1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.gkehub.v1beta1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/annotations.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/api/client.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/api/field_behavior.proto"; 22*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 23*d5c09012SAndroid Build Coastguard Workerimport "google/longrunning/operations.proto"; 24*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/empty.proto"; 25*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/field_mask.proto"; 26*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/timestamp.proto"; 27*d5c09012SAndroid Build Coastguard Workerimport "google/rpc/status.proto"; 28*d5c09012SAndroid Build Coastguard Worker 29*d5c09012SAndroid Build Coastguard Workeroption csharp_namespace = "Google.Cloud.GkeHub.V1Beta1"; 30*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/gkehub/apiv1beta1/gkehubpb;gkehubpb"; 31*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 32*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.gkehub.v1beta1"; 33*d5c09012SAndroid Build Coastguard Workeroption php_namespace = "Google\\Cloud\\GkeHub\\V1beta1"; 34*d5c09012SAndroid Build Coastguard Workeroption ruby_package = "Google::Cloud::GkeHub::V1beta1"; 35*d5c09012SAndroid Build Coastguard Worker 36*d5c09012SAndroid Build Coastguard Worker// The GKE Hub MembershipService handles the registration of many Kubernetes 37*d5c09012SAndroid Build Coastguard Worker// clusters to Google Cloud, represented with the 38*d5c09012SAndroid Build Coastguard Worker// [Membership][google.cloud.gkehub.v1beta1.Membership] resource. 39*d5c09012SAndroid Build Coastguard Worker// 40*d5c09012SAndroid Build Coastguard Worker// GKE Hub is currently available in the global region and all regions in 41*d5c09012SAndroid Build Coastguard Worker// https://cloud.google.com/compute/docs/regions-zones. 42*d5c09012SAndroid Build Coastguard Worker// 43*d5c09012SAndroid Build Coastguard Worker// **Membership management may be non-trivial:** it is recommended to use one 44*d5c09012SAndroid Build Coastguard Worker// of the Google-provided client libraries or tools where possible when working 45*d5c09012SAndroid Build Coastguard Worker// with Membership resources. 46*d5c09012SAndroid Build Coastguard Workerservice GkeHubMembershipService { 47*d5c09012SAndroid Build Coastguard Worker option (google.api.default_host) = "gkehub.googleapis.com"; 48*d5c09012SAndroid Build Coastguard Worker option (google.api.oauth_scopes) = 49*d5c09012SAndroid Build Coastguard Worker "https://www.googleapis.com/auth/cloud-platform"; 50*d5c09012SAndroid Build Coastguard Worker 51*d5c09012SAndroid Build Coastguard Worker // Lists Memberships in a given project and location. 52*d5c09012SAndroid Build Coastguard Worker rpc ListMemberships(ListMembershipsRequest) 53*d5c09012SAndroid Build Coastguard Worker returns (ListMembershipsResponse) { 54*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 55*d5c09012SAndroid Build Coastguard Worker get: "/v1beta1/{parent=projects/*/locations/*}/memberships" 56*d5c09012SAndroid Build Coastguard Worker }; 57*d5c09012SAndroid Build Coastguard Worker option (google.api.method_signature) = "parent"; 58*d5c09012SAndroid Build Coastguard Worker } 59*d5c09012SAndroid Build Coastguard Worker 60*d5c09012SAndroid Build Coastguard Worker // Gets the details of a Membership. 61*d5c09012SAndroid Build Coastguard Worker rpc GetMembership(GetMembershipRequest) returns (Membership) { 62*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 63*d5c09012SAndroid Build Coastguard Worker get: "/v1beta1/{name=projects/*/locations/*/memberships/*}" 64*d5c09012SAndroid Build Coastguard Worker }; 65*d5c09012SAndroid Build Coastguard Worker option (google.api.method_signature) = "name"; 66*d5c09012SAndroid Build Coastguard Worker } 67*d5c09012SAndroid Build Coastguard Worker 68*d5c09012SAndroid Build Coastguard Worker // Creates a new Membership. 69*d5c09012SAndroid Build Coastguard Worker // 70*d5c09012SAndroid Build Coastguard Worker // **This is currently only supported for GKE clusters on Google Cloud**. 71*d5c09012SAndroid Build Coastguard Worker // To register other clusters, follow the instructions at 72*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/anthos/multicluster-management/connect/registering-a-cluster. 73*d5c09012SAndroid Build Coastguard Worker rpc CreateMembership(CreateMembershipRequest) 74*d5c09012SAndroid Build Coastguard Worker returns (google.longrunning.Operation) { 75*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 76*d5c09012SAndroid Build Coastguard Worker post: "/v1beta1/{parent=projects/*/locations/*}/memberships" 77*d5c09012SAndroid Build Coastguard Worker body: "resource" 78*d5c09012SAndroid Build Coastguard Worker }; 79*d5c09012SAndroid Build Coastguard Worker option (google.api.method_signature) = "parent,resource,membership_id"; 80*d5c09012SAndroid Build Coastguard Worker option (google.longrunning.operation_info) = { 81*d5c09012SAndroid Build Coastguard Worker response_type: "Membership" 82*d5c09012SAndroid Build Coastguard Worker metadata_type: "OperationMetadata" 83*d5c09012SAndroid Build Coastguard Worker }; 84*d5c09012SAndroid Build Coastguard Worker } 85*d5c09012SAndroid Build Coastguard Worker 86*d5c09012SAndroid Build Coastguard Worker // Removes a Membership. 87*d5c09012SAndroid Build Coastguard Worker // 88*d5c09012SAndroid Build Coastguard Worker // **This is currently only supported for GKE clusters on Google Cloud**. 89*d5c09012SAndroid Build Coastguard Worker // To unregister other clusters, follow the instructions at 90*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/anthos/multicluster-management/connect/unregistering-a-cluster. 91*d5c09012SAndroid Build Coastguard Worker rpc DeleteMembership(DeleteMembershipRequest) 92*d5c09012SAndroid Build Coastguard Worker returns (google.longrunning.Operation) { 93*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 94*d5c09012SAndroid Build Coastguard Worker delete: "/v1beta1/{name=projects/*/locations/*/memberships/*}" 95*d5c09012SAndroid Build Coastguard Worker }; 96*d5c09012SAndroid Build Coastguard Worker option (google.api.method_signature) = "name"; 97*d5c09012SAndroid Build Coastguard Worker option (google.longrunning.operation_info) = { 98*d5c09012SAndroid Build Coastguard Worker response_type: "google.protobuf.Empty" 99*d5c09012SAndroid Build Coastguard Worker metadata_type: "OperationMetadata" 100*d5c09012SAndroid Build Coastguard Worker }; 101*d5c09012SAndroid Build Coastguard Worker } 102*d5c09012SAndroid Build Coastguard Worker 103*d5c09012SAndroid Build Coastguard Worker // Updates an existing Membership. 104*d5c09012SAndroid Build Coastguard Worker rpc UpdateMembership(UpdateMembershipRequest) 105*d5c09012SAndroid Build Coastguard Worker returns (google.longrunning.Operation) { 106*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 107*d5c09012SAndroid Build Coastguard Worker patch: "/v1beta1/{name=projects/*/locations/*/memberships/*}" 108*d5c09012SAndroid Build Coastguard Worker body: "resource" 109*d5c09012SAndroid Build Coastguard Worker }; 110*d5c09012SAndroid Build Coastguard Worker option (google.api.method_signature) = "name,resource,update_mask"; 111*d5c09012SAndroid Build Coastguard Worker option (google.longrunning.operation_info) = { 112*d5c09012SAndroid Build Coastguard Worker response_type: "Membership" 113*d5c09012SAndroid Build Coastguard Worker metadata_type: "OperationMetadata" 114*d5c09012SAndroid Build Coastguard Worker }; 115*d5c09012SAndroid Build Coastguard Worker } 116*d5c09012SAndroid Build Coastguard Worker 117*d5c09012SAndroid Build Coastguard Worker // Generates the manifest for deployment of the GKE connect agent. 118*d5c09012SAndroid Build Coastguard Worker // 119*d5c09012SAndroid Build Coastguard Worker // **This method is used internally by Google-provided libraries.** 120*d5c09012SAndroid Build Coastguard Worker // Most clients should not need to call this method directly. 121*d5c09012SAndroid Build Coastguard Worker rpc GenerateConnectManifest(GenerateConnectManifestRequest) 122*d5c09012SAndroid Build Coastguard Worker returns (GenerateConnectManifestResponse) { 123*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 124*d5c09012SAndroid Build Coastguard Worker get: "/v1beta1/{name=projects/*/locations/*/memberships/*}:generateConnectManifest" 125*d5c09012SAndroid Build Coastguard Worker }; 126*d5c09012SAndroid Build Coastguard Worker } 127*d5c09012SAndroid Build Coastguard Worker 128*d5c09012SAndroid Build Coastguard Worker // ValidateExclusivity validates the state of exclusivity in the cluster. 129*d5c09012SAndroid Build Coastguard Worker // The validation does not depend on an existing Hub membership resource. 130*d5c09012SAndroid Build Coastguard Worker rpc ValidateExclusivity(ValidateExclusivityRequest) 131*d5c09012SAndroid Build Coastguard Worker returns (ValidateExclusivityResponse) { 132*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 133*d5c09012SAndroid Build Coastguard Worker get: "/v1beta1/{parent=projects/*/locations/*}/memberships:validateExclusivity" 134*d5c09012SAndroid Build Coastguard Worker }; 135*d5c09012SAndroid Build Coastguard Worker } 136*d5c09012SAndroid Build Coastguard Worker 137*d5c09012SAndroid Build Coastguard Worker // GenerateExclusivityManifest generates the manifests to update the 138*d5c09012SAndroid Build Coastguard Worker // exclusivity artifacts in the cluster if needed. 139*d5c09012SAndroid Build Coastguard Worker // 140*d5c09012SAndroid Build Coastguard Worker // Exclusivity artifacts include the Membership custom resource definition 141*d5c09012SAndroid Build Coastguard Worker // (CRD) and the singleton Membership custom resource (CR). Combined with 142*d5c09012SAndroid Build Coastguard Worker // ValidateExclusivity, exclusivity artifacts guarantee that a Kubernetes 143*d5c09012SAndroid Build Coastguard Worker // cluster is only registered to a single GKE Hub. 144*d5c09012SAndroid Build Coastguard Worker // 145*d5c09012SAndroid Build Coastguard Worker // The Membership CRD is versioned, and may require conversion when the GKE 146*d5c09012SAndroid Build Coastguard Worker // Hub API server begins serving a newer version of the CRD and 147*d5c09012SAndroid Build Coastguard Worker // corresponding CR. The response will be the converted CRD and CR if there 148*d5c09012SAndroid Build Coastguard Worker // are any differences between the versions. 149*d5c09012SAndroid Build Coastguard Worker rpc GenerateExclusivityManifest(GenerateExclusivityManifestRequest) 150*d5c09012SAndroid Build Coastguard Worker returns (GenerateExclusivityManifestResponse) { 151*d5c09012SAndroid Build Coastguard Worker option (google.api.http) = { 152*d5c09012SAndroid Build Coastguard Worker get: "/v1beta1/{name=projects/*/locations/*/memberships/*}:generateExclusivityManifest" 153*d5c09012SAndroid Build Coastguard Worker }; 154*d5c09012SAndroid Build Coastguard Worker } 155*d5c09012SAndroid Build Coastguard Worker} 156*d5c09012SAndroid Build Coastguard Worker 157*d5c09012SAndroid Build Coastguard Worker// Membership contains information about a member cluster. 158*d5c09012SAndroid Build Coastguard Workermessage Membership { 159*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 160*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 161*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/memberships/{membership}" 162*d5c09012SAndroid Build Coastguard Worker }; 163*d5c09012SAndroid Build Coastguard Worker 164*d5c09012SAndroid Build Coastguard Worker // Specifies the infrastructure type of a Membership. Infrastructure type is 165*d5c09012SAndroid Build Coastguard Worker // used by Hub to control infrastructure-specific behavior, including pricing. 166*d5c09012SAndroid Build Coastguard Worker // 167*d5c09012SAndroid Build Coastguard Worker // Each GKE distribution (on-GCP, on-Prem, on-X,...) will set this field 168*d5c09012SAndroid Build Coastguard Worker // automatically, but Attached Clusters customers should specify a type 169*d5c09012SAndroid Build Coastguard Worker // during registration. 170*d5c09012SAndroid Build Coastguard Worker enum InfrastructureType { 171*d5c09012SAndroid Build Coastguard Worker // No type was specified. Some Hub functionality may require a type be 172*d5c09012SAndroid Build Coastguard Worker // specified, and will not support Memberships with this value. 173*d5c09012SAndroid Build Coastguard Worker INFRASTRUCTURE_TYPE_UNSPECIFIED = 0; 174*d5c09012SAndroid Build Coastguard Worker 175*d5c09012SAndroid Build Coastguard Worker // Private infrastructure that is owned or operated by customer. This 176*d5c09012SAndroid Build Coastguard Worker // includes GKE distributions such as GKE-OnPrem and GKE-OnBareMetal. 177*d5c09012SAndroid Build Coastguard Worker ON_PREM = 1; 178*d5c09012SAndroid Build Coastguard Worker 179*d5c09012SAndroid Build Coastguard Worker // Public cloud infrastructure. 180*d5c09012SAndroid Build Coastguard Worker MULTI_CLOUD = 2; 181*d5c09012SAndroid Build Coastguard Worker } 182*d5c09012SAndroid Build Coastguard Worker 183*d5c09012SAndroid Build Coastguard Worker // Output only. The full, unique name of this Membership resource in the 184*d5c09012SAndroid Build Coastguard Worker // format `projects/*/locations/*/memberships/{membership_id}`, set during 185*d5c09012SAndroid Build Coastguard Worker // creation. 186*d5c09012SAndroid Build Coastguard Worker // 187*d5c09012SAndroid Build Coastguard Worker // `membership_id` must be a valid RFC 1123 compliant DNS label: 188*d5c09012SAndroid Build Coastguard Worker // 189*d5c09012SAndroid Build Coastguard Worker // 1. At most 63 characters in length 190*d5c09012SAndroid Build Coastguard Worker // 2. It must consist of lower case alphanumeric characters or `-` 191*d5c09012SAndroid Build Coastguard Worker // 3. It must start and end with an alphanumeric character 192*d5c09012SAndroid Build Coastguard Worker // 193*d5c09012SAndroid Build Coastguard Worker // Which can be expressed as the regex: `[a-z0-9]([-a-z0-9]*[a-z0-9])?`, 194*d5c09012SAndroid Build Coastguard Worker // with a maximum length of 63 characters. 195*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 196*d5c09012SAndroid Build Coastguard Worker 197*d5c09012SAndroid Build Coastguard Worker // Optional. GCP labels for this membership. 198*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 2 [(google.api.field_behavior) = OPTIONAL]; 199*d5c09012SAndroid Build Coastguard Worker 200*d5c09012SAndroid Build Coastguard Worker // Optional. Description of this membership, limited to 63 characters. 201*d5c09012SAndroid Build Coastguard Worker // Must match the regex: `[a-zA-Z0-9][a-zA-Z0-9_\-\.\ ]*` 202*d5c09012SAndroid Build Coastguard Worker string description = 3 [(google.api.field_behavior) = OPTIONAL]; 203*d5c09012SAndroid Build Coastguard Worker 204*d5c09012SAndroid Build Coastguard Worker // Type of resource represented by this Membership 205*d5c09012SAndroid Build Coastguard Worker oneof type { 206*d5c09012SAndroid Build Coastguard Worker // Optional. Endpoint information to reach this member. 207*d5c09012SAndroid Build Coastguard Worker MembershipEndpoint endpoint = 4 [(google.api.field_behavior) = OPTIONAL]; 208*d5c09012SAndroid Build Coastguard Worker } 209*d5c09012SAndroid Build Coastguard Worker 210*d5c09012SAndroid Build Coastguard Worker // Output only. State of the Membership resource. 211*d5c09012SAndroid Build Coastguard Worker MembershipState state = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 212*d5c09012SAndroid Build Coastguard Worker 213*d5c09012SAndroid Build Coastguard Worker // Optional. How to identify workloads from this Membership. 214*d5c09012SAndroid Build Coastguard Worker // See the documentation on Workload Identity for more details: 215*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity 216*d5c09012SAndroid Build Coastguard Worker Authority authority = 9 [(google.api.field_behavior) = OPTIONAL]; 217*d5c09012SAndroid Build Coastguard Worker 218*d5c09012SAndroid Build Coastguard Worker // Output only. When the Membership was created. 219*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 6 220*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 221*d5c09012SAndroid Build Coastguard Worker 222*d5c09012SAndroid Build Coastguard Worker // Output only. When the Membership was last updated. 223*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 7 224*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 225*d5c09012SAndroid Build Coastguard Worker 226*d5c09012SAndroid Build Coastguard Worker // Output only. When the Membership was deleted. 227*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp delete_time = 8 228*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 229*d5c09012SAndroid Build Coastguard Worker 230*d5c09012SAndroid Build Coastguard Worker // Optional. An externally-generated and managed ID for this Membership. This 231*d5c09012SAndroid Build Coastguard Worker // ID may be modified after creation, but this is not recommended. For GKE 232*d5c09012SAndroid Build Coastguard Worker // clusters, external_id is managed by the Hub API and updates will be 233*d5c09012SAndroid Build Coastguard Worker // ignored. 234*d5c09012SAndroid Build Coastguard Worker // 235*d5c09012SAndroid Build Coastguard Worker // The ID must match the regex: `[a-zA-Z0-9][a-zA-Z0-9_\-\.]*` 236*d5c09012SAndroid Build Coastguard Worker // 237*d5c09012SAndroid Build Coastguard Worker // If this Membership represents a Kubernetes cluster, this value should be 238*d5c09012SAndroid Build Coastguard Worker // set to the UID of the `kube-system` namespace object. 239*d5c09012SAndroid Build Coastguard Worker string external_id = 10 [(google.api.field_behavior) = OPTIONAL]; 240*d5c09012SAndroid Build Coastguard Worker 241*d5c09012SAndroid Build Coastguard Worker // Output only. For clusters using Connect, the timestamp of the most recent 242*d5c09012SAndroid Build Coastguard Worker // connection established with Google Cloud. This time is updated every 243*d5c09012SAndroid Build Coastguard Worker // several minutes, not continuously. For clusters that do not use GKE 244*d5c09012SAndroid Build Coastguard Worker // Connect, or that have never connected successfully, this field will be 245*d5c09012SAndroid Build Coastguard Worker // unset. 246*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_connection_time = 11 247*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 248*d5c09012SAndroid Build Coastguard Worker 249*d5c09012SAndroid Build Coastguard Worker // Output only. Google-generated UUID for this resource. This is unique across 250*d5c09012SAndroid Build Coastguard Worker // all Membership resources. If a Membership resource is deleted and another 251*d5c09012SAndroid Build Coastguard Worker // resource with the same name is created, it gets a different unique_id. 252*d5c09012SAndroid Build Coastguard Worker string unique_id = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; 253*d5c09012SAndroid Build Coastguard Worker 254*d5c09012SAndroid Build Coastguard Worker // Optional. The infrastructure type this Membership is running on. 255*d5c09012SAndroid Build Coastguard Worker InfrastructureType infrastructure_type = 13 256*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 257*d5c09012SAndroid Build Coastguard Worker 258*d5c09012SAndroid Build Coastguard Worker // Optional. The monitoring config information for this membership. 259*d5c09012SAndroid Build Coastguard Worker MonitoringConfig monitoring_config = 14 260*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 261*d5c09012SAndroid Build Coastguard Worker} 262*d5c09012SAndroid Build Coastguard Worker 263*d5c09012SAndroid Build Coastguard Worker// MembershipEndpoint contains information needed to contact a Kubernetes API, 264*d5c09012SAndroid Build Coastguard Worker// endpoint and any additional Kubernetes metadata. 265*d5c09012SAndroid Build Coastguard Workermessage MembershipEndpoint { 266*d5c09012SAndroid Build Coastguard Worker // Cluster information of the registered cluster. 267*d5c09012SAndroid Build Coastguard Worker oneof type { 268*d5c09012SAndroid Build Coastguard Worker // Optional. Specific information for a GKE-on-GCP cluster. 269*d5c09012SAndroid Build Coastguard Worker GkeCluster gke_cluster = 4 [(google.api.field_behavior) = OPTIONAL]; 270*d5c09012SAndroid Build Coastguard Worker 271*d5c09012SAndroid Build Coastguard Worker // Optional. Specific information for a GKE On-Prem cluster. An onprem 272*d5c09012SAndroid Build Coastguard Worker // user-cluster who has no resourceLink is not allowed to use this field, it 273*d5c09012SAndroid Build Coastguard Worker // should have a nil "type" instead. 274*d5c09012SAndroid Build Coastguard Worker OnPremCluster on_prem_cluster = 7 [(google.api.field_behavior) = OPTIONAL]; 275*d5c09012SAndroid Build Coastguard Worker 276*d5c09012SAndroid Build Coastguard Worker // Optional. Specific information for a GKE Multi-Cloud cluster. 277*d5c09012SAndroid Build Coastguard Worker MultiCloudCluster multi_cloud_cluster = 8 278*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 279*d5c09012SAndroid Build Coastguard Worker 280*d5c09012SAndroid Build Coastguard Worker // Optional. Specific information for a Google Edge cluster. 281*d5c09012SAndroid Build Coastguard Worker EdgeCluster edge_cluster = 9 [(google.api.field_behavior) = OPTIONAL]; 282*d5c09012SAndroid Build Coastguard Worker 283*d5c09012SAndroid Build Coastguard Worker // Optional. Specific information for a GDC Edge Appliance cluster. 284*d5c09012SAndroid Build Coastguard Worker ApplianceCluster appliance_cluster = 10 285*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 286*d5c09012SAndroid Build Coastguard Worker } 287*d5c09012SAndroid Build Coastguard Worker 288*d5c09012SAndroid Build Coastguard Worker // Output only. Useful Kubernetes-specific metadata. 289*d5c09012SAndroid Build Coastguard Worker KubernetesMetadata kubernetes_metadata = 5 290*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 291*d5c09012SAndroid Build Coastguard Worker 292*d5c09012SAndroid Build Coastguard Worker // Optional. The in-cluster Kubernetes Resources that should be applied for a 293*d5c09012SAndroid Build Coastguard Worker // correctly registered cluster, in the steady state. These resources: 294*d5c09012SAndroid Build Coastguard Worker // 295*d5c09012SAndroid Build Coastguard Worker // * Ensure that the cluster is exclusively registered to one and only one 296*d5c09012SAndroid Build Coastguard Worker // Hub Membership. 297*d5c09012SAndroid Build Coastguard Worker // * Propagate Workload Pool Information available in the Membership 298*d5c09012SAndroid Build Coastguard Worker // Authority field. 299*d5c09012SAndroid Build Coastguard Worker // * Ensure proper initial configuration of default Hub Features. 300*d5c09012SAndroid Build Coastguard Worker KubernetesResource kubernetes_resource = 6 301*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OPTIONAL]; 302*d5c09012SAndroid Build Coastguard Worker} 303*d5c09012SAndroid Build Coastguard Worker 304*d5c09012SAndroid Build Coastguard Worker// KubernetesResource contains the YAML manifests and configuration for 305*d5c09012SAndroid Build Coastguard Worker// Membership Kubernetes resources in the cluster. After CreateMembership or 306*d5c09012SAndroid Build Coastguard Worker// UpdateMembership, these resources should be re-applied in the cluster. 307*d5c09012SAndroid Build Coastguard Workermessage KubernetesResource { 308*d5c09012SAndroid Build Coastguard Worker // Input only. The YAML representation of the Membership CR. This field is 309*d5c09012SAndroid Build Coastguard Worker // ignored for GKE clusters where Hub can read the CR directly. 310*d5c09012SAndroid Build Coastguard Worker // 311*d5c09012SAndroid Build Coastguard Worker // Callers should provide the CR that is currently present in the cluster 312*d5c09012SAndroid Build Coastguard Worker // during CreateMembership or UpdateMembership, or leave this field empty if 313*d5c09012SAndroid Build Coastguard Worker // none exists. The CR manifest is used to validate the cluster has not been 314*d5c09012SAndroid Build Coastguard Worker // registered with another Membership. 315*d5c09012SAndroid Build Coastguard Worker string membership_cr_manifest = 1 [(google.api.field_behavior) = INPUT_ONLY]; 316*d5c09012SAndroid Build Coastguard Worker 317*d5c09012SAndroid Build Coastguard Worker // Output only. Additional Kubernetes resources that need to be applied to the 318*d5c09012SAndroid Build Coastguard Worker // cluster after Membership creation, and after every update. 319*d5c09012SAndroid Build Coastguard Worker // 320*d5c09012SAndroid Build Coastguard Worker // This field is only populated in the Membership returned from a successful 321*d5c09012SAndroid Build Coastguard Worker // long-running operation from CreateMembership or UpdateMembership. It is not 322*d5c09012SAndroid Build Coastguard Worker // populated during normal GetMembership or ListMemberships requests. To get 323*d5c09012SAndroid Build Coastguard Worker // the resource manifest after the initial registration, the caller should 324*d5c09012SAndroid Build Coastguard Worker // make a UpdateMembership call with an empty field mask. 325*d5c09012SAndroid Build Coastguard Worker repeated ResourceManifest membership_resources = 2 326*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 327*d5c09012SAndroid Build Coastguard Worker 328*d5c09012SAndroid Build Coastguard Worker // Output only. The Kubernetes resources for installing the GKE Connect agent 329*d5c09012SAndroid Build Coastguard Worker // 330*d5c09012SAndroid Build Coastguard Worker // This field is only populated in the Membership returned from a successful 331*d5c09012SAndroid Build Coastguard Worker // long-running operation from CreateMembership or UpdateMembership. It is not 332*d5c09012SAndroid Build Coastguard Worker // populated during normal GetMembership or ListMemberships requests. To get 333*d5c09012SAndroid Build Coastguard Worker // the resource manifest after the initial registration, the caller should 334*d5c09012SAndroid Build Coastguard Worker // make a UpdateMembership call with an empty field mask. 335*d5c09012SAndroid Build Coastguard Worker repeated ResourceManifest connect_resources = 3 336*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 337*d5c09012SAndroid Build Coastguard Worker 338*d5c09012SAndroid Build Coastguard Worker // Optional. Options for Kubernetes resource generation. 339*d5c09012SAndroid Build Coastguard Worker ResourceOptions resource_options = 4 [(google.api.field_behavior) = OPTIONAL]; 340*d5c09012SAndroid Build Coastguard Worker} 341*d5c09012SAndroid Build Coastguard Worker 342*d5c09012SAndroid Build Coastguard Worker// ResourceOptions represent options for Kubernetes resource generation. 343*d5c09012SAndroid Build Coastguard Workermessage ResourceOptions { 344*d5c09012SAndroid Build Coastguard Worker // Optional. The Connect agent version to use for connect_resources. Defaults 345*d5c09012SAndroid Build Coastguard Worker // to the latest GKE Connect version. The version must be a currently 346*d5c09012SAndroid Build Coastguard Worker // supported version, obsolete versions will be rejected. 347*d5c09012SAndroid Build Coastguard Worker string connect_version = 1 [(google.api.field_behavior) = OPTIONAL]; 348*d5c09012SAndroid Build Coastguard Worker 349*d5c09012SAndroid Build Coastguard Worker // Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for 350*d5c09012SAndroid Build Coastguard Worker // CustomResourceDefinition resources. 351*d5c09012SAndroid Build Coastguard Worker // This option should be set for clusters with Kubernetes apiserver versions 352*d5c09012SAndroid Build Coastguard Worker // <1.16. 353*d5c09012SAndroid Build Coastguard Worker bool v1beta1_crd = 2 [(google.api.field_behavior) = OPTIONAL]; 354*d5c09012SAndroid Build Coastguard Worker 355*d5c09012SAndroid Build Coastguard Worker // Optional. Major version of the Kubernetes cluster. This is only used to 356*d5c09012SAndroid Build Coastguard Worker // determine which version to use for the CustomResourceDefinition resources, 357*d5c09012SAndroid Build Coastguard Worker // `apiextensions/v1beta1` or`apiextensions/v1`. 358*d5c09012SAndroid Build Coastguard Worker string k8s_version = 3 [(google.api.field_behavior) = OPTIONAL]; 359*d5c09012SAndroid Build Coastguard Worker} 360*d5c09012SAndroid Build Coastguard Worker 361*d5c09012SAndroid Build Coastguard Worker// ResourceManifest represents a single Kubernetes resource to be applied to 362*d5c09012SAndroid Build Coastguard Worker// the cluster. 363*d5c09012SAndroid Build Coastguard Workermessage ResourceManifest { 364*d5c09012SAndroid Build Coastguard Worker // YAML manifest of the resource. 365*d5c09012SAndroid Build Coastguard Worker string manifest = 1; 366*d5c09012SAndroid Build Coastguard Worker 367*d5c09012SAndroid Build Coastguard Worker // Whether the resource provided in the manifest is `cluster_scoped`. 368*d5c09012SAndroid Build Coastguard Worker // If unset, the manifest is assumed to be namespace scoped. 369*d5c09012SAndroid Build Coastguard Worker // 370*d5c09012SAndroid Build Coastguard Worker // This field is used for REST mapping when applying the resource in a 371*d5c09012SAndroid Build Coastguard Worker // cluster. 372*d5c09012SAndroid Build Coastguard Worker bool cluster_scoped = 2; 373*d5c09012SAndroid Build Coastguard Worker} 374*d5c09012SAndroid Build Coastguard Worker 375*d5c09012SAndroid Build Coastguard Worker// GkeCluster contains information specific to GKE clusters. 376*d5c09012SAndroid Build Coastguard Workermessage GkeCluster { 377*d5c09012SAndroid Build Coastguard Worker // Immutable. Self-link of the GCP resource for the GKE cluster. For example: 378*d5c09012SAndroid Build Coastguard Worker // 379*d5c09012SAndroid Build Coastguard Worker // //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster 380*d5c09012SAndroid Build Coastguard Worker // 381*d5c09012SAndroid Build Coastguard Worker // Zonal clusters are also supported. 382*d5c09012SAndroid Build Coastguard Worker string resource_link = 1 [(google.api.field_behavior) = IMMUTABLE]; 383*d5c09012SAndroid Build Coastguard Worker 384*d5c09012SAndroid Build Coastguard Worker // Output only. If cluster_missing is set then it denotes that the GKE cluster 385*d5c09012SAndroid Build Coastguard Worker // no longer exists in the GKE Control Plane. 386*d5c09012SAndroid Build Coastguard Worker bool cluster_missing = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 387*d5c09012SAndroid Build Coastguard Worker} 388*d5c09012SAndroid Build Coastguard Worker 389*d5c09012SAndroid Build Coastguard Worker// OnPremCluster contains information specific to GKE On-Prem clusters. 390*d5c09012SAndroid Build Coastguard Workermessage OnPremCluster { 391*d5c09012SAndroid Build Coastguard Worker // ClusterType describes on prem cluster's type. 392*d5c09012SAndroid Build Coastguard Worker enum ClusterType { 393*d5c09012SAndroid Build Coastguard Worker // The ClusterType is not set. 394*d5c09012SAndroid Build Coastguard Worker CLUSTERTYPE_UNSPECIFIED = 0; 395*d5c09012SAndroid Build Coastguard Worker 396*d5c09012SAndroid Build Coastguard Worker // The ClusterType is bootstrap cluster. 397*d5c09012SAndroid Build Coastguard Worker BOOTSTRAP = 1; 398*d5c09012SAndroid Build Coastguard Worker 399*d5c09012SAndroid Build Coastguard Worker // The ClusterType is baremetal hybrid cluster. 400*d5c09012SAndroid Build Coastguard Worker HYBRID = 2; 401*d5c09012SAndroid Build Coastguard Worker 402*d5c09012SAndroid Build Coastguard Worker // The ClusterType is baremetal standalone cluster. 403*d5c09012SAndroid Build Coastguard Worker STANDALONE = 3; 404*d5c09012SAndroid Build Coastguard Worker 405*d5c09012SAndroid Build Coastguard Worker // The ClusterType is user cluster. 406*d5c09012SAndroid Build Coastguard Worker USER = 4; 407*d5c09012SAndroid Build Coastguard Worker } 408*d5c09012SAndroid Build Coastguard Worker 409*d5c09012SAndroid Build Coastguard Worker // Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For 410*d5c09012SAndroid Build Coastguard Worker // example: 411*d5c09012SAndroid Build Coastguard Worker // 412*d5c09012SAndroid Build Coastguard Worker // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster 413*d5c09012SAndroid Build Coastguard Worker // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster 414*d5c09012SAndroid Build Coastguard Worker string resource_link = 1 [(google.api.field_behavior) = IMMUTABLE]; 415*d5c09012SAndroid Build Coastguard Worker 416*d5c09012SAndroid Build Coastguard Worker // Output only. If cluster_missing is set then it denotes that 417*d5c09012SAndroid Build Coastguard Worker // API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no 418*d5c09012SAndroid Build Coastguard Worker // longer exists. 419*d5c09012SAndroid Build Coastguard Worker bool cluster_missing = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 420*d5c09012SAndroid Build Coastguard Worker 421*d5c09012SAndroid Build Coastguard Worker // Immutable. Whether the cluster is an admin cluster. 422*d5c09012SAndroid Build Coastguard Worker bool admin_cluster = 3 [(google.api.field_behavior) = IMMUTABLE]; 423*d5c09012SAndroid Build Coastguard Worker 424*d5c09012SAndroid Build Coastguard Worker // Immutable. The on prem cluster's type. 425*d5c09012SAndroid Build Coastguard Worker ClusterType cluster_type = 4 [(google.api.field_behavior) = IMMUTABLE]; 426*d5c09012SAndroid Build Coastguard Worker} 427*d5c09012SAndroid Build Coastguard Worker 428*d5c09012SAndroid Build Coastguard Worker// MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. 429*d5c09012SAndroid Build Coastguard Workermessage MultiCloudCluster { 430*d5c09012SAndroid Build Coastguard Worker // Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. 431*d5c09012SAndroid Build Coastguard Worker // For example: 432*d5c09012SAndroid Build Coastguard Worker // 433*d5c09012SAndroid Build Coastguard Worker // //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster 434*d5c09012SAndroid Build Coastguard Worker // //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster 435*d5c09012SAndroid Build Coastguard Worker // //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster 436*d5c09012SAndroid Build Coastguard Worker string resource_link = 1 [(google.api.field_behavior) = IMMUTABLE]; 437*d5c09012SAndroid Build Coastguard Worker 438*d5c09012SAndroid Build Coastguard Worker // Output only. If cluster_missing is set then it denotes that 439*d5c09012SAndroid Build Coastguard Worker // API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster 440*d5c09012SAndroid Build Coastguard Worker // no longer exists. 441*d5c09012SAndroid Build Coastguard Worker bool cluster_missing = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 442*d5c09012SAndroid Build Coastguard Worker} 443*d5c09012SAndroid Build Coastguard Worker 444*d5c09012SAndroid Build Coastguard Worker// EdgeCluster contains information specific to Google Edge Clusters. 445*d5c09012SAndroid Build Coastguard Workermessage EdgeCluster { 446*d5c09012SAndroid Build Coastguard Worker // Immutable. Self-link of the GCP resource for the Edge Cluster. For 447*d5c09012SAndroid Build Coastguard Worker // example: 448*d5c09012SAndroid Build Coastguard Worker // 449*d5c09012SAndroid Build Coastguard Worker // //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster 450*d5c09012SAndroid Build Coastguard Worker string resource_link = 1 [(google.api.field_behavior) = IMMUTABLE]; 451*d5c09012SAndroid Build Coastguard Worker} 452*d5c09012SAndroid Build Coastguard Worker 453*d5c09012SAndroid Build Coastguard Worker// ApplianceCluster contains information specific to GDC Edge Appliance 454*d5c09012SAndroid Build Coastguard Worker// Clusters. 455*d5c09012SAndroid Build Coastguard Workermessage ApplianceCluster { 456*d5c09012SAndroid Build Coastguard Worker // Immutable. Self-link of the GCP resource for the Appliance Cluster. For 457*d5c09012SAndroid Build Coastguard Worker // example: 458*d5c09012SAndroid Build Coastguard Worker // 459*d5c09012SAndroid Build Coastguard Worker // //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance 460*d5c09012SAndroid Build Coastguard Worker string resource_link = 1 [(google.api.field_behavior) = IMMUTABLE]; 461*d5c09012SAndroid Build Coastguard Worker} 462*d5c09012SAndroid Build Coastguard Worker 463*d5c09012SAndroid Build Coastguard Worker// KubernetesMetadata provides informational metadata for Memberships 464*d5c09012SAndroid Build Coastguard Worker// representing Kubernetes clusters. 465*d5c09012SAndroid Build Coastguard Workermessage KubernetesMetadata { 466*d5c09012SAndroid Build Coastguard Worker // Output only. Kubernetes API server version string as reported by 467*d5c09012SAndroid Build Coastguard Worker // '/version'. 468*d5c09012SAndroid Build Coastguard Worker string kubernetes_api_server_version = 1 469*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 470*d5c09012SAndroid Build Coastguard Worker 471*d5c09012SAndroid Build Coastguard Worker // Output only. Node providerID as reported by the first node in the list of 472*d5c09012SAndroid Build Coastguard Worker // nodes on the Kubernetes endpoint. On Kubernetes platforms that support 473*d5c09012SAndroid Build Coastguard Worker // zero-node clusters (like GKE-on-GCP), the node_count will be zero and the 474*d5c09012SAndroid Build Coastguard Worker // node_provider_id will be empty. 475*d5c09012SAndroid Build Coastguard Worker string node_provider_id = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 476*d5c09012SAndroid Build Coastguard Worker 477*d5c09012SAndroid Build Coastguard Worker // Output only. Node count as reported by Kubernetes nodes resources. 478*d5c09012SAndroid Build Coastguard Worker int32 node_count = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 479*d5c09012SAndroid Build Coastguard Worker 480*d5c09012SAndroid Build Coastguard Worker // Output only. vCPU count as reported by Kubernetes nodes resources. 481*d5c09012SAndroid Build Coastguard Worker int32 vcpu_count = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 482*d5c09012SAndroid Build Coastguard Worker 483*d5c09012SAndroid Build Coastguard Worker // Output only. The total memory capacity as reported by the sum of all 484*d5c09012SAndroid Build Coastguard Worker // Kubernetes nodes resources, defined in MB. 485*d5c09012SAndroid Build Coastguard Worker int32 memory_mb = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 486*d5c09012SAndroid Build Coastguard Worker 487*d5c09012SAndroid Build Coastguard Worker // Output only. The time at which these details were last updated. This 488*d5c09012SAndroid Build Coastguard Worker // update_time is different from the Membership-level update_time since 489*d5c09012SAndroid Build Coastguard Worker // EndpointDetails are updated internally for API consumers. 490*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 100 491*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 492*d5c09012SAndroid Build Coastguard Worker} 493*d5c09012SAndroid Build Coastguard Worker 494*d5c09012SAndroid Build Coastguard Worker// Authority encodes how Google will recognize identities from this Membership. 495*d5c09012SAndroid Build Coastguard Worker// See the workload identity documentation for more details: 496*d5c09012SAndroid Build Coastguard Worker// https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity 497*d5c09012SAndroid Build Coastguard Workermessage Authority { 498*d5c09012SAndroid Build Coastguard Worker // Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with 499*d5c09012SAndroid Build Coastguard Worker // `https://` and be a valid URL with length <2000 characters. 500*d5c09012SAndroid Build Coastguard Worker // 501*d5c09012SAndroid Build Coastguard Worker // If set, then Google will allow valid OIDC tokens from this issuer to 502*d5c09012SAndroid Build Coastguard Worker // authenticate within the workload_identity_pool. OIDC discovery will be 503*d5c09012SAndroid Build Coastguard Worker // performed on this URI to validate tokens from the issuer. 504*d5c09012SAndroid Build Coastguard Worker // 505*d5c09012SAndroid Build Coastguard Worker // Clearing `issuer` disables Workload Identity. `issuer` cannot be directly 506*d5c09012SAndroid Build Coastguard Worker // modified; it must be cleared (and Workload Identity disabled) before using 507*d5c09012SAndroid Build Coastguard Worker // a new issuer (and re-enabling Workload Identity). 508*d5c09012SAndroid Build Coastguard Worker string issuer = 1 [(google.api.field_behavior) = OPTIONAL]; 509*d5c09012SAndroid Build Coastguard Worker 510*d5c09012SAndroid Build Coastguard Worker // Output only. The name of the workload identity pool in which `issuer` will 511*d5c09012SAndroid Build Coastguard Worker // be recognized. 512*d5c09012SAndroid Build Coastguard Worker // 513*d5c09012SAndroid Build Coastguard Worker // There is a single Workload Identity Pool per Hub that is shared 514*d5c09012SAndroid Build Coastguard Worker // between all Memberships that belong to that Hub. For a Hub hosted in 515*d5c09012SAndroid Build Coastguard Worker // {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, 516*d5c09012SAndroid Build Coastguard Worker // although this is subject to change in newer versions of this API. 517*d5c09012SAndroid Build Coastguard Worker string workload_identity_pool = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 518*d5c09012SAndroid Build Coastguard Worker 519*d5c09012SAndroid Build Coastguard Worker // Output only. An identity provider that reflects the `issuer` in the 520*d5c09012SAndroid Build Coastguard Worker // workload identity pool. 521*d5c09012SAndroid Build Coastguard Worker string identity_provider = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 522*d5c09012SAndroid Build Coastguard Worker 523*d5c09012SAndroid Build Coastguard Worker // Optional. OIDC verification keys for this Membership in JWKS format (RFC 524*d5c09012SAndroid Build Coastguard Worker // 7517). 525*d5c09012SAndroid Build Coastguard Worker // 526*d5c09012SAndroid Build Coastguard Worker // When this field is set, OIDC discovery will NOT be performed on `issuer`, 527*d5c09012SAndroid Build Coastguard Worker // and instead OIDC tokens will be validated using this field. 528*d5c09012SAndroid Build Coastguard Worker bytes oidc_jwks = 4 [(google.api.field_behavior) = OPTIONAL]; 529*d5c09012SAndroid Build Coastguard Worker} 530*d5c09012SAndroid Build Coastguard Worker 531*d5c09012SAndroid Build Coastguard Worker// This field informs Fleet-based applications/services/UIs with the necessary 532*d5c09012SAndroid Build Coastguard Worker// information for where each underlying Cluster reports its metrics. 533*d5c09012SAndroid Build Coastguard Workermessage MonitoringConfig { 534*d5c09012SAndroid Build Coastguard Worker // Immutable. Project used to report Metrics 535*d5c09012SAndroid Build Coastguard Worker string project_id = 1 [(google.api.field_behavior) = IMMUTABLE]; 536*d5c09012SAndroid Build Coastguard Worker 537*d5c09012SAndroid Build Coastguard Worker // Immutable. Location used to report Metrics 538*d5c09012SAndroid Build Coastguard Worker string location = 2 [(google.api.field_behavior) = IMMUTABLE]; 539*d5c09012SAndroid Build Coastguard Worker 540*d5c09012SAndroid Build Coastguard Worker // Immutable. Cluster name used to report metrics. 541*d5c09012SAndroid Build Coastguard Worker // For Anthos on VMWare/Baremetal, it would be in format 542*d5c09012SAndroid Build Coastguard Worker // `memberClusters/cluster_name`; And for Anthos on MultiCloud, it would be in 543*d5c09012SAndroid Build Coastguard Worker // format 544*d5c09012SAndroid Build Coastguard Worker // `{azureClusters, awsClusters}/cluster_name`. 545*d5c09012SAndroid Build Coastguard Worker string cluster = 3 [(google.api.field_behavior) = IMMUTABLE]; 546*d5c09012SAndroid Build Coastguard Worker 547*d5c09012SAndroid Build Coastguard Worker // Kubernetes system metrics, if available, are written to this prefix. 548*d5c09012SAndroid Build Coastguard Worker // This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos 549*d5c09012SAndroid Build Coastguard Worker // eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today 550*d5c09012SAndroid Build Coastguard Worker // but will migration to be under kubernetes.io/anthos 551*d5c09012SAndroid Build Coastguard Worker string kubernetes_metrics_prefix = 4; 552*d5c09012SAndroid Build Coastguard Worker 553*d5c09012SAndroid Build Coastguard Worker // Immutable. Cluster hash, this is a unique string generated by google code, 554*d5c09012SAndroid Build Coastguard Worker // which does not contain any PII, which we can use to reference the cluster. 555*d5c09012SAndroid Build Coastguard Worker // This is expected to be created by the monitoring stack and persisted into 556*d5c09012SAndroid Build Coastguard Worker // the Cluster object as well as to GKE-Hub. 557*d5c09012SAndroid Build Coastguard Worker string cluster_hash = 5 [(google.api.field_behavior) = IMMUTABLE]; 558*d5c09012SAndroid Build Coastguard Worker} 559*d5c09012SAndroid Build Coastguard Worker 560*d5c09012SAndroid Build Coastguard Worker// State of the Membership resource. 561*d5c09012SAndroid Build Coastguard Workermessage MembershipState { 562*d5c09012SAndroid Build Coastguard Worker // Code describes the state of a Membership resource. 563*d5c09012SAndroid Build Coastguard Worker enum Code { 564*d5c09012SAndroid Build Coastguard Worker // The code is not set. 565*d5c09012SAndroid Build Coastguard Worker CODE_UNSPECIFIED = 0; 566*d5c09012SAndroid Build Coastguard Worker 567*d5c09012SAndroid Build Coastguard Worker // The cluster is being registered. 568*d5c09012SAndroid Build Coastguard Worker CREATING = 1; 569*d5c09012SAndroid Build Coastguard Worker 570*d5c09012SAndroid Build Coastguard Worker // The cluster is registered. 571*d5c09012SAndroid Build Coastguard Worker READY = 2; 572*d5c09012SAndroid Build Coastguard Worker 573*d5c09012SAndroid Build Coastguard Worker // The cluster is being unregistered. 574*d5c09012SAndroid Build Coastguard Worker DELETING = 3; 575*d5c09012SAndroid Build Coastguard Worker 576*d5c09012SAndroid Build Coastguard Worker // The Membership is being updated. 577*d5c09012SAndroid Build Coastguard Worker UPDATING = 4; 578*d5c09012SAndroid Build Coastguard Worker 579*d5c09012SAndroid Build Coastguard Worker // The Membership is being updated by the Hub Service. 580*d5c09012SAndroid Build Coastguard Worker SERVICE_UPDATING = 5; 581*d5c09012SAndroid Build Coastguard Worker } 582*d5c09012SAndroid Build Coastguard Worker 583*d5c09012SAndroid Build Coastguard Worker // Output only. The current state of the Membership resource. 584*d5c09012SAndroid Build Coastguard Worker Code code = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 585*d5c09012SAndroid Build Coastguard Worker 586*d5c09012SAndroid Build Coastguard Worker // This field is never set by the Hub Service. 587*d5c09012SAndroid Build Coastguard Worker string description = 2 [deprecated = true]; 588*d5c09012SAndroid Build Coastguard Worker 589*d5c09012SAndroid Build Coastguard Worker // This field is never set by the Hub Service. 590*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 3 [deprecated = true]; 591*d5c09012SAndroid Build Coastguard Worker} 592*d5c09012SAndroid Build Coastguard Worker 593*d5c09012SAndroid Build Coastguard Worker// Request message for `GkeHubMembershipService.ListMemberships` method. 594*d5c09012SAndroid Build Coastguard Workermessage ListMembershipsRequest { 595*d5c09012SAndroid Build Coastguard Worker // Required. The parent (project and location) where the Memberships will be 596*d5c09012SAndroid Build Coastguard Worker // listed. Specified in the format `projects/*/locations/*`. 597*d5c09012SAndroid Build Coastguard Worker // `projects/*/locations/-` list memberships in all the regions. 598*d5c09012SAndroid Build Coastguard Worker string parent = 1 [ 599*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 600*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 601*d5c09012SAndroid Build Coastguard Worker child_type: "gkehub.googleapis.com/Membership" 602*d5c09012SAndroid Build Coastguard Worker } 603*d5c09012SAndroid Build Coastguard Worker ]; 604*d5c09012SAndroid Build Coastguard Worker 605*d5c09012SAndroid Build Coastguard Worker // Optional. When requesting a 'page' of resources, `page_size` specifies 606*d5c09012SAndroid Build Coastguard Worker // number of resources to return. If unspecified or set to 0, all resources 607*d5c09012SAndroid Build Coastguard Worker // will be returned. 608*d5c09012SAndroid Build Coastguard Worker int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; 609*d5c09012SAndroid Build Coastguard Worker 610*d5c09012SAndroid Build Coastguard Worker // Optional. Token returned by previous call to `ListMemberships` which 611*d5c09012SAndroid Build Coastguard Worker // specifies the position in the list from where to continue listing the 612*d5c09012SAndroid Build Coastguard Worker // resources. 613*d5c09012SAndroid Build Coastguard Worker string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; 614*d5c09012SAndroid Build Coastguard Worker 615*d5c09012SAndroid Build Coastguard Worker // Optional. Lists Memberships that match the filter expression, following the 616*d5c09012SAndroid Build Coastguard Worker // syntax outlined in https://google.aip.dev/160. 617*d5c09012SAndroid Build Coastguard Worker // 618*d5c09012SAndroid Build Coastguard Worker // Examples: 619*d5c09012SAndroid Build Coastguard Worker // 620*d5c09012SAndroid Build Coastguard Worker // - Name is `bar` in project `foo-proj` and location `global`: 621*d5c09012SAndroid Build Coastguard Worker // 622*d5c09012SAndroid Build Coastguard Worker // name = "projects/foo-proj/locations/global/membership/bar" 623*d5c09012SAndroid Build Coastguard Worker // 624*d5c09012SAndroid Build Coastguard Worker // - Memberships that have a label called `foo`: 625*d5c09012SAndroid Build Coastguard Worker // 626*d5c09012SAndroid Build Coastguard Worker // labels.foo:* 627*d5c09012SAndroid Build Coastguard Worker // 628*d5c09012SAndroid Build Coastguard Worker // - Memberships that have a label called `foo` whose value is `bar`: 629*d5c09012SAndroid Build Coastguard Worker // 630*d5c09012SAndroid Build Coastguard Worker // labels.foo = bar 631*d5c09012SAndroid Build Coastguard Worker // 632*d5c09012SAndroid Build Coastguard Worker // - Memberships in the CREATING state: 633*d5c09012SAndroid Build Coastguard Worker // 634*d5c09012SAndroid Build Coastguard Worker // state = CREATING 635*d5c09012SAndroid Build Coastguard Worker string filter = 4 [(google.api.field_behavior) = OPTIONAL]; 636*d5c09012SAndroid Build Coastguard Worker 637*d5c09012SAndroid Build Coastguard Worker // Optional. One or more fields to compare and use to sort the output. 638*d5c09012SAndroid Build Coastguard Worker // See https://google.aip.dev/132#ordering. 639*d5c09012SAndroid Build Coastguard Worker string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; 640*d5c09012SAndroid Build Coastguard Worker} 641*d5c09012SAndroid Build Coastguard Worker 642*d5c09012SAndroid Build Coastguard Worker// Response message for the `GkeHubMembershipService.ListMemberships` method. 643*d5c09012SAndroid Build Coastguard Workermessage ListMembershipsResponse { 644*d5c09012SAndroid Build Coastguard Worker // The list of matching Memberships. 645*d5c09012SAndroid Build Coastguard Worker repeated Membership resources = 1; 646*d5c09012SAndroid Build Coastguard Worker 647*d5c09012SAndroid Build Coastguard Worker // A token to request the next page of resources from the 648*d5c09012SAndroid Build Coastguard Worker // `ListMemberships` method. The value of an empty string means that 649*d5c09012SAndroid Build Coastguard Worker // there are no more resources to return. 650*d5c09012SAndroid Build Coastguard Worker string next_page_token = 2; 651*d5c09012SAndroid Build Coastguard Worker 652*d5c09012SAndroid Build Coastguard Worker // List of locations that could not be reached while fetching this list. 653*d5c09012SAndroid Build Coastguard Worker repeated string unreachable = 3; 654*d5c09012SAndroid Build Coastguard Worker} 655*d5c09012SAndroid Build Coastguard Worker 656*d5c09012SAndroid Build Coastguard Worker// Request message for `GkeHubMembershipService.GetMembership` method. 657*d5c09012SAndroid Build Coastguard Workermessage GetMembershipRequest { 658*d5c09012SAndroid Build Coastguard Worker // Required. The Membership resource name in the format 659*d5c09012SAndroid Build Coastguard Worker // `projects/*/locations/*/memberships/*`. 660*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 661*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 662*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 663*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 664*d5c09012SAndroid Build Coastguard Worker } 665*d5c09012SAndroid Build Coastguard Worker ]; 666*d5c09012SAndroid Build Coastguard Worker} 667*d5c09012SAndroid Build Coastguard Worker 668*d5c09012SAndroid Build Coastguard Worker// Request message for the `GkeHubMembershipService.CreateMembership` method. 669*d5c09012SAndroid Build Coastguard Workermessage CreateMembershipRequest { 670*d5c09012SAndroid Build Coastguard Worker // Required. The parent (project and location) where the Memberships will be 671*d5c09012SAndroid Build Coastguard Worker // created. Specified in the format `projects/*/locations/*`. 672*d5c09012SAndroid Build Coastguard Worker string parent = 1 [ 673*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 674*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 675*d5c09012SAndroid Build Coastguard Worker child_type: "gkehub.googleapis.com/Membership" 676*d5c09012SAndroid Build Coastguard Worker } 677*d5c09012SAndroid Build Coastguard Worker ]; 678*d5c09012SAndroid Build Coastguard Worker 679*d5c09012SAndroid Build Coastguard Worker // Required. Client chosen ID for the membership. `membership_id` must be a 680*d5c09012SAndroid Build Coastguard Worker // valid RFC 1123 compliant DNS label: 681*d5c09012SAndroid Build Coastguard Worker // 682*d5c09012SAndroid Build Coastguard Worker // 1. At most 63 characters in length 683*d5c09012SAndroid Build Coastguard Worker // 2. It must consist of lower case alphanumeric characters or `-` 684*d5c09012SAndroid Build Coastguard Worker // 3. It must start and end with an alphanumeric character 685*d5c09012SAndroid Build Coastguard Worker // 686*d5c09012SAndroid Build Coastguard Worker // Which can be expressed as the regex: `[a-z0-9]([-a-z0-9]*[a-z0-9])?`, 687*d5c09012SAndroid Build Coastguard Worker // with a maximum length of 63 characters. 688*d5c09012SAndroid Build Coastguard Worker string membership_id = 2 [(google.api.field_behavior) = REQUIRED]; 689*d5c09012SAndroid Build Coastguard Worker 690*d5c09012SAndroid Build Coastguard Worker // Required. The membership to create. 691*d5c09012SAndroid Build Coastguard Worker Membership resource = 3 [(google.api.field_behavior) = REQUIRED]; 692*d5c09012SAndroid Build Coastguard Worker 693*d5c09012SAndroid Build Coastguard Worker // Optional. A request ID to identify requests. Specify a unique request ID 694*d5c09012SAndroid Build Coastguard Worker // so that if you must retry your request, the server will know to ignore 695*d5c09012SAndroid Build Coastguard Worker // the request if it has already been completed. The server will guarantee 696*d5c09012SAndroid Build Coastguard Worker // that for at least 60 minutes after the first request. 697*d5c09012SAndroid Build Coastguard Worker // 698*d5c09012SAndroid Build Coastguard Worker // For example, consider a situation where you make an initial request and 699*d5c09012SAndroid Build Coastguard Worker // the request times out. If you make the request again with the same request 700*d5c09012SAndroid Build Coastguard Worker // ID, the server can check if original operation with the same request ID 701*d5c09012SAndroid Build Coastguard Worker // was received, and if so, will ignore the second request. This prevents 702*d5c09012SAndroid Build Coastguard Worker // clients from accidentally creating duplicate commitments. 703*d5c09012SAndroid Build Coastguard Worker // 704*d5c09012SAndroid Build Coastguard Worker // The request ID must be a valid UUID with the exception that zero UUID is 705*d5c09012SAndroid Build Coastguard Worker // not supported (00000000-0000-0000-0000-000000000000). 706*d5c09012SAndroid Build Coastguard Worker string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; 707*d5c09012SAndroid Build Coastguard Worker} 708*d5c09012SAndroid Build Coastguard Worker 709*d5c09012SAndroid Build Coastguard Worker// Request message for `GkeHubMembershipService.DeleteMembership` method. 710*d5c09012SAndroid Build Coastguard Workermessage DeleteMembershipRequest { 711*d5c09012SAndroid Build Coastguard Worker // Required. The Membership resource name in the format 712*d5c09012SAndroid Build Coastguard Worker // `projects/*/locations/*/memberships/*`. 713*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 714*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 715*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 716*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 717*d5c09012SAndroid Build Coastguard Worker } 718*d5c09012SAndroid Build Coastguard Worker ]; 719*d5c09012SAndroid Build Coastguard Worker 720*d5c09012SAndroid Build Coastguard Worker // Optional. A request ID to identify requests. Specify a unique request ID 721*d5c09012SAndroid Build Coastguard Worker // so that if you must retry your request, the server will know to ignore 722*d5c09012SAndroid Build Coastguard Worker // the request if it has already been completed. The server will guarantee 723*d5c09012SAndroid Build Coastguard Worker // that for at least 60 minutes after the first request. 724*d5c09012SAndroid Build Coastguard Worker // 725*d5c09012SAndroid Build Coastguard Worker // For example, consider a situation where you make an initial request and 726*d5c09012SAndroid Build Coastguard Worker // the request times out. If you make the request again with the same request 727*d5c09012SAndroid Build Coastguard Worker // ID, the server can check if original operation with the same request ID 728*d5c09012SAndroid Build Coastguard Worker // was received, and if so, will ignore the second request. This prevents 729*d5c09012SAndroid Build Coastguard Worker // clients from accidentally creating duplicate commitments. 730*d5c09012SAndroid Build Coastguard Worker // 731*d5c09012SAndroid Build Coastguard Worker // The request ID must be a valid UUID with the exception that zero UUID is 732*d5c09012SAndroid Build Coastguard Worker // not supported (00000000-0000-0000-0000-000000000000). 733*d5c09012SAndroid Build Coastguard Worker string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; 734*d5c09012SAndroid Build Coastguard Worker 735*d5c09012SAndroid Build Coastguard Worker // Optional. If set to true, any subresource from this Membership will also be 736*d5c09012SAndroid Build Coastguard Worker // deleted. Otherwise, the request will only work if the Membership has no 737*d5c09012SAndroid Build Coastguard Worker // subresource. 738*d5c09012SAndroid Build Coastguard Worker bool force = 5 [(google.api.field_behavior) = OPTIONAL]; 739*d5c09012SAndroid Build Coastguard Worker} 740*d5c09012SAndroid Build Coastguard Worker 741*d5c09012SAndroid Build Coastguard Worker// Request message for `GkeHubMembershipService.UpdateMembership` method. 742*d5c09012SAndroid Build Coastguard Workermessage UpdateMembershipRequest { 743*d5c09012SAndroid Build Coastguard Worker // Required. The membership resource name in the format: 744*d5c09012SAndroid Build Coastguard Worker // `projects/[project_id]/locations/global/memberships/[membership_id]` 745*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 746*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 747*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 748*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 749*d5c09012SAndroid Build Coastguard Worker } 750*d5c09012SAndroid Build Coastguard Worker ]; 751*d5c09012SAndroid Build Coastguard Worker 752*d5c09012SAndroid Build Coastguard Worker // Required. Mask of fields to update. At least one field path must be 753*d5c09012SAndroid Build Coastguard Worker // specified in this mask. 754*d5c09012SAndroid Build Coastguard Worker google.protobuf.FieldMask update_mask = 2 755*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = REQUIRED]; 756*d5c09012SAndroid Build Coastguard Worker 757*d5c09012SAndroid Build Coastguard Worker // Required. Only fields specified in update_mask are updated. 758*d5c09012SAndroid Build Coastguard Worker // If you specify a field in the update_mask but don't specify its value here 759*d5c09012SAndroid Build Coastguard Worker // that field will be deleted. 760*d5c09012SAndroid Build Coastguard Worker // If you are updating a map field, set the value of a key to null or empty 761*d5c09012SAndroid Build Coastguard Worker // string to delete the key from the map. It's not possible to update a key's 762*d5c09012SAndroid Build Coastguard Worker // value to the empty string. 763*d5c09012SAndroid Build Coastguard Worker // If you specify the update_mask to be a special path "*", fully replaces all 764*d5c09012SAndroid Build Coastguard Worker // user-modifiable fields to match `resource`. 765*d5c09012SAndroid Build Coastguard Worker Membership resource = 3 [(google.api.field_behavior) = REQUIRED]; 766*d5c09012SAndroid Build Coastguard Worker 767*d5c09012SAndroid Build Coastguard Worker // Optional. A request ID to identify requests. Specify a unique request ID 768*d5c09012SAndroid Build Coastguard Worker // so that if you must retry your request, the server will know to ignore 769*d5c09012SAndroid Build Coastguard Worker // the request if it has already been completed. The server will guarantee 770*d5c09012SAndroid Build Coastguard Worker // that for at least 60 minutes after the first request. 771*d5c09012SAndroid Build Coastguard Worker // 772*d5c09012SAndroid Build Coastguard Worker // For example, consider a situation where you make an initial request and 773*d5c09012SAndroid Build Coastguard Worker // the request times out. If you make the request again with the same request 774*d5c09012SAndroid Build Coastguard Worker // ID, the server can check if original operation with the same request ID 775*d5c09012SAndroid Build Coastguard Worker // was received, and if so, will ignore the second request. This prevents 776*d5c09012SAndroid Build Coastguard Worker // clients from accidentally creating duplicate commitments. 777*d5c09012SAndroid Build Coastguard Worker // 778*d5c09012SAndroid Build Coastguard Worker // The request ID must be a valid UUID with the exception that zero UUID is 779*d5c09012SAndroid Build Coastguard Worker // not supported (00000000-0000-0000-0000-000000000000). 780*d5c09012SAndroid Build Coastguard Worker string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; 781*d5c09012SAndroid Build Coastguard Worker} 782*d5c09012SAndroid Build Coastguard Worker 783*d5c09012SAndroid Build Coastguard Worker// Request message for `GkeHubMembershipService.GenerateConnectManifest` 784*d5c09012SAndroid Build Coastguard Worker// method. 785*d5c09012SAndroid Build Coastguard Workermessage GenerateConnectManifestRequest { 786*d5c09012SAndroid Build Coastguard Worker // Required. The Membership resource name the Agent will associate with, in 787*d5c09012SAndroid Build Coastguard Worker // the format `projects/*/locations/*/memberships/*`. 788*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 789*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 790*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 791*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 792*d5c09012SAndroid Build Coastguard Worker } 793*d5c09012SAndroid Build Coastguard Worker ]; 794*d5c09012SAndroid Build Coastguard Worker 795*d5c09012SAndroid Build Coastguard Worker // Optional. The connect agent to generate manifest for. 796*d5c09012SAndroid Build Coastguard Worker ConnectAgent connect_agent = 2 [(google.api.field_behavior) = OPTIONAL]; 797*d5c09012SAndroid Build Coastguard Worker 798*d5c09012SAndroid Build Coastguard Worker // Optional. The Connect agent version to use. Defaults to the most current 799*d5c09012SAndroid Build Coastguard Worker // version. 800*d5c09012SAndroid Build Coastguard Worker string version = 3 [(google.api.field_behavior) = OPTIONAL]; 801*d5c09012SAndroid Build Coastguard Worker 802*d5c09012SAndroid Build Coastguard Worker // Optional. If true, generate the resources for upgrade only. Some resources 803*d5c09012SAndroid Build Coastguard Worker // generated only for installation (e.g. secrets) will be excluded. 804*d5c09012SAndroid Build Coastguard Worker bool is_upgrade = 4 [(google.api.field_behavior) = OPTIONAL]; 805*d5c09012SAndroid Build Coastguard Worker 806*d5c09012SAndroid Build Coastguard Worker // Optional. The registry to fetch the connect agent image from. Defaults to 807*d5c09012SAndroid Build Coastguard Worker // gcr.io/gkeconnect. 808*d5c09012SAndroid Build Coastguard Worker string registry = 5 [(google.api.field_behavior) = OPTIONAL]; 809*d5c09012SAndroid Build Coastguard Worker 810*d5c09012SAndroid Build Coastguard Worker // Optional. The image pull secret content for the registry, if not public. 811*d5c09012SAndroid Build Coastguard Worker bytes image_pull_secret_content = 6 [(google.api.field_behavior) = OPTIONAL]; 812*d5c09012SAndroid Build Coastguard Worker} 813*d5c09012SAndroid Build Coastguard Worker 814*d5c09012SAndroid Build Coastguard Worker// GenerateConnectManifestResponse contains manifest information for 815*d5c09012SAndroid Build Coastguard Worker// installing/upgrading a Connect agent. 816*d5c09012SAndroid Build Coastguard Workermessage GenerateConnectManifestResponse { 817*d5c09012SAndroid Build Coastguard Worker // The ordered list of Kubernetes resources that need to be applied to the 818*d5c09012SAndroid Build Coastguard Worker // cluster for GKE Connect agent installation/upgrade. 819*d5c09012SAndroid Build Coastguard Worker repeated ConnectAgentResource manifest = 1; 820*d5c09012SAndroid Build Coastguard Worker} 821*d5c09012SAndroid Build Coastguard Worker 822*d5c09012SAndroid Build Coastguard Worker// ConnectAgentResource represents a Kubernetes resource manifest for Connect 823*d5c09012SAndroid Build Coastguard Worker// Agent deployment. 824*d5c09012SAndroid Build Coastguard Workermessage ConnectAgentResource { 825*d5c09012SAndroid Build Coastguard Worker // Kubernetes type of the resource. 826*d5c09012SAndroid Build Coastguard Worker TypeMeta type = 1; 827*d5c09012SAndroid Build Coastguard Worker 828*d5c09012SAndroid Build Coastguard Worker // YAML manifest of the resource. 829*d5c09012SAndroid Build Coastguard Worker string manifest = 2; 830*d5c09012SAndroid Build Coastguard Worker} 831*d5c09012SAndroid Build Coastguard Worker 832*d5c09012SAndroid Build Coastguard Worker// TypeMeta is the type information needed for content unmarshalling of 833*d5c09012SAndroid Build Coastguard Worker// Kubernetes resources in the manifest. 834*d5c09012SAndroid Build Coastguard Workermessage TypeMeta { 835*d5c09012SAndroid Build Coastguard Worker // Kind of the resource (e.g. Deployment). 836*d5c09012SAndroid Build Coastguard Worker string kind = 1; 837*d5c09012SAndroid Build Coastguard Worker 838*d5c09012SAndroid Build Coastguard Worker // APIVersion of the resource (e.g. v1). 839*d5c09012SAndroid Build Coastguard Worker string api_version = 2; 840*d5c09012SAndroid Build Coastguard Worker} 841*d5c09012SAndroid Build Coastguard Worker 842*d5c09012SAndroid Build Coastguard Worker// The information required from end users to use GKE Connect. 843*d5c09012SAndroid Build Coastguard Workermessage ConnectAgent { 844*d5c09012SAndroid Build Coastguard Worker // Do not set. 845*d5c09012SAndroid Build Coastguard Worker string name = 1 [deprecated = true]; 846*d5c09012SAndroid Build Coastguard Worker 847*d5c09012SAndroid Build Coastguard Worker // Optional. URI of a proxy if connectivity from the agent to 848*d5c09012SAndroid Build Coastguard Worker // gkeconnect.googleapis.com requires the use of a proxy. Format must be in 849*d5c09012SAndroid Build Coastguard Worker // the form `http(s)://{proxy_address}`, depending on the HTTP/HTTPS protocol 850*d5c09012SAndroid Build Coastguard Worker // supported by the proxy. This will direct the connect agent's outbound 851*d5c09012SAndroid Build Coastguard Worker // traffic through a HTTP(S) proxy. 852*d5c09012SAndroid Build Coastguard Worker bytes proxy = 2 [(google.api.field_behavior) = OPTIONAL]; 853*d5c09012SAndroid Build Coastguard Worker 854*d5c09012SAndroid Build Coastguard Worker // Optional. Namespace for GKE Connect agent resources. Defaults to 855*d5c09012SAndroid Build Coastguard Worker // `gke-connect`. 856*d5c09012SAndroid Build Coastguard Worker // 857*d5c09012SAndroid Build Coastguard Worker // The Connect Agent is authorized automatically when run in the default 858*d5c09012SAndroid Build Coastguard Worker // namespace. Otherwise, explicit authorization must be granted with an 859*d5c09012SAndroid Build Coastguard Worker // additional IAM binding. 860*d5c09012SAndroid Build Coastguard Worker string namespace = 3 [(google.api.field_behavior) = OPTIONAL]; 861*d5c09012SAndroid Build Coastguard Worker} 862*d5c09012SAndroid Build Coastguard Worker 863*d5c09012SAndroid Build Coastguard Worker// The request to validate the existing state of the membership CR in the 864*d5c09012SAndroid Build Coastguard Worker// cluster. 865*d5c09012SAndroid Build Coastguard Workermessage ValidateExclusivityRequest { 866*d5c09012SAndroid Build Coastguard Worker // Required. The parent (project and location) where the Memberships will be 867*d5c09012SAndroid Build Coastguard Worker // created. Specified in the format `projects/*/locations/*`. 868*d5c09012SAndroid Build Coastguard Worker string parent = 1 [ 869*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 870*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 871*d5c09012SAndroid Build Coastguard Worker child_type: "gkehub.googleapis.com/Membership" 872*d5c09012SAndroid Build Coastguard Worker } 873*d5c09012SAndroid Build Coastguard Worker ]; 874*d5c09012SAndroid Build Coastguard Worker 875*d5c09012SAndroid Build Coastguard Worker // Optional. The YAML of the membership CR in the cluster. Empty if the 876*d5c09012SAndroid Build Coastguard Worker // membership CR does not exist. 877*d5c09012SAndroid Build Coastguard Worker string cr_manifest = 2 [(google.api.field_behavior) = OPTIONAL]; 878*d5c09012SAndroid Build Coastguard Worker 879*d5c09012SAndroid Build Coastguard Worker // Required. The intended membership name under the `parent`. This method only 880*d5c09012SAndroid Build Coastguard Worker // does validation in anticipation of a CreateMembership call with the same 881*d5c09012SAndroid Build Coastguard Worker // name. 882*d5c09012SAndroid Build Coastguard Worker string intended_membership = 3 [(google.api.field_behavior) = REQUIRED]; 883*d5c09012SAndroid Build Coastguard Worker} 884*d5c09012SAndroid Build Coastguard Worker 885*d5c09012SAndroid Build Coastguard Worker// The response of exclusivity artifacts validation result status. 886*d5c09012SAndroid Build Coastguard Workermessage ValidateExclusivityResponse { 887*d5c09012SAndroid Build Coastguard Worker // The validation result. 888*d5c09012SAndroid Build Coastguard Worker // 889*d5c09012SAndroid Build Coastguard Worker // * `OK` means that exclusivity is validated, assuming the manifest produced 890*d5c09012SAndroid Build Coastguard Worker // by GenerateExclusivityManifest is successfully applied. 891*d5c09012SAndroid Build Coastguard Worker // * `ALREADY_EXISTS` means that the Membership CRD is already owned by 892*d5c09012SAndroid Build Coastguard Worker // another Hub. See `status.message` for more information. 893*d5c09012SAndroid Build Coastguard Worker google.rpc.Status status = 1; 894*d5c09012SAndroid Build Coastguard Worker} 895*d5c09012SAndroid Build Coastguard Worker 896*d5c09012SAndroid Build Coastguard Worker// The request to generate the manifests for exclusivity artifacts. 897*d5c09012SAndroid Build Coastguard Workermessage GenerateExclusivityManifestRequest { 898*d5c09012SAndroid Build Coastguard Worker // Required. The Membership resource name in the format 899*d5c09012SAndroid Build Coastguard Worker // `projects/*/locations/*/memberships/*`. 900*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 901*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 902*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 903*d5c09012SAndroid Build Coastguard Worker type: "gkehub.googleapis.com/Membership" 904*d5c09012SAndroid Build Coastguard Worker } 905*d5c09012SAndroid Build Coastguard Worker ]; 906*d5c09012SAndroid Build Coastguard Worker 907*d5c09012SAndroid Build Coastguard Worker // Optional. The YAML manifest of the membership CRD retrieved by 908*d5c09012SAndroid Build Coastguard Worker // `kubectl get customresourcedefinitions membership`. 909*d5c09012SAndroid Build Coastguard Worker // Leave empty if the resource does not exist. 910*d5c09012SAndroid Build Coastguard Worker string crd_manifest = 2 [(google.api.field_behavior) = OPTIONAL]; 911*d5c09012SAndroid Build Coastguard Worker 912*d5c09012SAndroid Build Coastguard Worker // Optional. The YAML manifest of the membership CR retrieved by 913*d5c09012SAndroid Build Coastguard Worker // `kubectl get memberships membership`. 914*d5c09012SAndroid Build Coastguard Worker // Leave empty if the resource does not exist. 915*d5c09012SAndroid Build Coastguard Worker string cr_manifest = 3 [(google.api.field_behavior) = OPTIONAL]; 916*d5c09012SAndroid Build Coastguard Worker} 917*d5c09012SAndroid Build Coastguard Worker 918*d5c09012SAndroid Build Coastguard Worker// The response of the exclusivity artifacts manifests for the client to apply. 919*d5c09012SAndroid Build Coastguard Workermessage GenerateExclusivityManifestResponse { 920*d5c09012SAndroid Build Coastguard Worker // The YAML manifest of the membership CRD to apply if a newer version of the 921*d5c09012SAndroid Build Coastguard Worker // CRD is available. Empty if no update needs to be applied. 922*d5c09012SAndroid Build Coastguard Worker string crd_manifest = 1; 923*d5c09012SAndroid Build Coastguard Worker 924*d5c09012SAndroid Build Coastguard Worker // The YAML manifest of the membership CR to apply if a new version of the 925*d5c09012SAndroid Build Coastguard Worker // CR is available. Empty if no update needs to be applied. 926*d5c09012SAndroid Build Coastguard Worker string cr_manifest = 2; 927*d5c09012SAndroid Build Coastguard Worker} 928*d5c09012SAndroid Build Coastguard Worker 929*d5c09012SAndroid Build Coastguard Worker// Represents the metadata of the long-running operation. 930*d5c09012SAndroid Build Coastguard Workermessage OperationMetadata { 931*d5c09012SAndroid Build Coastguard Worker // Output only. The time the operation was created. 932*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 1 933*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 934*d5c09012SAndroid Build Coastguard Worker 935*d5c09012SAndroid Build Coastguard Worker // Output only. The time the operation finished running. 936*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp end_time = 2 937*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 938*d5c09012SAndroid Build Coastguard Worker 939*d5c09012SAndroid Build Coastguard Worker // Output only. Server-defined resource path for the target of the operation. 940*d5c09012SAndroid Build Coastguard Worker string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 941*d5c09012SAndroid Build Coastguard Worker 942*d5c09012SAndroid Build Coastguard Worker // Output only. Name of the verb executed by the operation. 943*d5c09012SAndroid Build Coastguard Worker string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 944*d5c09012SAndroid Build Coastguard Worker 945*d5c09012SAndroid Build Coastguard Worker // Output only. Human-readable status of the operation, if any. 946*d5c09012SAndroid Build Coastguard Worker string status_detail = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 947*d5c09012SAndroid Build Coastguard Worker 948*d5c09012SAndroid Build Coastguard Worker // Output only. Identifies whether the user has requested cancellation 949*d5c09012SAndroid Build Coastguard Worker // of the operation. Operations that have successfully been cancelled 950*d5c09012SAndroid Build Coastguard Worker // have [Operation.error][] value with a 951*d5c09012SAndroid Build Coastguard Worker // [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to 952*d5c09012SAndroid Build Coastguard Worker // `Code.CANCELLED`. 953*d5c09012SAndroid Build Coastguard Worker bool cancel_requested = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 954*d5c09012SAndroid Build Coastguard Worker 955*d5c09012SAndroid Build Coastguard Worker // Output only. API version used to start the operation. 956*d5c09012SAndroid Build Coastguard Worker string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; 957*d5c09012SAndroid Build Coastguard Worker} 958