1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.run.v2; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/field_behavior.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 21*d5c09012SAndroid Build Coastguard Worker 22*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/run/apiv2/runpb;runpb"; 23*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 24*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "K8sMinProto"; 25*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.run.v2"; 26*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 27*d5c09012SAndroid Build Coastguard Worker type: "cloudkms.googleapis.com/CryptoKey" 28*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" 29*d5c09012SAndroid Build Coastguard Worker}; 30*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 31*d5c09012SAndroid Build Coastguard Worker type: "secretmanager.googleapis.com/Secret" 32*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/secrets/{secret}" 33*d5c09012SAndroid Build Coastguard Worker}; 34*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 35*d5c09012SAndroid Build Coastguard Worker type: "secretmanager.googleapis.com/SecretVersion" 36*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/secrets/{secret}/versions/{version}" 37*d5c09012SAndroid Build Coastguard Worker}; 38*d5c09012SAndroid Build Coastguard Workeroption (google.api.resource_definition) = { 39*d5c09012SAndroid Build Coastguard Worker type: "vpcaccess.googleapis.com/Connector" 40*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/connectors/{connector}" 41*d5c09012SAndroid Build Coastguard Worker}; 42*d5c09012SAndroid Build Coastguard Worker 43*d5c09012SAndroid Build Coastguard Worker// A single application container. 44*d5c09012SAndroid Build Coastguard Worker// This specifies both the container to run, the command to run in the container 45*d5c09012SAndroid Build Coastguard Worker// and the arguments to supply to it. 46*d5c09012SAndroid Build Coastguard Worker// Note that additional arguments can be supplied by the system to the container 47*d5c09012SAndroid Build Coastguard Worker// at runtime. 48*d5c09012SAndroid Build Coastguard Workermessage Container { 49*d5c09012SAndroid Build Coastguard Worker // Name of the container specified as a DNS_LABEL (RFC 1123). 50*d5c09012SAndroid Build Coastguard Worker string name = 1; 51*d5c09012SAndroid Build Coastguard Worker 52*d5c09012SAndroid Build Coastguard Worker // Required. Name of the container image in Dockerhub, Google Artifact 53*d5c09012SAndroid Build Coastguard Worker // Registry, or Google Container Registry. If the host is not provided, 54*d5c09012SAndroid Build Coastguard Worker // Dockerhub is assumed. 55*d5c09012SAndroid Build Coastguard Worker string image = 2 [(google.api.field_behavior) = REQUIRED]; 56*d5c09012SAndroid Build Coastguard Worker 57*d5c09012SAndroid Build Coastguard Worker // Entrypoint array. Not executed within a shell. 58*d5c09012SAndroid Build Coastguard Worker // The docker image's ENTRYPOINT is used if this is not provided. 59*d5c09012SAndroid Build Coastguard Worker repeated string command = 3; 60*d5c09012SAndroid Build Coastguard Worker 61*d5c09012SAndroid Build Coastguard Worker // Arguments to the entrypoint. 62*d5c09012SAndroid Build Coastguard Worker // The docker image's CMD is used if this is not provided. 63*d5c09012SAndroid Build Coastguard Worker repeated string args = 4; 64*d5c09012SAndroid Build Coastguard Worker 65*d5c09012SAndroid Build Coastguard Worker // List of environment variables to set in the container. 66*d5c09012SAndroid Build Coastguard Worker repeated EnvVar env = 5; 67*d5c09012SAndroid Build Coastguard Worker 68*d5c09012SAndroid Build Coastguard Worker // Compute Resource requirements by this container. 69*d5c09012SAndroid Build Coastguard Worker ResourceRequirements resources = 6; 70*d5c09012SAndroid Build Coastguard Worker 71*d5c09012SAndroid Build Coastguard Worker // List of ports to expose from the container. Only a single port can be 72*d5c09012SAndroid Build Coastguard Worker // specified. The specified ports must be listening on all interfaces 73*d5c09012SAndroid Build Coastguard Worker // (0.0.0.0) within the container to be accessible. 74*d5c09012SAndroid Build Coastguard Worker // 75*d5c09012SAndroid Build Coastguard Worker // If omitted, a port number will be chosen and passed to the container 76*d5c09012SAndroid Build Coastguard Worker // through the PORT environment variable for the container to listen on. 77*d5c09012SAndroid Build Coastguard Worker repeated ContainerPort ports = 7; 78*d5c09012SAndroid Build Coastguard Worker 79*d5c09012SAndroid Build Coastguard Worker // Volume to mount into the container's filesystem. 80*d5c09012SAndroid Build Coastguard Worker repeated VolumeMount volume_mounts = 8; 81*d5c09012SAndroid Build Coastguard Worker 82*d5c09012SAndroid Build Coastguard Worker // Container's working directory. 83*d5c09012SAndroid Build Coastguard Worker // If not specified, the container runtime's default will be used, which 84*d5c09012SAndroid Build Coastguard Worker // might be configured in the container image. 85*d5c09012SAndroid Build Coastguard Worker string working_dir = 9; 86*d5c09012SAndroid Build Coastguard Worker 87*d5c09012SAndroid Build Coastguard Worker // Periodic probe of container liveness. 88*d5c09012SAndroid Build Coastguard Worker // Container will be restarted if the probe fails. 89*d5c09012SAndroid Build Coastguard Worker Probe liveness_probe = 10; 90*d5c09012SAndroid Build Coastguard Worker 91*d5c09012SAndroid Build Coastguard Worker // Startup probe of application within the container. 92*d5c09012SAndroid Build Coastguard Worker // All other probes are disabled if a startup probe is provided, until it 93*d5c09012SAndroid Build Coastguard Worker // succeeds. Container will not be added to service endpoints if the probe 94*d5c09012SAndroid Build Coastguard Worker // fails. 95*d5c09012SAndroid Build Coastguard Worker Probe startup_probe = 11; 96*d5c09012SAndroid Build Coastguard Worker 97*d5c09012SAndroid Build Coastguard Worker // Names of the containers that must start before this container. 98*d5c09012SAndroid Build Coastguard Worker repeated string depends_on = 12; 99*d5c09012SAndroid Build Coastguard Worker} 100*d5c09012SAndroid Build Coastguard Worker 101*d5c09012SAndroid Build Coastguard Worker// ResourceRequirements describes the compute resource requirements. 102*d5c09012SAndroid Build Coastguard Workermessage ResourceRequirements { 103*d5c09012SAndroid Build Coastguard Worker // Only `memory` and `cpu` keys in the map are supported. 104*d5c09012SAndroid Build Coastguard Worker // 105*d5c09012SAndroid Build Coastguard Worker // <p>Notes: 106*d5c09012SAndroid Build Coastguard Worker // * The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 107*d5c09012SAndroid Build Coastguard Worker // CPU requires at least 2Gi of memory. For more information, go to 108*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/run/docs/configuring/cpu. 109*d5c09012SAndroid Build Coastguard Worker // * For supported 'memory' values and syntax, go to 110*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/run/docs/configuring/memory-limits 111*d5c09012SAndroid Build Coastguard Worker map<string, string> limits = 1; 112*d5c09012SAndroid Build Coastguard Worker 113*d5c09012SAndroid Build Coastguard Worker // Determines whether CPU is only allocated during requests (true by default). 114*d5c09012SAndroid Build Coastguard Worker // However, if ResourceRequirements is set, the caller must explicitly 115*d5c09012SAndroid Build Coastguard Worker // set this field to true to preserve the default behavior. 116*d5c09012SAndroid Build Coastguard Worker bool cpu_idle = 2; 117*d5c09012SAndroid Build Coastguard Worker 118*d5c09012SAndroid Build Coastguard Worker // Determines whether CPU should be boosted on startup of a new container 119*d5c09012SAndroid Build Coastguard Worker // instance above the requested CPU threshold, this can help reduce cold-start 120*d5c09012SAndroid Build Coastguard Worker // latency. 121*d5c09012SAndroid Build Coastguard Worker bool startup_cpu_boost = 3; 122*d5c09012SAndroid Build Coastguard Worker} 123*d5c09012SAndroid Build Coastguard Worker 124*d5c09012SAndroid Build Coastguard Worker// EnvVar represents an environment variable present in a Container. 125*d5c09012SAndroid Build Coastguard Workermessage EnvVar { 126*d5c09012SAndroid Build Coastguard Worker // Required. Name of the environment variable. Must not exceed 32768 127*d5c09012SAndroid Build Coastguard Worker // characters. 128*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = REQUIRED]; 129*d5c09012SAndroid Build Coastguard Worker 130*d5c09012SAndroid Build Coastguard Worker oneof values { 131*d5c09012SAndroid Build Coastguard Worker // Variable references $(VAR_NAME) are expanded 132*d5c09012SAndroid Build Coastguard Worker // using the previous defined environment variables in the container and 133*d5c09012SAndroid Build Coastguard Worker // any route environment variables. If a variable cannot be resolved, 134*d5c09012SAndroid Build Coastguard Worker // the reference in the input string will be unchanged. The $(VAR_NAME) 135*d5c09012SAndroid Build Coastguard Worker // syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped 136*d5c09012SAndroid Build Coastguard Worker // references will never be expanded, regardless of whether the variable 137*d5c09012SAndroid Build Coastguard Worker // exists or not. 138*d5c09012SAndroid Build Coastguard Worker // Defaults to "", and the maximum length is 32768 bytes. 139*d5c09012SAndroid Build Coastguard Worker string value = 2; 140*d5c09012SAndroid Build Coastguard Worker 141*d5c09012SAndroid Build Coastguard Worker // Source for the environment variable's value. 142*d5c09012SAndroid Build Coastguard Worker EnvVarSource value_source = 3; 143*d5c09012SAndroid Build Coastguard Worker } 144*d5c09012SAndroid Build Coastguard Worker} 145*d5c09012SAndroid Build Coastguard Worker 146*d5c09012SAndroid Build Coastguard Worker// EnvVarSource represents a source for the value of an EnvVar. 147*d5c09012SAndroid Build Coastguard Workermessage EnvVarSource { 148*d5c09012SAndroid Build Coastguard Worker // Selects a secret and a specific version from Cloud Secret Manager. 149*d5c09012SAndroid Build Coastguard Worker SecretKeySelector secret_key_ref = 1; 150*d5c09012SAndroid Build Coastguard Worker} 151*d5c09012SAndroid Build Coastguard Worker 152*d5c09012SAndroid Build Coastguard Worker// SecretEnvVarSource represents a source for the value of an EnvVar. 153*d5c09012SAndroid Build Coastguard Workermessage SecretKeySelector { 154*d5c09012SAndroid Build Coastguard Worker // Required. The name of the secret in Cloud Secret Manager. 155*d5c09012SAndroid Build Coastguard Worker // Format: {secret_name} if the secret is in the same project. 156*d5c09012SAndroid Build Coastguard Worker // projects/{project}/secrets/{secret_name} if the secret is 157*d5c09012SAndroid Build Coastguard Worker // in a different project. 158*d5c09012SAndroid Build Coastguard Worker string secret = 1 [ 159*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 160*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 161*d5c09012SAndroid Build Coastguard Worker type: "secretmanager.googleapis.com/Secret" 162*d5c09012SAndroid Build Coastguard Worker } 163*d5c09012SAndroid Build Coastguard Worker ]; 164*d5c09012SAndroid Build Coastguard Worker 165*d5c09012SAndroid Build Coastguard Worker // The Cloud Secret Manager secret version. 166*d5c09012SAndroid Build Coastguard Worker // Can be 'latest' for the latest version, an integer for a specific version, 167*d5c09012SAndroid Build Coastguard Worker // or a version alias. 168*d5c09012SAndroid Build Coastguard Worker string version = 2 [(google.api.resource_reference) = { 169*d5c09012SAndroid Build Coastguard Worker type: "secretmanager.googleapis.com/SecretVersion" 170*d5c09012SAndroid Build Coastguard Worker }]; 171*d5c09012SAndroid Build Coastguard Worker} 172*d5c09012SAndroid Build Coastguard Worker 173*d5c09012SAndroid Build Coastguard Worker// ContainerPort represents a network port in a single container. 174*d5c09012SAndroid Build Coastguard Workermessage ContainerPort { 175*d5c09012SAndroid Build Coastguard Worker // If specified, used to specify which protocol to use. 176*d5c09012SAndroid Build Coastguard Worker // Allowed values are "http1" and "h2c". 177*d5c09012SAndroid Build Coastguard Worker string name = 1; 178*d5c09012SAndroid Build Coastguard Worker 179*d5c09012SAndroid Build Coastguard Worker // Port number the container listens on. 180*d5c09012SAndroid Build Coastguard Worker // This must be a valid TCP port number, 0 < container_port < 65536. 181*d5c09012SAndroid Build Coastguard Worker int32 container_port = 3; 182*d5c09012SAndroid Build Coastguard Worker} 183*d5c09012SAndroid Build Coastguard Worker 184*d5c09012SAndroid Build Coastguard Worker// VolumeMount describes a mounting of a Volume within a container. 185*d5c09012SAndroid Build Coastguard Workermessage VolumeMount { 186*d5c09012SAndroid Build Coastguard Worker // Required. This must match the Name of a Volume. 187*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = REQUIRED]; 188*d5c09012SAndroid Build Coastguard Worker 189*d5c09012SAndroid Build Coastguard Worker // Required. Path within the container at which the volume should be mounted. 190*d5c09012SAndroid Build Coastguard Worker // Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must 191*d5c09012SAndroid Build Coastguard Worker // otherwise be `/cloudsql`. All instances defined in the Volume will be 192*d5c09012SAndroid Build Coastguard Worker // available as `/cloudsql/[instance]`. For more information on Cloud SQL 193*d5c09012SAndroid Build Coastguard Worker // volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run 194*d5c09012SAndroid Build Coastguard Worker string mount_path = 3 [(google.api.field_behavior) = REQUIRED]; 195*d5c09012SAndroid Build Coastguard Worker} 196*d5c09012SAndroid Build Coastguard Worker 197*d5c09012SAndroid Build Coastguard Worker// Volume represents a named volume in a container. 198*d5c09012SAndroid Build Coastguard Workermessage Volume { 199*d5c09012SAndroid Build Coastguard Worker // Required. Volume's name. 200*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = REQUIRED]; 201*d5c09012SAndroid Build Coastguard Worker 202*d5c09012SAndroid Build Coastguard Worker oneof volume_type { 203*d5c09012SAndroid Build Coastguard Worker // Secret represents a secret that should populate this volume. 204*d5c09012SAndroid Build Coastguard Worker SecretVolumeSource secret = 2; 205*d5c09012SAndroid Build Coastguard Worker 206*d5c09012SAndroid Build Coastguard Worker // For Cloud SQL volumes, contains the specific instances that should be 207*d5c09012SAndroid Build Coastguard Worker // mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for 208*d5c09012SAndroid Build Coastguard Worker // more information on how to connect Cloud SQL and Cloud Run. 209*d5c09012SAndroid Build Coastguard Worker CloudSqlInstance cloud_sql_instance = 3; 210*d5c09012SAndroid Build Coastguard Worker 211*d5c09012SAndroid Build Coastguard Worker // Ephemeral storage used as a shared volume. 212*d5c09012SAndroid Build Coastguard Worker EmptyDirVolumeSource empty_dir = 4; 213*d5c09012SAndroid Build Coastguard Worker 214*d5c09012SAndroid Build Coastguard Worker // For NFS Voumes, contains the path to the nfs Volume 215*d5c09012SAndroid Build Coastguard Worker NFSVolumeSource nfs = 5; 216*d5c09012SAndroid Build Coastguard Worker 217*d5c09012SAndroid Build Coastguard Worker // Persistent storage backed by a Google Cloud Storage bucket. 218*d5c09012SAndroid Build Coastguard Worker GCSVolumeSource gcs = 6; 219*d5c09012SAndroid Build Coastguard Worker } 220*d5c09012SAndroid Build Coastguard Worker} 221*d5c09012SAndroid Build Coastguard Worker 222*d5c09012SAndroid Build Coastguard Worker// The secret's value will be presented as the content of a file whose 223*d5c09012SAndroid Build Coastguard Worker// name is defined in the item path. If no items are defined, the name of 224*d5c09012SAndroid Build Coastguard Worker// the file is the secret. 225*d5c09012SAndroid Build Coastguard Workermessage SecretVolumeSource { 226*d5c09012SAndroid Build Coastguard Worker // Required. The name of the secret in Cloud Secret Manager. 227*d5c09012SAndroid Build Coastguard Worker // Format: {secret} if the secret is in the same project. 228*d5c09012SAndroid Build Coastguard Worker // projects/{project}/secrets/{secret} if the secret is 229*d5c09012SAndroid Build Coastguard Worker // in a different project. 230*d5c09012SAndroid Build Coastguard Worker string secret = 1 [(google.api.field_behavior) = REQUIRED]; 231*d5c09012SAndroid Build Coastguard Worker 232*d5c09012SAndroid Build Coastguard Worker // If unspecified, the volume will expose a file whose name is the 233*d5c09012SAndroid Build Coastguard Worker // secret, relative to VolumeMount.mount_path. 234*d5c09012SAndroid Build Coastguard Worker // If specified, the key will be used as the version to fetch from Cloud 235*d5c09012SAndroid Build Coastguard Worker // Secret Manager and the path will be the name of the file exposed in the 236*d5c09012SAndroid Build Coastguard Worker // volume. When items are defined, they must specify a path and a version. 237*d5c09012SAndroid Build Coastguard Worker repeated VersionToPath items = 2; 238*d5c09012SAndroid Build Coastguard Worker 239*d5c09012SAndroid Build Coastguard Worker // Integer representation of mode bits to use on created files by default. 240*d5c09012SAndroid Build Coastguard Worker // Must be a value between 0000 and 0777 (octal), defaulting to 0444. 241*d5c09012SAndroid Build Coastguard Worker // Directories within the path are not affected by this setting. 242*d5c09012SAndroid Build Coastguard Worker // 243*d5c09012SAndroid Build Coastguard Worker // Notes 244*d5c09012SAndroid Build Coastguard Worker // 245*d5c09012SAndroid Build Coastguard Worker // * Internally, a umask of 0222 will be applied to any non-zero value. 246*d5c09012SAndroid Build Coastguard Worker // * This is an integer representation of the mode bits. So, the octal 247*d5c09012SAndroid Build Coastguard Worker // integer value should look exactly as the chmod numeric notation with a 248*d5c09012SAndroid Build Coastguard Worker // leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 249*d5c09012SAndroid Build Coastguard Worker // 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 250*d5c09012SAndroid Build Coastguard Worker // 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 251*d5c09012SAndroid Build Coastguard Worker // (base-10). 252*d5c09012SAndroid Build Coastguard Worker // * This might be in conflict with other options that affect the 253*d5c09012SAndroid Build Coastguard Worker // file mode, like fsGroup, and the result can be other mode bits set. 254*d5c09012SAndroid Build Coastguard Worker // 255*d5c09012SAndroid Build Coastguard Worker // This might be in conflict with other options that affect the 256*d5c09012SAndroid Build Coastguard Worker // file mode, like fsGroup, and as a result, other mode bits could be set. 257*d5c09012SAndroid Build Coastguard Worker int32 default_mode = 3; 258*d5c09012SAndroid Build Coastguard Worker} 259*d5c09012SAndroid Build Coastguard Worker 260*d5c09012SAndroid Build Coastguard Worker// VersionToPath maps a specific version of a secret to a relative file to mount 261*d5c09012SAndroid Build Coastguard Worker// to, relative to VolumeMount's mount_path. 262*d5c09012SAndroid Build Coastguard Workermessage VersionToPath { 263*d5c09012SAndroid Build Coastguard Worker // Required. The relative path of the secret in the container. 264*d5c09012SAndroid Build Coastguard Worker string path = 1 [(google.api.field_behavior) = REQUIRED]; 265*d5c09012SAndroid Build Coastguard Worker 266*d5c09012SAndroid Build Coastguard Worker // The Cloud Secret Manager secret version. 267*d5c09012SAndroid Build Coastguard Worker // Can be 'latest' for the latest value, or an integer or a secret alias for a 268*d5c09012SAndroid Build Coastguard Worker // specific version. 269*d5c09012SAndroid Build Coastguard Worker string version = 2; 270*d5c09012SAndroid Build Coastguard Worker 271*d5c09012SAndroid Build Coastguard Worker // Integer octal mode bits to use on this file, must be a value between 272*d5c09012SAndroid Build Coastguard Worker // 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be 273*d5c09012SAndroid Build Coastguard Worker // used. 274*d5c09012SAndroid Build Coastguard Worker // 275*d5c09012SAndroid Build Coastguard Worker // Notes 276*d5c09012SAndroid Build Coastguard Worker // 277*d5c09012SAndroid Build Coastguard Worker // * Internally, a umask of 0222 will be applied to any non-zero value. 278*d5c09012SAndroid Build Coastguard Worker // * This is an integer representation of the mode bits. So, the octal 279*d5c09012SAndroid Build Coastguard Worker // integer value should look exactly as the chmod numeric notation with a 280*d5c09012SAndroid Build Coastguard Worker // leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 281*d5c09012SAndroid Build Coastguard Worker // 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 282*d5c09012SAndroid Build Coastguard Worker // 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 283*d5c09012SAndroid Build Coastguard Worker // (base-10). 284*d5c09012SAndroid Build Coastguard Worker // * This might be in conflict with other options that affect the 285*d5c09012SAndroid Build Coastguard Worker // file mode, like fsGroup, and the result can be other mode bits set. 286*d5c09012SAndroid Build Coastguard Worker int32 mode = 3; 287*d5c09012SAndroid Build Coastguard Worker} 288*d5c09012SAndroid Build Coastguard Worker 289*d5c09012SAndroid Build Coastguard Worker// Represents a set of Cloud SQL instances. Each one will be available under 290*d5c09012SAndroid Build Coastguard Worker// /cloudsql/[instance]. Visit 291*d5c09012SAndroid Build Coastguard Worker// https://cloud.google.com/sql/docs/mysql/connect-run for more information on 292*d5c09012SAndroid Build Coastguard Worker// how to connect Cloud SQL and Cloud Run. 293*d5c09012SAndroid Build Coastguard Workermessage CloudSqlInstance { 294*d5c09012SAndroid Build Coastguard Worker // The Cloud SQL instance connection names, as can be found in 295*d5c09012SAndroid Build Coastguard Worker // https://console.cloud.google.com/sql/instances. Visit 296*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/sql/docs/mysql/connect-run for more information on 297*d5c09012SAndroid Build Coastguard Worker // how to connect Cloud SQL and Cloud Run. Format: 298*d5c09012SAndroid Build Coastguard Worker // {project}:{location}:{instance} 299*d5c09012SAndroid Build Coastguard Worker repeated string instances = 1; 300*d5c09012SAndroid Build Coastguard Worker} 301*d5c09012SAndroid Build Coastguard Worker 302*d5c09012SAndroid Build Coastguard Worker// In memory (tmpfs) ephemeral storage. 303*d5c09012SAndroid Build Coastguard Worker// It is ephemeral in the sense that when the sandbox is taken down, the data is 304*d5c09012SAndroid Build Coastguard Worker// destroyed with it (it does not persist across sandbox runs). 305*d5c09012SAndroid Build Coastguard Workermessage EmptyDirVolumeSource { 306*d5c09012SAndroid Build Coastguard Worker // The different types of medium supported for EmptyDir. 307*d5c09012SAndroid Build Coastguard Worker enum Medium { 308*d5c09012SAndroid Build Coastguard Worker // When not specified, falls back to the default implementation which 309*d5c09012SAndroid Build Coastguard Worker // is currently in memory (this may change over time). 310*d5c09012SAndroid Build Coastguard Worker MEDIUM_UNSPECIFIED = 0; 311*d5c09012SAndroid Build Coastguard Worker 312*d5c09012SAndroid Build Coastguard Worker // Explicitly set the EmptyDir to be in memory. Uses tmpfs. 313*d5c09012SAndroid Build Coastguard Worker MEMORY = 1; 314*d5c09012SAndroid Build Coastguard Worker } 315*d5c09012SAndroid Build Coastguard Worker 316*d5c09012SAndroid Build Coastguard Worker // The medium on which the data is stored. Acceptable values today is only 317*d5c09012SAndroid Build Coastguard Worker // MEMORY or none. When none, the default will currently be backed by memory 318*d5c09012SAndroid Build Coastguard Worker // but could change over time. +optional 319*d5c09012SAndroid Build Coastguard Worker Medium medium = 1; 320*d5c09012SAndroid Build Coastguard Worker 321*d5c09012SAndroid Build Coastguard Worker // Limit on the storage usable by this EmptyDir volume. 322*d5c09012SAndroid Build Coastguard Worker // The size limit is also applicable for memory medium. 323*d5c09012SAndroid Build Coastguard Worker // The maximum usage on memory medium EmptyDir would be the minimum value 324*d5c09012SAndroid Build Coastguard Worker // between the SizeLimit specified here and the sum of memory limits of all 325*d5c09012SAndroid Build Coastguard Worker // containers. The default is nil which means that the limit is undefined. 326*d5c09012SAndroid Build Coastguard Worker // More info: 327*d5c09012SAndroid Build Coastguard Worker // https://cloud.google.com/run/docs/configuring/in-memory-volumes#configure-volume. 328*d5c09012SAndroid Build Coastguard Worker // Info in Kubernetes: 329*d5c09012SAndroid Build Coastguard Worker // https://kubernetes.io/docs/concepts/storage/volumes/#emptydir 330*d5c09012SAndroid Build Coastguard Worker string size_limit = 2; 331*d5c09012SAndroid Build Coastguard Worker} 332*d5c09012SAndroid Build Coastguard Worker 333*d5c09012SAndroid Build Coastguard Worker// Represents an NFS mount. 334*d5c09012SAndroid Build Coastguard Workermessage NFSVolumeSource { 335*d5c09012SAndroid Build Coastguard Worker // Hostname or IP address of the NFS server 336*d5c09012SAndroid Build Coastguard Worker string server = 1; 337*d5c09012SAndroid Build Coastguard Worker 338*d5c09012SAndroid Build Coastguard Worker // Path that is exported by the NFS server. 339*d5c09012SAndroid Build Coastguard Worker string path = 2; 340*d5c09012SAndroid Build Coastguard Worker 341*d5c09012SAndroid Build Coastguard Worker // If true, mount the NFS volume as read only 342*d5c09012SAndroid Build Coastguard Worker bool read_only = 3; 343*d5c09012SAndroid Build Coastguard Worker} 344*d5c09012SAndroid Build Coastguard Worker 345*d5c09012SAndroid Build Coastguard Worker// Represents a GCS Bucket mounted as a volume. 346*d5c09012SAndroid Build Coastguard Workermessage GCSVolumeSource { 347*d5c09012SAndroid Build Coastguard Worker // GCS Bucket name 348*d5c09012SAndroid Build Coastguard Worker string bucket = 1; 349*d5c09012SAndroid Build Coastguard Worker 350*d5c09012SAndroid Build Coastguard Worker // If true, mount the GCS bucket as read-only 351*d5c09012SAndroid Build Coastguard Worker bool read_only = 2; 352*d5c09012SAndroid Build Coastguard Worker} 353*d5c09012SAndroid Build Coastguard Worker 354*d5c09012SAndroid Build Coastguard Worker// Probe describes a health check to be performed against a container to 355*d5c09012SAndroid Build Coastguard Worker// determine whether it is alive or ready to receive traffic. 356*d5c09012SAndroid Build Coastguard Workermessage Probe { 357*d5c09012SAndroid Build Coastguard Worker // Number of seconds after the container has started before the probe is 358*d5c09012SAndroid Build Coastguard Worker // initiated. 359*d5c09012SAndroid Build Coastguard Worker // Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe 360*d5c09012SAndroid Build Coastguard Worker // is 3600. Maximum value for startup probe is 240. 361*d5c09012SAndroid Build Coastguard Worker int32 initial_delay_seconds = 1; 362*d5c09012SAndroid Build Coastguard Worker 363*d5c09012SAndroid Build Coastguard Worker // Number of seconds after which the probe times out. 364*d5c09012SAndroid Build Coastguard Worker // Defaults to 1 second. Minimum value is 1. Maximum value is 3600. 365*d5c09012SAndroid Build Coastguard Worker // Must be smaller than period_seconds. 366*d5c09012SAndroid Build Coastguard Worker int32 timeout_seconds = 2; 367*d5c09012SAndroid Build Coastguard Worker 368*d5c09012SAndroid Build Coastguard Worker // How often (in seconds) to perform the probe. 369*d5c09012SAndroid Build Coastguard Worker // Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe 370*d5c09012SAndroid Build Coastguard Worker // is 3600. Maximum value for startup probe is 240. 371*d5c09012SAndroid Build Coastguard Worker // Must be greater or equal than timeout_seconds. 372*d5c09012SAndroid Build Coastguard Worker int32 period_seconds = 3; 373*d5c09012SAndroid Build Coastguard Worker 374*d5c09012SAndroid Build Coastguard Worker // Minimum consecutive failures for the probe to be considered failed after 375*d5c09012SAndroid Build Coastguard Worker // having succeeded. Defaults to 3. Minimum value is 1. 376*d5c09012SAndroid Build Coastguard Worker int32 failure_threshold = 4; 377*d5c09012SAndroid Build Coastguard Worker 378*d5c09012SAndroid Build Coastguard Worker oneof probe_type { 379*d5c09012SAndroid Build Coastguard Worker // HTTPGet specifies the http request to perform. 380*d5c09012SAndroid Build Coastguard Worker // Exactly one of httpGet, tcpSocket, or grpc must be specified. 381*d5c09012SAndroid Build Coastguard Worker HTTPGetAction http_get = 5; 382*d5c09012SAndroid Build Coastguard Worker 383*d5c09012SAndroid Build Coastguard Worker // TCPSocket specifies an action involving a TCP port. 384*d5c09012SAndroid Build Coastguard Worker // Exactly one of httpGet, tcpSocket, or grpc must be specified. 385*d5c09012SAndroid Build Coastguard Worker TCPSocketAction tcp_socket = 6; 386*d5c09012SAndroid Build Coastguard Worker 387*d5c09012SAndroid Build Coastguard Worker // GRPC specifies an action involving a gRPC port. 388*d5c09012SAndroid Build Coastguard Worker // Exactly one of httpGet, tcpSocket, or grpc must be specified. 389*d5c09012SAndroid Build Coastguard Worker GRPCAction grpc = 7; 390*d5c09012SAndroid Build Coastguard Worker } 391*d5c09012SAndroid Build Coastguard Worker} 392*d5c09012SAndroid Build Coastguard Worker 393*d5c09012SAndroid Build Coastguard Worker// HTTPGetAction describes an action based on HTTP Get requests. 394*d5c09012SAndroid Build Coastguard Workermessage HTTPGetAction { 395*d5c09012SAndroid Build Coastguard Worker // Path to access on the HTTP server. Defaults to '/'. 396*d5c09012SAndroid Build Coastguard Worker string path = 1; 397*d5c09012SAndroid Build Coastguard Worker 398*d5c09012SAndroid Build Coastguard Worker // Custom headers to set in the request. HTTP allows repeated headers. 399*d5c09012SAndroid Build Coastguard Worker repeated HTTPHeader http_headers = 4; 400*d5c09012SAndroid Build Coastguard Worker 401*d5c09012SAndroid Build Coastguard Worker // Port number to access on the container. Must be in the range 1 to 65535. 402*d5c09012SAndroid Build Coastguard Worker // If not specified, defaults to the exposed port of the container, which is 403*d5c09012SAndroid Build Coastguard Worker // the value of container.ports[0].containerPort. 404*d5c09012SAndroid Build Coastguard Worker int32 port = 5; 405*d5c09012SAndroid Build Coastguard Worker} 406*d5c09012SAndroid Build Coastguard Worker 407*d5c09012SAndroid Build Coastguard Worker// HTTPHeader describes a custom header to be used in HTTP probes 408*d5c09012SAndroid Build Coastguard Workermessage HTTPHeader { 409*d5c09012SAndroid Build Coastguard Worker // Required. The header field name 410*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = REQUIRED]; 411*d5c09012SAndroid Build Coastguard Worker 412*d5c09012SAndroid Build Coastguard Worker // The header field value 413*d5c09012SAndroid Build Coastguard Worker string value = 2; 414*d5c09012SAndroid Build Coastguard Worker} 415*d5c09012SAndroid Build Coastguard Worker 416*d5c09012SAndroid Build Coastguard Worker// TCPSocketAction describes an action based on opening a socket 417*d5c09012SAndroid Build Coastguard Workermessage TCPSocketAction { 418*d5c09012SAndroid Build Coastguard Worker // Port number to access on the container. Must be in the range 1 to 65535. 419*d5c09012SAndroid Build Coastguard Worker // If not specified, defaults to the exposed port of the container, which is 420*d5c09012SAndroid Build Coastguard Worker // the value of container.ports[0].containerPort. 421*d5c09012SAndroid Build Coastguard Worker int32 port = 1; 422*d5c09012SAndroid Build Coastguard Worker} 423*d5c09012SAndroid Build Coastguard Worker 424*d5c09012SAndroid Build Coastguard Worker// GRPCAction describes an action involving a GRPC port. 425*d5c09012SAndroid Build Coastguard Workermessage GRPCAction { 426*d5c09012SAndroid Build Coastguard Worker // Port number of the gRPC service. Number must be in the range 1 to 65535. 427*d5c09012SAndroid Build Coastguard Worker // If not specified, defaults to the exposed port of the container, which is 428*d5c09012SAndroid Build Coastguard Worker // the value of container.ports[0].containerPort. 429*d5c09012SAndroid Build Coastguard Worker int32 port = 1; 430*d5c09012SAndroid Build Coastguard Worker 431*d5c09012SAndroid Build Coastguard Worker // Service is the name of the service to place in the gRPC HealthCheckRequest 432*d5c09012SAndroid Build Coastguard Worker // (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md ). If 433*d5c09012SAndroid Build Coastguard Worker // this is not specified, the default behavior is defined by gRPC. 434*d5c09012SAndroid Build Coastguard Worker string service = 2; 435*d5c09012SAndroid Build Coastguard Worker} 436