1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.osconfig.v1beta; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/cloud/osconfig/v1beta/osconfig_common.proto"; 22import "google/protobuf/duration.proto"; 23import "google/protobuf/timestamp.proto"; 24 25option go_package = "cloud.google.com/go/osconfig/apiv1beta/osconfigpb;osconfigpb"; 26option java_outer_classname = "PatchJobs"; 27option java_package = "com.google.cloud.osconfig.v1beta"; 28 29// A request message to initiate patching across Compute Engine instances. 30message ExecutePatchJobRequest { 31 // Required. The project in which to run this patch in the form `projects/*` 32 string parent = 1 [(google.api.field_behavior) = REQUIRED]; 33 34 // Description of the patch job. Length of the description is limited 35 // to 1024 characters. 36 string description = 2; 37 38 // Required. Instances to patch, either explicitly or filtered by some criteria such 39 // as zone or labels. 40 PatchInstanceFilter instance_filter = 7 [(google.api.field_behavior) = REQUIRED]; 41 42 // Patch configuration being applied. If omitted, instances are 43 // patched using the default configurations. 44 PatchConfig patch_config = 4; 45 46 // Duration of the patch job. After the duration ends, the patch job 47 // times out. 48 google.protobuf.Duration duration = 5; 49 50 // If this patch is a dry-run only, instances are contacted but 51 // will do nothing. 52 bool dry_run = 6; 53 54 // Display name for this patch job. This does not have to be unique. 55 string display_name = 8; 56 57 // Rollout strategy of the patch job. 58 PatchRollout rollout = 9; 59} 60 61// Request to get an active or completed patch job. 62message GetPatchJobRequest { 63 // Required. Name of the patch in the form `projects/*/patchJobs/*` 64 string name = 1 [(google.api.field_behavior) = REQUIRED]; 65} 66 67// Request to list details for all instances that are part of a patch job. 68message ListPatchJobInstanceDetailsRequest { 69 // Required. The parent for the instances are in the form of `projects/*/patchJobs/*`. 70 string parent = 1 [(google.api.field_behavior) = REQUIRED]; 71 72 // The maximum number of instance details records to return. Default is 100. 73 int32 page_size = 2; 74 75 // A pagination token returned from a previous call 76 // that indicates where this listing should continue from. 77 string page_token = 3; 78 79 // A filter expression that filters results listed in the response. This 80 // field supports filtering results by instance zone, name, state, or 81 // `failure_reason`. 82 string filter = 4; 83} 84 85// A response message for listing the instances details for a patch job. 86message ListPatchJobInstanceDetailsResponse { 87 // A list of instance status. 88 repeated PatchJobInstanceDetails patch_job_instance_details = 1; 89 90 // A pagination token that can be used to get the next page of results. 91 string next_page_token = 2; 92} 93 94// Patch details for a VM instance. For more information about reviewing VM 95// instance details, see 96// [Listing all VM instance details for a specific patch 97// job](https://cloud.google.com/compute/docs/os-patch-management/manage-patch-jobs#list-instance-details). 98message PatchJobInstanceDetails { 99 // The instance name in the form `projects/*/zones/*/instances/*` 100 string name = 1; 101 102 // The unique identifier for the instance. This identifier is 103 // defined by the server. 104 string instance_system_id = 2; 105 106 // Current state of instance patch. 107 Instance.PatchState state = 3; 108 109 // If the patch fails, this field provides the reason. 110 string failure_reason = 4; 111 112 // The number of times the agent that the agent attempts to apply the patch. 113 int64 attempt_count = 5; 114} 115 116// A request message for listing patch jobs. 117message ListPatchJobsRequest { 118 // Required. In the form of `projects/*` 119 string parent = 1 [(google.api.field_behavior) = REQUIRED]; 120 121 // The maximum number of instance status to return. 122 int32 page_size = 2; 123 124 // A pagination token returned from a previous call 125 // that indicates where this listing should continue from. 126 string page_token = 3; 127 128 // If provided, this field specifies the criteria that must be met by patch 129 // jobs to be included in the response. 130 // Currently, filtering is only available on the patch_deployment field. 131 string filter = 4; 132} 133 134// A response message for listing patch jobs. 135message ListPatchJobsResponse { 136 // The list of patch jobs. 137 repeated PatchJob patch_jobs = 1; 138 139 // A pagination token that can be used to get the next page of results. 140 string next_page_token = 2; 141} 142 143// A high level representation of a patch job that is either in progress 144// or has completed. 145// 146// Instance details are not included in the job. To paginate through instance 147// details, use `ListPatchJobInstanceDetails`. 148// 149// For more information about patch jobs, see 150// [Creating patch 151// jobs](https://cloud.google.com/compute/docs/os-patch-management/create-patch-job). 152message PatchJob { 153 option (google.api.resource) = { 154 type: "osconfig.googleapis.com/PatchJob" 155 pattern: "projects/{project}/patchJobs/{patch_job}" 156 }; 157 158 // Enumeration of the various states a patch job passes through as it 159 // executes. 160 enum State { 161 // State must be specified. 162 STATE_UNSPECIFIED = 0; 163 164 // The patch job was successfully initiated. 165 STARTED = 1; 166 167 // The patch job is looking up instances to run the patch on. 168 INSTANCE_LOOKUP = 2; 169 170 // Instances are being patched. 171 PATCHING = 3; 172 173 // Patch job completed successfully. 174 SUCCEEDED = 4; 175 176 // Patch job completed but there were errors. 177 COMPLETED_WITH_ERRORS = 5; 178 179 // The patch job was canceled. 180 CANCELED = 6; 181 182 // The patch job timed out. 183 TIMED_OUT = 7; 184 } 185 186 // A summary of the current patch state across all instances that this patch 187 // job affects. Contains counts of instances in different states. These states 188 // map to `InstancePatchState`. List patch job instance details to see the 189 // specific states of each instance. 190 message InstanceDetailsSummary { 191 // Number of instances pending patch job. 192 int64 pending_instance_count = 1; 193 194 // Number of instances that are inactive. 195 int64 inactive_instance_count = 2; 196 197 // Number of instances notified about patch job. 198 int64 notified_instance_count = 3; 199 200 // Number of instances that have started. 201 int64 started_instance_count = 4; 202 203 // Number of instances that are downloading patches. 204 int64 downloading_patches_instance_count = 5; 205 206 // Number of instances that are applying patches. 207 int64 applying_patches_instance_count = 6; 208 209 // Number of instances rebooting. 210 int64 rebooting_instance_count = 7; 211 212 // Number of instances that have completed successfully. 213 int64 succeeded_instance_count = 8; 214 215 // Number of instances that require reboot. 216 int64 succeeded_reboot_required_instance_count = 9; 217 218 // Number of instances that failed. 219 int64 failed_instance_count = 10; 220 221 // Number of instances that have acked and will start shortly. 222 int64 acked_instance_count = 11; 223 224 // Number of instances that exceeded the time out while applying the patch. 225 int64 timed_out_instance_count = 12; 226 227 // Number of instances that are running the pre-patch step. 228 int64 pre_patch_step_instance_count = 13; 229 230 // Number of instances that are running the post-patch step. 231 int64 post_patch_step_instance_count = 14; 232 233 // Number of instances that do not appear to be running the agent. Check to 234 // ensure that the agent is installed, running, and able to communicate with 235 // the service. 236 int64 no_agent_detected_instance_count = 15; 237 } 238 239 // Unique identifier for this patch job in the form 240 // `projects/*/patchJobs/*` 241 string name = 1; 242 243 // Display name for this patch job. This is not a unique identifier. 244 string display_name = 14; 245 246 // Description of the patch job. Length of the description is limited 247 // to 1024 characters. 248 string description = 2; 249 250 // Time this patch job was created. 251 google.protobuf.Timestamp create_time = 3; 252 253 // Last time this patch job was updated. 254 google.protobuf.Timestamp update_time = 4; 255 256 // The current state of the PatchJob. 257 State state = 5; 258 259 // Instances to patch. 260 PatchInstanceFilter instance_filter = 13; 261 262 // Patch configuration being applied. 263 PatchConfig patch_config = 7; 264 265 // Duration of the patch job. After the duration ends, the 266 // patch job times out. 267 google.protobuf.Duration duration = 8; 268 269 // Summary of instance details. 270 InstanceDetailsSummary instance_details_summary = 9; 271 272 // If this patch job is a dry run, the agent reports that it has 273 // finished without running any updates on the VM instance. 274 bool dry_run = 10; 275 276 // If this patch job failed, this message provides information about the 277 // failure. 278 string error_message = 11; 279 280 // Reflects the overall progress of the patch job in the range of 281 // 0.0 being no progress to 100.0 being complete. 282 double percent_complete = 12; 283 284 // Output only. Name of the patch deployment that created this patch job. 285 string patch_deployment = 15 [(google.api.field_behavior) = OUTPUT_ONLY]; 286 287 // Rollout strategy being applied. 288 PatchRollout rollout = 16; 289} 290 291// Patch configuration specifications. Contains details on how to apply the 292// patch(es) to a VM instance. 293message PatchConfig { 294 // Post-patch reboot settings. 295 enum RebootConfig { 296 // The default behavior is DEFAULT. 297 REBOOT_CONFIG_UNSPECIFIED = 0; 298 299 // The agent decides if a reboot is necessary by checking signals such as 300 // registry keys on Windows or `/var/run/reboot-required` on APT based 301 // systems. On RPM based systems, a set of core system package install times 302 // are compared with system boot time. 303 DEFAULT = 1; 304 305 // Always reboot the machine after the update completes. 306 ALWAYS = 2; 307 308 // Never reboot the machine after the update completes. 309 NEVER = 3; 310 } 311 312 // Post-patch reboot settings. 313 RebootConfig reboot_config = 1; 314 315 // Apt update settings. Use this setting to override the default `apt` patch 316 // rules. 317 AptSettings apt = 3; 318 319 // Yum update settings. Use this setting to override the default `yum` patch 320 // rules. 321 YumSettings yum = 4; 322 323 // Goo update settings. Use this setting to override the default `goo` patch 324 // rules. 325 GooSettings goo = 5; 326 327 // Zypper update settings. Use this setting to override the default `zypper` 328 // patch rules. 329 ZypperSettings zypper = 6; 330 331 // Windows update settings. Use this override the default windows patch rules. 332 WindowsUpdateSettings windows_update = 7; 333 334 // The `ExecStep` to run before the patch update. 335 ExecStep pre_step = 8; 336 337 // The `ExecStep` to run after the patch update. 338 ExecStep post_step = 9; 339 340 // Allows the patch job to run on Managed instance groups (MIGs). 341 bool mig_instances_allowed = 10; 342} 343 344// Namespace for instance state enums. 345message Instance { 346 // Patch state of an instance. 347 enum PatchState { 348 // Unspecified. 349 PATCH_STATE_UNSPECIFIED = 0; 350 351 // The instance is not yet notified. 352 PENDING = 1; 353 354 // Instance is inactive and cannot be patched. 355 INACTIVE = 2; 356 357 // The instance is notified that it should be patched. 358 NOTIFIED = 3; 359 360 // The instance has started the patching process. 361 STARTED = 4; 362 363 // The instance is downloading patches. 364 DOWNLOADING_PATCHES = 5; 365 366 // The instance is applying patches. 367 APPLYING_PATCHES = 6; 368 369 // The instance is rebooting. 370 REBOOTING = 7; 371 372 // The instance has completed applying patches. 373 SUCCEEDED = 8; 374 375 // The instance has completed applying patches but a reboot is required. 376 SUCCEEDED_REBOOT_REQUIRED = 9; 377 378 // The instance has failed to apply the patch. 379 FAILED = 10; 380 381 // The instance acked the notification and will start shortly. 382 ACKED = 11; 383 384 // The instance exceeded the time out while applying the patch. 385 TIMED_OUT = 12; 386 387 // The instance is running the pre-patch step. 388 RUNNING_PRE_PATCH_STEP = 13; 389 390 // The instance is running the post-patch step. 391 RUNNING_POST_PATCH_STEP = 14; 392 393 // The service could not detect the presence of the agent. Check to ensure 394 // that the agent is installed, running, and able to communicate with the 395 // service. 396 NO_AGENT_DETECTED = 15; 397 } 398 399 400} 401 402// Message for canceling a patch job. 403message CancelPatchJobRequest { 404 // Required. Name of the patch in the form `projects/*/patchJobs/*` 405 string name = 1 [(google.api.field_behavior) = REQUIRED]; 406} 407 408// Apt patching is completed by executing `apt-get update && apt-get 409// upgrade`. Additional options can be set to control how this is executed. 410message AptSettings { 411 // Apt patch type. 412 enum Type { 413 // By default, upgrade will be performed. 414 TYPE_UNSPECIFIED = 0; 415 416 // Runs `apt-get dist-upgrade`. 417 DIST = 1; 418 419 // Runs `apt-get upgrade`. 420 UPGRADE = 2; 421 } 422 423 // By changing the type to DIST, the patching is performed 424 // using `apt-get dist-upgrade` instead. 425 Type type = 1; 426 427 // List of packages to exclude from update. These packages will be excluded 428 repeated string excludes = 2; 429 430 // An exclusive list of packages to be updated. These are the only packages 431 // that will be updated. If these packages are not installed, they will be 432 // ignored. This field cannot be specified with any other patch configuration 433 // fields. 434 repeated string exclusive_packages = 3; 435} 436 437// Yum patching is performed by executing `yum update`. Additional options 438// can be set to control how this is executed. 439// 440// Note that not all settings are supported on all platforms. 441message YumSettings { 442 // Adds the `--security` flag to `yum update`. Not supported on 443 // all platforms. 444 bool security = 1; 445 446 // Will cause patch to run `yum update-minimal` instead. 447 bool minimal = 2; 448 449 // List of packages to exclude from update. These packages are excluded by 450 // using the yum `--exclude` flag. 451 repeated string excludes = 3; 452 453 // An exclusive list of packages to be updated. These are the only packages 454 // that will be updated. If these packages are not installed, they will be 455 // ignored. This field must not be specified with any other patch 456 // configuration fields. 457 repeated string exclusive_packages = 4; 458} 459 460// Googet patching is performed by running `googet update`. 461message GooSettings { 462 463} 464 465// Zypper patching is performed by running `zypper patch`. 466// See also https://en.opensuse.org/SDB:Zypper_manual. 467message ZypperSettings { 468 // Adds the `--with-optional` flag to `zypper patch`. 469 bool with_optional = 1; 470 471 // Adds the `--with-update` flag, to `zypper patch`. 472 bool with_update = 2; 473 474 // Install only patches with these categories. 475 // Common categories include security, recommended, and feature. 476 repeated string categories = 3; 477 478 // Install only patches with these severities. 479 // Common severities include critical, important, moderate, and low. 480 repeated string severities = 4; 481 482 // List of patches to exclude from update. 483 repeated string excludes = 5; 484 485 // An exclusive list of patches to be updated. These are the only patches 486 // that will be installed using 'zypper patch patch:<patch_name>' command. 487 // This field must not be used with any other patch configuration fields. 488 repeated string exclusive_patches = 6; 489} 490 491// Windows patching is performed using the Windows Update Agent. 492message WindowsUpdateSettings { 493 // Microsoft Windows update classifications as defined in 494 // [1] 495 // https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro 496 enum Classification { 497 // Invalid. If classifications are included, they must be specified. 498 CLASSIFICATION_UNSPECIFIED = 0; 499 500 // "A widely released fix for a specific problem that addresses a critical, 501 // non-security-related bug." [1] 502 CRITICAL = 1; 503 504 // "A widely released fix for a product-specific, security-related 505 // vulnerability. Security vulnerabilities are rated by their severity. The 506 // severity rating is indicated in the Microsoft security bulletin as 507 // critical, important, moderate, or low." [1] 508 SECURITY = 2; 509 510 // "A widely released and frequent software update that contains additions 511 // to a product's definition database. Definition databases are often used 512 // to detect objects that have specific attributes, such as malicious code, 513 // phishing websites, or junk mail." [1] 514 DEFINITION = 3; 515 516 // "Software that controls the input and output of a device." [1] 517 DRIVER = 4; 518 519 // "New product functionality that is first distributed outside the context 520 // of a product release and that is typically included in the next full 521 // product release." [1] 522 FEATURE_PACK = 5; 523 524 // "A tested, cumulative set of all hotfixes, security updates, critical 525 // updates, and updates. Additionally, service packs may contain additional 526 // fixes for problems that are found internally since the release of the 527 // product. Service packs my also contain a limited number of 528 // customer-requested design changes or features." [1] 529 SERVICE_PACK = 6; 530 531 // "A utility or feature that helps complete a task or set of tasks." [1] 532 TOOL = 7; 533 534 // "A tested, cumulative set of hotfixes, security updates, critical 535 // updates, and updates that are packaged together for easy deployment. A 536 // rollup generally targets a specific area, such as security, or a 537 // component of a product, such as Internet Information Services (IIS)." [1] 538 UPDATE_ROLLUP = 8; 539 540 // "A widely released fix for a specific problem. An update addresses a 541 // noncritical, non-security-related bug." [1] 542 UPDATE = 9; 543 } 544 545 // Only apply updates of these windows update classifications. If empty, all 546 // updates are applied. 547 repeated Classification classifications = 1; 548 549 // List of KBs to exclude from update. 550 repeated string excludes = 2; 551 552 // An exclusive list of kbs to be updated. These are the only patches 553 // that will be updated. This field must not be used with other 554 // patch configurations. 555 repeated string exclusive_patches = 3; 556} 557 558// A step that runs an executable for a PatchJob. 559message ExecStep { 560 // The ExecStepConfig for all Linux VMs targeted by the PatchJob. 561 ExecStepConfig linux_exec_step_config = 1; 562 563 // The ExecStepConfig for all Windows VMs targeted by the PatchJob. 564 ExecStepConfig windows_exec_step_config = 2; 565} 566 567// Common configurations for an ExecStep. 568message ExecStepConfig { 569 // The interpreter used to execute the a file. 570 enum Interpreter { 571 // Invalid for a Windows ExecStepConfig. For a Linux ExecStepConfig, the 572 // interpreter will be parsed from the shebang line of the script if 573 // unspecified. 574 INTERPRETER_UNSPECIFIED = 0; 575 576 // Indicates that the script is run with `/bin/sh` on Linux and `cmd` 577 // on Windows. 578 SHELL = 1; 579 580 // Indicates that the file is run with PowerShell flags 581 // `-NonInteractive`, `-NoProfile`, and `-ExecutionPolicy Bypass`. 582 POWERSHELL = 2; 583 } 584 585 // Location of the executable. 586 oneof executable { 587 // An absolute path to the executable on the VM. 588 string local_path = 1; 589 590 // A Google Cloud Storage object containing the executable. 591 GcsObject gcs_object = 2; 592 } 593 594 // Defaults to [0]. A list of possible return values that the 595 // execution can return to indicate a success. 596 repeated int32 allowed_success_codes = 3; 597 598 // The script interpreter to use to run the script. If no interpreter is 599 // specified the script will be executed directly, which will likely 600 // only succeed for scripts with [shebang lines] 601 // (https://en.wikipedia.org/wiki/Shebang_\(Unix\)). 602 Interpreter interpreter = 4; 603} 604 605// Google Cloud Storage object representation. 606message GcsObject { 607 // Required. Bucket of the Google Cloud Storage object. 608 string bucket = 1 [(google.api.field_behavior) = REQUIRED]; 609 610 // Required. Name of the Google Cloud Storage object. 611 string object = 2 [(google.api.field_behavior) = REQUIRED]; 612 613 // Required. Generation number of the Google Cloud Storage object. This is used to 614 // ensure that the ExecStep specified by this PatchJob does not change. 615 int64 generation_number = 3 [(google.api.field_behavior) = REQUIRED]; 616} 617 618// A filter to target VM instances for patching. The targeted 619// VMs must meet all criteria specified. So if both labels and zones are 620// specified, the patch job targets only VMs with those labels and in those 621// zones. 622message PatchInstanceFilter { 623 // Represents a group of VMs that can be identified as having all these 624 // labels, for example "env=prod and app=web". 625 message GroupLabel { 626 // Compute Engine instance labels that must be present for a VM instance to 627 // be targeted by this filter. 628 map<string, string> labels = 1; 629 } 630 631 // Target all VM instances in the project. If true, no other criteria is 632 // permitted. 633 bool all = 1; 634 635 // Targets VM instances matching at least one of these label sets. This allows 636 // targeting of disparate groups, for example "env=prod or env=staging". 637 repeated GroupLabel group_labels = 2; 638 639 // Targets VM instances in ANY of these zones. Leave empty to target VM 640 // instances in any zone. 641 repeated string zones = 3; 642 643 // Targets any of the VM instances specified. Instances are specified by their 644 // URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`, 645 // `projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]`, or 646 // `https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]` 647 repeated string instances = 4; 648 649 // Targets VMs whose name starts with one of these prefixes. Similar to 650 // labels, this is another way to group VMs when targeting configs, for 651 // example prefix="prod-". 652 repeated string instance_name_prefixes = 5; 653} 654 655// Patch rollout configuration specifications. Contains details on the 656// concurrency control when applying patch(es) to all targeted VMs. 657message PatchRollout { 658 // Type of the rollout. 659 enum Mode { 660 // Mode must be specified. 661 MODE_UNSPECIFIED = 0; 662 663 // Patches are applied one zone at a time. The patch job begins in the 664 // region with the lowest number of targeted VMs. Within the region, 665 // patching begins in the zone with the lowest number of targeted VMs. If 666 // multiple regions (or zones within a region) have the same number of 667 // targeted VMs, a tie-breaker is achieved by sorting the regions or zones 668 // in alphabetical order. 669 ZONE_BY_ZONE = 1; 670 671 // Patches are applied to VMs in all zones at the same time. 672 CONCURRENT_ZONES = 2; 673 } 674 675 // Mode of the patch rollout. 676 Mode mode = 1; 677 678 // The maximum number (or percentage) of VMs per zone to disrupt at any given 679 // moment. The number of VMs calculated from multiplying the percentage by the 680 // total number of VMs in a zone is rounded up. 681 // 682 // During patching, a VM is considered disrupted from the time the agent is 683 // notified to begin until patching has completed. This disruption time 684 // includes the time to complete reboot and any post-patch steps. 685 // 686 // A VM contributes to the disruption budget if its patching operation fails 687 // either when applying the patches, running pre or post patch steps, or if it 688 // fails to respond with a success notification before timing out. VMs that 689 // are not running or do not have an active agent do not count toward this 690 // disruption budget. 691 // 692 // For zone-by-zone rollouts, if the disruption budget in a zone is exceeded, 693 // the patch job stops, because continuing to the next zone requires 694 // completion of the patch process in the previous zone. 695 // 696 // For example, if the disruption budget has a fixed value of `10`, and 8 VMs 697 // fail to patch in the current zone, the patch job continues to patch 2 VMs 698 // at a time until the zone is completed. When that zone is completed 699 // successfully, patching begins with 10 VMs at a time in the next zone. If 10 700 // VMs in the next zone fail to patch, the patch job stops. 701 FixedOrPercent disruption_budget = 2; 702} 703