the cluster. This represents the + // actual state in the cluster, while the MembershipSpec in the FeatureSpec + // represents the intended state. + MembershipSpec *ConfigManagementSpec `json:"membershipSpec,omitempty"` + // OperatorState: Current install status of ACM's Operator. + OperatorState *ConfigManagementOperatorState `json:"operatorState,omitempty"` + // PolicyControllerState: PolicyController status. + PolicyControllerState *ConfigManagementPolicyControllerState `json:"policyControllerState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BinauthzState") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BinauthzState") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncError: An ACM created error representing a problem +// syncing configurations. +type ConfigManagementSyncError struct { + // Code: An ACM defined error code + Code string `json:"code,omitempty"` + // ErrorMessage: A description of the error + ErrorMessage string `json:"errorMessage,omitempty"` + // ErrorResources: A list of config(s) associated with the error, if any + ErrorResources []*ConfigManagementErrorResource `json:"errorResources,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncError) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncError + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ConfigManagementSyncState: State indicating an ACM's progress syncing +// configurations to a cluster. +type ConfigManagementSyncState struct { + // Code: Sync status code. + // + // Possible values: + // "SYNC_CODE_UNSPECIFIED" - Config Sync cannot determine a sync code + // "SYNCED" - Config Sync successfully synced the git Repo with the cluster + // "PENDING" - Config Sync is in the progress of syncing a new change + // "ERROR" - Indicates an error configuring Config Sync, and user action is + // required + // "NOT_CONFIGURED" - Config Sync has been installed but not configured + // "NOT_INSTALLED" - Config Sync has not been installed + // "UNAUTHORIZED" - Error authorizing with the cluster + // "UNREACHABLE" - Cluster could not be reached + Code string `json:"code,omitempty"` + // Errors: A list of errors resulting from problematic configs. This list will + // be truncated after 100 errors, although it is unlikely for that many errors + // to simultaneously exist. + Errors []*ConfigManagementSyncError `json:"errors,omitempty"` + // ImportToken: Token indicating the state of the importer. + ImportToken string `json:"importToken,omitempty"` + // LastSync: Deprecated: use last_sync_time instead. Timestamp of when ACM last + // successfully synced the repo. The time format is specified in + // https://golang.org/pkg/time/#Time.String + LastSync string `json:"lastSync,omitempty"` + // LastSyncTime: Timestamp type of when ACM last successfully synced the repo. + LastSyncTime string `json:"lastSyncTime,omitempty"` + // SourceToken: Token indicating the state of the repo. + SourceToken string `json:"sourceToken,omitempty"` + // SyncToken: Token indicating the state of the syncer. + SyncToken string `json:"syncToken,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ConfigManagementSyncState) MarshalJSON() ([]byte, error) { + type NoMethod ConfigManagementSyncState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Empty: A generic empty message that you can re-use to avoid defining +// duplicated empty messages in your APIs. A typical example is to use it as +// the request or the response type of an API method. For instance: service Foo +// { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } +type Empty struct { + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` +} + +// FeatureConfigRef: Information of the FeatureConfig applied on the +// MembershipFeature. +type FeatureConfigRef struct { + // Config: Input only. Resource name of FeatureConfig, in the format: + // `projects/{project}/locations/global/featureConfigs/{feature_config}`. + Config string `json:"config,omitempty"` + // ConfigUpdateTime: Output only. When the FeatureConfig was last applied and + // copied to FeatureSpec. + ConfigUpdateTime string `json:"configUpdateTime,omitempty"` + // Uuid: Output only. An id that uniquely identify a FeatureConfig object. + Uuid string `json:"uuid,omitempty"` + // ForceSendFields is a list of field names (e.g. "Config") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Config") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureConfigRef) MarshalJSON() ([]byte, error) { + type NoMethod FeatureConfigRef + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureSpec: FeatureSpec contains user input per-feature spec information. +type FeatureSpec struct { + // Cloudbuild: Cloudbuild-specific FeatureSpec. + Cloudbuild *CloudBuildSpec `json:"cloudbuild,omitempty"` + // Configmanagement: Config Management FeatureSpec. + Configmanagement *ConfigManagementSpec `json:"configmanagement,omitempty"` + // Identityservice: IdentityService FeatureSpec. + Identityservice *IdentityServiceSpec `json:"identityservice,omitempty"` + // Origin: Whether this per-Feature spec was inherited from a fleet-level + // default. This field can be updated by users by either overriding a Feature + // config (updated to USER implicitly) or setting to FLEET explicitly. + Origin *Origin `json:"origin,omitempty"` + // Policycontroller: Policycontroller-specific FeatureSpec. + Policycontroller *PolicyControllerSpec `json:"policycontroller,omitempty"` + // Servicemesh: ServiceMesh Feature Spec. + Servicemesh *ServiceMeshSpec `json:"servicemesh,omitempty"` + // Workloadcertificate: Workloadcertificate-specific FeatureSpec. + Workloadcertificate *WorkloadCertificateSpec `json:"workloadcertificate,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cloudbuild") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cloudbuild") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureSpec) MarshalJSON() ([]byte, error) { + type NoMethod FeatureSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// FeatureState: FeatureState contains high-level state information and +// per-feature state information for this MembershipFeature. +type FeatureState struct { + // Appdevexperience: Appdevexperience specific state. + Appdevexperience *AppDevExperienceState `json:"appdevexperience,omitempty"` + // Clusterupgrade: Cluster upgrade state. + Clusterupgrade *ClusterUpgradeState `json:"clusterupgrade,omitempty"` + // Configmanagement: Config Management state + Configmanagement *ConfigManagementState `json:"configmanagement,omitempty"` + // Identityservice: Identity service state + Identityservice *IdentityServiceState `json:"identityservice,omitempty"` + // Metering: Metering state + Metering *MeteringState `json:"metering,omitempty"` + // Policycontroller: Policy Controller state + Policycontroller *PolicyControllerState `json:"policycontroller,omitempty"` + // Servicemesh: Service mesh state + Servicemesh *ServiceMeshState `json:"servicemesh,omitempty"` + // State: The high-level state of this MembershipFeature. + State *State `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Appdevexperience") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Appdevexperience") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s FeatureState) MarshalJSON() ([]byte, error) { + type NoMethod FeatureState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// GoogleRpcStatus: The `Status` type defines a logical error model that is +// suitable for different programming environments, including REST APIs and RPC +// APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message +// contains three pieces of data: error code, error message, and error details. +// You can find out more about this error model and how to work with it in the +// API Design Guide (https://cloud.google.com/apis/design/errors). +type GoogleRpcStatus struct { + // Code: The status code, which should be an enum value of google.rpc.Code. + Code int64 `json:"code,omitempty"` + // Details: A list of messages that carry the error details. There is a common + // set of message types for APIs to use. + Details []googleapi.RawMessage `json:"details,omitempty"` + // Message: A developer-facing error message, which should be in English. Any + // user-facing error message should be localized and sent in the + // google.rpc.Status.details field, or localized by the client. + Message string `json:"message,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s GoogleRpcStatus) MarshalJSON() ([]byte, error) { + type NoMethod GoogleRpcStatus + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAuthMethod: Configuration of an auth method for a +// member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be +// set per AuthMethod. +type IdentityServiceAuthMethod struct { + // AzureadConfig: AzureAD specific Configuration. + AzureadConfig *IdentityServiceAzureADConfig `json:"azureadConfig,omitempty"` + // GoogleConfig: GoogleConfig specific configuration + GoogleConfig *IdentityServiceGoogleConfig `json:"googleConfig,omitempty"` + // LdapConfig: LDAP specific configuration. + LdapConfig *IdentityServiceLdapConfig `json:"ldapConfig,omitempty"` + // Name: Identifier for auth config. + Name string `json:"name,omitempty"` + // OidcConfig: OIDC specific configuration. + OidcConfig *IdentityServiceOidcConfig `json:"oidcConfig,omitempty"` + // Proxy: Proxy server address to use for auth method. + Proxy string `json:"proxy,omitempty"` + // SamlConfig: SAML specific configuration. + SamlConfig *IdentityServiceSamlConfig `json:"samlConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "AzureadConfig") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AzureadConfig") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAuthMethod) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAuthMethod + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceAzureADConfig: Configuration for the AzureAD Auth flow. +type IdentityServiceAzureADConfig struct { + // ClientId: ID for the registered client application that makes authentication + // requests to the Azure AD identity provider. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted AzureAD client secret will be passed + // to the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // EncryptedClientSecret: Output only. Encrypted AzureAD client secret. + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // GroupFormat: Optional. Format of the AzureAD groups that the client wants + // for auth. + GroupFormat string `json:"groupFormat,omitempty"` + // KubectlRedirectUri: The redirect URL that kubectl uses for authorization. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Tenant: Kind of Azure AD account to be authenticated. Supported values are + // or for accounts belonging to a specific tenant. + Tenant string `json:"tenant,omitempty"` + // UserClaim: Optional. Claim in the AzureAD ID Token that holds the user + // details. + UserClaim string `json:"userClaim,omitempty"` + // ForceSendFields is a list of field names (e.g. "ClientId") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ClientId") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceAzureADConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceAzureADConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceDiagnosticInterface: Configuration options for the AIS +// diagnostic interface. +type IdentityServiceDiagnosticInterface struct { + // Enabled: Determines whether to enable the diagnostic interface. + Enabled bool `json:"enabled,omitempty"` + // ExpirationTime: Determines the expiration time of the diagnostic interface + // enablement. When reached, requests to the interface would be automatically + // rejected. + ExpirationTime string `json:"expirationTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Enabled") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Enabled") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceDiagnosticInterface) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceDiagnosticInterface + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGoogleConfig: Configuration for the Google Plugin Auth flow. +type IdentityServiceGoogleConfig struct { + // Disable: Disable automatic configuration of Google Plugin on supported + // platforms. + Disable bool `json:"disable,omitempty"` + // ForceSendFields is a list of field names (e.g. "Disable") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Disable") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGoogleConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGoogleConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceGroupConfig: Contains the properties for locating and +// authenticating groups in the directory. +type IdentityServiceGroupConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for group entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Optional filter to be used when searching for groups a + // user belongs to. This can be used to explicitly match only certain groups in + // order to reduce the amount of groups returned for each user. This defaults + // to "(objectClass=Group)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. The identifying name of each group a user belongs to. + // For example, if this is set to "distinguishedName" then RBACs and other + // group expectations should be written as full DNs. This defaults to + // "distinguishedName". + IdAttribute string `json:"idAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceGroupConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceGroupConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceIdentityServiceOptions: Holds non-protocol-related +// configuration options. +type IdentityServiceIdentityServiceOptions struct { + // DiagnosticInterface: Configuration options for the AIS diagnostic interface. + DiagnosticInterface *IdentityServiceDiagnosticInterface `json:"diagnosticInterface,omitempty"` + // SessionDuration: Determines the lifespan of STS tokens issued by Anthos + // Identity Service. + SessionDuration string `json:"sessionDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "DiagnosticInterface") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DiagnosticInterface") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceIdentityServiceOptions) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceIdentityServiceOptions + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceLdapConfig: Configuration for the LDAP Auth flow. +type IdentityServiceLdapConfig struct { + // Group: Optional. Contains the properties for locating and authenticating + // groups in the directory. + Group *IdentityServiceGroupConfig `json:"group,omitempty"` + // Server: Required. Server settings for the external LDAP server. + Server *IdentityServiceServerConfig `json:"server,omitempty"` + // ServiceAccount: Required. Contains the credentials of the service account + // which is authorized to perform the LDAP search in the directory. The + // credentials can be supplied by the combination of the DN and password or the + // client certificate. + ServiceAccount *IdentityServiceServiceAccountConfig `json:"serviceAccount,omitempty"` + // User: Required. Defines where users exist in the LDAP directory. + User *IdentityServiceUserConfig `json:"user,omitempty"` + // ForceSendFields is a list of field names (e.g. "Group") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Group") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceLdapConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceLdapConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceOidcConfig: Configuration for OIDC Auth flow. +type IdentityServiceOidcConfig struct { + // CertificateAuthorityData: PEM-encoded CA for OIDC provider. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ClientId: ID for OIDC client application. + ClientId string `json:"clientId,omitempty"` + // ClientSecret: Input only. Unencrypted OIDC client secret will be passed to + // the GKE Hub CLH. + ClientSecret string `json:"clientSecret,omitempty"` + // DeployCloudConsoleProxy: Flag to denote if reverse proxy is used to connect + // to auth provider. This flag should be set to true when provider is not + // reachable by Google Cloud Console. + DeployCloudConsoleProxy bool `json:"deployCloudConsoleProxy,omitempty"` + // EnableAccessToken: Enable access token. + EnableAccessToken bool `json:"enableAccessToken,omitempty"` + // EncryptedClientSecret: Output only. Encrypted OIDC Client secret + EncryptedClientSecret string `json:"encryptedClientSecret,omitempty"` + // ExtraParams: Comma-separated list of key-value pairs. + ExtraParams string `json:"extraParams,omitempty"` + // GroupPrefix: Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsClaim: Claim in OIDC ID token that holds group information. + GroupsClaim string `json:"groupsClaim,omitempty"` + // IssuerUri: URI for the OIDC provider. This should point to the level below + // .well-known/openid-configuration. + IssuerUri string `json:"issuerUri,omitempty"` + // KubectlRedirectUri: Registered redirect uri to redirect users going through + // OAuth flow using kubectl plugin. + KubectlRedirectUri string `json:"kubectlRedirectUri,omitempty"` + // Scopes: Comma-separated list of identifiers. + Scopes string `json:"scopes,omitempty"` + // UserClaim: Claim in OIDC ID token that holds username. + UserClaim string `json:"userClaim,omitempty"` + // UserPrefix: Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceOidcConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceOidcConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSamlConfig: Configuration for the SAML Auth flow. +type IdentityServiceSamlConfig struct { + // AttributeMapping: Optional. The mapping of additional user attributes like + // nickname, birthday and address etc.. `key` is the name of this additional + // attribute. `value` is a string presenting as CEL(common expression language, + // go/cel) used for getting the value from the resources. Take nickname as an + // example, in this case, `key` is "attribute.nickname" and `value` is + // "assertion.nickname". + AttributeMapping map[string]string `json:"attributeMapping,omitempty"` + // GroupPrefix: Optional. Prefix to prepend to group name. + GroupPrefix string `json:"groupPrefix,omitempty"` + // GroupsAttribute: Optional. The SAML attribute to read groups from. This + // value is expected to be a string and will be passed along as-is (with the + // option of being prefixed by the `group_prefix`). + GroupsAttribute string `json:"groupsAttribute,omitempty"` + // IdentityProviderCertificates: Required. The list of IdP certificates to + // validate the SAML response against. + IdentityProviderCertificates []string `json:"identityProviderCertificates,omitempty"` + // IdentityProviderId: Required. The entity ID of the SAML IdP. + IdentityProviderId string `json:"identityProviderId,omitempty"` + // IdentityProviderSsoUri: Required. The URI where the SAML IdP exposes the SSO + // service. + IdentityProviderSsoUri string `json:"identityProviderSsoUri,omitempty"` + // UserAttribute: Optional. The SAML attribute to read username from. If + // unspecified, the username will be read from the NameID element of the + // assertion in SAML response. This value is expected to be a string and will + // be passed along as-is (with the option of being prefixed by the + // `user_prefix`). + UserAttribute string `json:"userAttribute,omitempty"` + // UserPrefix: Optional. Prefix to prepend to user name. + UserPrefix string `json:"userPrefix,omitempty"` + // ForceSendFields is a list of field names (e.g. "AttributeMapping") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AttributeMapping") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSamlConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSamlConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServerConfig: Server settings for the external LDAP server. +type IdentityServiceServerConfig struct { + // CertificateAuthorityData: Optional. Contains a Base64 encoded, PEM formatted + // certificate authority certificate for the LDAP server. This must be provided + // for the "ldaps" and "startTLS" connections. + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` + // ConnectionType: Optional. Defines the connection type to communicate with + // the LDAP server. If `starttls` or `ldaps` is specified, the + // certificate_authority_data should not be empty. + ConnectionType string `json:"connectionType,omitempty"` + // Host: Required. Defines the hostname or IP of the LDAP server. Port is + // optional and will default to 389, if unspecified. For example, + // "ldap.server.example" or "10.10.10.10:389". + Host string `json:"host,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateAuthorityData") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateAuthorityData") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServerConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServerConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceServiceAccountConfig: Contains the credentials of the service +// account which is authorized to perform the LDAP search in the directory. The +// credentials can be supplied by the combination of the DN and password or the +// client certificate. +type IdentityServiceServiceAccountConfig struct { + // SimpleBindCredentials: Credentials for basic auth. + SimpleBindCredentials *IdentityServiceSimpleBindCredentials `json:"simpleBindCredentials,omitempty"` + // ForceSendFields is a list of field names (e.g. "SimpleBindCredentials") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "SimpleBindCredentials") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceServiceAccountConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceServiceAccountConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSimpleBindCredentials: The structure holds the LDAP simple +// binding credential. +type IdentityServiceSimpleBindCredentials struct { + // Dn: Required. The distinguished name(DN) of the service account object/user. + Dn string `json:"dn,omitempty"` + // EncryptedPassword: Output only. The encrypted password of the service + // account object/user. + EncryptedPassword string `json:"encryptedPassword,omitempty"` + // Password: Required. Input only. The password of the service account + // object/user. + Password string `json:"password,omitempty"` + // ForceSendFields is a list of field names (e.g. "Dn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Dn") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSimpleBindCredentials) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSimpleBindCredentials + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceSpec: **IdentityService**: Configuration for a single +// membership. +type IdentityServiceSpec struct { + // AuthMethods: A member may support multiple auth methods. + AuthMethods []*IdentityServiceAuthMethod `json:"authMethods,omitempty"` + // IdentityServiceOptions: Optional. non-protocol-related configuration + // options. + IdentityServiceOptions *IdentityServiceIdentityServiceOptions `json:"identityServiceOptions,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuthMethods") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuthMethods") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceSpec) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceState: **IdentityService**: State for a single membership, +// analyzed and reported by feature controller. +type IdentityServiceState struct { + // FailureReason: The reason of the failure. + FailureReason string `json:"failureReason,omitempty"` + // InstalledVersion: Installed AIS version. This is the AIS version installed + // on this member. The values makes sense iff state is OK. + InstalledVersion string `json:"installedVersion,omitempty"` + // MemberConfig: Last reconciled membership configuration + MemberConfig *IdentityServiceSpec `json:"memberConfig,omitempty"` + // State: Deployment state on this member + // + // Possible values: + // "DEPLOYMENT_STATE_UNSPECIFIED" - Unspecified state + // "OK" - deployment succeeds + // "ERROR" - Failure with error. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "FailureReason") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "FailureReason") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceState) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// IdentityServiceUserConfig: Defines where users exist in the LDAP directory. +type IdentityServiceUserConfig struct { + // BaseDn: Required. The location of the subtree in the LDAP directory to + // search for user entries. + BaseDn string `json:"baseDn,omitempty"` + // Filter: Optional. Filter to apply when searching for the user. This can be + // used to further restrict the user accounts which are allowed to login. This + // defaults to "(objectClass=User)". + Filter string `json:"filter,omitempty"` + // IdAttribute: Optional. Determines which attribute to use as the user's + // identity after they are authenticated. This is distinct from the + // loginAttribute field to allow users to login with a username, but then have + // their actual identifier be an email address or full Distinguished Name (DN). + // For example, setting loginAttribute to "sAMAccountName" and + // identifierAttribute to "userPrincipalName" would allow a user to login as + // "bsmith", but actual RBAC policies for the user would be written as + // "bsmith@example.com". Using "userPrincipalName" is recommended since this + // will be unique for each user. This defaults to "userPrincipalName". + IdAttribute string `json:"idAttribute,omitempty"` + // LoginAttribute: Optional. The name of the attribute which matches against + // the input username. This is used to find the user in the LDAP database e.g. + // "(=)" and is combined with the optional filter field. This defaults to + // "userPrincipalName". + LoginAttribute string `json:"loginAttribute,omitempty"` + // ForceSendFields is a list of field names (e.g. "BaseDn") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BaseDn") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s IdentityServiceUserConfig) MarshalJSON() ([]byte, error) { + type NoMethod IdentityServiceUserConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// LifecycleState: LifecycleState describes the state of a MembershipFeature +// *resource* in the GkeHub API. See `FeatureState` for the "running state" of +// the MembershipFeature. +type LifecycleState struct { + // State: Output only. The current state of the Feature resource in the Hub + // API. + // + // Possible values: + // "STATE_UNSPECIFIED" - State is unknown or not set. + // "ENABLING" - The MembershipFeature is being enabled, and the + // MembershipFeature resource is being created. Once complete, the + // corresponding MembershipFeature will be enabled in this Hub. + // "ACTIVE" - The MembershipFeature is enabled in this Hub, and the + // MembershipFeature resource is fully available. + // "DISABLING" - The MembershipFeature is being disabled in this Hub, and the + // MembershipFeature resource is being deleted. + // "UPDATING" - The MembershipFeature resource is being updated. + // "SERVICE_UPDATING" - The MembershipFeature resource is being updated by + // the Hub Service. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "State") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "State") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s LifecycleState) MarshalJSON() ([]byte, error) { + type NoMethod LifecycleState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListLocationsResponse: The response message for Locations.ListLocations. +type ListLocationsResponse struct { + // Locations: A list of locations that matches the specified filter in the + // request. + Locations []*Location `json:"locations,omitempty"` + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Locations") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Locations") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListLocationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListLocationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListMembershipFeaturesResponse: Response message for the +// `GkeHubFeature.ListMembershipFeatures` method. +type ListMembershipFeaturesResponse struct { + // MembershipFeatures: The list of matching MembershipFeatures. + MembershipFeatures []*MembershipFeature `json:"membershipFeatures,omitempty"` + // NextPageToken: A token to request the next page of resources from the + // `ListMembershipFeatures` method. The value of an empty string means that + // there are no more resources to return. + NextPageToken string `json:"nextPageToken,omitempty"` + // Unreachable: List of locations that could not be reached while fetching this + // list. + Unreachable []string `json:"unreachable,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "MembershipFeatures") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "MembershipFeatures") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListMembershipFeaturesResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListMembershipFeaturesResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ListOperationsResponse: The response message for Operations.ListOperations. +type ListOperationsResponse struct { + // NextPageToken: The standard List next-page token. + NextPageToken string `json:"nextPageToken,omitempty"` + // Operations: A list of operations that matches the specified filter in the + // request. + Operations []*Operation `json:"operations,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "NextPageToken") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ListOperationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListOperationsResponse + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Location: A resource that represents a Google Cloud location. +type Location struct { + // DisplayName: The friendly name for this location, typically a nearby city + // name. For example, "Tokyo". + DisplayName string `json:"displayName,omitempty"` + // Labels: Cross-service attributes for the location. For example + // {"cloud.googleapis.com/region": "us-east1"} + Labels map[string]string `json:"labels,omitempty"` + // LocationId: The canonical id for this location. For example: "us-east1". + LocationId string `json:"locationId,omitempty"` + // Metadata: Service-specific metadata. For example the available capacity at + // the given location. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: Resource name for the location, which may vary between + // implementations. For example: + // "projects/example-project/locations/us-east1" + Name string `json:"name,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "DisplayName") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DisplayName") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Location) MarshalJSON() ([]byte, error) { + type NoMethod Location + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MembershipFeature: MembershipFeature represents the settings and status of a +// Fleet Feature enabled on a single Fleet Membership. +type MembershipFeature struct { + // CreateTime: Output only. When the MembershipFeature resource was created. + CreateTime string `json:"createTime,omitempty"` + // DeleteTime: Output only. When the MembershipFeature resource was deleted. + DeleteTime string `json:"deleteTime,omitempty"` + // FeatureConfigRef: Reference information for a FeatureConfig applied on the + // MembershipFeature. + FeatureConfigRef *FeatureConfigRef `json:"featureConfigRef,omitempty"` + // Labels: GCP labels for this MembershipFeature. + Labels map[string]string `json:"labels,omitempty"` + // LifecycleState: Output only. Lifecycle information of the resource itself. + LifecycleState *LifecycleState `json:"lifecycleState,omitempty"` + // Name: Output only. The resource name of the membershipFeature, in the + // format: + // `projects/{project}/locations/{location}/memberships/{membership}/features/{f + // eature}`. Note that `membershipFeatures` is shortened to `features` in the + // resource name. (see http://go/aip/122#collection-identifiers) + Name string `json:"name,omitempty"` + // Spec: Spec of this membershipFeature. + Spec *FeatureSpec `json:"spec,omitempty"` + // State: Output only. State of the this membershipFeature. + State *FeatureState `json:"state,omitempty"` + // UpdateTime: Output only. When the MembershipFeature resource was last + // updated. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CreateTime") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MembershipFeature) MarshalJSON() ([]byte, error) { + type NoMethod MembershipFeature + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// MeteringState: **Metering**: State for a single membership, analyzed and +// reported by feature controller. +type MeteringState struct { + // LastMeasurementTime: The time stamp of the most recent measurement of the + // number of vCPUs in the cluster. + LastMeasurementTime string `json:"lastMeasurementTime,omitempty"` + // PreciseLastMeasuredClusterVcpuCapacity: The vCPUs capacity in the cluster + // according to the most recent measurement (1/1000 precision). + PreciseLastMeasuredClusterVcpuCapacity float64 `json:"preciseLastMeasuredClusterVcpuCapacity,omitempty"` + // ForceSendFields is a list of field names (e.g. "LastMeasurementTime") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "LastMeasurementTime") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s MeteringState) MarshalJSON() ([]byte, error) { + type NoMethod MeteringState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +func (s *MeteringState) UnmarshalJSON(data []byte) error { + type NoMethod MeteringState + var s1 struct { + PreciseLastMeasuredClusterVcpuCapacity gensupport.JSONFloat64 `json:"preciseLastMeasuredClusterVcpuCapacity"` + *NoMethod + } + s1.NoMethod = (*NoMethod)(s) + if err := json.Unmarshal(data, &s1); err != nil { + return err + } + s.PreciseLastMeasuredClusterVcpuCapacity = float64(s1.PreciseLastMeasuredClusterVcpuCapacity) + return nil +} + +// Operation: This resource represents a long-running operation that is the +// result of a network API call. +type Operation struct { + // Done: If the value is `false`, it means the operation is still in progress. + // If `true`, the operation is completed, and either `error` or `response` is + // available. + Done bool `json:"done,omitempty"` + // Error: The error result of the operation in case of failure or cancellation. + Error *GoogleRpcStatus `json:"error,omitempty"` + // Metadata: Service-specific metadata associated with the operation. It + // typically contains progress information and common metadata such as create + // time. Some services might not provide such metadata. Any method that returns + // a long-running operation should document the metadata type, if any. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + // Name: The server-assigned name, which is only unique within the same service + // that originally returns it. If you use the default HTTP mapping, the `name` + // should be a resource name ending with `operations/{unique_id}`. + Name string `json:"name,omitempty"` + // Response: The normal, successful response of the operation. If the original + // method returns no data on success, such as `Delete`, the response is + // `google.protobuf.Empty`. If the original method is standard + // `Get`/`Create`/`Update`, the response should be the resource. For other + // methods, the response should have the type `XxxResponse`, where `Xxx` is the + // original method name. For example, if the original method name is + // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. + Response googleapi.RawMessage `json:"response,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the server. + googleapi.ServerResponse `json:"-"` + // ForceSendFields is a list of field names (e.g. "Done") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Done") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Operation) MarshalJSON() ([]byte, error) { + type NoMethod Operation + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// OperationMetadata: Metadata of the long-running operation. +type OperationMetadata struct { + // ApiVersion: Output only. API version used to start the operation. + ApiVersion string `json:"apiVersion,omitempty"` + // CancelRequested: Output only. Identifies whether the user has requested + // cancellation of the operation. Operations that have successfully been + // cancelled have Operation.error value with a google.rpc.Status.code of 1, + // corresponding to `Code.CANCELLED`. + CancelRequested bool `json:"cancelRequested,omitempty"` + // CreateTime: Output only. The time the operation was created. + CreateTime string `json:"createTime,omitempty"` + // EndTime: Output only. The time the operation finished running. + EndTime string `json:"endTime,omitempty"` + // StatusDetail: Output only. Human-readable status of the operation, if any. + StatusDetail string `json:"statusDetail,omitempty"` + // Target: Output only. Server-defined resource path for the target of the + // operation. + Target string `json:"target,omitempty"` + // Verb: Output only. Name of the verb executed by the operation. + Verb string `json:"verb,omitempty"` + // ForceSendFields is a list of field names (e.g. "ApiVersion") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ApiVersion") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s OperationMetadata) MarshalJSON() ([]byte, error) { + type NoMethod OperationMetadata + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// Origin: Origin defines where this FeatureSpec originated from. +type Origin struct { + // Type: Type specifies which type of origin is set. + // + // Possible values: + // "TYPE_UNSPECIFIED" - Type is unknown or not set. + // "FLEET" - Per-Feature spec was inherited from the fleet-level default. + // "FLEET_OUT_OF_SYNC" - Per-Feature spec was inherited from the fleet-level + // default but is now out of sync with the current default. + // "USER" - Per-Feature spec was inherited from a user specification. + Type string `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "Type") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Type") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s Origin) MarshalJSON() ([]byte, error) { + type NoMethod Origin + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerBundleInstallSpec: BundleInstallSpec is the specification +// configuration for a single managed bundle. +type PolicyControllerBundleInstallSpec struct { + // ExemptedNamespaces: the set of namespaces to be exempted from the bundle + ExemptedNamespaces []string `json:"exemptedNamespaces,omitempty"` + // ForceSendFields is a list of field names (e.g. "ExemptedNamespaces") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ExemptedNamespaces") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerBundleInstallSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerBundleInstallSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerHubConfig: Configuration for Policy Controller +type PolicyControllerHubConfig struct { + // AuditIntervalSeconds: Sets the interval for Policy Controller Audit Scans + // (in seconds). When set to 0, this disables audit functionality altogether. + AuditIntervalSeconds int64 `json:"auditIntervalSeconds,omitempty,string"` + // ConstraintViolationLimit: The maximum number of audit violations to be + // stored in a constraint. If not set, the internal default (currently 20) will + // be used. + ConstraintViolationLimit int64 `json:"constraintViolationLimit,omitempty,string"` + // DeploymentConfigs: Map of deployment configs to deployments + // (“admission”, “audit”, “mutation”). + DeploymentConfigs map[string]PolicyControllerPolicyControllerDeploymentConfig `json:"deploymentConfigs,omitempty"` + // ExemptableNamespaces: The set of namespaces that are excluded from Policy + // Controller checks. Namespaces do not need to currently exist on the cluster. + ExemptableNamespaces []string `json:"exemptableNamespaces,omitempty"` + // InstallSpec: The install_spec represents the intended state specified by the + // latest request that mutated install_spec in the feature spec, not the + // lifecycle state of the feature observed by the Hub feature controller that + // is reported in the feature state. + // + // Possible values: + // "INSTALL_SPEC_UNSPECIFIED" - Spec is unknown. + // "INSTALL_SPEC_NOT_INSTALLED" - Request to uninstall Policy Controller. + // "INSTALL_SPEC_ENABLED" - Request to install and enable Policy Controller. + // "INSTALL_SPEC_SUSPENDED" - Request to suspend Policy Controller i.e. its + // webhooks. If Policy Controller is not installed, it will be installed but + // suspended. + // "INSTALL_SPEC_DETACHED" - Request to stop all reconciliation actions by + // PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from + // affecting cluster resources. + InstallSpec string `json:"installSpec,omitempty"` + // LogDeniesEnabled: Logs all denies and dry run failures. + LogDeniesEnabled bool `json:"logDeniesEnabled,omitempty"` + // Monitoring: Monitoring specifies the configuration of monitoring. + Monitoring *PolicyControllerMonitoringConfig `json:"monitoring,omitempty"` + // MutationEnabled: Enables the ability to mutate resources using Policy + // Controller. + MutationEnabled bool `json:"mutationEnabled,omitempty"` + // PolicyContent: Specifies the desired policy content on the cluster + PolicyContent *PolicyControllerPolicyContentSpec `json:"policyContent,omitempty"` + // ReferentialRulesEnabled: Enables the ability to use Constraint Templates + // that reference to objects other than the object currently being evaluated. + ReferentialRulesEnabled bool `json:"referentialRulesEnabled,omitempty"` + // ForceSendFields is a list of field names (e.g. "AuditIntervalSeconds") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AuditIntervalSeconds") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerHubConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerHubConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerMonitoringConfig: MonitoringConfig specifies the backends +// Policy Controller should export metrics to. For example, to specify metrics +// should be exported to Cloud Monitoring and Prometheus, specify backends: +// ["cloudmonitoring", "prometheus"] +type PolicyControllerMonitoringConfig struct { + // Backends: Specifies the list of backends Policy Controller will export to. + // An empty list would effectively disable metrics export. + // + // Possible values: + // "MONITORING_BACKEND_UNSPECIFIED" - Backend cannot be determined + // "PROMETHEUS" - Prometheus backend for monitoring + // "CLOUD_MONITORING" - Stackdriver/Cloud Monitoring backend for monitoring + Backends []string `json:"backends,omitempty"` + // ForceSendFields is a list of field names (e.g. "Backends") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Backends") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerMonitoringConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerMonitoringConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerOnClusterState: OnClusterState represents the state of a +// sub-component of Policy Controller. +type PolicyControllerOnClusterState struct { + // Details: Surface potential errors or information logs. + Details string `json:"details,omitempty"` + // State: The lifecycle state of this component. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerOnClusterState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerOnClusterState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentSpec: PolicyContentSpec defines the user's +// desired content configuration on the cluster. +type PolicyControllerPolicyContentSpec struct { + // Bundles: map of bundle name to BundleInstallSpec. The bundle name maps to + // the `bundleName` key in the `policycontroller.gke.io/constraintData` + // annotation on a constraint. + Bundles map[string]PolicyControllerBundleInstallSpec `json:"bundles,omitempty"` + // TemplateLibrary: Configures the installation of the Template Library. + TemplateLibrary *PolicyControllerTemplateLibraryConfig `json:"templateLibrary,omitempty"` + // ForceSendFields is a list of field names (e.g. "Bundles") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Bundles") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyContentState: The state of the policy controller +// policy content +type PolicyControllerPolicyContentState struct { + // BundleStates: The state of the any bundles included in the chosen version of + // the manifest + BundleStates map[string]PolicyControllerOnClusterState `json:"bundleStates,omitempty"` + // ReferentialSyncConfigState: The state of the referential data sync + // configuration. This could represent the state of either the syncSet + // object(s) or the config object, depending on the version of PoCo configured + // by the user. + ReferentialSyncConfigState *PolicyControllerOnClusterState `json:"referentialSyncConfigState,omitempty"` + // TemplateLibraryState: The state of the template library + TemplateLibraryState *PolicyControllerOnClusterState `json:"templateLibraryState,omitempty"` + // ForceSendFields is a list of field names (e.g. "BundleStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "BundleStates") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyContentState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyContentState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerPolicyControllerDeploymentConfig: Deployment-specific +// configuration. +type PolicyControllerPolicyControllerDeploymentConfig struct { + // ContainerResources: Container resource requirements. + ContainerResources *PolicyControllerResourceRequirements `json:"containerResources,omitempty"` + // PodAffinity: Pod affinity configuration. + // + // Possible values: + // "AFFINITY_UNSPECIFIED" - No affinity configuration has been specified. + // "NO_AFFINITY" - Affinity configurations will be removed from the + // deployment. + // "ANTI_AFFINITY" - Anti-affinity configuration will be applied to this + // deployment. Default for admissions deployment. + PodAffinity string `json:"podAffinity,omitempty"` + // PodAntiAffinity: Pod anti-affinity enablement. Deprecated: use + // `pod_affinity` instead. + PodAntiAffinity bool `json:"podAntiAffinity,omitempty"` + // PodTolerations: Pod tolerations of node taints. + PodTolerations []*PolicyControllerToleration `json:"podTolerations,omitempty"` + // ReplicaCount: Pod replica count. + ReplicaCount int64 `json:"replicaCount,omitempty,string"` + // ForceSendFields is a list of field names (e.g. "ContainerResources") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ContainerResources") to include + // in API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerPolicyControllerDeploymentConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerPolicyControllerDeploymentConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceList: ResourceList contains container resource +// requirements. +type PolicyControllerResourceList struct { + // Cpu: CPU requirement expressed in Kubernetes resource units. + Cpu string `json:"cpu,omitempty"` + // Memory: Memory requirement expressed in Kubernetes resource units. + Memory string `json:"memory,omitempty"` + // ForceSendFields is a list of field names (e.g. "Cpu") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Cpu") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceList) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceList + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerResourceRequirements: ResourceRequirements describes the +// compute resource requirements. +type PolicyControllerResourceRequirements struct { + // Limits: Limits describes the maximum amount of compute resources allowed for + // use by the running container. + Limits *PolicyControllerResourceList `json:"limits,omitempty"` + // Requests: Requests describes the amount of compute resources reserved for + // the container by the kube-scheduler. + Requests *PolicyControllerResourceList `json:"requests,omitempty"` + // ForceSendFields is a list of field names (e.g. "Limits") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Limits") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerResourceRequirements) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerResourceRequirements + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerSpec: **Policy Controller**: Configuration for a single +// cluster. Intended to parallel the PolicyController CR. +type PolicyControllerSpec struct { + // PolicyControllerHubConfig: Policy Controller configuration for the cluster. + PolicyControllerHubConfig *PolicyControllerHubConfig `json:"policyControllerHubConfig,omitempty"` + // Version: Version of Policy Controller installed. + Version string `json:"version,omitempty"` + // ForceSendFields is a list of field names (e.g. "PolicyControllerHubConfig") + // to unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "PolicyControllerHubConfig") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerSpec) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerState: **Policy Controller**: State for a single cluster. +type PolicyControllerState struct { + // ComponentStates: Currently these include (also serving as map keys): 1. + // "admission" 2. "audit" 3. "mutation" + ComponentStates map[string]PolicyControllerOnClusterState `json:"componentStates,omitempty"` + // PolicyContentState: The overall content state observed by the Hub Feature + // controller. + PolicyContentState *PolicyControllerPolicyContentState `json:"policyContentState,omitempty"` + // State: The overall Policy Controller lifecycle state observed by the Hub + // Feature controller. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - The lifecycle state is unspecified. + // "NOT_INSTALLED" - The PC does not exist on the given cluster, and no k8s + // resources of any type that are associated with the PC should exist there. + // The cluster does not possess a membership with the PCH. + // "INSTALLING" - The PCH possesses a Membership, however the PC is not fully + // installed on the cluster. In this state the hub can be expected to be taking + // actions to install the PC on the cluster. + // "ACTIVE" - The PC is fully installed on the cluster and in an operational + // mode. In this state PCH will be reconciling state with the PC, and the PC + // will be performing it's operational tasks per that software. Entering a + // READY state requires that the hub has confirmed the PC is installed and its + // pods are operational with the version of the PC the PCH expects. + // "UPDATING" - The PC is fully installed, but in the process of changing the + // configuration (including changing the version of PC either up and down, or + // modifying the manifests of PC) of the resources running on the cluster. The + // PCH has a Membership, is aware of the version the cluster should be running + // in, but has not confirmed for itself that the PC is running with that + // version. + // "DECOMMISSIONING" - The PC may have resources on the cluster, but the PCH + // wishes to remove the Membership. The Membership still exists. + // "CLUSTER_ERROR" - The PC is not operational, and the PCH is unable to act + // to make it operational. Entering a CLUSTER_ERROR state happens automatically + // when the PCH determines that a PC installed on the cluster is non-operative + // or that the cluster does not meet requirements set for the PCH to administer + // the cluster but has nevertheless been given an instruction to do so (such as + // ‘install'). + // "HUB_ERROR" - In this state, the PC may still be operational, and only the + // PCH is unable to act. The hub should not issue instructions to change the PC + // state, or otherwise interfere with the on-cluster resources. Entering a + // HUB_ERROR state happens automatically when the PCH determines the hub is in + // an unhealthy state and it wishes to ‘take hands off' to avoid corrupting + // the PC or other data. + // "SUSPENDED" - Policy Controller (PC) is installed but suspended. This + // means that the policies are not enforced, but violations are still recorded + // (through audit). + // "DETACHED" - PoCo Hub is not taking any action to reconcile cluster + // objects. Changes to those objects will not be overwritten by PoCo Hub. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "ComponentStates") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ComponentStates") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerState) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerTemplateLibraryConfig: The config specifying which default +// library templates to install. +type PolicyControllerTemplateLibraryConfig struct { + // Installation: Configures the manner in which the template library is + // installed on the cluster. + // + // Possible values: + // "INSTALLATION_UNSPECIFIED" - No installation strategy has been specified. + // "NOT_INSTALLED" - Do not install the template library. + // "ALL" - Install the entire template library. + Installation string `json:"installation,omitempty"` + // ForceSendFields is a list of field names (e.g. "Installation") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Installation") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerTemplateLibraryConfig) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerTemplateLibraryConfig + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// PolicyControllerToleration: Toleration of a node taint. +type PolicyControllerToleration struct { + // Effect: Matches a taint effect. + Effect string `json:"effect,omitempty"` + // Key: Matches a taint key (not necessarily unique). + Key string `json:"key,omitempty"` + // Operator: Matches a taint operator. + Operator string `json:"operator,omitempty"` + // Value: Matches a taint value. + Value string `json:"value,omitempty"` + // ForceSendFields is a list of field names (e.g. "Effect") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Effect") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s PolicyControllerToleration) MarshalJSON() ([]byte, error) { + type NoMethod PolicyControllerToleration + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessage: AnalysisMessage is a single message produced by +// an analyzer, and it used to communicate to the end user about the state of +// their Service Mesh configuration. +type ServiceMeshAnalysisMessage struct { + // Args: A UI can combine these args with a template (based on + // message_base.type) to produce an internationalized message. + Args googleapi.RawMessage `json:"args,omitempty"` + // Description: A human readable description of what the error means. It is + // suitable for non-internationalize display purposes. + Description string `json:"description,omitempty"` + // MessageBase: Details common to all types of Istio and ServiceMesh analysis + // messages. + MessageBase *ServiceMeshAnalysisMessageBase `json:"messageBase,omitempty"` + // ResourcePaths: A list of strings specifying the resource identifiers that + // were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID + // if the cause is a specific member cluster * + // MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the cause is a resource in + // a cluster + ResourcePaths []string `json:"resourcePaths,omitempty"` + // ForceSendFields is a list of field names (e.g. "Args") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Args") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessage) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessage + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshAnalysisMessageBase: AnalysisMessageBase describes some common +// information that is needed for all messages. +type ServiceMeshAnalysisMessageBase struct { + // DocumentationUrl: A url pointing to the Service Mesh or Istio documentation + // for this specific error type. + DocumentationUrl string `json:"documentationUrl,omitempty"` + // Level: Represents how severe a message is. + // + // Possible values: + // "LEVEL_UNSPECIFIED" - Illegal. Same + // istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN. + // "ERROR" - ERROR represents a misconfiguration that must be fixed. + // "WARNING" - WARNING represents a misconfiguration that should be fixed. + // "INFO" - INFO represents an informational finding. + Level string `json:"level,omitempty"` + // Type: Represents the specific type of a message. + Type *ServiceMeshType `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "DocumentationUrl") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "DocumentationUrl") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshAnalysisMessageBase) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshAnalysisMessageBase + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshCondition: Condition being reported. +type ServiceMeshCondition struct { + // Code: Unique identifier of the condition which describes the condition + // recognizable to the user. + // + // Possible values: + // "CODE_UNSPECIFIED" - Default Unspecified code + // "MESH_IAM_PERMISSION_DENIED" - Mesh IAM permission denied error code + // "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED" - Permission denied error code + // for cross-project + // "CNI_CONFIG_UNSUPPORTED" - CNI config unsupported error code + // "GKE_SANDBOX_UNSUPPORTED" - GKE sandbox unsupported error code + // "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED" - Nodepool workload + // identity federation required error code + // "CNI_INSTALLATION_FAILED" - CNI installation failed error code + // "CNI_POD_UNSCHEDULABLE" - CNI pod unschedulable error code + // "CLUSTER_HAS_ZERO_NODES" - Cluster has zero node code + // "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" - Multiple control planes + // unsupported error code + // "VPCSC_GA_SUPPORTED" - VPC-SC GA is supported for this control plane. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT" - User is using deprecated + // ControlPlaneManagement and they have not yet set Management. + // "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE" - User is using deprecated + // ControlPlaneManagement and they have already set Management. + // "CONFIG_APPLY_INTERNAL_ERROR" - Configuration (Istio/k8s resources) failed + // to apply due to internal error. + // "CONFIG_VALIDATION_ERROR" - Configuration failed to be applied due to + // being invalid. + // "CONFIG_VALIDATION_WARNING" - Encountered configuration(s) with possible + // unintended behavior or invalid configuration. These configs may not have + // been applied. + // "QUOTA_EXCEEDED_BACKEND_SERVICES" - BackendService quota exceeded error + // code. + // "QUOTA_EXCEEDED_HEALTH_CHECKS" - HealthCheck quota exceeded error code. + // "QUOTA_EXCEEDED_HTTP_ROUTES" - HTTPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_ROUTES" - TCPRoute quota exceeded error code. + // "QUOTA_EXCEEDED_TLS_ROUTES" - TLS routes quota exceeded error code. + // "QUOTA_EXCEEDED_TRAFFIC_POLICIES" - TrafficPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_ENDPOINT_POLICIES" - EndpointPolicy quota exceeded error + // code. + // "QUOTA_EXCEEDED_GATEWAYS" - Gateway quota exceeded error code. + // "QUOTA_EXCEEDED_MESHES" - Mesh quota exceeded error code. + // "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" - ServerTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" - ClientTLSPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" - ServiceLBPolicy quota exceeded + // error code. + // "QUOTA_EXCEEDED_HTTP_FILTERS" - HTTPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_TCP_FILTERS" - TCPFilter quota exceeded error code. + // "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" - NetworkEndpointGroup quota + // exceeded error code. + // "MODERNIZATION_SCHEDULED" - Modernization is scheduled for a cluster. + // "MODERNIZATION_IN_PROGRESS" - Modernization is in progress for a cluster. + // "MODERNIZATION_COMPLETED" - Modernization is completed for a cluster. + // "MODERNIZATION_ABORTED" - Modernization is aborted for a cluster. + Code string `json:"code,omitempty"` + // Details: A short summary about the issue. + Details string `json:"details,omitempty"` + // DocumentationLink: Links contains actionable information. + DocumentationLink string `json:"documentationLink,omitempty"` + // Severity: Severity level of the condition. + // + // Possible values: + // "SEVERITY_UNSPECIFIED" - Unspecified severity + // "ERROR" - Indicates an issue that prevents the mesh from operating + // correctly + // "WARNING" - Indicates a setting is likely wrong, but the mesh is still + // able to operate + // "INFO" - An informational message, not requiring any action + Severity string `json:"severity,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshCondition) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshCondition + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshControlPlaneManagement: Status of control plane management. +type ServiceMeshControlPlaneManagement struct { + // Details: Explanation of state. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // Implementation: Output only. Implementation of managed control plane. + // + // Possible values: + // "IMPLEMENTATION_UNSPECIFIED" - Unspecified + // "ISTIOD" - A Google build of istiod is used for the managed control plane. + // "TRAFFIC_DIRECTOR" - Traffic director is used for the managed control + // plane. + // "UPDATING" - The control plane implementation is being updated. + Implementation string `json:"implementation,omitempty"` + // State: LifecycleState of control plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshControlPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshControlPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshDataPlaneManagement: Status of data plane management. Only +// reported per-member. +type ServiceMeshDataPlaneManagement struct { + // Details: Explanation of the status. + Details []*ServiceMeshStatusDetails `json:"details,omitempty"` + // State: Lifecycle status of data plane management. + // + // Possible values: + // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified + // "DISABLED" - DISABLED means that the component is not enabled. + // "FAILED_PRECONDITION" - FAILED_PRECONDITION means that provisioning cannot + // proceed because of some characteristic of the member cluster. + // "PROVISIONING" - PROVISIONING means that provisioning is in progress. + // "ACTIVE" - ACTIVE means that the component is ready for use. + // "STALLED" - STALLED means that provisioning could not be done. + // "NEEDS_ATTENTION" - NEEDS_ATTENTION means that the component is ready, but + // some user intervention is required. (For example that the user should + // migrate workloads to a new control plane revision.) + // "DEGRADED" - DEGRADED means that the component is ready, but operating in + // a degraded state. + State string `json:"state,omitempty"` + // ForceSendFields is a list of field names (e.g. "Details") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Details") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshDataPlaneManagement) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshDataPlaneManagement + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshSpec: **Service Mesh**: Spec for a single Membership for the +// servicemesh feature +type ServiceMeshSpec struct { + // ConfigApi: Optional. Specifies the API that will be used for configuring the + // mesh workloads. + // + // Possible values: + // "CONFIG_API_UNSPECIFIED" - Unspecified + // "CONFIG_API_ISTIO" - Use the Istio API for configuration. + // "CONFIG_API_GATEWAY" - Use the K8s Gateway API for configuration. + ConfigApi string `json:"configApi,omitempty"` + // ControlPlane: Deprecated: use `management` instead Enables automatic control + // plane management. + // + // Possible values: + // "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" - Unspecified + // "AUTOMATIC" - Google should provision a control plane revision and make it + // available in the cluster. Google will enroll this revision in a release + // channel and keep it up to date. The control plane revision may be a managed + // service, or a managed install. + // "MANUAL" - User will manually configure the control plane (e.g. via CLI, + // or via the ControlPlaneRevision KRM API) + ControlPlane string `json:"controlPlane,omitempty"` + // DefaultChannel: Determines which release channel to use for default + // injection and service mesh APIs. + // + // Possible values: + // "CHANNEL_UNSPECIFIED" - Unspecified + // "RAPID" - RAPID channel is offered on an early access basis for customers + // who want to test new releases. + // "REGULAR" - REGULAR channel is intended for production users who want to + // take advantage of new features. + // "STABLE" - STABLE channel includes versions that are known to be stable + // and reliable in production. + DefaultChannel string `json:"defaultChannel,omitempty"` + // Management: Optional. Enables automatic Service Mesh management. + // + // Possible values: + // "MANAGEMENT_UNSPECIFIED" - Unspecified + // "MANAGEMENT_AUTOMATIC" - Google should manage my Service Mesh for the + // cluster. + // "MANAGEMENT_MANUAL" - User will manually configure their service mesh + // components. + Management string `json:"management,omitempty"` + // ForceSendFields is a list of field names (e.g. "ConfigApi") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "ConfigApi") to include in API + // requests with the JSON null value. By default, fields with empty values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshSpec) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshState: **Service Mesh**: State for a single Membership, as +// analyzed by the Service Mesh Hub Controller. +type ServiceMeshState struct { + // AnalysisMessages: Output only. Results of running Service Mesh analyzers. + AnalysisMessages []*ServiceMeshAnalysisMessage `json:"analysisMessages,omitempty"` + // Conditions: Output only. List of conditions reported for this membership. + Conditions []*ServiceMeshCondition `json:"conditions,omitempty"` + // ConfigApiVersion: The API version (i.e. Istio CRD version) for configuring + // service mesh in this cluster. This version is influenced by the + // `default_channel` field. + ConfigApiVersion string `json:"configApiVersion,omitempty"` + // ControlPlaneManagement: Output only. Status of control plane management + ControlPlaneManagement *ServiceMeshControlPlaneManagement `json:"controlPlaneManagement,omitempty"` + // DataPlaneManagement: Output only. Status of data plane management. + DataPlaneManagement *ServiceMeshDataPlaneManagement `json:"dataPlaneManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "AnalysisMessages") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "AnalysisMessages") to include in + // API requests with the JSON null value. By default, fields with empty values + // are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshState) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshState + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshStatusDetails: Structured and human-readable details for a +// status. +type ServiceMeshStatusDetails struct { + // Code: A machine-readable code that further describes a broad status. + Code string `json:"code,omitempty"` + // Details: Human-readable explanation of code. + Details string `json:"details,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshStatusDetails) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshStatusDetails + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// ServiceMeshType: A unique identifier for the type of message. Display_name +// is intended to be human-readable, code is intended to be machine readable. +// There should be a one-to-one mapping between display_name and code. (i.e. do +// not re-use display_names or codes between message types.) See +// istio.analysis.v1alpha1.AnalysisMessageBase.Type +type ServiceMeshType struct { + // Code: A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, + // intended to uniquely identify the message type. (e.g. "IST0001" is mapped to + // the "InternalError" message type.) + Code string `json:"code,omitempty"` + // DisplayName: A human-readable name for the message type. e.g. + // "InternalError", "PodMissingProxy". This should be the same for all messages + // of the same type. (This corresponds to the `name` field in open-source + // Istio.) + DisplayName string `json:"displayName,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s ServiceMeshType) MarshalJSON() ([]byte, error) { + type NoMethod ServiceMeshType + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// State: High-level state of a MembershipFeature. +type State struct { + // Code: The high-level, machine-readable status of this MembershipFeature. + // + // Possible values: + // "CODE_UNSPECIFIED" - Unknown or not set. + // "OK" - The MembershipFeature is operating normally. + // "WARNING" - The MembershipFeature has encountered an issue, and is + // operating in a degraded state. The MembershipFeature may need intervention + // to return to normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + // "ERROR" - The MembershipFeature is not operating or is in a severely + // degraded state. The MembershipFeature may need intervention to return to + // normal operation. See the description and any associated + // MembershipFeature-specific details for more information. + Code string `json:"code,omitempty"` + // Description: A human-readable description of the current status. + Description string `json:"description,omitempty"` + // UpdateTime: The time this status and any related Feature-specific details + // were updated. + UpdateTime string `json:"updateTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "Code") to unconditionally + // include in API requests. By default, fields with empty or default values are + // omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "Code") to include in API requests + // with the JSON null value. By default, fields with empty values are omitted + // from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s State) MarshalJSON() ([]byte, error) { + type NoMethod State + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +// WorkloadCertificateSpec: **WorkloadCertificate**: The membership-specific +// input for WorkloadCertificate feature. +type WorkloadCertificateSpec struct { + // CertificateManagement: CertificateManagement specifies workload certificate + // management. + // + // Possible values: + // "CERTIFICATE_MANAGEMENT_UNSPECIFIED" - Disable workload certificate + // feature. + // "DISABLED" - Disable workload certificate feature. + // "ENABLED" - Enable workload certificate feature. + CertificateManagement string `json:"certificateManagement,omitempty"` + // ForceSendFields is a list of field names (e.g. "CertificateManagement") to + // unconditionally include in API requests. By default, fields with empty or + // default values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more + // details. + ForceSendFields []string `json:"-"` + // NullFields is a list of field names (e.g. "CertificateManagement") to + // include in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. See + // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. + NullFields []string `json:"-"` +} + +func (s WorkloadCertificateSpec) MarshalJSON() ([]byte, error) { + type NoMethod WorkloadCertificateSpec + return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +} + +type ProjectsLocationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets information about a location. +// +// - name: Resource name for the location. +func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { + c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.get" call. +// Any non-2xx status code is an error. Response headers are in either +// *Location.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Location{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsListCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists information about the supported locations for this service. +// +// - name: The resource that owns the locations collection, if applicable. +func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { + c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Filter sets the optional parameter "filter": A filter to narrow down results +// to a preferred subset. The filtering language accepts strings like +// "displayName=tokyo", and is documented in more detail in AIP-160 +// (https://google.aip.dev/160). +func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number of +// results to return. If not set, the service selects a default. +func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A page token received +// from the `next_page_token` field in the response. Send that page token to +// receive the subsequent page. +func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets an optional parameter which makes the operation fail if the +// object's ETag matches the given value. This is useful for getting updates +// only after the object has changed since the last request. +func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+name}/locations") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.list" call. +// Any non-2xx status code is an error. Response headers are in either +// *ListLocationsResponse.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListLocationsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +type ProjectsLocationsMembershipsFeaturesCreateCall struct { + s *Service + parent string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates membershipFeature under a given parent. +// +// - parent: The name of parent where the MembershipFeature will be created. +// Specified in the format `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Create(parent string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesCreateCall { + c := &ProjectsLocationsMembershipsFeaturesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.membershipfeature = membershipfeature + return c +} + +// FeatureId sets the optional parameter "featureId": Required. The ID of the +// membership_feature to create. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) FeatureId(featureId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("featureId", featureId) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+parent}/features") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.create" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Removes a membershipFeature. +// +// - name: The name of the membershipFeature to be deleted. Specified in the +// format `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Delete(name string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c := &ProjectsLocationsMembershipsFeaturesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("requestId", requestId) + return c } -// Operation: This resource represents a long-running operation that is the -// result of a network API call. -type Operation struct { - // Done: If the value is `false`, it means the operation is still in progress. - // If `true`, the operation is completed, and either `error` or `response` is - // available. - Done bool `json:"done,omitempty"` - // Error: The error result of the operation in case of failure or cancellation. - Error *GoogleRpcStatus `json:"error,omitempty"` - // Metadata: Service-specific metadata associated with the operation. It - // typically contains progress information and common metadata such as create - // time. Some services might not provide such metadata. Any method that returns - // a long-running operation should document the metadata type, if any. - Metadata googleapi.RawMessage `json:"metadata,omitempty"` - // Name: The server-assigned name, which is only unique within the same service - // that originally returns it. If you use the default HTTP mapping, the `name` - // should be a resource name ending with `operations/{unique_id}`. - Name string `json:"name,omitempty"` - // Response: The normal, successful response of the operation. If the original - // method returns no data on success, such as `Delete`, the response is - // `google.protobuf.Empty`. If the original method is standard - // `Get`/`Create`/`Update`, the response should be the resource. For other - // methods, the response should have the type `XxxResponse`, where `Xxx` is the - // original method name. For example, if the original method name is - // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. - Response googleapi.RawMessage `json:"response,omitempty"` +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} - // ServerResponse contains the HTTP response code and headers from the server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "Done") to unconditionally - // include in API requests. By default, fields with empty or default values are - // omitted from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more - // details. - ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Done") to include in API requests - // with the JSON null value. By default, fields with empty values are omitted - // from API requests. See - // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. - NullFields []string `json:"-"` +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesDeleteCall { + c.ctx_ = ctx + return c } -func (s Operation) MarshalJSON() ([]byte, error) { - type NoMethod Operation - return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields) +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ } -type ProjectsLocationsGetCall struct { +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.delete" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + +type ProjectsLocationsMembershipsFeaturesGetCall struct { s *Service name string urlParams_ gensupport.URLParams @@ -384,11 +3931,13 @@ type ProjectsLocationsGetCall struct { header_ http.Header } -// Get: Gets information about a location. +// Get: ========= MembershipFeature Services ========= Gets details of a +// membershipFeature. // -// - name: Resource name for the location. -func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { - c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - name: The MembershipFeature resource name in the format +// `projects/*/locations/*/memberships/*/features/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) Get(name string) *ProjectsLocationsMembershipsFeaturesGetCall { + c := &ProjectsLocationsMembershipsFeaturesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name return c } @@ -396,7 +3945,7 @@ func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -404,27 +3953,27 @@ func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocatio // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesGetCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsGetCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesGetCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -445,12 +3994,13 @@ func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.get" call. +// Do executes the "gkehub.projects.locations.memberships.features.get" call. // Any non-2xx status code is an error. Response headers are in either -// *Location.ServerResponse.Header or (if a response was returned at all) in -// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check -// whether the returned error was because http.StatusNotModified was returned. -func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { +// *MembershipFeature.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsMembershipsFeaturesGetCall) Do(opts ...googleapi.CallOption) (*MembershipFeature, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -469,7 +4019,7 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Location{ + ret := &MembershipFeature{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -482,44 +4032,56 @@ func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, return ret, nil } -type ProjectsLocationsListCall struct { +type ProjectsLocationsMembershipsFeaturesListCall struct { s *Service - name string + parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } -// List: Lists information about the supported locations for this service. +// List: Lists MembershipFeatures in a given project and location. // -// - name: The resource that owns the locations collection, if applicable. -func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall { - c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name +// - parent: The parent where the MembershipFeature will be listed. In the +// format: `projects/*/locations/*/memberships/*`. +func (r *ProjectsLocationsMembershipsFeaturesService) List(parent string) *ProjectsLocationsMembershipsFeaturesListCall { + c := &ProjectsLocationsMembershipsFeaturesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent return c } -// Filter sets the optional parameter "filter": A filter to narrow down results -// to a preferred subset. The filtering language accepts strings like -// "displayName=tokyo", and is documented in more detail in AIP-160 -// (https://google.aip.dev/160). -func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall { +// Filter sets the optional parameter "filter": Lists MembershipFeatures that +// match the filter expression, following the syntax outlined in +// https://google.aip.dev/160. Examples: - Feature with the name "helloworld" +// in project "foo-proj" and membership "member-bar": name = +// "projects/foo-proj/locations/global/memberships/member-bar/features/helloworl +// d" - Features that have a label called `foo`: labels.foo:* - Features that +// have a label called `foo` whose value is `bar`: labels.foo = bar +func (c *ProjectsLocationsMembershipsFeaturesListCall) Filter(filter string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("filter", filter) return c } -// PageSize sets the optional parameter "pageSize": The maximum number of -// results to return. If not set, the service selects a default. -func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall { +// OrderBy sets the optional parameter "orderBy": One or more fields to compare +// and use to sort the output. See https://google.aip.dev/132#ordering. +func (c *ProjectsLocationsMembershipsFeaturesListCall) OrderBy(orderBy string) *ProjectsLocationsMembershipsFeaturesListCall { + c.urlParams_.Set("orderBy", orderBy) + return c +} + +// PageSize sets the optional parameter "pageSize": When requesting a 'page' of +// resources, `page_size` specifies number of resources to return. If +// unspecified or set to 0, all resources will be returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageSize(pageSize int64) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) return c } -// PageToken sets the optional parameter "pageToken": A page token received -// from the `next_page_token` field in the response. Send that page token to -// receive the subsequent page. -func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall { +// PageToken sets the optional parameter "pageToken": Token returned by +// previous call to `ListFeatures` which specifies the position in the list +// from where to continue listing the resources. +func (c *ProjectsLocationsMembershipsFeaturesListCall) PageToken(pageToken string) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("pageToken", pageToken) return c } @@ -527,7 +4089,7 @@ func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocatio // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. -func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -535,27 +4097,27 @@ func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocati // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. -func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsMembershipsFeaturesListCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. -func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. -func (c *ProjectsLocationsListCall) Header() http.Header { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsMembershipsFeaturesListCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) @@ -563,7 +4125,7 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+name}/locations") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+parent}/features") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -571,18 +4133,18 @@ func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "name": c.name, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "gkehub.projects.locations.list" call. +// Do executes the "gkehub.projects.locations.memberships.features.list" call. // Any non-2xx status code is an error. Response headers are in either -// *ListLocationsResponse.ServerResponse.Header or (if a response was returned -// at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified was -// returned. -func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) { +// *ListMembershipFeaturesResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesListCall) Do(opts ...googleapi.CallOption) (*ListMembershipFeaturesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -601,7 +4163,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &ListLocationsResponse{ + ret := &ListMembershipFeaturesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -617,7 +4179,7 @@ func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocat // Pages invokes f for each page of results. // A non-nil error returned from f will halt the iteration. // The provided context supersedes any context provided to the Context method. -func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error { +func (c *ProjectsLocationsMembershipsFeaturesListCall) Pages(ctx context.Context, f func(*ListMembershipFeaturesResponse) error) error { c.ctx_ = ctx defer c.PageToken(c.urlParams_.Get("pageToken")) for { @@ -635,6 +4197,132 @@ func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocat } } +type ProjectsLocationsMembershipsFeaturesPatchCall struct { + s *Service + nameid string + membershipfeature *MembershipFeature + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates an existing MembershipFeature. +// +// - name: Output only. The resource name of the membershipFeature, in the +// format: +// `projects/{project}/locations/{location}/memberships/{membership}/features/ +// {feature}`. Note that `membershipFeatures` is shortened to `features` in +// the resource name. (see http://go/aip/122#collection-identifiers). +func (r *ProjectsLocationsMembershipsFeaturesService) Patch(nameid string, membershipfeature *MembershipFeature) *ProjectsLocationsMembershipsFeaturesPatchCall { + c := &ProjectsLocationsMembershipsFeaturesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.nameid = nameid + c.membershipfeature = membershipfeature + return c +} + +// AllowMissing sets the optional parameter "allowMissing": If set to true, and +// the MembershipFeature is not found, a new MembershipFeature will be created. +// In this situation, `update_mask` is ignored. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) AllowMissing(allowMissing bool) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("allowMissing", fmt.Sprint(allowMissing)) + return c +} + +// RequestId sets the optional parameter "requestId": Idempotent request UUID. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) RequestId(requestId string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. Mask of +// fields to update. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more +// details. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Context(ctx context.Context) *ProjectsLocationsMembershipsFeaturesPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns a http.Header that can be modified by the caller to add +// headers to the request. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.membershipfeature) + if err != nil { + return nil, err + } + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v2beta/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.nameid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "gkehub.projects.locations.memberships.features.patch" call. +// Any non-2xx status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was returned. +func (c *ProjectsLocationsMembershipsFeaturesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil +} + type ProjectsLocationsOperationsCancelCall struct { s *Service name string diff --git a/tpu/v1/tpu-api.json b/tpu/v1/tpu-api.json index 603dbc140d1..b6c2847ea51 100644 --- a/tpu/v1/tpu-api.json +++ b/tpu/v1/tpu-api.json @@ -659,7 +659,7 @@ } } }, - "revision": "20230803", + "revision": "20241009", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorType": { @@ -968,7 +968,8 @@ "TERMINATED", "HIDING", "HIDDEN", - "UNHIDING" + "UNHIDING", + "UNKNOWN" ], "enumDescriptions": [ "TPU node state is not known/set.", @@ -985,7 +986,8 @@ "TPU node has been terminated due to maintenance or has reached the end of its life cycle (for preemptible nodes).", "TPU node is currently hiding.", "TPU node has been hidden.", - "TPU node is currently unhiding." + "TPU node is currently unhiding.", + "TPU node has unknown state after a failed repair." ], "readOnly": true, "type": "string" diff --git a/tpu/v1/tpu-gen.go b/tpu/v1/tpu-gen.go index 30463fd384e..17b4895f56e 100644 --- a/tpu/v1/tpu-gen.go +++ b/tpu/v1/tpu-gen.go @@ -552,6 +552,7 @@ type Node struct { // "HIDING" - TPU node is currently hiding. // "HIDDEN" - TPU node has been hidden. // "UNHIDING" - TPU node is currently unhiding. + // "UNKNOWN" - TPU node has unknown state after a failed repair. State string `json:"state,omitempty"` // Symptoms: Output only. The Symptoms that have occurred to the TPU Node. Symptoms []*Symptom `json:"symptoms,omitempty"` diff --git a/tpu/v1alpha1/tpu-api.json b/tpu/v1alpha1/tpu-api.json index 681b0d24d2e..ef7a9350bcb 100644 --- a/tpu/v1alpha1/tpu-api.json +++ b/tpu/v1alpha1/tpu-api.json @@ -669,7 +669,7 @@ } } }, - "revision": "20230803", + "revision": "20241009", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorType": { @@ -978,7 +978,8 @@ "TERMINATED", "HIDING", "HIDDEN", - "UNHIDING" + "UNHIDING", + "UNKNOWN" ], "enumDescriptions": [ "TPU node state is not known/set.", @@ -995,7 +996,8 @@ "TPU node has been terminated due to maintenance or has reached the end of its life cycle (for preemptible nodes).", "TPU node is currently hiding.", "TPU node has been hidden.", - "TPU node is currently unhiding." + "TPU node is currently unhiding.", + "TPU node has unknown state after a failed repair." ], "readOnly": true, "type": "string" diff --git a/tpu/v1alpha1/tpu-gen.go b/tpu/v1alpha1/tpu-gen.go index f5deefddbc4..be8da7026da 100644 --- a/tpu/v1alpha1/tpu-gen.go +++ b/tpu/v1alpha1/tpu-gen.go @@ -552,6 +552,7 @@ type Node struct { // "HIDING" - TPU node is currently hiding. // "HIDDEN" - TPU node has been hidden. // "UNHIDING" - TPU node is currently unhiding. + // "UNKNOWN" - TPU node has unknown state after a failed repair. State string `json:"state,omitempty"` // Symptoms: Output only. The Symptoms that have occurred to the TPU Node. Symptoms []*Symptom `json:"symptoms,omitempty"` diff --git a/tpu/v2/tpu-api.json b/tpu/v2/tpu-api.json index 30d91ca939b..4589aa0e7b4 100644 --- a/tpu/v2/tpu-api.json +++ b/tpu/v2/tpu-api.json @@ -887,7 +887,7 @@ } } }, - "revision": "20240530", + "revision": "20241009", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -1537,7 +1537,8 @@ "TERMINATED", "HIDING", "HIDDEN", - "UNHIDING" + "UNHIDING", + "UNKNOWN" ], "enumDescriptions": [ "TPU node state is not known/set.", @@ -1554,7 +1555,8 @@ "TPU node has been terminated due to maintenance or has reached the end of its life cycle (for preemptible nodes).", "TPU node is currently hiding.", "TPU node has been hidden.", - "TPU node is currently unhiding." + "TPU node is currently unhiding.", + "TPU node has unknown state after a failed repair." ], "readOnly": true, "type": "string" diff --git a/tpu/v2/tpu-gen.go b/tpu/v2/tpu-gen.go index 1934c71b8ae..54a7d717e25 100644 --- a/tpu/v2/tpu-gen.go +++ b/tpu/v2/tpu-gen.go @@ -1009,6 +1009,7 @@ type Node struct { // "HIDING" - TPU node is currently hiding. // "HIDDEN" - TPU node has been hidden. // "UNHIDING" - TPU node is currently unhiding. + // "UNKNOWN" - TPU node has unknown state after a failed repair. State string `json:"state,omitempty"` // Symptoms: Output only. The Symptoms that have occurred to the TPU Node. Symptoms []*Symptom `json:"symptoms,omitempty"` diff --git a/tpu/v2alpha1/tpu-api.json b/tpu/v2alpha1/tpu-api.json index 69767595b5d..772f54bf3b4 100644 --- a/tpu/v2alpha1/tpu-api.json +++ b/tpu/v2alpha1/tpu-api.json @@ -965,7 +965,7 @@ } } }, - "revision": "20240916", + "revision": "20241009", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -1681,7 +1681,8 @@ "TERMINATED", "HIDING", "HIDDEN", - "UNHIDING" + "UNHIDING", + "UNKNOWN" ], "enumDescriptions": [ "TPU node state is not known/set.", @@ -1698,7 +1699,8 @@ "TPU node has been terminated due to maintenance or has reached the end of its life cycle (for preemptible nodes).", "TPU node is currently hiding.", "TPU node has been hidden.", - "TPU node is currently unhiding." + "TPU node is currently unhiding.", + "TPU node has unknown state after a failed repair." ], "readOnly": true, "type": "string" diff --git a/tpu/v2alpha1/tpu-gen.go b/tpu/v2alpha1/tpu-gen.go index 075bc86b08f..ac9aba7fcb9 100644 --- a/tpu/v2alpha1/tpu-gen.go +++ b/tpu/v2alpha1/tpu-gen.go @@ -1113,6 +1113,7 @@ type Node struct { // "HIDING" - TPU node is currently hiding. // "HIDDEN" - TPU node has been hidden. // "UNHIDING" - TPU node is currently unhiding. + // "UNKNOWN" - TPU node has unknown state after a failed repair. State string `json:"state,omitempty"` // Symptoms: Output only. The Symptoms that have occurred to the TPU Node. Symptoms []*Symptom `json:"symptoms,omitempty"`