diff --git a/config/installbundle/release-manifests/autopilot/kustomization.yaml b/config/installbundle/release-manifests/autopilot/kustomization.yaml index d4af5f9873..df1020b747 100644 --- a/config/installbundle/release-manifests/autopilot/kustomization.yaml +++ b/config/installbundle/release-manifests/autopilot/kustomization.yaml @@ -16,7 +16,7 @@ namespace: configconnector-operator-system commonLabels: cnrm.cloud.google.com/operator-system: "true" commonAnnotations: - cnrm.cloud.google.com/operator-version: "1.126.0" + cnrm.cloud.google.com/operator-version: "1.127.0" resources: - crds.yaml - rbac.yaml diff --git a/config/installbundle/release-manifests/standard/kustomization.yaml b/config/installbundle/release-manifests/standard/kustomization.yaml index d4af5f9873..df1020b747 100644 --- a/config/installbundle/release-manifests/standard/kustomization.yaml +++ b/config/installbundle/release-manifests/standard/kustomization.yaml @@ -16,7 +16,7 @@ namespace: configconnector-operator-system commonLabels: cnrm.cloud.google.com/operator-system: "true" commonAnnotations: - cnrm.cloud.google.com/operator-version: "1.126.0" + cnrm.cloud.google.com/operator-version: "1.127.0" resources: - crds.yaml - rbac.yaml diff --git a/operator/autopilot-channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml index 1885d78c49..7118fcfe90 100644 --- a/operator/autopilot-channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-controller-manager @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -869,6 +881,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1097,6 +1121,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1282,7 +1318,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1332,7 +1368,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1390,7 +1426,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1415,7 +1451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1445,7 +1481,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1788,6 +1824,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1964,6 +2008,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2116,6 +2168,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2241,7 +2301,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2304,7 +2364,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2322,7 +2382,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2340,7 +2400,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2363,7 +2423,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2380,7 +2440,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2397,7 +2457,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2414,7 +2474,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2431,7 +2491,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2448,7 +2508,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2465,7 +2525,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2487,7 +2547,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2508,7 +2568,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2526,7 +2586,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2539,8 +2599,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2573,7 +2633,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2588,7 +2648,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2603,7 +2663,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2633,7 +2693,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2648,7 +2708,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2661,7 +2721,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: @@ -2698,7 +2758,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2713,7 +2773,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2721,7 +2781,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2752,7 +2812,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml index 479b17ec84..a6ac2c81dd 100644 --- a/operator/autopilot-channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 iam.gke.io/gcp-service-account: cnrm-system@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/system: "true" @@ -22,7 +22,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -32,7 +32,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -42,7 +42,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -52,7 +52,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -73,7 +73,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -94,7 +94,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -606,6 +606,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -870,6 +882,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1098,6 +1122,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1283,7 +1319,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1333,7 +1369,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1391,7 +1427,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1416,7 +1452,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1446,7 +1482,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1789,6 +1825,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1965,6 +2009,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2117,6 +2169,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2242,7 +2302,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2305,7 +2365,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2323,7 +2383,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2341,7 +2401,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2364,7 +2424,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2381,7 +2441,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2398,7 +2458,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2415,7 +2475,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2432,7 +2492,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2449,7 +2509,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2466,7 +2526,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2488,7 +2548,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2509,7 +2569,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2527,7 +2587,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2540,8 +2600,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2574,7 +2634,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2589,7 +2649,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2604,7 +2664,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2634,7 +2694,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2649,7 +2709,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2659,7 +2719,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: @@ -2689,7 +2749,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2704,7 +2764,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2712,7 +2772,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2743,7 +2803,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.124.0/crds.yaml b/operator/autopilot-channels/packages/configconnector/1.127.0/crds.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.124.0/crds.yaml rename to operator/autopilot-channels/packages/configconnector/1.127.0/crds.yaml index 1497185ae9..504b90cc65 100644 --- a/operator/channels/packages/configconnector/1.124.0/crds.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.127.0/crds.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google LLC +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,12 +11,11 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -264,7 +263,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -650,7 +649,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -780,7 +779,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -949,7 +948,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1262,7 +1261,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2456,7 +2455,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2895,7 +2894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4366,7 +4365,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4955,7 +4954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5151,7 +5150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5425,7 +5424,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5584,7 +5583,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5748,7 +5747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5921,7 +5920,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6065,7 +6064,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6195,7 +6194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6323,7 +6322,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -6498,7 +6497,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6628,7 +6627,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6804,7 +6803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6933,7 +6932,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -7227,7 +7226,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7362,7 +7361,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7614,7 +7613,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7789,7 +7788,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7922,7 +7921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8623,7 +8622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8773,7 +8772,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9224,7 +9223,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9591,7 +9590,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9793,7 +9792,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9964,7 +9963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10144,7 +10143,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10159,6 +10158,9 @@ spec: kind: BigQueryAnalyticsHubDataExchange listKind: BigQueryAnalyticsHubDataExchangeList plural: bigqueryanalyticshubdataexchanges + shortNames: + - gcpbigqueryanalyticshubdataexchange + - gcpbigqueryanalyticshubdataexchanges singular: bigqueryanalyticshubdataexchange preserveUnknownFields: false scope: Namespaced @@ -10330,6 +10332,176 @@ spec: - spec type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange + properties: + description: + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. + type: string + displayName: + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the data exchange. + type: string + location: + description: Immutable. The name of the location this data exchange. + type: string + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - location + - projectRef + type: object + status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true storage: true subresources: status: {} @@ -10338,13 +10510,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com spec: group: bigqueryanalyticshub.cnrm.cloud.google.com @@ -10352,6 +10522,7 @@ spec: categories: - gcp kind: BigQueryAnalyticsHubListing + listKind: BigQueryAnalyticsHubListingList plural: bigqueryanalyticshublistings shortNames: - gcpbigqueryanalyticshublisting @@ -10379,81 +10550,103 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing properties: - bigqueryDataset: - description: Shared dataset i.e. BigQuery dataset source. - properties: - dataset: - description: Resource name of the dataset source for this listing. - e.g. projects/myproject/datasets/123. - type: string - required: - - dataset - type: object categories: - description: Categories of the listing. Up to two categories are allowed. + description: Optional. Categories of the listing. Up to two categories + are allowed. items: type: string type: array - dataExchangeId: - description: Immutable. The ID of the data exchange. Must contain - only Unicode letters, numbers (0-9), underscores (_). Should not - use characters that require URL-escaping, or characters outside - of ASCII, spaces. - type: string + dataExchangeRef: + description: BigQueryAnalyticsHubDataExchangeRef defines the resource + reference to BigQueryAnalyticsHubDataExchange, which "External" + field holds the GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed BigQueryAnalyticsHubDataExchange + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/dataexchanges/{{dataexchangeID}}". + type: string + name: + description: The name of a BigQueryAnalyticsHubDataExchange resource. + type: string + namespace: + description: The namespace of a BigQueryAnalyticsHubDataExchange + resource. + type: string + type: object dataProvider: - description: Details of the data provider who owns the source data. + description: Optional. Details of the data provider who owns the source + data. properties: name: - description: Name of the data provider. + description: Optional. Name of the data provider. type: string primaryContact: - description: Email or URL of the data provider. + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' type: string - required: - - name type: object description: - description: Short description of the listing. The description must - not contain Unicode non-characters and C0 and C1 control codes except - tabs (HT), new lines (LF), carriage returns (CR), and page breaks - (FF). + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. type: string displayName: - description: Human-readable display name of the listing. The display - name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), ampersands (&) and can't start or end - with spaces. + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' type: string documentation: - description: Documentation describing the listing. - type: string - icon: - description: Base64 encoded image representing the listing. + description: Optional. Documentation describing the listing. type: string location: - description: Immutable. The name of the location this data exchange - listing. + description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the listing. + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' type: string projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -10470,49 +10663,153 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object publisher: - description: Details of the publisher who owns the listing and who - can share the source data. + description: Optional. Details of the publisher who owns the listing + and who can share the source data. properties: name: - description: Name of the listing publisher. + description: Optional. Name of the listing publisher. type: string primaryContact: - description: Email or URL of the listing publisher. + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' type: string - required: - - name type: object requestAccess: - description: Email or URL of the request access of the listing. Subscribers - can use this reference to request access. + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' type: string resourceID: - description: Immutable. Optional. The listingId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + type: boolean + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + type: boolean + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + type: boolean + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + tableRef: + description: 'Optional. A reference to a BigQueryTable. + Format: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/{projectId}/datasets/{datasetId}/tables/{tableId}`. + type: string + name: + description: The `metadata.name` field of a `BigQueryTable` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a + `BigQueryTable` resource. + type: string + type: object + type: object + type: array + required: + - datasetRef + type: object + type: object required: - - bigqueryDataset - - dataExchangeId + - dataExchangeRef - displayName - location - projectRef + - source type: object status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10536,8 +10833,9 @@ spec: type: string type: object type: array - name: - description: The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10545,27 +10843,356 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing + properties: + categories: + description: Optional. Categories of the listing. Up to two categories + are allowed. + items: + type: string + type: array + dataExchangeRef: + description: BigQueryAnalyticsHubDataExchangeRef defines the resource + reference to BigQueryAnalyticsHubDataExchange, which "External" + field holds the GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed BigQueryAnalyticsHubDataExchange + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/dataexchanges/{{dataexchangeID}}". + type: string + name: + description: The name of a BigQueryAnalyticsHubDataExchange resource. + type: string + namespace: + description: The namespace of a BigQueryAnalyticsHubDataExchange + resource. + type: string + type: object + dataProvider: + description: Optional. Details of the data provider who owns the source + data. + properties: + name: + description: Optional. Name of the data provider. + type: string + primaryContact: + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' + type: string + type: object + description: + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. + type: string + displayName: + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the listing. + type: string + location: + description: Immutable. The name of the location this data exchange. + type: string + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' + type: string + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + publisher: + description: Optional. Details of the publisher who owns the listing + and who can share the source data. + properties: + name: + description: Optional. Name of the listing publisher. + type: string + primaryContact: + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' + type: string + type: object + requestAccess: + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' + type: string + resourceID: + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + type: boolean + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + type: boolean + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + type: boolean + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + tableRef: + description: 'Optional. A reference to a BigQueryTable. + Format: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/{projectId}/datasets/{datasetId}/tables/{tableId}`. + type: string + name: + description: The `metadata.name` field of a `BigQueryTable` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a + `BigQueryTable` resource. + type: string + type: object + type: object + type: array + required: + - datasetRef + type: object + type: object + required: + - dataExchangeRef + - displayName + - location + - projectRef + - source + type: object + status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10635,7 +11262,11 @@ spec: description: The user’s AWS IAM Role that trusts the Google-owned AWS IAM user Connection. type: string + required: + - iamRoleID type: object + required: + - accessRole type: object azure: description: Azure properties. @@ -10653,6 +11284,94 @@ spec: cloudResource: description: Use Cloud Resource properties. type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQLInstance selfLink, when not managed by + Config Connector. + type: string + name: + description: The `name` field of a `SQLInstance` resource. + type: string + namespace: + description: The `namespace` field of a `SQLInstance` resource. + type: string + type: object + type: + description: Type of the Cloud SQL database. + type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object cloudSpanner: description: Cloud Spanner properties. properties: @@ -10731,22 +11450,388 @@ spec: required: - databaseRef type: object - cloudSql: + description: + description: User provided description. + type: string + friendlyName: + description: User provided display name for the connection. + type: string + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' + type: string + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. + + Example: + + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + + Example: + + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object + type: object + required: + - location + - projectRef + type: object + status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources + properties: + aws: + description: Amazon Web Services (AWS) properties. + properties: + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. + properties: + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. + type: string + required: + - iamRoleID + type: object + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: description: Cloud SQL properties. properties: credential: description: Cloud SQL credential. properties: - password: - description: The password for the credential. + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. type: string - username: - description: The username for the credential. + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. type: string type: object - database: - description: Database name. - type: string instanceRef: description: Reference to the Cloud SQL instance ID. oneOf: @@ -10778,6 +11863,89 @@ spec: type: description: Type of the Cloud SQL database. type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: + description: |- + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). + + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. + + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean + required: + - databaseRef type: object description: description: User provided description. @@ -10824,10 +11992,12 @@ spec: type: string type: object resourceID: - description: The BigQuery ConnectionID. This is a server-generated - ID in the UUID format. If not provided, ConfigConnector will create - a new Connection and store the UUID in `status.serviceGeneratedID` - field. + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string spark: description: Spark properties. @@ -10992,7 +12162,7 @@ spec: @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com type: string type: object - cloudSql: + cloudSQL: properties: serviceAccountID: description: |- @@ -11042,7 +12212,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11216,7 +12386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11474,7 +12644,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11549,14 +12719,13 @@ spec: description: The dataset this entry applies to. properties: datasetId: - description: Required. A unique ID for this dataset, - without the project name. The ID must contain only - letters (a-z, A-Z), numbers (0-9), or underscores - (_). The maximum length is 1,024 characters. + description: A unique Id for this dataset, without the + project name. The Id must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum + length is 1,024 characters. type: string projectId: - description: Required. The ID of the project containing - this dataset. + description: The ID of the project containing this dataset. type: string required: - datasetId @@ -11612,16 +12781,14 @@ spec: an update operation.' properties: datasetId: - description: Required. The ID of the dataset containing - this routine. + description: The ID of the dataset containing this routine. type: string projectId: - description: Required. The ID of the project containing - this routine. + description: The ID of the project containing this routine. type: string routineId: - description: Required. The ID of the routine. The ID must - contain only letters (a-z, A-Z), numbers (0-9), or underscores + description: The Id of the routine. The Id must contain + only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. type: string required: @@ -11654,20 +12821,18 @@ spec: granted again via an update operation.' properties: datasetId: - description: Required. The ID of the dataset containing - this table. + description: The ID of the dataset containing this table. type: string projectId: - description: Required. The ID of the project containing - this table. + description: The ID of the project containing this table. type: string tableId: - description: Required. The ID of the table. The ID can contain - Unicode characters in category L (letter), M (mark), N - (number), Pc (connector, including underscore), Pd (dash), - and Zs (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). + description: The Id of the table. The Id can contain Unicode + characters in category L (letter), M (mark), N (number), + Pc (connector, including underscore), Pd (dash), and Zs + (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). The maximum length is 1,024 characters. Certain operations - allow suffixing of the table ID with a partition decorator, + allow suffixing of the table Id with a partition decorator, such as `sample_table$20190123`. type: string required: @@ -11687,7 +12852,7 @@ spec: afterwards, and does not alter the existing tables. The following values are supported: - * 'und:ci': undetermined locale, case insensitive. + * 'und:ci': undetermined locale, case-insensitive. * '': empty string. Default to case-sensitive behavior. type: string defaultEncryptionConfiguration: @@ -11771,9 +12936,9 @@ spec: does not affect routine references. type: boolean location: - description: The geographic location where the dataset should reside. - See https://cloud.google.com/bigquery/docs/locations for supported - locations. + description: Optional. The geographic location where the dataset should + reside. See https://cloud.google.com/bigquery/docs/locations for + supported locations. type: string maxTimeTravelHours: description: Optional. Defines the time travel window in hours. The @@ -11781,7 +12946,7 @@ spec: is 168 hours if this is not set. type: string projectRef: - description: The project that this resource belongs to. optional. + description: ' Optional. The project that this resource belongs to.' oneOf: - not: required: @@ -11858,6 +13023,10 @@ spec: etag: description: Output only. A hash of the resource. type: string + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string lastModifiedTime: description: Output only. The date when this dataset was last modified, in milliseconds since the epoch. @@ -11871,6 +13040,16 @@ spec: the resource. format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + location: + description: Optional. If the location is not specified in the + spec, the GCP server defaults to a location and will be captured + here. + type: string + type: object selfLink: description: Output only. A URL that can be used to access the resource again. You can use this URL in Get or Update requests to the resource. @@ -11886,7 +13065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12290,6 +13469,491 @@ spec: - spec type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + scheduleOptionsV2: + description: V2 options customizing different types of data transfer + schedule. This field supports existing time-based and manual transfer + schedule. Also supports Event-Driven transfer schedule. ScheduleOptionsV2 + cannot be used together with ScheduleOptions/Schedule. + properties: + eventDrivenSchedule: + description: Event driven transfer schedule options. If set, the + transfer will be scheduled upon events arrial. + properties: + pubSubSubscriptionRef: + description: Pub/Sub subscription used to receive events. + Only Google Cloud Storage data source support this option. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/subscriptions/[subscription_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubSubscription` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubSubscription` + resource. + type: string + type: object + type: object + manualSchedule: + description: Manual transfer schedule. If set, the transfer run + will not be auto-scheduled by the system, unless the client + invokes StartManualTransferRuns. This is equivalent to disable_auto_scheduling + = true. + type: object + timeBasedSchedule: + description: Time based transfer schedule options. This is the + default schedule option. + properties: + endTime: + description: Defines time to stop scheduling transfer runs. + A transfer run cannot be scheduled at or after the end time. + The end time can be changed at any moment. + type: string + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time + according to a recurrence pattern defined in the schedule + string. The start time can be changed at any moment. + type: string + type: object + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. + type: string + error: + description: Output only. Error code with detailed information + about reason of the latest config failure. + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be localized + and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + name: + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. + type: string + nextRunTime: + description: Output only. Next time when data transfer will run. + type: string + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. + properties: + email: + description: E-mail address of the user. + type: string + type: object + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true storage: true subresources: status: {} @@ -12298,7 +13962,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13154,7 +14818,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13341,7 +15005,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13531,7 +15195,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13793,7 +15457,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14378,7 +16042,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14566,7 +16230,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14787,7 +16451,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15019,7 +16683,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15192,7 +16856,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15651,7 +17315,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15919,7 +17583,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -16344,7 +18008,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16785,7 +18449,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17138,7 +18802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17959,7 +19623,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18312,7 +19976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18551,7 +20215,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18782,7 +20446,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -19012,7 +20676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20053,9 +21717,8 @@ spec: type: string type: array location: - description: |- - Immutable. The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. - If not specified, "global" is used. + description: 'Immutable. The location of the Cloud Build trigger. + If not specified, "global" is used. More info: cloud.google.com/build/docs/locations.' type: string pubsubConfig: description: |- @@ -20520,7 +22183,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20589,7 +22252,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20797,7 +22460,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20981,7 +22644,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21455,7 +23118,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21887,7 +23550,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22085,7 +23748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -22352,7 +24015,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22747,7 +24410,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22926,7 +24589,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23188,7 +24851,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -23726,7 +25389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23997,7 +25660,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24268,7 +25931,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24723,7 +26386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24993,7 +26656,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -25207,7 +26870,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26371,7 +28034,8 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `NetworkSecurityClientTLSPolicy` + description: 'Allowed value: string of the format `//networksecurity.googleapis.com/projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{value}}`, + where {{value}} is the `name` field of a `NetworkSecurityClientTLSPolicy` resource.' type: string name: @@ -26486,7 +28150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26700,7 +28364,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26877,7 +28541,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27641,7 +29305,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27792,7 +29456,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28012,7 +29676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28204,7 +29868,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28304,14 +29968,14 @@ spec: properties: external: description: A reference to an externally managed ComputeFirewallPolicy - resource. Should be in the format `locations/global/firewallPolicies/`. + resource. Should be in the format `locations/global/firewallPolicies/{{firewallPolicyID}}`. type: string name: - description: The `name` field of a `ComputeFirewall olicy ` resource. + description: The `name` field of a `ComputeFirewallPolicy` resource. type: string namespace: - description: The `namespace` field of a `ComputeFirewallPolicy - ` resource. + description: The `namespace` field of a `ComputeFirewallPolicy` + resource. type: string type: object match: @@ -28438,7 +30102,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -28543,7 +30207,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28921,7 +30585,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29225,7 +30889,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -29692,7 +31356,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29854,7 +31518,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30012,7 +31676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30476,7 +32140,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30637,7 +32301,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30798,7 +32462,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31156,7 +32820,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31935,7 +33599,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32117,7 +33781,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32320,7 +33984,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33353,7 +35017,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34385,7 +36049,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34710,7 +36374,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34927,7 +36591,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35272,7 +36936,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35482,7 +37146,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35694,7 +37358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35865,7 +37529,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36071,7 +37735,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36459,7 +38123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36640,7 +38304,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36840,7 +38504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37014,7 +38678,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37304,7 +38968,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37485,7 +39149,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37630,7 +39294,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37759,7 +39423,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37985,7 +39649,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -38385,7 +40049,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38682,7 +40346,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38800,7 +40464,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39233,7 +40897,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39410,7 +41074,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39712,7 +41376,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40009,7 +41673,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40205,7 +41869,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40419,7 +42083,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40743,7 +42407,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41035,7 +42699,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41492,7 +43156,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41848,7 +43512,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42075,7 +43739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42354,7 +44018,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42975,7 +44639,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -43322,7 +44986,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43428,7 +45092,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43572,7 +45236,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43971,7 +45635,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44189,7 +45853,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44352,7 +46016,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44646,7 +46310,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44824,7 +46488,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45003,7 +46667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45064,7 +46728,7 @@ spec: description: |- URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 certificates. Certificate manager certificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. - sslCertificates and certificateManagerCertificates fields can not be defined together. + sslCertificates and certificateManagerCertificates fields cannot be defined together. oneOf: - not: required: @@ -45100,7 +46764,7 @@ spec: can only be set for global target proxies. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificateManagerCertificates instead. - sslCertificates and certificateMap fields can not be defined together. + sslCertificates and certificateMap fields cannot be defined together. oneOf: - not: required: @@ -45361,7 +47025,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45586,7 +47250,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45841,7 +47505,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46100,7 +47764,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46114,6 +47778,7 @@ spec: categories: - gcp kind: ComputeTargetTCPProxy + listKind: ComputeTargetTCPProxyList plural: computetargettcpproxies shortNames: - gcpcomputetargettcpproxy @@ -46141,20 +47806,23 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeTargetTCPProxy is the Schema for the ComputeTargetTCPProxy + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ComputeTargetTCPProxySpec defines the desired state of ComputeTargetTCPProxy properties: backendServiceRef: description: A reference to the ComputeBackendService resource. @@ -46174,42 +47842,58 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendService` - resource.' + description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" + or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" + when not managed by Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeBackendService` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeBackendService` + resource. type: string type: object description: description: Immutable. An optional description of this resource. type: string + x-kubernetes-validations: + - message: Description is immutable + rule: self == oldSelf + location: + description: 'The geographical location of the ComputeTargetTCPProxy. + Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)' + type: string proxyBind: - description: |- - Immutable. This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + description: Immutable. This field only applies when the forwarding + rule that references this target proxy has a loadBalancingScheme + set to INTERNAL_SELF_MANAGED. type: boolean + x-kubernetes-validations: + - message: ProxyBind is immutable + rule: self == oldSelf proxyHeader: - description: |- - Specifies the type of proxy header to append before sending data to - the backend. Default value: "NONE" Possible values: ["NONE", "PROXY_V1"]. + description: 'Specifies the type of proxy header to append before + sending data to the backend. Default value: "NONE" Possible values: + ["NONE", "PROXY_V1"].' type: string resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The ComputeTargetTCPProxy name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID is immutable + rule: self == oldSelf required: - backendServiceRef type: object status: + description: ComputeTargetTCPProxyStatus defines the config connector + machine state of ComputeTargetTCPProxy properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -46236,17 +47920,24 @@ spec: creationTimestamp: description: Creation timestamp in RFC3339 text format. type: string + externalRef: + description: A unique specifier for the ComputeTargetTCPProxy resource + in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer proxyId: description: The unique identifier for the resource. + format: int64 type: integer selfLink: + description: The SelfLink for the resource. type: string type: object required: @@ -46256,18 +47947,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46428,7 +48113,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49151,7 +50836,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49355,7 +51040,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49727,7 +51412,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50043,7 +51728,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50632,7 +52317,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50868,7 +52553,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -51105,7 +52790,6 @@ spec: type: string projectRef: description: The ID of the project in which the resource belongs. - If it is not provided, the provider project is used. oneOf: - not: required: @@ -51149,6 +52833,7 @@ spec: - location - oidcConfig - platformVersion + - projectRef type: object status: description: ContainerAttachedClusterStatus defines the config connector @@ -51267,7 +52952,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53142,7 +54827,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54066,7 +55751,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54338,7 +56023,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54504,7 +56189,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54700,7 +56385,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54885,7 +56570,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55117,7 +56802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55291,7 +56976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55432,7 +57117,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -55606,7 +57291,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55892,7 +57577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -56525,7 +58210,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -56804,7 +58489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -57099,7 +58784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -58914,7 +60599,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -60856,7 +62541,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61028,7 +62713,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61629,7 +63314,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61822,7 +63507,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62756,7 +64441,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62971,7 +64656,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63156,7 +64841,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63370,7 +65055,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63565,7 +65250,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64115,7 +65800,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64335,7 +66020,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65433,7 +67118,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65642,7 +67327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65836,7 +67521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -66033,7 +67718,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -66270,7 +67955,572 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineDataStore + listKind: DiscoveryEngineDataStoreList + plural: discoveryenginedatastores + shortNames: + - gcpdiscoveryenginedatastore + - gcpdiscoveryenginedatastores + singular: discoveryenginedatastore + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineDataStore is the Schema for the DiscoveryEngineDataStore + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DiscoveryEngineDataStoreSpec defines the desired state of + DiscoveryEngineDataStore + properties: + collection: + description: Immutable. The collection for the DataStore. + type: string + x-kubernetes-validations: + - message: Collection field is immutable + rule: self == oldSelf + contentConfig: + description: Immutable. The content config of the data store. If this + field is unset, the server behavior defaults to [ContentConfig.NO_CONTENT][google.cloud.discoveryengine.v1.DataStore.ContentConfig.NO_CONTENT]. + type: string + displayName: + description: |- + Required. The data store display name. + + This field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. + type: string + industryVertical: + description: Immutable. The industry vertical that the data store + registers. + type: string + location: + description: Immutable. The location for the resource. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + projectRef: + description: The ID of the project in which the resource belongs. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The DiscoveryEngineDataStore name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + solutionTypes: + description: |- + The solutions that the data store enrolls. Available solutions for each + [industry_vertical][google.cloud.discoveryengine.v1.DataStore.industry_vertical]: + + * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` and `SOLUTION_TYPE_SEARCH`. + * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` is automatically enrolled. Other + solutions cannot be enrolled. + items: + type: string + type: array + workspaceConfig: + description: Config to store data store type configuration for workspace + data. This must be set when [DataStore.content_config][google.cloud.discoveryengine.v1.DataStore.content_config] + is set as [DataStore.ContentConfig.GOOGLE_WORKSPACE][google.cloud.discoveryengine.v1.DataStore.ContentConfig.GOOGLE_WORKSPACE]. + properties: + dasherCustomerID: + description: Obfuscated Dasher customer ID. + type: string + superAdminEmailAddress: + description: Optional. The super admin email address for the workspace + that will be used for access token generation. For now we only + use it for Native Google Drive connector data ingestion. + type: string + superAdminServiceAccount: + description: Optional. The super admin service account for the + workspace that will be used for access token generation. For + now we only use it for Native Google Drive connector data ingestion. + type: string + type: + description: The Google Workspace data source. + type: string + type: object + required: + - collection + - location + - projectRef + type: object + status: + description: DiscoveryEngineDataStoreStatus defines the config connector + machine state of DiscoveryEngineDataStore + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DiscoveryEngineDataStore resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + billingEstimation: + description: Output only. Data size estimation for billing. + properties: + structuredDataSize: + description: Data size for structured data in terms of bytes. + format: int64 + type: integer + structuredDataUpdateTime: + description: Last updated timestamp for structured data. + type: string + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: integer + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + type: string + websiteDataSize: + description: Data size for websites in terms of bytes. + format: int64 + type: integer + websiteDataUpdateTime: + description: Last updated timestamp for websites. + type: string + type: object + createTime: + description: Output only. Timestamp the [DataStore][google.cloud.discoveryengine.v1.DataStore] + was created at. + type: string + defaultSchemaID: + description: Output only. The id of the default [Schema][google.cloud.discoveryengine.v1.Schema] + associated to this data store. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryengineengines.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineEngine + listKind: DiscoveryEngineEngineList + plural: discoveryengineengines + shortNames: + - gcpdiscoveryengineengine + - gcpdiscoveryengineengines + singular: discoveryengineengine + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineEngine is the Schema for the DiscoveryEngineEngine + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DiscoveryEngineEngineSpec defines the desired state of DiscoveryEngineEngine + properties: + chatEngineConfig: + description: Configurations for the Chat Engine. Only applicable if + solution_type is SOLUTION_TYPE_CHAT. + properties: + agentCreationConfig: + description: |- + The configurationt generate the Dialogflow agent that is associated to + this Engine. + + Note that these configurations are one-time consumed by + and passed to Dialogflow service. It means they cannot be retrieved using + [EngineService.GetEngine][google.cloud.discoveryengine.v1.EngineService.GetEngine] + or + [EngineService.ListEngines][google.cloud.discoveryengine.v1.EngineService.ListEngines] + API after engine creation. + properties: + business: + description: Name of the company, organization or other entity + that the agent represents. Used for knowledge connector + LLM prompt and for knowledge search. + type: string + defaultLanguageCode: + description: Required. The default language of the agent as + a language tag. See [Language Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. + type: string + location: + description: 'Agent location for Agent creation, supported + values: global/us/eu. If not provided, us Engine will create + Agent using us-central-1 by default; eu Engine will create + Agent using eu-west-1 by default.' + type: string + timeZone: + description: Required. The time zone of the agent from the + [time zone database](https://www.iana.org/time-zones), e.g., + America/New_York, Europe/Paris. + type: string + type: object + dialogflowAgentToLink: + description: |- + The resource name of an exist Dialogflow agent to link to this Chat + Engine. Customers can either provide `agent_creation_config` to create + agent or provide an agent name that links the agent with the Chat engine. + + Format: `projects//locations//agents/`. + + Note that the `dialogflow_agent_to_link` are one-time consumed by and + passed to Dialogflow service. It means they cannot be retrieved using + [EngineService.GetEngine][google.cloud.discoveryengine.v1.EngineService.GetEngine] + or + [EngineService.ListEngines][google.cloud.discoveryengine.v1.EngineService.ListEngines] + API after engine creation. Use + [ChatEngineMetadata.dialogflow_agent][google.cloud.discoveryengine.v1.Engine.ChatEngineMetadata.dialogflow_agent] + for actual agent association after Engine is created. + type: string + type: object + collection: + description: Immutable. The collection for the Engine. + type: string + commonConfig: + description: Common config spec that specifies the metadata of the + engine. + properties: + companyName: + description: The name of the company, business or entity that + is associated with the engine. Setting this may help improve + LLM related features. + type: string + type: object + dataStoreRefs: + description: The data stores associated with this engine. For SOLUTION_TYPE_SEARCH + and SOLUTION_TYPE_RECOMMENDATION type of engines, they can only + associate with at most one data store. If solution_type is SOLUTION_TYPE_CHAT, + multiple DataStores in the same Collection can be associated here. + Note that when used in CreateEngineRequest, one DataStore must be + provided as the system will use it for necessary initializations. + items: + description: DiscoveryEngineDataStoreRef defines the resource reference + to DiscoveryEngineDataStore, which "External" field holds the + GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed DiscoveryEngineDataStore + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/datastores/{{datastoreID}}". + type: string + name: + description: The name of a DiscoveryEngineDataStore resource. + type: string + namespace: + description: The namespace of a DiscoveryEngineDataStore resource. + type: string + type: object + type: array + disableAnalytics: + description: Optional. Whether to disable analytics for searches performed + on this engine. + type: boolean + displayName: + description: Required. The display name of the engine. Should be human + readable. UTF-8 encoded string with limit of 1024 characters. + type: string + industryVertical: + description: 'The industry vertical that the engine registers. The + restriction of the Engine industry vertical is based on DataStore: + If unspecified, default to `GENERIC`. Vertical on Engine has to + match vertical of the DataStore linked to the engine.' + type: string + location: + description: Immutable. Location of the resource. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The DiscoveryEngineChatEngine name. If not + given, the metadata.name will be used. + type: string + searchEngineConfig: + description: Configurations for the Search Engine. Only applicable + if solution_type is SOLUTION_TYPE_SEARCH. + properties: + searchAddOns: + description: The add-on that this search engine enables. + items: + type: string + type: array + searchTier: + description: |- + The search feature tier of this engine. + + Different tiers might have different + pricing. To learn more, check the pricing documentation. + + Defaults to + [SearchTier.SEARCH_TIER_STANDARD][google.cloud.discoveryengine.v1.SearchTier.SEARCH_TIER_STANDARD] + if not specified. + type: string + type: object + solutionType: + description: Required. The solutions of the engine. + type: string + required: + - collection + - displayName + - location + - projectRef + - solutionType + type: object + status: + description: DiscoveryEngineEngineStatus defines the config connector + machine state of DiscoveryEngineEngine + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DiscoveryEngineEngine resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -70446,7 +72696,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -71058,7 +73308,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72534,7 +74784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72905,7 +75155,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73290,7 +75540,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73486,7 +75736,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74458,7 +76708,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74637,7 +76887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74833,7 +77083,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74956,7 +77206,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75121,7 +77371,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75657,7 +77907,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75908,7 +78158,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76147,7 +78397,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76327,7 +78577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76551,7 +78801,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76693,7 +78943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77239,7 +79489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77461,7 +79711,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77790,7 +80040,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77959,7 +80209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78146,7 +80396,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78323,7 +80573,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78467,7 +80717,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78630,7 +80880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78782,7 +81032,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78930,7 +81180,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79077,7 +81327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79287,6 +81537,201 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: FirestoreDatabase is the Schema for the FirestoreDatabase API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirestoreDatabaseSpec defines the desired state of FirestoreDatabase + properties: + concurrencyMode: + description: The concurrency control mode to use for this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#concurrencymode + for more info. + type: string + locationID: + description: The location of the database. Available locations are + listed at https://cloud.google.com/firestore/docs/locations. + type: string + pointInTimeRecoveryEnablement: + description: Whether to enable the PITR feature on this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#pointintimerecoveryenablement + for more info. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: The FirestoreDatabase name. If not given, the metadata.name + will be used. + type: string + required: + - projectRef + type: object + status: + description: FirestoreDatabaseStatus defines the config connector machine + state of FirestoreDatabase + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the FirestoreDatabase resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp at which this database + was created. Databases created before 2016 do not populate create_time. + type: string + earliestVersionTime: + description: |- + Output only. The earliest timestamp at which older versions of the data can + be read from the database. See [version_retention_period] above; this field + is populated with `now - version_retention_period`. + + This value is continuously updated, and becomes stale the moment it is + queried. If you are using this value to recover data, make sure to account + for the time from the moment when the value is queried to the moment when + you initiate the recovery. + type: string + etag: + description: This checksum is computed by the server based on + the value of other fields, and may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. + type: string + keyPrefix: + description: |- + Output only. The key_prefix for this database. This key_prefix is used, in + combination with the project id ("~") to construct + the application id that is returned from the Cloud Datastore APIs in Google + App Engine first generation runtimes. + + This value may be empty in which case the appid to use for URL-encoded keys + is the project_id (eg: foo instead of v~foo). + type: string + uid: + description: Output only. The system-generated UUID4 for this + Database. + type: string + updateTime: + description: Output only. The timestamp at which this database + was most recently updated. Note this only includes updates to + the database resource and not data contained by the database. + type: string + versionRetentionPeriod: + description: |- + Output only. The period during which past versions of data are retained in + the database. + + Any [read][google.firestore.v1.GetDocumentRequest.read_time] + or [query][google.firestore.v1.ListDocumentsRequest.read_time] can specify + a `read_time` within this window, and will read the state of the database + at that time. + + If the PITR feature is enabled, the retention period is 7 days. Otherwise, + the retention period is 1 hour. + type: string + type: object + type: object + type: object + served: true storage: true subresources: status: {} @@ -79295,7 +81740,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79449,7 +81894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79662,7 +82107,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79959,10 +82404,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: - cnrm.cloud.google.com/dcl2crd: "true" cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" @@ -80201,6 +82645,13 @@ spec: cluster. type: boolean type: object + management: + description: Optional. Whether to automatically manage the configmanagement + Feature. There are 3 accepted values. MANAGEMENT_UNSPECIFIED + means that the mamangement mode is unspecified. MANAGEMENT_AUTOMATIC + means that Google manages the Feature for the cluster. MANAGEMENT_MANUAL + means that users should manage the Feature for the cluster. + type: string policyController: description: '**DEPRECATED** Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the @@ -80499,7 +82950,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -80765,7 +83216,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -81130,7 +83581,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81263,7 +83714,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81421,7 +83872,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81583,7 +84034,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81897,7 +84348,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82098,7 +84549,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82299,7 +84750,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82399,7 +84850,7 @@ spec: ''allServices'' and a specific service, then the union of the two audit configs is used for that service: the ''logTypes'' specified in each ''auditLogConfig'' are enabled, and the ''exemptedMembers'' - in each ''auditLogConfg'' are exempted.' + in each ''auditLogConfig'' are exempted.' type: string required: - auditLogConfigs @@ -82460,7 +84911,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82600,7 +85051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82694,6 +85145,8 @@ spec: Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. oneOf: + - required: + - bigQueryConnectionConnectionRef - required: - logSinkRef - required: @@ -82703,6 +85156,34 @@ spec: - required: - sqlInstanceRef properties: + bigQueryConnectionConnectionRef: + description: BigQueryConnectionConnection whose service + account is to be bound to the role. Use the Type + field to specifie the connection type. For "spark" + connetion, the service account is in `status.observedState.spark.serviceAccountID`. + For "cloudSQL" connection, the service account is + in `status.observedState.cloudSQL.serviceAccountID`. + For "cloudResource" connection, the service account + is in `status.observedState.cloudResource.serviceAccountID`. + properties: + name: + type: string + namespace: + type: string + type: + description: Type field specifies the connection + type of the BigQueryConnectionConnection resource, + whose service account is to be bound to the + role. + enum: + - spark + - cloudSQL + - cloudResource + type: string + required: + - name + - type + type: object logSinkRef: description: The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound @@ -82925,7 +85406,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83015,7 +85496,7 @@ spec: both ''allServices'' and a specific service, then the union of the two audit configs is used for that service: the ''logTypes'' specified in each ''auditLogConfig'' are enabled, and the - ''exemptedMembers'' in each ''auditLogConfg'' are exempted.' + ''exemptedMembers'' in each ''auditLogConfig'' are exempted.' type: string required: - auditLogConfigs @@ -83153,7 +85634,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83236,6 +85717,8 @@ spec: Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. oneOf: + - required: + - bigQueryConnectionConnectionRef - required: - logSinkRef - required: @@ -83245,6 +85728,31 @@ spec: - required: - sqlInstanceRef properties: + bigQueryConnectionConnectionRef: + description: BigQueryConnectionConnection whose service account + is to be bound to the role. Use the Type field to specifie the + connection type. For "spark" connetion, the service account + is in `status.observedState.spark.serviceAccountID`. For "cloudSQL" + connection, the service account is in `status.observedState.cloudSQL.serviceAccountID`. + For "cloudResource" connection, the service account is in `status.observedState.cloudResource.serviceAccountID`. + properties: + name: + type: string + namespace: + type: string + type: + description: Type field specifies the connection type of the + BigQueryConnectionConnection resource, whose service account + is to be bound to the role. + enum: + - spark + - cloudSQL + - cloudResource + type: string + required: + - name + - type + type: object logSinkRef: description: The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound to the role. @@ -83393,7 +85901,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83572,7 +86080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83714,7 +86222,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84072,7 +86580,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84253,7 +86761,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84549,7 +87057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84716,7 +87224,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84842,7 +87350,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84996,7 +87504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -85688,7 +88196,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85847,7 +88355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86052,7 +88560,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86235,7 +88743,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86459,7 +88967,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86623,7 +89131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86836,7 +89344,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87053,7 +89561,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87206,25 +89714,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/stability-level: beta cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: kmscryptokeys.kms.cnrm.cloud.google.com + name: kmsautokeyconfigs.kms.cnrm.cloud.google.com spec: group: kms.cnrm.cloud.google.com names: categories: - gcp - kind: KMSCryptoKey - plural: kmscryptokeys + kind: KMSAutokeyConfig + listKind: KMSAutokeyConfigList + plural: kmsautokeyconfigs shortNames: - - gcpkmscryptokey - - gcpkmscryptokeys - singular: kmscryptokey + - gcpkmsautokeyconfig + - gcpkmsautokeyconfigs + singular: kmsautokeyconfig preserveUnknownFields: false scope: Namespaced versions: @@ -87244,35 +89752,28 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1beta1 + name: v1alpha1 schema: openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig properties: - destroyScheduledDuration: - description: |- - Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. - If not specified at creation time, the default duration is 24 hours. - type: string - importOnly: - description: Immutable. Whether this key may contain imported versions - only. - type: boolean - keyRingRef: - description: The KMSKeyRing that this key belongs to. + folderRef: + description: Immutable. The folder that this resource belongs to. oneOf: - not: required: @@ -87289,64 +89790,422 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `KMSKeyRing` - resource.' + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. type: string type: object - purpose: - description: |- - Immutable. The immutable purpose of this CryptoKey. See the - [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose) - for possible inputs. - Default value is "ENCRYPT_DECRYPT". - type: string - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - rotationPeriod: - description: |- - Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. - The first rotation will take place after the specified period. The rotation period has - the format of a decimal number with up to 9 fractional digits, followed by the - letter 's' (seconds). It must be greater than a day (ie, 86400). - type: string - skipInitialVersionCreation: - description: |- - Immutable. If set to true, the request will create a CryptoKey without any CryptoKeyVersions. - You must use the 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion. - type: boolean - versionTemplate: - description: A template describing settings for new crypto key versions. + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external properties: - algorithm: - description: |- - The algorithm to use when creating a version based on this template. - See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs. + external: + description: The `projectID` field of a project, when not managed + by Config Connector. type: string - protectionLevel: - description: Immutable. The protection level to use when creating - a version based on this template. Possible values include "SOFTWARE", - "HSM", "EXTERNAL", "EXTERNAL_VPC". Defaults to "SOFTWARE". + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. type: string - required: - - algorithm type: object required: - - keyRingRef + - folderRef type: object status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig + properties: + folderRef: + description: Immutable. The folder that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - folderRef + type: object + status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: kmscryptokeys.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSCryptoKey + plural: kmscryptokeys + shortNames: + - gcpkmscryptokey + - gcpkmscryptokeys + singular: kmscryptokey + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + destroyScheduledDuration: + description: |- + Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. + If not specified at creation time, the default duration is 24 hours. + type: string + importOnly: + description: Immutable. Whether this key may contain imported versions + only. + type: boolean + keyRingRef: + description: The KMSKeyRing that this key belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `selfLink` field of a `KMSKeyRing` + resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + purpose: + description: |- + Immutable. The immutable purpose of this CryptoKey. See the + [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose) + for possible inputs. + Default value is "ENCRYPT_DECRYPT". + type: string + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + rotationPeriod: + description: |- + Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. + The first rotation will take place after the specified period. The rotation period has + the format of a decimal number with up to 9 fractional digits, followed by the + letter 's' (seconds). It must be greater than a day (ie, 86400). + type: string + skipInitialVersionCreation: + description: |- + Immutable. If set to true, the request will create a CryptoKey without any CryptoKeyVersions. + You must use the 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion. + type: boolean + versionTemplate: + description: A template describing settings for new crypto key versions. + properties: + algorithm: + description: |- + The algorithm to use when creating a version based on this template. + See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs. + type: string + protectionLevel: + description: Immutable. The protection level to use when creating + a version based on this template. Possible values include "SOFTWARE", + "HSM", "EXTERNAL", "EXTERNAL_VPC". Defaults to "SOFTWARE". + type: string + required: + - algorithm + type: object + required: + - keyRingRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. items: properties: lastTransitionTime: @@ -87399,7 +90258,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87588,7 +90447,320 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: beta + cnrm.cloud.google.com/system: "true" + name: kmskeyhandles.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSKeyHandle + listKind: KMSKeyHandleList + plural: kmskeyhandles + shortNames: + - gcpkmskeyhandle + - gcpkmskeyhandles + singular: kmskeyhandle + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. The KMS Key Handle ID used for resource creation + or acquisition. For creation: If specified, this value is used as + the key handle ID. If not provided, a UUID will be generated and + assigned as the key handle ID. For acquisition: This field must + be provided to identify the key handle resource to acquire.' + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. The KMS Key Handle ID used for resource creation + or acquisition. For creation: If specified, this value is used as + the key handle ID. If not provided, a UUID will be generated and + assigned as the key handle ID. For acquisition: This field must + be provided to identify the key handle resource to acquire.' + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87768,7 +90940,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87891,7 +91063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -88096,7 +91268,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88385,7 +91557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88660,7 +91832,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89116,7 +92288,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89520,7 +92692,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -89824,7 +92996,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90161,7 +93333,466 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: memorystoreinstances.memorystore.cnrm.cloud.google.com +spec: + group: memorystore.cnrm.cloud.google.com + names: + categories: + - gcp + kind: MemorystoreInstance + listKind: MemorystoreInstanceList + plural: memorystoreinstances + shortNames: + - gcpmemorystoreinstance + - gcpmemorystoreinstances + singular: memorystoreinstance + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: MemorystoreInstance is the Schema for the MemorystoreInstance + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MemorystoreInstanceSpec defines the desired state of MemorystoreInstance + properties: + authorizationMode: + description: Optional. Immutable. Authorization mode of the instance. + type: string + deletionProtectionEnabled: + description: Optional. If set to true deletion of the instance will + fail. + type: boolean + engineConfigs: + additionalProperties: + type: string + description: Optional. User-provided engine configurations for the + instance. + type: object + engineVersion: + description: Optional. Immutable. Engine version of the instance. + type: string + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + nodeType: + description: Optional. Immutable. Machine type for individual nodes + of the instance. + type: string + persistenceConfig: + description: Optional. Persistence configuration of the instance. + properties: + aofConfig: + description: Optional. AOF configuration. This field will be ignored + if mode is not AOF. + properties: + appendFsync: + description: Optional. The fsync mode. + type: string + type: object + mode: + description: Optional. Current persistence mode. + type: string + rdbConfig: + description: Optional. RDB configuration. This field will be ignored + if mode is not RDB. + properties: + rdbSnapshotPeriod: + description: Optional. Period between RDB snapshots. + type: string + rdbSnapshotStartTime: + description: Optional. Time that the first snapshot was/will + be attempted, and to which future snapshots will be aligned. + If not provided, the current time will be used. + type: string + type: object + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pscAutoConnections: + description: Required. Immutable. User inputs for the auto-created + PSC connections. + items: + description: kcc specific struct to separate input and output fields + in google.cloud.memorystore.v1beta.PscAutoConnection + properties: + networkRef: + description: Required. The network where the PSC endpoints are + created, in the form of projects/{project_id}/global/networks/{network_id}. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` + resource. + type: string + type: object + projectRef: + description: Required. The consumer project_id where PSC connections + are established. This should be the same project_id that the + cluster is being created in. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - networkRef + - projectRef + type: object + type: array + replicaCount: + description: Optional. Number of replica nodes per shard. If omitted + the default is 0 replicas. + format: int32 + type: integer + resourceID: + description: Optional. Immutable. The MemorystoreInstance name. If + not given, the metadata.name will be used. + type: string + shardCount: + description: Optional. Number of shards for the instance. + format: int32 + type: integer + transitEncryptionMode: + description: Optional. Immutable. In-transit encryption mode of the + instance. + type: string + zoneDistributionConfig: + description: Optional. Immutable. Zone distribution configuration + of the instance for node allocatiteon. + properties: + mode: + description: Optional. Current zone distribution mode. Defaults + to MULTI_ZONE. + type: string + zone: + description: Optional. Defines zone where all resources will be + allocated with SINGLE_ZONE mode. Ignored for MULTI_ZONE mode. + type: string + type: object + required: + - location + - projectRef + type: object + status: + description: MemorystoreInstanceStatus defines the config connector machine + state of MemorystoreInstance + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the MemorystoreInstance resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + authorizationMode: + description: Optional. Immutable. Authorization mode of the instance. + type: string + createTime: + description: Output only. Creation timestamp of the instance. + type: string + discoveryEndpoints: + description: Output only. Endpoints clients can connect to the + instance through. Currently only one discovery endpoint is supported. + items: + properties: + address: + description: Output only. IP address of the exposed endpoint + clients connect to. + type: string + network: + description: Output only. The network where the IP address + of the discovery endpoint will be reserved, in the form + of projects/{network_project}/global/networks/{network_id}. + type: string + port: + description: Output only. The port number of the exposed + endpoint. + format: int32 + type: integer + type: object + type: array + engineVersion: + description: Optional. Immutable. Engine version of the instance. + https://cloud.google.com/memorystore/docs/valkey/supported-versions + type: string + name: + description: 'Identifier. Unique name of the instance. Format: + projects/{project}/locations/{location}/instances/{instance}' + type: string + nodeConfig: + description: Output only. Configuration of individual nodes of + the instance. + properties: + sizeGb: + description: Output only. Memory size in GB of the node. + type: number + type: object + nodeType: + description: Optional. Immutable. Machine type for individual + nodes of the instance. + type: string + pscAutoConnections: + description: Output only. Resource details of the auto-created + PSC connections. + items: + properties: + connectionType: + description: Output only. Type of the PSC connection. + type: string + forwardingRule: + description: 'Output only. The URI of the consumer side + forwarding rule. Format: projects/{project}/regions/{region}/forwardingRules/{forwarding_rule}' + type: string + ipAddress: + description: Output only. The IP allocated on the consumer + network for the PSC forwarding rule. + type: string + network: + description: Required. The network where the PSC endpoints + are created, in the form of projects/{project_id}/global/networks/{network_id}. + type: string + port: + description: Optional. Output only. port will only be set + for Primary/Reader or Discovery endpoint. + format: int32 + type: integer + projectID: + description: Required. The consumer project_id where PSC + connections are established. This should be the same project_id + that the cluster is being created in. + type: string + pscConnectionID: + description: Output only. The PSC connection id of the forwarding + rule connected to the service attachment. + type: string + pscConnectionStatus: + description: 'Output only. The status of the PSC connection: + whether a connection exists and ACTIVE or it no longer + exists. Please note that this value is updated periodically. + Please use Private Service Connect APIs for the latest + status.' + type: string + serviceAttachment: + description: Output only. The service attachment which is + the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + type: string + type: object + type: array + state: + description: Output only. Current state of the instance. + type: string + stateInfo: + description: Output only. Additional information about the state + of the instance. + properties: + updateInfo: + description: Output only. Describes ongoing update when instance + state is UPDATING. + properties: + targetReplicaCount: + description: Output only. Target number of replica nodes + per shard for the instance. + format: int32 + type: integer + targetShardCount: + description: Output only. Target number of shards for + the instance. + format: int32 + type: integer + type: object + type: object + transitEncryptionMode: + description: Optional. Immutable. In-transit encryption mode of + the instance. + type: string + uid: + description: Output only. System assigned, unique identifier for + the instance. + type: string + updateTime: + description: Output only. Latest update timestamp of the instance. + type: string + zoneDistributionConfig: + description: Optional. Immutable. Zone distribution configuration + of the instance for node allocation. + properties: + mode: + description: Optional. Current zone distribution mode. Defaults + to MULTI_ZONE. + type: string + zone: + description: Optional. Defines zone where all resources will + be allocated with SINGLE_ZONE mode. Ignored for MULTI_ZONE + mode. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90337,7 +93968,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -91274,7 +94905,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -99349,7 +102980,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99540,7 +103171,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99835,7 +103466,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99962,7 +103593,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -100263,7 +103894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100834,7 +104465,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100993,7 +104624,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101372,7 +105003,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101554,7 +105185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -101631,7 +105262,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -101901,7 +105532,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102288,7 +105919,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102563,7 +106194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102821,7 +106452,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -103050,7 +106681,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -103294,7 +106925,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103531,7 +107162,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103878,7 +107509,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -104785,7 +108416,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105106,7 +108737,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105332,7 +108963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105799,7 +109430,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106533,7 +110164,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106709,7 +110340,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107039,7 +110670,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107360,7 +110991,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -107580,7 +111211,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -107741,7 +111372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -108099,7 +111730,7 @@ spec: type: string type: object id: - description: Required. ID of the artifact, which the installation + description: Required. Id of the artifact, which the installation and update steps of this recipe can reference. Artifacts in a recipe cannot have the same id. type: string @@ -108510,7 +112141,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -109512,7 +113143,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -110203,7 +113834,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -110339,7 +113970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -110842,7 +114473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -111847,7 +115478,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -112758,7 +116389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -113174,7 +116805,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113259,7 +116890,374 @@ spec: description: Optional. Whether the approvers need to provide a justification for their actions. type: boolean - step: + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. + type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: description: Optional. List of approval steps in this workflow. These steps are followed in the specified order sequentially. Only 1 step is supported. @@ -113564,7 +117562,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113789,7 +117787,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113945,7 +117943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114112,7 +118110,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114316,7 +118314,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114471,7 +118469,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114979,7 +118977,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115196,7 +119194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -115450,7 +119448,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115607,7 +119605,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -115946,7 +119944,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -116152,7 +120150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116670,7 +120668,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116848,7 +120846,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117129,7 +121127,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118174,7 +122172,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119304,7 +123302,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119617,7 +123615,8 @@ spec: type: object type: array ttl: - description: Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret]. + description: 'Input only. A duration in seconds with up to nine fractional + digits, ending with ''s''. Example: "3.5s".' type: string versionAliases: additionalProperties: @@ -119685,6 +123684,11 @@ spec: observedState: description: ObservedState is the state of the resource as most recently observed in GCP. + properties: + versionAliases: + additionalProperties: + type: string + type: object type: object type: object type: object @@ -119697,7 +123701,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119711,6 +123715,7 @@ spec: categories: - gcp kind: SecretManagerSecretVersion + listKind: SecretManagerSecretVersionList plural: secretmanagersecretversions shortNames: - gcpsecretmanagersecretversion @@ -119738,55 +123743,52 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SecretManagerSecretVersion is the Schema for the SecretManagerSecretVersion + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SecretManagerSecretVersionSpec defines the desired state + of SecretManagerSecretVersion properties: deletionPolicy: - description: |- - The deletion policy for the secret version. Setting 'ABANDON' allows the resource - to be abandoned rather than deleted. Setting 'DISABLE' allows the resource to be - disabled rather than deleted. Default is 'DELETE'. Possible values are: - * DELETE - * DISABLE - * ABANDON. + description: 'DEPRECATED. You do not need to set this field in direct + reconciler mode. Use delete-policy annotation instead. https://cloud.google.com/config-connector/docs/how-to/managing-deleting-resources#keeping_resources_after_deletion + The deletion policy for the secret version. Setting ''ABANDON'' + allows the resource to be abandoned rather than deleted. Setting + ''DISABLE'' allows the resource to be disabled rather than deleted. + Default is ''DELETE''. Possible values are: * DELETE * DISABLE * + ABANDON.' type: string enabled: - description: The current state of the SecretVersion. + description: Should enable or disable the current SecretVersion. - + Enabled version can be accessed and described. - Disabled version + cannot be accessed, but the secret's contents still exist type: boolean isSecretDataBase64: - description: Immutable. If set to 'true', the secret data is expected - to be base64-encoded string and would be sent as is. + description: DEPRECATED. You do not need to set this field in direct + reconciler mode. type: boolean resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: The SecretVersion number. If given, Config Connector + acquires the resource from the Secret Manager service. If not given, + Config Connector adds a new secret version to the GCP service, and + you can find out the version number from `status.observedState.version` type: string secretData: - description: Immutable. The secret data. Must be no larger than 64KiB. - oneOf: - - not: - required: - - valueFrom - required: - - value - - not: - required: - - value - required: - - valueFrom + description: The actual secret data. Config Connector supports secret + data stored in Kubernetes secret or plain data (base64) properties: value: description: Value of the field. Cannot be used if 'valueFrom' @@ -119807,13 +123809,15 @@ spec: description: Name of the Secret to extract a value from. type: string required: - - name - key + - name type: object type: object type: object secretRef: - description: Secret Manager secret resource + description: The resource name of the [Secret][google.cloud.secretmanager.v1.Secret] + to create a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + for. oneOf: - not: required: @@ -119830,25 +123834,24 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `SecretManagerSecret` - resource.' + description: A reference to an externally managed SecretManagerSecret + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/secrets/{{secretID}}". type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The name of a SecretManagerSecret resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The namespace of a SecretManagerSecret resource. type: string type: object - required: - - secretData - - secretRef type: object status: + description: SecretManagerSecretVersionStatus defines the config connector + machine state of SecretManagerSecretVersion properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -119873,16 +123876,20 @@ spec: type: object type: array createTime: - description: The time at which the Secret was created. + description: 'DEPRECATING NOTE: Please use status.observedState.createTime + instead.' type: string destroyTime: - description: The time at which the Secret was destroyed. Only present - if state is DESTROYED. + description: 'DEPRECATING NOTE: Please use status.observedState.destroyTime + instead.' + type: string + externalRef: + description: A unique specifier for the SecretManagerSecretVersion + resource in GCP. type: string name: - description: |- - The resource name of the SecretVersion. Format: - 'projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}'. + description: 'DEPRECATING NOTE: Please use status.observedState.name + instead.' type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -119890,9 +123897,121 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clientSpecifiedPayloadChecksum: + description: Output only. True if payload checksum specified in + [SecretPayload][google.cloud.secretmanager.v1.SecretPayload] + object has been received by [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService] + on [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + type: boolean + createTime: + description: Output only. The time at which the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was created. + type: string + customerManagedEncryption: + description: Output only. The customer-managed encryption status + of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used and [Secret][google.cloud.secretmanager.v1.Secret] + is a Regionalised Secret. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of the Cloud KMS + CryptoKeyVersion used to encrypt the secret payload, in + the following format: `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + destroyTime: + description: Output only. The time this [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was destroyed. Only present if [state][google.cloud.secretmanager.v1.SecretVersion.state] + is [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED]. + type: string + name: + description: |- + Output only. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the + format `projects/*/secrets/*/versions/*`. + + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] IDs in a + [Secret][google.cloud.secretmanager.v1.Secret] start at 1 and are + incremented for each subsequent version of the secret. + type: string + replicationStatus: + description: The replication status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + properties: + automatic: + description: |- + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with + automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has an automatic + replication policy. + properties: + customerManagedEncryption: + description: Output only. The customer-managed encryption + status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of the Cloud + KMS CryptoKeyVersion used to encrypt the secret + payload, in the following format: `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + type: object + userManaged: + description: |- + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with + user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has a user-managed + replication policy. + properties: + replicas: + description: Output only. The list of replica statuses + for the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + items: + properties: + customerManagedEncryption: + description: Output only. The customer-managed encryption + status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption + is used. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of + the Cloud KMS CryptoKeyVersion used to encrypt + the secret payload, in the following format: + `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + location: + description: 'Output only. The canonical ID of the + replica location. For example: `"us-east1"`.' + type: string + type: object + type: array + type: object + type: object + scheduledDestroyTime: + description: Optional. Output only. Scheduled destroy time for + secret version. This is a part of the Delayed secret version + destroy feature. For a Secret with a valid version destroy TTL, + when a secert version is destroyed, the version is moved to + disabled state and it is scheduled for destruction. The version + is destroyed only after the `scheduled_destroy_time`. + type: string + type: object version: - description: The version of the Secret. + description: DEPRECATED. type: string type: object required: @@ -119902,18 +124021,588 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerinstances.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerInstance + listKind: SecureSourceManagerInstanceList + plural: securesourcemanagerinstances + shortNames: + - gcpsecuresourcemanagerinstance + - gcpsecuresourcemanagerinstances + singular: securesourcemanagerinstance + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerInstance is the Schema for the SecureSourceManagerInstance + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerInstanceSpec defines the desired state + of SecureSourceManagerInstance + properties: + kmsKeyRef: + description: Optional. Immutable. Customer-managed encryption key + name. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - location + - projectRef + type: object + status: + description: SecureSourceManagerInstanceStatus defines the config connector + machine state of SecureSourceManagerInstance + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerInstance + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + hostConfig: + description: Output only. A list of hostnames for this instance. + properties: + api: + description: 'Output only. API hostname. This is the hostname + to use for **Host: Data Plane** endpoints.' + type: string + gitHTTP: + description: Output only. Git HTTP hostname. + type: string + gitSSH: + description: Output only. Git SSH hostname. + type: string + html: + description: Output only. HTML hostname. + type: string + type: object + state: + description: Output only. Current state of the instance. + type: string + stateNote: + description: Output only. An optional field providing information + about the current instance state. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerRepository + listKind: SecureSourceManagerRepositoryList + plural: securesourcemanagerrepositories + shortNames: + - gcpsecuresourcemanagerrepository + - gcpsecuresourcemanagerrepositories + singular: securesourcemanagerrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerRepositorySpec defines the desired state + of SecureSourceManagerRepository + properties: + initialConfig: + description: Input only. Initial configurations for the repository. + properties: + defaultBranch: + description: Default branch name of the repository. + type: string + gitignores: + description: 'List of gitignore template names user can choose + from. Valid values: actionscript, ada, agda, android, anjuta, + ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, + atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, + c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, + c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, + concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, + dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, + drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, + godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, + igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, + jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, + joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, + ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, + lemon-stand, libre-office, lilypond, linux, lithium, logtalk, + lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + mercurial, mercury, metals, meta-programming-system, meteor, + microsoft-office, model-sim, momentics, mono-develop, nanoc, + net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, + ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, + packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, + plone, prestashop, processing, psoc-creator, puppet, pure-script, + putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, + redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, + scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, + smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, + svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, + tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, + typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, + virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + web-methods, windows, word-press, xcode, xilinx, xilinx-ise, + xojo, yeoman, yii, zend-framework, zephir.' + items: + type: string + type: array + license: + description: 'License template name user can choose from. Valid + values: license-0bsd, license-389-exception, aal, abstyles, + adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, + antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, + apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, + artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, + borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, + bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, + caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, + cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, + cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, + cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, + cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, + cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, + cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, + cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, + cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, + cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, + cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, + clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, + condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, + cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, + cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, + doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, + efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, + erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, + eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, + frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, + fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, + gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, + gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, + gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, + gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, + gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, + glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, + gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, + ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, + intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, + jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, + lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, + lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, + libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, + liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, + lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, + lppl-1-3c, lzma-exception, make-index, mif-exception, miros, + mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, + mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, + mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, + mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, + ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, + occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, + ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, + ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, + ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, + oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, + oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, + openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, + osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, + parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, + polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, + ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, + qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, + rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, + sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, + sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, + sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, + spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, + swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, + tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, + unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, + w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, + x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, + ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, + zpl-1-1, zpl-2-0, zpl-2-1.' + type: string + readme: + description: 'README template name. Valid template name(s) are: + default.' + type: string + type: object + instanceRef: + description: The name of the instance in which the repository is hosted, + formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed SecureSourceManagerInstance + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/instances/{{instanceID}}". + type: string + name: + description: The name of a SecureSourceManagerInstance resource. + type: string + namespace: + description: The namespace of a SecureSourceManagerInstance resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The SecureSourceManagerRepository name. If + not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - instanceRef + - location + - projectRef + type: object + status: + description: SecureSourceManagerRepositoryStatus defines the config connector + machine state of SecureSourceManagerRepository + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerRepository + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + etag: + description: Output only. This checksum is computed by the server + based on the value of other fields, and may be sent on update + and delete requests to ensure the client has an up-to-date value + before proceeding. + type: string + uid: + description: Output only. Unique identifier of the repository. + type: string + uris: + description: Output only. URIs for the repository. + properties: + api: + description: Output only. API is the URI for API access. + type: string + gitHTTPS: + description: Output only. git_https is the git HTTPS URI for + git operations. + type: string + html: + description: Output only. HTML is the URI for user to view + the repository in a browser. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120118,7 +124807,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120281,7 +124970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120501,7 +125190,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120658,7 +125347,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120810,7 +125499,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120957,7 +125646,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121135,7 +125824,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121276,7 +125965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121458,7 +126147,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121657,7 +126346,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121866,11 +126555,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: spannerinstances.spanner.cnrm.cloud.google.com @@ -121880,6 +126568,7 @@ spec: categories: - gcp kind: SpannerInstance + listKind: SpannerInstanceList plural: spannerinstances shortNames: - gcpspannerinstance @@ -121907,53 +126596,63 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SpannerInstance is the Schema for the SpannerInstance API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SpannerInstanceSpec defines the desired state of SpannerInstance properties: config: - description: |- - Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines the geographic placement and - replication of your databases in this instance. It determines where your data - is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. - In order to obtain a valid list please consult the - [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). + description: Immutable. The name of the instance's configuration (similar + but not quite the same as a region) which defines the geographic + placement and replication of your databases in this instance. It + determines where your data is stored. Values are typically of the + form 'regional-europe-west1' , 'us-central' etc. In order to obtain + a valid list please consult the [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). type: string + x-kubernetes-validations: + - message: Config field is immutable + rule: self == oldSelf displayName: - description: |- - The descriptive name for this instance as it appears in UIs. Must be - unique per project and between 4 and 30 characters in length. + description: The descriptive name for this instance as it appears + in UIs. Must be unique per project and between 4 and 30 characters + in length. type: string numNodes: + format: int32 type: integer processingUnits: + format: int32 type: integer resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SpannerInstance name. If not given, the + metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - config - displayName type: object status: + description: SpannerInstanceStatus defines the config connector machine + state of SpannerInstance properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the SpannerInstance's current state. items: properties: lastTransitionTime: @@ -121977,13 +126676,22 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the SpannerInstance resource in + GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object state: description: 'Instance status: ''CREATING'' or ''READY''.' type: string @@ -121995,18 +126703,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122177,7 +126879,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122721,7 +127423,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -122998,7 +127700,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123174,7 +127876,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123415,7 +128117,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123585,7 +128287,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123992,7 +128694,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124178,7 +128880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124346,7 +129048,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124549,7 +129251,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124711,7 +129413,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125349,7 +130051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125532,7 +130234,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125709,7 +130411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125874,7 +130576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126048,7 +130750,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126268,7 +130970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126655,7 +131357,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127102,7 +131804,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127247,7 +131949,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127483,7 +132185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127698,7 +132400,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127886,7 +132588,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128396,7 +133098,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128578,7 +133280,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128768,7 +133470,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129047,7 +133749,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129239,7 +133941,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129312,6 +134014,335 @@ spec: description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) that are applied to the workstation cluster and that are also propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + location: + description: The location of the cluster. + type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object + privateClusterConfig: + description: Optional. Configuration for private workstation cluster. + properties: + allowedProjects: + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. + items: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + type: array + enablePrivateEndpoint: + description: Immutable. Whether Workstations endpoint is private. + type: boolean + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceID: + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object + required: + - networkRef + - projectRef + - subnetworkRef + type: object + status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster + properties: + annotations: + description: Optional. Client-specified annotations. items: properties: key: @@ -129322,6 +134353,23 @@ spec: type: string type: object type: array + displayName: + description: Optional. Human-readable name for this workstation cluster. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array location: description: The location of the cluster. type: string @@ -129346,7 +134394,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -129567,6 +134615,7 @@ spec: code: description: The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. + format: int32 type: integer message: description: A developer-facing error message, which should @@ -129602,3 +134651,1699 @@ spec: storage: true subresources: status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: workstationconfigs.workstations.cnrm.cloud.google.com +spec: + group: workstations.cnrm.cloud.google.com + names: + categories: + - gcp + kind: WorkstationConfig + listKind: WorkstationConfigList + plural: workstationconfigs + shortNames: + - gcpworkstationconfig + - gcpworkstationconfigs + singular: workstationconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: WorkstationConfig is the Schema for the WorkstationConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationConfigSpec defines the desired state of WorkstationConfig + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + container: + description: Optional. Container that runs upon startup for each workstation + using this workstation configuration. + properties: + args: + description: Optional. Arguments passed to the entrypoint. + items: + type: string + type: array + command: + description: Optional. If set, overrides the default ENTRYPOINT + specified by the image. + items: + type: string + type: array + env: + description: Optional. Environment variables passed to the container's + entrypoint. + items: + properties: + name: + description: Name is the name of the environment variable. + type: string + value: + description: Value is the value of the environment variable. + type: string + type: object + type: array + image: + description: |- + Optional. A Docker container image that defines a custom environment. + + Cloud Workstations provides a number of + [preconfigured + images](https://cloud.google.com/workstations/docs/preconfigured-base-images), + but you can create your own + [custom container + images](https://cloud.google.com/workstations/docs/custom-container-images). + If using a private image, the `host.gceInstance.serviceAccount` field + must be specified in the workstation configuration and must have + permission to pull the specified image. Otherwise, the image must be + publicly accessible. + type: string + runAsUser: + description: Optional. If set, overrides the USER specified in + the image with the given uid. + format: int32 + type: integer + workingDir: + description: Optional. If set, overrides the default DIR specified + by the image. + type: string + type: object + displayName: + description: Optional. Human-readable name for this workstation configuration. + type: string + encryptionKey: + description: |- + Immutable. Encrypts resources of this workstation configuration using a + customer-managed encryption key (CMEK). + + If specified, the boot disk of the Compute Engine instance and the + persistent disk are encrypted using this encryption key. If + this field is not set, the disks are encrypted using a generated + key. Customer-managed encryption keys do not protect disk metadata. + + If the customer-managed encryption key is rotated, when the workstation + instance is stopped, the system attempts to recreate the + persistent disk with the new version of the key. Be sure to keep + older versions of the key until the persistent disk is recreated. + Otherwise, data on the persistent disk might be lost. + + If the encryption key is revoked, the workstation session automatically + stops within 7 hours. + + Immutable after the workstation configuration is created. + properties: + kmsCryptoKeyRef: + description: Immutable. A reference to the Google Cloud KMS encryption + key. For example, `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. + The key must be in the same region as the workstation configuration. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + serviceAccountRef: + description: Immutable. A reference to a service account to use + with the specified KMS key. We recommend that you use a separate + service account and follow KMS best practices. For more information, + see [Separation of duties](https://cloud.google.com/kms/docs/separation-of-duties) + and `gcloud kms keys add-iam-policy-binding` [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + host: + description: Optional. Runtime host for the workstation. + properties: + gceInstance: + description: Specifies a Compute Engine instance as the host. + properties: + bootDiskSizeGB: + description: Optional. The size of the boot disk for the VM + in gigabytes (GB). The minimum boot disk size is `30` GB. + Defaults to `50` GB. + format: int32 + type: integer + confidentialInstanceConfig: + description: Optional. A set of Compute Engine Confidential + VM instance options. + properties: + enableConfidentialCompute: + description: Optional. Whether the instance has confidential + compute enabled. + type: boolean + type: object + disablePublicIPAddresses: + description: Optional. When set to true, disables public IP + addresses for VMs. If you disable public IP addresses, you + must set up Private Google Access or Cloud NAT on your network. + If you use Private Google Access and you use `private.googleapis.com` + or `restricted.googleapis.com` for Container Registry and + Artifact Registry, make sure that you set up DNS records + for domains `*.gcr.io` and `*.pkg.dev`. Defaults to false + (VMs have public IP addresses). + type: boolean + enableNestedVirtualization: + description: |- + Optional. Whether to enable nested virtualization on Cloud Workstations + VMs created under this workstation configuration. + + Nested virtualization lets you run virtual machine (VM) instances + inside your workstation. Before enabling nested virtualization, + consider the following important considerations. Cloud Workstations + instances are subject to the [same restrictions as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + + * **Organization policy**: projects, folders, or + organizations may be restricted from creating nested VMs if the + **Disable VM nested virtualization** constraint is enforced in + the organization policy. For more information, see the + Compute Engine section, + [Checking whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. + * **Machine Type**: nested virtualization can only be enabled on + workstation configurations that specify a + [machine_type][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.machine_type] + in the N1 or N2 machine series. + * **GPUs**: nested virtualization may not be enabled on workstation + configurations with accelerators. + * **Operating System**: Because + [Container-Optimized + OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) + does not support nested virtualization, when nested virtualization is + enabled, the underlying Compute Engine VM instances boot from an + [Ubuntu + LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) + image. + type: boolean + machineType: + description: Optional. The type of machine to use for VM instances—for + example, `"e2-standard-4"`. For more information about machine + types that Cloud Workstations supports, see the list of + [available machine types](https://cloud.google.com/workstations/docs/available-machine-types). + type: string + poolSize: + description: Optional. The number of VMs that the system should + keep idle so that new workstations can be started quickly + for new users. Defaults to `0` in the API. + format: int32 + type: integer + serviceAccountRef: + description: |- + Optional. A reference to the service account for Cloud + Workstations VMs created with this configuration. When specified, be + sure that the service account has `logginglogEntries.create` permission + on the project so it can write logs out to Cloud Logging. If using a + custom container image, the service account must have permissions to + pull the specified image. + + If you as the administrator want to be able to `ssh` into the + underlying VM, you need to set this value to a service account + for which you have the `iam.serviceAccounts.actAs` permission. + Conversely, if you don't want anyone to be able to `ssh` into the + underlying VM, use a service account where no one has that + permission. + + If not set, VMs run with a service account provided by the + Cloud Workstations service, and the image must be publicly + accessible. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` + resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + serviceAccountScopes: + description: Optional. Scopes to grant to the [service_account][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.service_account]. + Various scopes are automatically added based on feature + usage. When specified, users of workstations under this + configuration must have `iam.serviceAccounts.actAs` on the + service account. + items: + type: string + type: array + shieldedInstanceConfig: + description: Optional. A set of Compute Engine Shielded instance + options. + properties: + enableIntegrityMonitoring: + description: Optional. Whether the instance has integrity + monitoring enabled. + type: boolean + enableSecureBoot: + description: Optional. Whether the instance has Secure + Boot enabled. + type: boolean + enableVTPM: + description: Optional. Whether the instance has the vTPM + enabled. + type: boolean + type: object + tags: + description: Optional. Network tags to add to the Compute + Engine VMs backing the workstations. This option applies + [network tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) + to VMs created with this configuration. These network tags + enable the creation of [firewall rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). + items: + type: string + type: array + type: object + type: object + idleTimeout: + description: |- + Optional. Number of seconds to wait before automatically stopping a + workstation after it last received user traffic. + + A value of `"0s"` indicates that Cloud Workstations VMs created with this + configuration should never time out due to idleness. + Provide + [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) + terminated by `s` for seconds—for example, `"7200s"` (2 hours). + The default is `"1200s"` (20 minutes). + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation configuration and that are also + propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationCluster + for this WorkstationConfig. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationCluster + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}". + type: string + name: + description: The name of a WorkstationCluster resource. + type: string + namespace: + description: The namespace of a WorkstationCluster resource. + type: string + type: object + persistentDirectories: + description: Optional. Directories to persist across workstation sessions. + items: + properties: + gcePD: + description: A PersistentDirectory backed by a Compute Engine + persistent disk. + properties: + diskType: + description: Optional. The [type of the persistent disk](https://cloud.google.com/compute/docs/disks#disk-types) + for the home directory. Defaults to `"pd-standard"`. + type: string + fsType: + description: Optional. Type of file system that the disk + should be formatted with. The workstation image must support + this file system type. Must be empty if [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. Defaults to `"ext4"`. + type: string + reclaimPolicy: + description: Optional. Whether the persistent disk should + be deleted when the workstation is deleted. Valid values + are `DELETE` and `RETAIN`. Defaults to `DELETE`. + type: string + sizeGB: + description: |- + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. + + Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. + Defaults to `200`. If less than `200` GB, the + [disk_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.disk_type] + must be + `"pd-balanced"` or `"pd-ssd"`. + format: int32 + type: integer + sourceSnapshot: + description: Optional. Name of the snapshot to use as the + source for the disk. If set, [size_gb][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.size_gb] + and [fs_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.fs_type] + must be empty. + type: string + type: object + mountPath: + description: Optional. Location of this directory in the running + workstation. + type: string + type: object + type: array + readinessChecks: + description: Optional. Readiness checks to perform when starting a + workstation using this workstation configuration. Mark a workstation + as running only after all specified readiness checks return 200 + status codes. + items: + properties: + path: + description: Optional. Path to which the request should be sent. + type: string + port: + description: Optional. Port to which the request should be sent. + format: int32 + type: integer + type: object + type: array + replicaZones: + description: |- + Optional. Immutable. Specifies the zones used to replicate the VM and disk + resources within the region. If set, exactly two zones within the + workstation cluster's region must be specified—for example, + `['us-central1-a', 'us-central1-f']`. If this field is empty, two default + zones within the region are used. + + Immutable after the workstation configuration is created. + items: + type: string + type: array + resourceID: + description: Immutable. The WorkstationConfig name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + runningTimeout: + description: |- + Optional. Number of seconds that a workstation can run until it is + automatically shut down. We recommend that workstations be shut down daily + to reduce costs and so that security updates can be applied upon restart. + The + [idle_timeout][google.cloud.workstations.v1.WorkstationConfig.idle_timeout] + and + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + fields are independent of each other. Note that the + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + field shuts down VMs after the specified time, regardless of whether or not + the VMs are idle. + + Provide duration terminated by `s` for seconds—for example, `"54000s"` + (15 hours). Defaults to `"43200s"` (12 hours). A value of `"0s"` indicates + that workstations using this configuration should never time out. If + [encryption_key][google.cloud.workstations.v1.WorkstationConfig.encryption_key] + is set, it must be greater than `"0s"` and less than + `"86400s"` (24 hours). + + Warning: A value of `"0s"` indicates that Cloud Workstations VMs created + with this configuration have no maximum running time. This is strongly + discouraged because you incur costs and will not pick up security updates. + type: string + required: + - parentRef + type: object + status: + description: WorkstationConfigStatus defines the config connector machine + state of WorkstationConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation configuration + was created. + type: string + degraded: + description: Output only. Whether this resource is degraded, in + which case it may require user action to restore full functionality. + See also the [conditions][google.cloud.workstations.v1.WorkstationConfig.conditions] + field. + type: boolean + deleteTime: + description: Output only. Time when this workstation configuration + was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the current + resource state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + host: + description: Output only. Observed state of the runtime host for + the workstation configuration. + properties: + gceInstance: + description: Output only. Observed state of the Compute Engine + runtime host for the workstation configuration. + properties: + pooledInstances: + description: Output only. Number of instances currently + available in the pool for faster workstation startup. + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. A system-assigned unique identifier + for this workstation configuration. + type: string + updateTime: + description: Output only. Time when this workstation configuration + was most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationConfig is the Schema for the WorkstationConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationConfigSpec defines the desired state of WorkstationConfig + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + container: + description: Optional. Container that runs upon startup for each workstation + using this workstation configuration. + properties: + args: + description: Optional. Arguments passed to the entrypoint. + items: + type: string + type: array + command: + description: Optional. If set, overrides the default ENTRYPOINT + specified by the image. + items: + type: string + type: array + env: + description: Optional. Environment variables passed to the container's + entrypoint. + items: + properties: + name: + description: Name is the name of the environment variable. + type: string + value: + description: Value is the value of the environment variable. + type: string + type: object + type: array + image: + description: |- + Optional. A Docker container image that defines a custom environment. + + Cloud Workstations provides a number of + [preconfigured + images](https://cloud.google.com/workstations/docs/preconfigured-base-images), + but you can create your own + [custom container + images](https://cloud.google.com/workstations/docs/custom-container-images). + If using a private image, the `host.gceInstance.serviceAccount` field + must be specified in the workstation configuration and must have + permission to pull the specified image. Otherwise, the image must be + publicly accessible. + type: string + runAsUser: + description: Optional. If set, overrides the USER specified in + the image with the given uid. + format: int32 + type: integer + workingDir: + description: Optional. If set, overrides the default DIR specified + by the image. + type: string + type: object + displayName: + description: Optional. Human-readable name for this workstation configuration. + type: string + encryptionKey: + description: |- + Immutable. Encrypts resources of this workstation configuration using a + customer-managed encryption key (CMEK). + + If specified, the boot disk of the Compute Engine instance and the + persistent disk are encrypted using this encryption key. If + this field is not set, the disks are encrypted using a generated + key. Customer-managed encryption keys do not protect disk metadata. + + If the customer-managed encryption key is rotated, when the workstation + instance is stopped, the system attempts to recreate the + persistent disk with the new version of the key. Be sure to keep + older versions of the key until the persistent disk is recreated. + Otherwise, data on the persistent disk might be lost. + + If the encryption key is revoked, the workstation session automatically + stops within 7 hours. + + Immutable after the workstation configuration is created. + properties: + kmsCryptoKeyRef: + description: Immutable. A reference to the Google Cloud KMS encryption + key. For example, `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. + The key must be in the same region as the workstation configuration. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + serviceAccountRef: + description: Immutable. A reference to a service account to use + with the specified KMS key. We recommend that you use a separate + service account and follow KMS best practices. For more information, + see [Separation of duties](https://cloud.google.com/kms/docs/separation-of-duties) + and `gcloud kms keys add-iam-policy-binding` [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + host: + description: Optional. Runtime host for the workstation. + properties: + gceInstance: + description: Specifies a Compute Engine instance as the host. + properties: + bootDiskSizeGB: + description: Optional. The size of the boot disk for the VM + in gigabytes (GB). The minimum boot disk size is `30` GB. + Defaults to `50` GB. + format: int32 + type: integer + confidentialInstanceConfig: + description: Optional. A set of Compute Engine Confidential + VM instance options. + properties: + enableConfidentialCompute: + description: Optional. Whether the instance has confidential + compute enabled. + type: boolean + type: object + disablePublicIPAddresses: + description: Optional. When set to true, disables public IP + addresses for VMs. If you disable public IP addresses, you + must set up Private Google Access or Cloud NAT on your network. + If you use Private Google Access and you use `private.googleapis.com` + or `restricted.googleapis.com` for Container Registry and + Artifact Registry, make sure that you set up DNS records + for domains `*.gcr.io` and `*.pkg.dev`. Defaults to false + (VMs have public IP addresses). + type: boolean + enableNestedVirtualization: + description: |- + Optional. Whether to enable nested virtualization on Cloud Workstations + VMs created under this workstation configuration. + + Nested virtualization lets you run virtual machine (VM) instances + inside your workstation. Before enabling nested virtualization, + consider the following important considerations. Cloud Workstations + instances are subject to the [same restrictions as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + + * **Organization policy**: projects, folders, or + organizations may be restricted from creating nested VMs if the + **Disable VM nested virtualization** constraint is enforced in + the organization policy. For more information, see the + Compute Engine section, + [Checking whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. + * **Machine Type**: nested virtualization can only be enabled on + workstation configurations that specify a + [machine_type][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.machine_type] + in the N1 or N2 machine series. + * **GPUs**: nested virtualization may not be enabled on workstation + configurations with accelerators. + * **Operating System**: Because + [Container-Optimized + OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) + does not support nested virtualization, when nested virtualization is + enabled, the underlying Compute Engine VM instances boot from an + [Ubuntu + LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) + image. + type: boolean + machineType: + description: Optional. The type of machine to use for VM instances—for + example, `"e2-standard-4"`. For more information about machine + types that Cloud Workstations supports, see the list of + [available machine types](https://cloud.google.com/workstations/docs/available-machine-types). + type: string + poolSize: + description: Optional. The number of VMs that the system should + keep idle so that new workstations can be started quickly + for new users. Defaults to `0` in the API. + format: int32 + type: integer + serviceAccountRef: + description: |- + Optional. A reference to the service account for Cloud + Workstations VMs created with this configuration. When specified, be + sure that the service account has `logginglogEntries.create` permission + on the project so it can write logs out to Cloud Logging. If using a + custom container image, the service account must have permissions to + pull the specified image. + + If you as the administrator want to be able to `ssh` into the + underlying VM, you need to set this value to a service account + for which you have the `iam.serviceAccounts.actAs` permission. + Conversely, if you don't want anyone to be able to `ssh` into the + underlying VM, use a service account where no one has that + permission. + + If not set, VMs run with a service account provided by the + Cloud Workstations service, and the image must be publicly + accessible. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` + resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + serviceAccountScopes: + description: Optional. Scopes to grant to the [service_account][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.service_account]. + Various scopes are automatically added based on feature + usage. When specified, users of workstations under this + configuration must have `iam.serviceAccounts.actAs` on the + service account. + items: + type: string + type: array + shieldedInstanceConfig: + description: Optional. A set of Compute Engine Shielded instance + options. + properties: + enableIntegrityMonitoring: + description: Optional. Whether the instance has integrity + monitoring enabled. + type: boolean + enableSecureBoot: + description: Optional. Whether the instance has Secure + Boot enabled. + type: boolean + enableVTPM: + description: Optional. Whether the instance has the vTPM + enabled. + type: boolean + type: object + tags: + description: Optional. Network tags to add to the Compute + Engine VMs backing the workstations. This option applies + [network tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) + to VMs created with this configuration. These network tags + enable the creation of [firewall rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). + items: + type: string + type: array + type: object + type: object + idleTimeout: + description: |- + Optional. Number of seconds to wait before automatically stopping a + workstation after it last received user traffic. + + A value of `"0s"` indicates that Cloud Workstations VMs created with this + configuration should never time out due to idleness. + Provide + [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) + terminated by `s` for seconds—for example, `"7200s"` (2 hours). + The default is `"1200s"` (20 minutes). + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation configuration and that are also + propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationCluster + for this WorkstationConfig. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationCluster + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}". + type: string + name: + description: The name of a WorkstationCluster resource. + type: string + namespace: + description: The namespace of a WorkstationCluster resource. + type: string + type: object + persistentDirectories: + description: Optional. Directories to persist across workstation sessions. + items: + properties: + gcePD: + description: A PersistentDirectory backed by a Compute Engine + persistent disk. + properties: + diskType: + description: Optional. The [type of the persistent disk](https://cloud.google.com/compute/docs/disks#disk-types) + for the home directory. Defaults to `"pd-standard"`. + type: string + fsType: + description: Optional. Type of file system that the disk + should be formatted with. The workstation image must support + this file system type. Must be empty if [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. Defaults to `"ext4"`. + type: string + reclaimPolicy: + description: Optional. Whether the persistent disk should + be deleted when the workstation is deleted. Valid values + are `DELETE` and `RETAIN`. Defaults to `DELETE`. + type: string + sizeGB: + description: |- + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. + + Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. + Defaults to `200`. If less than `200` GB, the + [disk_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.disk_type] + must be + `"pd-balanced"` or `"pd-ssd"`. + format: int32 + type: integer + sourceSnapshot: + description: Optional. Name of the snapshot to use as the + source for the disk. If set, [size_gb][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.size_gb] + and [fs_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.fs_type] + must be empty. + type: string + type: object + mountPath: + description: Optional. Location of this directory in the running + workstation. + type: string + type: object + type: array + readinessChecks: + description: Optional. Readiness checks to perform when starting a + workstation using this workstation configuration. Mark a workstation + as running only after all specified readiness checks return 200 + status codes. + items: + properties: + path: + description: Optional. Path to which the request should be sent. + type: string + port: + description: Optional. Port to which the request should be sent. + format: int32 + type: integer + type: object + type: array + replicaZones: + description: |- + Optional. Immutable. Specifies the zones used to replicate the VM and disk + resources within the region. If set, exactly two zones within the + workstation cluster's region must be specified—for example, + `['us-central1-a', 'us-central1-f']`. If this field is empty, two default + zones within the region are used. + + Immutable after the workstation configuration is created. + items: + type: string + type: array + resourceID: + description: Immutable. The WorkstationConfig name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + runningTimeout: + description: |- + Optional. Number of seconds that a workstation can run until it is + automatically shut down. We recommend that workstations be shut down daily + to reduce costs and so that security updates can be applied upon restart. + The + [idle_timeout][google.cloud.workstations.v1.WorkstationConfig.idle_timeout] + and + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + fields are independent of each other. Note that the + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + field shuts down VMs after the specified time, regardless of whether or not + the VMs are idle. + + Provide duration terminated by `s` for seconds—for example, `"54000s"` + (15 hours). Defaults to `"43200s"` (12 hours). A value of `"0s"` indicates + that workstations using this configuration should never time out. If + [encryption_key][google.cloud.workstations.v1.WorkstationConfig.encryption_key] + is set, it must be greater than `"0s"` and less than + `"86400s"` (24 hours). + + Warning: A value of `"0s"` indicates that Cloud Workstations VMs created + with this configuration have no maximum running time. This is strongly + discouraged because you incur costs and will not pick up security updates. + type: string + required: + - parentRef + type: object + status: + description: WorkstationConfigStatus defines the config connector machine + state of WorkstationConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation configuration + was created. + type: string + degraded: + description: Output only. Whether this resource is degraded, in + which case it may require user action to restore full functionality. + See also the [conditions][google.cloud.workstations.v1.WorkstationConfig.conditions] + field. + type: boolean + deleteTime: + description: Output only. Time when this workstation configuration + was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the current + resource state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + host: + description: Output only. Observed state of the runtime host for + the workstation configuration. + properties: + gceInstance: + description: Output only. Observed state of the Compute Engine + runtime host for the workstation configuration. + properties: + pooledInstances: + description: Output only. Number of instances currently + available in the pool for faster workstation startup. + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. A system-assigned unique identifier + for this workstation configuration. + type: string + updateTime: + description: Output only. Time when this workstation configuration + was most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: workstations.workstations.cnrm.cloud.google.com +spec: + group: workstations.cnrm.cloud.google.com + names: + categories: + - gcp + kind: Workstation + listKind: WorkstationList + plural: workstations + shortNames: + - gcpworkstation + - gcpworkstations + singular: workstation + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: Workstation is the Schema for the Workstation API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationSpec defines the desired state of Workstation + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationConfig + for this Workstation. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationConfig + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}/workstationConfigs/{{workstationconfigID}}". + type: string + name: + description: The name of a WorkstationConfig resource. + type: string + namespace: + description: The namespace of a WorkstationConfig resource. + type: string + type: object + resourceID: + description: Immutable. The Workstation name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - parentRef + type: object + status: + description: WorkstationStatus defines the config connector machine state + of Workstation + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the Workstation resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation was created. + type: string + deleteTime: + description: Output only. Time when this workstation was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + host: + description: Output only. Host to which clients can send HTTPS + traffic that will be received by the workstation. Authorized + traffic will be received to the workstation as HTTP on port + 80. To send traffic to a different port, clients may prefix + the host with the destination port in the format `{port}-{host}`. + type: string + startTime: + description: Output only. Time when this workstation was most + recently successfully started, regardless of the workstation's + initial state. + type: string + state: + description: Output only. Current state of the workstation. + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation. + type: string + updateTime: + description: Output only. Time when this workstation was most + recently updated. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Workstation is the Schema for the Workstation API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationSpec defines the desired state of Workstation + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationConfig + for this Workstation. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationConfig + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}/workstationConfigs/{{workstationconfigID}}". + type: string + name: + description: The name of a WorkstationConfig resource. + type: string + namespace: + description: The namespace of a WorkstationConfig resource. + type: string + type: object + resourceID: + description: Immutable. The Workstation name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - parentRef + type: object + status: + description: WorkstationStatus defines the config connector machine state + of Workstation + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the Workstation resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation was created. + type: string + deleteTime: + description: Output only. Time when this workstation was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + host: + description: Output only. Host to which clients can send HTTPS + traffic that will be received by the workstation. Authorized + traffic will be received to the workstation as HTTP on port + 80. To send traffic to a different port, clients may prefix + the host with the destination port in the format `{port}-{host}`. + type: string + startTime: + description: Output only. Time when this workstation was most + recently successfully started, regardless of the workstation's + initial state. + type: string + state: + description: Output only. Current state of the workstation. + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation. + type: string + updateTime: + description: Output only. Time when this workstation was most + recently updated. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml index 7f98173bcd..7d68767ba9 100644 --- a/operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -869,6 +881,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1097,6 +1121,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1282,7 +1318,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1332,7 +1368,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1390,7 +1426,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1415,7 +1451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1445,7 +1481,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-cluster-role @@ -1476,7 +1512,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1819,6 +1855,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1995,6 +2039,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2147,6 +2199,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2272,7 +2332,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2335,7 +2395,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2353,7 +2413,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2371,7 +2431,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2394,7 +2454,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2411,7 +2471,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2428,7 +2488,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-binding @@ -2445,7 +2505,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2462,7 +2522,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2479,7 +2539,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2500,7 +2560,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2518,7 +2578,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2531,8 +2591,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2565,7 +2625,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2580,7 +2640,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2595,7 +2655,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2625,7 +2685,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2640,7 +2700,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2648,7 +2708,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2678,7 +2738,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2693,7 +2753,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2701,7 +2761,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/unmanageddetector:7a86865 + image: gcr.io/gke-release/cnrm/unmanageddetector:1.127.0 imagePullPolicy: Always name: unmanageddetector ports: @@ -2732,7 +2792,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml b/operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml similarity index 91% rename from operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml rename to operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml index df889938a2..d2d4cfba14 100644 --- a/operator/autopilot-channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 iam.gke.io/gcp-service-account: cnrm-system-${NAMESPACE?}@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -14,7 +14,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -35,7 +35,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -56,7 +56,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -75,7 +75,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -93,7 +93,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -117,7 +117,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -134,7 +134,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: diff --git a/operator/autopilot-channels/stable b/operator/autopilot-channels/stable index 3bc421e21b..006aa56966 100644 --- a/operator/autopilot-channels/stable +++ b/operator/autopilot-channels/stable @@ -1,2 +1,2 @@ manifests: - - version: 1.126.0 + - version: 1.127.0 diff --git a/operator/channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml index 2dd0c18a6b..0ede7c5082 100644 --- a/operator/channels/packages/configconnector/1.124.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.127.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google LLC +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,12 +11,11 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -25,7 +24,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-controller-manager @@ -35,7 +34,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -45,7 +44,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -55,7 +54,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -65,7 +64,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -86,7 +85,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -107,7 +106,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -619,6 +618,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -883,6 +894,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1111,6 +1134,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1296,7 +1331,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1346,7 +1381,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1404,7 +1439,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1429,7 +1464,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1459,7 +1494,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1802,6 +1837,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1978,6 +2021,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2130,6 +2181,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2255,7 +2314,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2318,7 +2377,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2336,7 +2395,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2354,7 +2413,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2377,7 +2436,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2394,7 +2453,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2411,7 +2470,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2428,7 +2487,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2445,7 +2504,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2462,7 +2521,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2479,7 +2538,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2501,7 +2560,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2522,7 +2581,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2540,7 +2599,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2553,8 +2612,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2588,7 +2647,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2603,7 +2662,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2618,7 +2677,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2648,7 +2707,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2663,7 +2722,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2676,7 +2735,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: @@ -2713,7 +2772,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2728,7 +2787,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2736,7 +2795,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2767,7 +2826,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml index e24f5ad9ca..bfbc63bc64 100644 --- a/operator/channels/packages/configconnector/1.124.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.127.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 iam.gke.io/gcp-service-account: cnrm-system@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/system: "true" @@ -22,7 +22,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -32,7 +32,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -42,7 +42,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -52,7 +52,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -73,7 +73,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -94,7 +94,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -606,6 +606,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -870,6 +882,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1098,6 +1122,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1283,7 +1319,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1333,7 +1369,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1391,7 +1427,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1416,7 +1452,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1446,7 +1482,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1789,6 +1825,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1965,6 +2009,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2117,6 +2169,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2242,7 +2302,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2305,7 +2365,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2323,7 +2383,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2341,7 +2401,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2364,7 +2424,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2381,7 +2441,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2398,7 +2458,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2415,7 +2475,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2432,7 +2492,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2449,7 +2509,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2466,7 +2526,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2488,7 +2548,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2509,7 +2569,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2527,7 +2587,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2540,8 +2600,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2593,7 +2653,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2608,7 +2668,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2623,7 +2683,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2653,7 +2713,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2668,7 +2728,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2678,7 +2738,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: @@ -2726,7 +2786,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2741,7 +2801,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2749,7 +2809,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2780,7 +2840,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.124.0/crds.yaml b/operator/channels/packages/configconnector/1.127.0/crds.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.124.0/crds.yaml rename to operator/channels/packages/configconnector/1.127.0/crds.yaml index 1497185ae9..504b90cc65 100644 --- a/operator/autopilot-channels/packages/configconnector/1.124.0/crds.yaml +++ b/operator/channels/packages/configconnector/1.127.0/crds.yaml @@ -1,4 +1,4 @@ -# Copyright 2020 Google LLC +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,12 +11,11 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -264,7 +263,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -650,7 +649,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -780,7 +779,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -949,7 +948,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1262,7 +1261,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2456,7 +2455,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2895,7 +2894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4366,7 +4365,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4955,7 +4954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5151,7 +5150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5425,7 +5424,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5584,7 +5583,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5748,7 +5747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5921,7 +5920,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6065,7 +6064,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6195,7 +6194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6323,7 +6322,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -6498,7 +6497,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6628,7 +6627,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6804,7 +6803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6933,7 +6932,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -7227,7 +7226,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7362,7 +7361,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7614,7 +7613,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7789,7 +7788,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7922,7 +7921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8623,7 +8622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8773,7 +8772,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9224,7 +9223,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9591,7 +9590,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9793,7 +9792,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9964,7 +9963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10144,7 +10143,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10159,6 +10158,9 @@ spec: kind: BigQueryAnalyticsHubDataExchange listKind: BigQueryAnalyticsHubDataExchangeList plural: bigqueryanalyticshubdataexchanges + shortNames: + - gcpbigqueryanalyticshubdataexchange + - gcpbigqueryanalyticshubdataexchanges singular: bigqueryanalyticshubdataexchange preserveUnknownFields: false scope: Namespaced @@ -10330,6 +10332,176 @@ spec: - spec type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange + properties: + description: + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. + type: string + displayName: + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the data exchange. + type: string + location: + description: Immutable. The name of the location this data exchange. + type: string + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - location + - projectRef + type: object + status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true storage: true subresources: status: {} @@ -10338,13 +10510,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com spec: group: bigqueryanalyticshub.cnrm.cloud.google.com @@ -10352,6 +10522,7 @@ spec: categories: - gcp kind: BigQueryAnalyticsHubListing + listKind: BigQueryAnalyticsHubListingList plural: bigqueryanalyticshublistings shortNames: - gcpbigqueryanalyticshublisting @@ -10379,81 +10550,103 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing properties: - bigqueryDataset: - description: Shared dataset i.e. BigQuery dataset source. - properties: - dataset: - description: Resource name of the dataset source for this listing. - e.g. projects/myproject/datasets/123. - type: string - required: - - dataset - type: object categories: - description: Categories of the listing. Up to two categories are allowed. + description: Optional. Categories of the listing. Up to two categories + are allowed. items: type: string type: array - dataExchangeId: - description: Immutable. The ID of the data exchange. Must contain - only Unicode letters, numbers (0-9), underscores (_). Should not - use characters that require URL-escaping, or characters outside - of ASCII, spaces. - type: string + dataExchangeRef: + description: BigQueryAnalyticsHubDataExchangeRef defines the resource + reference to BigQueryAnalyticsHubDataExchange, which "External" + field holds the GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed BigQueryAnalyticsHubDataExchange + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/dataexchanges/{{dataexchangeID}}". + type: string + name: + description: The name of a BigQueryAnalyticsHubDataExchange resource. + type: string + namespace: + description: The namespace of a BigQueryAnalyticsHubDataExchange + resource. + type: string + type: object dataProvider: - description: Details of the data provider who owns the source data. + description: Optional. Details of the data provider who owns the source + data. properties: name: - description: Name of the data provider. + description: Optional. Name of the data provider. type: string primaryContact: - description: Email or URL of the data provider. + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' type: string - required: - - name type: object description: - description: Short description of the listing. The description must - not contain Unicode non-characters and C0 and C1 control codes except - tabs (HT), new lines (LF), carriage returns (CR), and page breaks - (FF). + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. type: string displayName: - description: Human-readable display name of the listing. The display - name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), ampersands (&) and can't start or end - with spaces. + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' type: string documentation: - description: Documentation describing the listing. - type: string - icon: - description: Base64 encoded image representing the listing. + description: Optional. Documentation describing the listing. type: string location: - description: Immutable. The name of the location this data exchange - listing. + description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the listing. + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' type: string projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -10470,49 +10663,153 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object publisher: - description: Details of the publisher who owns the listing and who - can share the source data. + description: Optional. Details of the publisher who owns the listing + and who can share the source data. properties: name: - description: Name of the listing publisher. + description: Optional. Name of the listing publisher. type: string primaryContact: - description: Email or URL of the listing publisher. + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' type: string - required: - - name type: object requestAccess: - description: Email or URL of the request access of the listing. Subscribers - can use this reference to request access. + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' type: string resourceID: - description: Immutable. Optional. The listingId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + type: boolean + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + type: boolean + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + type: boolean + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + tableRef: + description: 'Optional. A reference to a BigQueryTable. + Format: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/{projectId}/datasets/{datasetId}/tables/{tableId}`. + type: string + name: + description: The `metadata.name` field of a `BigQueryTable` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a + `BigQueryTable` resource. + type: string + type: object + type: object + type: array + required: + - datasetRef + type: object + type: object required: - - bigqueryDataset - - dataExchangeId + - dataExchangeRef - displayName - location - projectRef + - source type: object status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10536,8 +10833,9 @@ spec: type: string type: object type: array - name: - description: The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10545,27 +10843,356 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing + properties: + categories: + description: Optional. Categories of the listing. Up to two categories + are allowed. + items: + type: string + type: array + dataExchangeRef: + description: BigQueryAnalyticsHubDataExchangeRef defines the resource + reference to BigQueryAnalyticsHubDataExchange, which "External" + field holds the GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed BigQueryAnalyticsHubDataExchange + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/dataexchanges/{{dataexchangeID}}". + type: string + name: + description: The name of a BigQueryAnalyticsHubDataExchange resource. + type: string + namespace: + description: The namespace of a BigQueryAnalyticsHubDataExchange + resource. + type: string + type: object + dataProvider: + description: Optional. Details of the data provider who owns the source + data. + properties: + name: + description: Optional. Name of the data provider. + type: string + primaryContact: + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' + type: string + type: object + description: + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. + type: string + displayName: + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the listing. + type: string + location: + description: Immutable. The name of the location this data exchange. + type: string + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' + type: string + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + publisher: + description: Optional. Details of the publisher who owns the listing + and who can share the source data. + properties: + name: + description: Optional. Name of the listing publisher. + type: string + primaryContact: + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' + type: string + type: object + requestAccess: + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' + type: string + resourceID: + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + type: boolean + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + type: boolean + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + type: boolean + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + tableRef: + description: 'Optional. A reference to a BigQueryTable. + Format: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/{projectId}/datasets/{datasetId}/tables/{tableId}`. + type: string + name: + description: The `metadata.name` field of a `BigQueryTable` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a + `BigQueryTable` resource. + type: string + type: object + type: object + type: array + required: + - datasetRef + type: object + type: object + required: + - dataExchangeRef + - displayName + - location + - projectRef + - source + type: object + status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10635,7 +11262,11 @@ spec: description: The user’s AWS IAM Role that trusts the Google-owned AWS IAM user Connection. type: string + required: + - iamRoleID type: object + required: + - accessRole type: object azure: description: Azure properties. @@ -10653,6 +11284,94 @@ spec: cloudResource: description: Use Cloud Resource properties. type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQLInstance selfLink, when not managed by + Config Connector. + type: string + name: + description: The `name` field of a `SQLInstance` resource. + type: string + namespace: + description: The `namespace` field of a `SQLInstance` resource. + type: string + type: object + type: + description: Type of the Cloud SQL database. + type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object cloudSpanner: description: Cloud Spanner properties. properties: @@ -10731,22 +11450,388 @@ spec: required: - databaseRef type: object - cloudSql: + description: + description: User provided description. + type: string + friendlyName: + description: User provided display name for the connection. + type: string + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' + type: string + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. + + Example: + + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + + Example: + + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object + type: object + required: + - location + - projectRef + type: object + status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources + properties: + aws: + description: Amazon Web Services (AWS) properties. + properties: + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. + properties: + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. + type: string + required: + - iamRoleID + type: object + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: description: Cloud SQL properties. properties: credential: description: Cloud SQL credential. properties: - password: - description: The password for the credential. + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. type: string - username: - description: The username for the credential. + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. type: string type: object - database: - description: Database name. - type: string instanceRef: description: Reference to the Cloud SQL instance ID. oneOf: @@ -10778,6 +11863,89 @@ spec: type: description: Type of the Cloud SQL database. type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: + description: |- + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). + + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. + + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean + required: + - databaseRef type: object description: description: User provided description. @@ -10824,10 +11992,12 @@ spec: type: string type: object resourceID: - description: The BigQuery ConnectionID. This is a server-generated - ID in the UUID format. If not provided, ConfigConnector will create - a new Connection and store the UUID in `status.serviceGeneratedID` - field. + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string spark: description: Spark properties. @@ -10992,7 +12162,7 @@ spec: @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com type: string type: object - cloudSql: + cloudSQL: properties: serviceAccountID: description: |- @@ -11042,7 +12212,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11216,7 +12386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11474,7 +12644,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11549,14 +12719,13 @@ spec: description: The dataset this entry applies to. properties: datasetId: - description: Required. A unique ID for this dataset, - without the project name. The ID must contain only - letters (a-z, A-Z), numbers (0-9), or underscores - (_). The maximum length is 1,024 characters. + description: A unique Id for this dataset, without the + project name. The Id must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum + length is 1,024 characters. type: string projectId: - description: Required. The ID of the project containing - this dataset. + description: The ID of the project containing this dataset. type: string required: - datasetId @@ -11612,16 +12781,14 @@ spec: an update operation.' properties: datasetId: - description: Required. The ID of the dataset containing - this routine. + description: The ID of the dataset containing this routine. type: string projectId: - description: Required. The ID of the project containing - this routine. + description: The ID of the project containing this routine. type: string routineId: - description: Required. The ID of the routine. The ID must - contain only letters (a-z, A-Z), numbers (0-9), or underscores + description: The Id of the routine. The Id must contain + only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters. type: string required: @@ -11654,20 +12821,18 @@ spec: granted again via an update operation.' properties: datasetId: - description: Required. The ID of the dataset containing - this table. + description: The ID of the dataset containing this table. type: string projectId: - description: Required. The ID of the project containing - this table. + description: The ID of the project containing this table. type: string tableId: - description: Required. The ID of the table. The ID can contain - Unicode characters in category L (letter), M (mark), N - (number), Pc (connector, including underscore), Pd (dash), - and Zs (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). + description: The Id of the table. The Id can contain Unicode + characters in category L (letter), M (mark), N (number), + Pc (connector, including underscore), Pd (dash), and Zs + (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). The maximum length is 1,024 characters. Certain operations - allow suffixing of the table ID with a partition decorator, + allow suffixing of the table Id with a partition decorator, such as `sample_table$20190123`. type: string required: @@ -11687,7 +12852,7 @@ spec: afterwards, and does not alter the existing tables. The following values are supported: - * 'und:ci': undetermined locale, case insensitive. + * 'und:ci': undetermined locale, case-insensitive. * '': empty string. Default to case-sensitive behavior. type: string defaultEncryptionConfiguration: @@ -11771,9 +12936,9 @@ spec: does not affect routine references. type: boolean location: - description: The geographic location where the dataset should reside. - See https://cloud.google.com/bigquery/docs/locations for supported - locations. + description: Optional. The geographic location where the dataset should + reside. See https://cloud.google.com/bigquery/docs/locations for + supported locations. type: string maxTimeTravelHours: description: Optional. Defines the time travel window in hours. The @@ -11781,7 +12946,7 @@ spec: is 168 hours if this is not set. type: string projectRef: - description: The project that this resource belongs to. optional. + description: ' Optional. The project that this resource belongs to.' oneOf: - not: required: @@ -11858,6 +13023,10 @@ spec: etag: description: Output only. A hash of the resource. type: string + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string lastModifiedTime: description: Output only. The date when this dataset was last modified, in milliseconds since the epoch. @@ -11871,6 +13040,16 @@ spec: the resource. format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + location: + description: Optional. If the location is not specified in the + spec, the GCP server defaults to a location and will be captured + here. + type: string + type: object selfLink: description: Output only. A URL that can be used to access the resource again. You can use this URL in Get or Update requests to the resource. @@ -11886,7 +13065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12290,6 +13469,491 @@ spec: - spec type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + scheduleOptionsV2: + description: V2 options customizing different types of data transfer + schedule. This field supports existing time-based and manual transfer + schedule. Also supports Event-Driven transfer schedule. ScheduleOptionsV2 + cannot be used together with ScheduleOptions/Schedule. + properties: + eventDrivenSchedule: + description: Event driven transfer schedule options. If set, the + transfer will be scheduled upon events arrial. + properties: + pubSubSubscriptionRef: + description: Pub/Sub subscription used to receive events. + Only Google Cloud Storage data source support this option. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/subscriptions/[subscription_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubSubscription` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubSubscription` + resource. + type: string + type: object + type: object + manualSchedule: + description: Manual transfer schedule. If set, the transfer run + will not be auto-scheduled by the system, unless the client + invokes StartManualTransferRuns. This is equivalent to disable_auto_scheduling + = true. + type: object + timeBasedSchedule: + description: Time based transfer schedule options. This is the + default schedule option. + properties: + endTime: + description: Defines time to stop scheduling transfer runs. + A transfer run cannot be scheduled at or after the end time. + The end time can be changed at any moment. + type: string + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time + according to a recurrence pattern defined in the schedule + string. The start time can be changed at any moment. + type: string + type: object + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. + type: string + error: + description: Output only. Error code with detailed information + about reason of the latest config failure. + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be localized + and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + name: + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. + type: string + nextRunTime: + description: Output only. Next time when data transfer will run. + type: string + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. + properties: + email: + description: E-mail address of the user. + type: string + type: object + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true storage: true subresources: status: {} @@ -12298,7 +13962,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13154,7 +14818,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13341,7 +15005,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13531,7 +15195,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13793,7 +15457,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14378,7 +16042,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14566,7 +16230,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14787,7 +16451,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15019,7 +16683,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15192,7 +16856,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15651,7 +17315,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15919,7 +17583,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -16344,7 +18008,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16785,7 +18449,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17138,7 +18802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17959,7 +19623,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18312,7 +19976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18551,7 +20215,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18782,7 +20446,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -19012,7 +20676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20053,9 +21717,8 @@ spec: type: string type: array location: - description: |- - Immutable. The [Cloud Build location](https://cloud.google.com/build/docs/locations) for the trigger. - If not specified, "global" is used. + description: 'Immutable. The location of the Cloud Build trigger. + If not specified, "global" is used. More info: cloud.google.com/build/docs/locations.' type: string pubsubConfig: description: |- @@ -20520,7 +22183,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20589,7 +22252,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20797,7 +22460,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20981,7 +22644,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21455,7 +23118,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21887,7 +23550,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22085,7 +23748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -22352,7 +24015,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22747,7 +24410,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22926,7 +24589,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23188,7 +24851,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -23726,7 +25389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23997,7 +25660,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24268,7 +25931,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24723,7 +26386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24993,7 +26656,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -25207,7 +26870,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26371,7 +28034,8 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `NetworkSecurityClientTLSPolicy` + description: 'Allowed value: string of the format `//networksecurity.googleapis.com/projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{value}}`, + where {{value}} is the `name` field of a `NetworkSecurityClientTLSPolicy` resource.' type: string name: @@ -26486,7 +28150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26700,7 +28364,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26877,7 +28541,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27641,7 +29305,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27792,7 +29456,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28012,7 +29676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28204,7 +29868,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28304,14 +29968,14 @@ spec: properties: external: description: A reference to an externally managed ComputeFirewallPolicy - resource. Should be in the format `locations/global/firewallPolicies/`. + resource. Should be in the format `locations/global/firewallPolicies/{{firewallPolicyID}}`. type: string name: - description: The `name` field of a `ComputeFirewall olicy ` resource. + description: The `name` field of a `ComputeFirewallPolicy` resource. type: string namespace: - description: The `namespace` field of a `ComputeFirewallPolicy - ` resource. + description: The `namespace` field of a `ComputeFirewallPolicy` + resource. type: string type: object match: @@ -28438,7 +30102,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -28543,7 +30207,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28921,7 +30585,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29225,7 +30889,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -29692,7 +31356,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29854,7 +31518,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30012,7 +31676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30476,7 +32140,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30637,7 +32301,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30798,7 +32462,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31156,7 +32820,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31935,7 +33599,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32117,7 +33781,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32320,7 +33984,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33353,7 +35017,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34385,7 +36049,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34710,7 +36374,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34927,7 +36591,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35272,7 +36936,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35482,7 +37146,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35694,7 +37358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35865,7 +37529,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36071,7 +37735,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36459,7 +38123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36640,7 +38304,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36840,7 +38504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37014,7 +38678,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37304,7 +38968,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37485,7 +39149,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37630,7 +39294,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37759,7 +39423,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37985,7 +39649,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -38385,7 +40049,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38682,7 +40346,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38800,7 +40464,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39233,7 +40897,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39410,7 +41074,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39712,7 +41376,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40009,7 +41673,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40205,7 +41869,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40419,7 +42083,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40743,7 +42407,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41035,7 +42699,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41492,7 +43156,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41848,7 +43512,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42075,7 +43739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42354,7 +44018,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42975,7 +44639,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -43322,7 +44986,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43428,7 +45092,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43572,7 +45236,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43971,7 +45635,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44189,7 +45853,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44352,7 +46016,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44646,7 +46310,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44824,7 +46488,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45003,7 +46667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45064,7 +46728,7 @@ spec: description: |- URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 certificates. Certificate manager certificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. - sslCertificates and certificateManagerCertificates fields can not be defined together. + sslCertificates and certificateManagerCertificates fields cannot be defined together. oneOf: - not: required: @@ -45100,7 +46764,7 @@ spec: can only be set for global target proxies. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificateManagerCertificates instead. - sslCertificates and certificateMap fields can not be defined together. + sslCertificates and certificateMap fields cannot be defined together. oneOf: - not: required: @@ -45361,7 +47025,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45586,7 +47250,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45841,7 +47505,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46100,7 +47764,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46114,6 +47778,7 @@ spec: categories: - gcp kind: ComputeTargetTCPProxy + listKind: ComputeTargetTCPProxyList plural: computetargettcpproxies shortNames: - gcpcomputetargettcpproxy @@ -46141,20 +47806,23 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeTargetTCPProxy is the Schema for the ComputeTargetTCPProxy + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ComputeTargetTCPProxySpec defines the desired state of ComputeTargetTCPProxy properties: backendServiceRef: description: A reference to the ComputeBackendService resource. @@ -46174,42 +47842,58 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendService` - resource.' + description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" + or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" + when not managed by Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeBackendService` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeBackendService` + resource. type: string type: object description: description: Immutable. An optional description of this resource. type: string + x-kubernetes-validations: + - message: Description is immutable + rule: self == oldSelf + location: + description: 'The geographical location of the ComputeTargetTCPProxy. + Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)' + type: string proxyBind: - description: |- - Immutable. This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + description: Immutable. This field only applies when the forwarding + rule that references this target proxy has a loadBalancingScheme + set to INTERNAL_SELF_MANAGED. type: boolean + x-kubernetes-validations: + - message: ProxyBind is immutable + rule: self == oldSelf proxyHeader: - description: |- - Specifies the type of proxy header to append before sending data to - the backend. Default value: "NONE" Possible values: ["NONE", "PROXY_V1"]. + description: 'Specifies the type of proxy header to append before + sending data to the backend. Default value: "NONE" Possible values: + ["NONE", "PROXY_V1"].' type: string resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The ComputeTargetTCPProxy name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID is immutable + rule: self == oldSelf required: - backendServiceRef type: object status: + description: ComputeTargetTCPProxyStatus defines the config connector + machine state of ComputeTargetTCPProxy properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -46236,17 +47920,24 @@ spec: creationTimestamp: description: Creation timestamp in RFC3339 text format. type: string + externalRef: + description: A unique specifier for the ComputeTargetTCPProxy resource + in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer proxyId: description: The unique identifier for the resource. + format: int64 type: integer selfLink: + description: The SelfLink for the resource. type: string type: object required: @@ -46256,18 +47947,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46428,7 +48113,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49151,7 +50836,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49355,7 +51040,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49727,7 +51412,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50043,7 +51728,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50632,7 +52317,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50868,7 +52553,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -51105,7 +52790,6 @@ spec: type: string projectRef: description: The ID of the project in which the resource belongs. - If it is not provided, the provider project is used. oneOf: - not: required: @@ -51149,6 +52833,7 @@ spec: - location - oidcConfig - platformVersion + - projectRef type: object status: description: ContainerAttachedClusterStatus defines the config connector @@ -51267,7 +52952,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53142,7 +54827,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54066,7 +55751,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54338,7 +56023,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54504,7 +56189,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54700,7 +56385,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54885,7 +56570,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55117,7 +56802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55291,7 +56976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55432,7 +57117,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -55606,7 +57291,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55892,7 +57577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -56525,7 +58210,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -56804,7 +58489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -57099,7 +58784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -58914,7 +60599,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -60856,7 +62541,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61028,7 +62713,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61629,7 +63314,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61822,7 +63507,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62756,7 +64441,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62971,7 +64656,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63156,7 +64841,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63370,7 +65055,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63565,7 +65250,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64115,7 +65800,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64335,7 +66020,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65433,7 +67118,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65642,7 +67327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65836,7 +67521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -66033,7 +67718,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -66270,7 +67955,572 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineDataStore + listKind: DiscoveryEngineDataStoreList + plural: discoveryenginedatastores + shortNames: + - gcpdiscoveryenginedatastore + - gcpdiscoveryenginedatastores + singular: discoveryenginedatastore + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineDataStore is the Schema for the DiscoveryEngineDataStore + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DiscoveryEngineDataStoreSpec defines the desired state of + DiscoveryEngineDataStore + properties: + collection: + description: Immutable. The collection for the DataStore. + type: string + x-kubernetes-validations: + - message: Collection field is immutable + rule: self == oldSelf + contentConfig: + description: Immutable. The content config of the data store. If this + field is unset, the server behavior defaults to [ContentConfig.NO_CONTENT][google.cloud.discoveryengine.v1.DataStore.ContentConfig.NO_CONTENT]. + type: string + displayName: + description: |- + Required. The data store display name. + + This field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. + type: string + industryVertical: + description: Immutable. The industry vertical that the data store + registers. + type: string + location: + description: Immutable. The location for the resource. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + projectRef: + description: The ID of the project in which the resource belongs. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The DiscoveryEngineDataStore name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + solutionTypes: + description: |- + The solutions that the data store enrolls. Available solutions for each + [industry_vertical][google.cloud.discoveryengine.v1.DataStore.industry_vertical]: + + * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` and `SOLUTION_TYPE_SEARCH`. + * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` is automatically enrolled. Other + solutions cannot be enrolled. + items: + type: string + type: array + workspaceConfig: + description: Config to store data store type configuration for workspace + data. This must be set when [DataStore.content_config][google.cloud.discoveryengine.v1.DataStore.content_config] + is set as [DataStore.ContentConfig.GOOGLE_WORKSPACE][google.cloud.discoveryengine.v1.DataStore.ContentConfig.GOOGLE_WORKSPACE]. + properties: + dasherCustomerID: + description: Obfuscated Dasher customer ID. + type: string + superAdminEmailAddress: + description: Optional. The super admin email address for the workspace + that will be used for access token generation. For now we only + use it for Native Google Drive connector data ingestion. + type: string + superAdminServiceAccount: + description: Optional. The super admin service account for the + workspace that will be used for access token generation. For + now we only use it for Native Google Drive connector data ingestion. + type: string + type: + description: The Google Workspace data source. + type: string + type: object + required: + - collection + - location + - projectRef + type: object + status: + description: DiscoveryEngineDataStoreStatus defines the config connector + machine state of DiscoveryEngineDataStore + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DiscoveryEngineDataStore resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + billingEstimation: + description: Output only. Data size estimation for billing. + properties: + structuredDataSize: + description: Data size for structured data in terms of bytes. + format: int64 + type: integer + structuredDataUpdateTime: + description: Last updated timestamp for structured data. + type: string + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: integer + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + type: string + websiteDataSize: + description: Data size for websites in terms of bytes. + format: int64 + type: integer + websiteDataUpdateTime: + description: Last updated timestamp for websites. + type: string + type: object + createTime: + description: Output only. Timestamp the [DataStore][google.cloud.discoveryengine.v1.DataStore] + was created at. + type: string + defaultSchemaID: + description: Output only. The id of the default [Schema][google.cloud.discoveryengine.v1.Schema] + associated to this data store. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryengineengines.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineEngine + listKind: DiscoveryEngineEngineList + plural: discoveryengineengines + shortNames: + - gcpdiscoveryengineengine + - gcpdiscoveryengineengines + singular: discoveryengineengine + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineEngine is the Schema for the DiscoveryEngineEngine + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DiscoveryEngineEngineSpec defines the desired state of DiscoveryEngineEngine + properties: + chatEngineConfig: + description: Configurations for the Chat Engine. Only applicable if + solution_type is SOLUTION_TYPE_CHAT. + properties: + agentCreationConfig: + description: |- + The configurationt generate the Dialogflow agent that is associated to + this Engine. + + Note that these configurations are one-time consumed by + and passed to Dialogflow service. It means they cannot be retrieved using + [EngineService.GetEngine][google.cloud.discoveryengine.v1.EngineService.GetEngine] + or + [EngineService.ListEngines][google.cloud.discoveryengine.v1.EngineService.ListEngines] + API after engine creation. + properties: + business: + description: Name of the company, organization or other entity + that the agent represents. Used for knowledge connector + LLM prompt and for knowledge search. + type: string + defaultLanguageCode: + description: Required. The default language of the agent as + a language tag. See [Language Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. + type: string + location: + description: 'Agent location for Agent creation, supported + values: global/us/eu. If not provided, us Engine will create + Agent using us-central-1 by default; eu Engine will create + Agent using eu-west-1 by default.' + type: string + timeZone: + description: Required. The time zone of the agent from the + [time zone database](https://www.iana.org/time-zones), e.g., + America/New_York, Europe/Paris. + type: string + type: object + dialogflowAgentToLink: + description: |- + The resource name of an exist Dialogflow agent to link to this Chat + Engine. Customers can either provide `agent_creation_config` to create + agent or provide an agent name that links the agent with the Chat engine. + + Format: `projects//locations//agents/`. + + Note that the `dialogflow_agent_to_link` are one-time consumed by and + passed to Dialogflow service. It means they cannot be retrieved using + [EngineService.GetEngine][google.cloud.discoveryengine.v1.EngineService.GetEngine] + or + [EngineService.ListEngines][google.cloud.discoveryengine.v1.EngineService.ListEngines] + API after engine creation. Use + [ChatEngineMetadata.dialogflow_agent][google.cloud.discoveryengine.v1.Engine.ChatEngineMetadata.dialogflow_agent] + for actual agent association after Engine is created. + type: string + type: object + collection: + description: Immutable. The collection for the Engine. + type: string + commonConfig: + description: Common config spec that specifies the metadata of the + engine. + properties: + companyName: + description: The name of the company, business or entity that + is associated with the engine. Setting this may help improve + LLM related features. + type: string + type: object + dataStoreRefs: + description: The data stores associated with this engine. For SOLUTION_TYPE_SEARCH + and SOLUTION_TYPE_RECOMMENDATION type of engines, they can only + associate with at most one data store. If solution_type is SOLUTION_TYPE_CHAT, + multiple DataStores in the same Collection can be associated here. + Note that when used in CreateEngineRequest, one DataStore must be + provided as the system will use it for necessary initializations. + items: + description: DiscoveryEngineDataStoreRef defines the resource reference + to DiscoveryEngineDataStore, which "External" field holds the + GCP identifier for the KRM object. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed DiscoveryEngineDataStore + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/datastores/{{datastoreID}}". + type: string + name: + description: The name of a DiscoveryEngineDataStore resource. + type: string + namespace: + description: The namespace of a DiscoveryEngineDataStore resource. + type: string + type: object + type: array + disableAnalytics: + description: Optional. Whether to disable analytics for searches performed + on this engine. + type: boolean + displayName: + description: Required. The display name of the engine. Should be human + readable. UTF-8 encoded string with limit of 1024 characters. + type: string + industryVertical: + description: 'The industry vertical that the engine registers. The + restriction of the Engine industry vertical is based on DataStore: + If unspecified, default to `GENERIC`. Vertical on Engine has to + match vertical of the DataStore linked to the engine.' + type: string + location: + description: Immutable. Location of the resource. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The DiscoveryEngineChatEngine name. If not + given, the metadata.name will be used. + type: string + searchEngineConfig: + description: Configurations for the Search Engine. Only applicable + if solution_type is SOLUTION_TYPE_SEARCH. + properties: + searchAddOns: + description: The add-on that this search engine enables. + items: + type: string + type: array + searchTier: + description: |- + The search feature tier of this engine. + + Different tiers might have different + pricing. To learn more, check the pricing documentation. + + Defaults to + [SearchTier.SEARCH_TIER_STANDARD][google.cloud.discoveryengine.v1.SearchTier.SEARCH_TIER_STANDARD] + if not specified. + type: string + type: object + solutionType: + description: Required. The solutions of the engine. + type: string + required: + - collection + - displayName + - location + - projectRef + - solutionType + type: object + status: + description: DiscoveryEngineEngineStatus defines the config connector + machine state of DiscoveryEngineEngine + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DiscoveryEngineEngine resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -70446,7 +72696,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -71058,7 +73308,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72534,7 +74784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72905,7 +75155,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73290,7 +75540,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73486,7 +75736,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74458,7 +76708,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74637,7 +76887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74833,7 +77083,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74956,7 +77206,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75121,7 +77371,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75657,7 +77907,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75908,7 +78158,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76147,7 +78397,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76327,7 +78577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76551,7 +78801,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -76693,7 +78943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77239,7 +79489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77461,7 +79711,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -77790,7 +80040,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77959,7 +80209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78146,7 +80396,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78323,7 +80573,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78467,7 +80717,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78630,7 +80880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78782,7 +81032,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78930,7 +81180,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79077,7 +81327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79287,6 +81537,201 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: FirestoreDatabase is the Schema for the FirestoreDatabase API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirestoreDatabaseSpec defines the desired state of FirestoreDatabase + properties: + concurrencyMode: + description: The concurrency control mode to use for this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#concurrencymode + for more info. + type: string + locationID: + description: The location of the database. Available locations are + listed at https://cloud.google.com/firestore/docs/locations. + type: string + pointInTimeRecoveryEnablement: + description: Whether to enable the PITR feature on this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#pointintimerecoveryenablement + for more info. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: The FirestoreDatabase name. If not given, the metadata.name + will be used. + type: string + required: + - projectRef + type: object + status: + description: FirestoreDatabaseStatus defines the config connector machine + state of FirestoreDatabase + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the FirestoreDatabase resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp at which this database + was created. Databases created before 2016 do not populate create_time. + type: string + earliestVersionTime: + description: |- + Output only. The earliest timestamp at which older versions of the data can + be read from the database. See [version_retention_period] above; this field + is populated with `now - version_retention_period`. + + This value is continuously updated, and becomes stale the moment it is + queried. If you are using this value to recover data, make sure to account + for the time from the moment when the value is queried to the moment when + you initiate the recovery. + type: string + etag: + description: This checksum is computed by the server based on + the value of other fields, and may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. + type: string + keyPrefix: + description: |- + Output only. The key_prefix for this database. This key_prefix is used, in + combination with the project id ("~") to construct + the application id that is returned from the Cloud Datastore APIs in Google + App Engine first generation runtimes. + + This value may be empty in which case the appid to use for URL-encoded keys + is the project_id (eg: foo instead of v~foo). + type: string + uid: + description: Output only. The system-generated UUID4 for this + Database. + type: string + updateTime: + description: Output only. The timestamp at which this database + was most recently updated. Note this only includes updates to + the database resource and not data contained by the database. + type: string + versionRetentionPeriod: + description: |- + Output only. The period during which past versions of data are retained in + the database. + + Any [read][google.firestore.v1.GetDocumentRequest.read_time] + or [query][google.firestore.v1.ListDocumentsRequest.read_time] can specify + a `read_time` within this window, and will read the state of the database + at that time. + + If the PITR feature is enabled, the retention period is 7 days. Otherwise, + the retention period is 1 hour. + type: string + type: object + type: object + type: object + served: true storage: true subresources: status: {} @@ -79295,7 +81740,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79449,7 +81894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79662,7 +82107,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -79959,10 +82404,9 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: - cnrm.cloud.google.com/dcl2crd: "true" cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" @@ -80201,6 +82645,13 @@ spec: cluster. type: boolean type: object + management: + description: Optional. Whether to automatically manage the configmanagement + Feature. There are 3 accepted values. MANAGEMENT_UNSPECIFIED + means that the mamangement mode is unspecified. MANAGEMENT_AUTOMATIC + means that Google manages the Feature for the cluster. MANAGEMENT_MANUAL + means that users should manage the Feature for the cluster. + type: string policyController: description: '**DEPRECATED** Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the @@ -80499,7 +82950,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -80765,7 +83216,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -81130,7 +83581,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81263,7 +83714,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81421,7 +83872,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81583,7 +84034,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81897,7 +84348,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82098,7 +84549,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82299,7 +84750,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82399,7 +84850,7 @@ spec: ''allServices'' and a specific service, then the union of the two audit configs is used for that service: the ''logTypes'' specified in each ''auditLogConfig'' are enabled, and the ''exemptedMembers'' - in each ''auditLogConfg'' are exempted.' + in each ''auditLogConfig'' are exempted.' type: string required: - auditLogConfigs @@ -82460,7 +84911,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82600,7 +85051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82694,6 +85145,8 @@ spec: Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. oneOf: + - required: + - bigQueryConnectionConnectionRef - required: - logSinkRef - required: @@ -82703,6 +85156,34 @@ spec: - required: - sqlInstanceRef properties: + bigQueryConnectionConnectionRef: + description: BigQueryConnectionConnection whose service + account is to be bound to the role. Use the Type + field to specifie the connection type. For "spark" + connetion, the service account is in `status.observedState.spark.serviceAccountID`. + For "cloudSQL" connection, the service account is + in `status.observedState.cloudSQL.serviceAccountID`. + For "cloudResource" connection, the service account + is in `status.observedState.cloudResource.serviceAccountID`. + properties: + name: + type: string + namespace: + type: string + type: + description: Type field specifies the connection + type of the BigQueryConnectionConnection resource, + whose service account is to be bound to the + role. + enum: + - spark + - cloudSQL + - cloudResource + type: string + required: + - name + - type + type: object logSinkRef: description: The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound @@ -82925,7 +85406,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83015,7 +85496,7 @@ spec: both ''allServices'' and a specific service, then the union of the two audit configs is used for that service: the ''logTypes'' specified in each ''auditLogConfig'' are enabled, and the - ''exemptedMembers'' in each ''auditLogConfg'' are exempted.' + ''exemptedMembers'' in each ''auditLogConfig'' are exempted.' type: string required: - auditLogConfigs @@ -83153,7 +85634,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83236,6 +85717,8 @@ spec: Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. oneOf: + - required: + - bigQueryConnectionConnectionRef - required: - logSinkRef - required: @@ -83245,6 +85728,31 @@ spec: - required: - sqlInstanceRef properties: + bigQueryConnectionConnectionRef: + description: BigQueryConnectionConnection whose service account + is to be bound to the role. Use the Type field to specifie the + connection type. For "spark" connetion, the service account + is in `status.observedState.spark.serviceAccountID`. For "cloudSQL" + connection, the service account is in `status.observedState.cloudSQL.serviceAccountID`. + For "cloudResource" connection, the service account is in `status.observedState.cloudResource.serviceAccountID`. + properties: + name: + type: string + namespace: + type: string + type: + description: Type field specifies the connection type of the + BigQueryConnectionConnection resource, whose service account + is to be bound to the role. + enum: + - spark + - cloudSQL + - cloudResource + type: string + required: + - name + - type + type: object logSinkRef: description: The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound to the role. @@ -83393,7 +85901,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83572,7 +86080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -83714,7 +86222,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84072,7 +86580,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84253,7 +86761,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84549,7 +87057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84716,7 +87224,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84842,7 +87350,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84996,7 +87504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -85688,7 +88196,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85847,7 +88355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86052,7 +88560,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86235,7 +88743,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86459,7 +88967,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86623,7 +89131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86836,7 +89344,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87053,7 +89561,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87206,25 +89714,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/stability-level: beta cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: kmscryptokeys.kms.cnrm.cloud.google.com + name: kmsautokeyconfigs.kms.cnrm.cloud.google.com spec: group: kms.cnrm.cloud.google.com names: categories: - gcp - kind: KMSCryptoKey - plural: kmscryptokeys + kind: KMSAutokeyConfig + listKind: KMSAutokeyConfigList + plural: kmsautokeyconfigs shortNames: - - gcpkmscryptokey - - gcpkmscryptokeys - singular: kmscryptokey + - gcpkmsautokeyconfig + - gcpkmsautokeyconfigs + singular: kmsautokeyconfig preserveUnknownFields: false scope: Namespaced versions: @@ -87244,35 +89752,28 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1beta1 + name: v1alpha1 schema: openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig properties: - destroyScheduledDuration: - description: |- - Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. - If not specified at creation time, the default duration is 24 hours. - type: string - importOnly: - description: Immutable. Whether this key may contain imported versions - only. - type: boolean - keyRingRef: - description: The KMSKeyRing that this key belongs to. + folderRef: + description: Immutable. The folder that this resource belongs to. oneOf: - not: required: @@ -87289,64 +89790,422 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `KMSKeyRing` - resource.' + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. type: string type: object - purpose: - description: |- - Immutable. The immutable purpose of this CryptoKey. See the - [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose) - for possible inputs. - Default value is "ENCRYPT_DECRYPT". - type: string - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - rotationPeriod: - description: |- - Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. - The first rotation will take place after the specified period. The rotation period has - the format of a decimal number with up to 9 fractional digits, followed by the - letter 's' (seconds). It must be greater than a day (ie, 86400). - type: string - skipInitialVersionCreation: - description: |- - Immutable. If set to true, the request will create a CryptoKey without any CryptoKeyVersions. - You must use the 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion. - type: boolean - versionTemplate: - description: A template describing settings for new crypto key versions. + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external properties: - algorithm: - description: |- - The algorithm to use when creating a version based on this template. - See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs. + external: + description: The `projectID` field of a project, when not managed + by Config Connector. type: string - protectionLevel: - description: Immutable. The protection level to use when creating - a version based on this template. Possible values include "SOFTWARE", - "HSM", "EXTERNAL", "EXTERNAL_VPC". Defaults to "SOFTWARE". + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. type: string - required: - - algorithm type: object required: - - keyRingRef + - folderRef type: object status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig + properties: + folderRef: + description: Immutable. The folder that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - folderRef + type: object + status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: kmscryptokeys.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSCryptoKey + plural: kmscryptokeys + shortNames: + - gcpkmscryptokey + - gcpkmscryptokeys + singular: kmscryptokey + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + destroyScheduledDuration: + description: |- + Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. + If not specified at creation time, the default duration is 24 hours. + type: string + importOnly: + description: Immutable. Whether this key may contain imported versions + only. + type: boolean + keyRingRef: + description: The KMSKeyRing that this key belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `selfLink` field of a `KMSKeyRing` + resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + purpose: + description: |- + Immutable. The immutable purpose of this CryptoKey. See the + [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose) + for possible inputs. + Default value is "ENCRYPT_DECRYPT". + type: string + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + rotationPeriod: + description: |- + Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. + The first rotation will take place after the specified period. The rotation period has + the format of a decimal number with up to 9 fractional digits, followed by the + letter 's' (seconds). It must be greater than a day (ie, 86400). + type: string + skipInitialVersionCreation: + description: |- + Immutable. If set to true, the request will create a CryptoKey without any CryptoKeyVersions. + You must use the 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion. + type: boolean + versionTemplate: + description: A template describing settings for new crypto key versions. + properties: + algorithm: + description: |- + The algorithm to use when creating a version based on this template. + See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs. + type: string + protectionLevel: + description: Immutable. The protection level to use when creating + a version based on this template. Possible values include "SOFTWARE", + "HSM", "EXTERNAL", "EXTERNAL_VPC". Defaults to "SOFTWARE". + type: string + required: + - algorithm + type: object + required: + - keyRingRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. items: properties: lastTransitionTime: @@ -87399,7 +90258,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87588,7 +90447,320 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: beta + cnrm.cloud.google.com/system: "true" + name: kmskeyhandles.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSKeyHandle + listKind: KMSKeyHandleList + plural: kmskeyhandles + shortNames: + - gcpkmskeyhandle + - gcpkmskeyhandles + singular: kmskeyhandle + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. The KMS Key Handle ID used for resource creation + or acquisition. For creation: If specified, this value is used as + the key handle ID. If not provided, a UUID will be generated and + assigned as the key handle ID. For acquisition: This field must + be provided to identify the key handle resource to acquire.' + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: 'Immutable. The KMS Key Handle ID used for resource creation + or acquisition. For creation: If specified, this value is used as + the key handle ID. If not provided, a UUID will be generated and + assigned as the key handle ID. For acquisition: This field must + be provided to identify the key handle resource to acquire.' + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87768,7 +90940,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87891,7 +91063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -88096,7 +91268,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88385,7 +91557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88660,7 +91832,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89116,7 +92288,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89520,7 +92692,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -89824,7 +92996,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90161,7 +93333,466 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: memorystoreinstances.memorystore.cnrm.cloud.google.com +spec: + group: memorystore.cnrm.cloud.google.com + names: + categories: + - gcp + kind: MemorystoreInstance + listKind: MemorystoreInstanceList + plural: memorystoreinstances + shortNames: + - gcpmemorystoreinstance + - gcpmemorystoreinstances + singular: memorystoreinstance + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: MemorystoreInstance is the Schema for the MemorystoreInstance + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MemorystoreInstanceSpec defines the desired state of MemorystoreInstance + properties: + authorizationMode: + description: Optional. Immutable. Authorization mode of the instance. + type: string + deletionProtectionEnabled: + description: Optional. If set to true deletion of the instance will + fail. + type: boolean + engineConfigs: + additionalProperties: + type: string + description: Optional. User-provided engine configurations for the + instance. + type: object + engineVersion: + description: Optional. Immutable. Engine version of the instance. + type: string + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + nodeType: + description: Optional. Immutable. Machine type for individual nodes + of the instance. + type: string + persistenceConfig: + description: Optional. Persistence configuration of the instance. + properties: + aofConfig: + description: Optional. AOF configuration. This field will be ignored + if mode is not AOF. + properties: + appendFsync: + description: Optional. The fsync mode. + type: string + type: object + mode: + description: Optional. Current persistence mode. + type: string + rdbConfig: + description: Optional. RDB configuration. This field will be ignored + if mode is not RDB. + properties: + rdbSnapshotPeriod: + description: Optional. Period between RDB snapshots. + type: string + rdbSnapshotStartTime: + description: Optional. Time that the first snapshot was/will + be attempted, and to which future snapshots will be aligned. + If not provided, the current time will be used. + type: string + type: object + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pscAutoConnections: + description: Required. Immutable. User inputs for the auto-created + PSC connections. + items: + description: kcc specific struct to separate input and output fields + in google.cloud.memorystore.v1beta.PscAutoConnection + properties: + networkRef: + description: Required. The network where the PSC endpoints are + created, in the form of projects/{project_id}/global/networks/{network_id}. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` + resource. + type: string + type: object + projectRef: + description: Required. The consumer project_id where PSC connections + are established. This should be the same project_id that the + cluster is being created in. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - networkRef + - projectRef + type: object + type: array + replicaCount: + description: Optional. Number of replica nodes per shard. If omitted + the default is 0 replicas. + format: int32 + type: integer + resourceID: + description: Optional. Immutable. The MemorystoreInstance name. If + not given, the metadata.name will be used. + type: string + shardCount: + description: Optional. Number of shards for the instance. + format: int32 + type: integer + transitEncryptionMode: + description: Optional. Immutable. In-transit encryption mode of the + instance. + type: string + zoneDistributionConfig: + description: Optional. Immutable. Zone distribution configuration + of the instance for node allocatiteon. + properties: + mode: + description: Optional. Current zone distribution mode. Defaults + to MULTI_ZONE. + type: string + zone: + description: Optional. Defines zone where all resources will be + allocated with SINGLE_ZONE mode. Ignored for MULTI_ZONE mode. + type: string + type: object + required: + - location + - projectRef + type: object + status: + description: MemorystoreInstanceStatus defines the config connector machine + state of MemorystoreInstance + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the MemorystoreInstance resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + authorizationMode: + description: Optional. Immutable. Authorization mode of the instance. + type: string + createTime: + description: Output only. Creation timestamp of the instance. + type: string + discoveryEndpoints: + description: Output only. Endpoints clients can connect to the + instance through. Currently only one discovery endpoint is supported. + items: + properties: + address: + description: Output only. IP address of the exposed endpoint + clients connect to. + type: string + network: + description: Output only. The network where the IP address + of the discovery endpoint will be reserved, in the form + of projects/{network_project}/global/networks/{network_id}. + type: string + port: + description: Output only. The port number of the exposed + endpoint. + format: int32 + type: integer + type: object + type: array + engineVersion: + description: Optional. Immutable. Engine version of the instance. + https://cloud.google.com/memorystore/docs/valkey/supported-versions + type: string + name: + description: 'Identifier. Unique name of the instance. Format: + projects/{project}/locations/{location}/instances/{instance}' + type: string + nodeConfig: + description: Output only. Configuration of individual nodes of + the instance. + properties: + sizeGb: + description: Output only. Memory size in GB of the node. + type: number + type: object + nodeType: + description: Optional. Immutable. Machine type for individual + nodes of the instance. + type: string + pscAutoConnections: + description: Output only. Resource details of the auto-created + PSC connections. + items: + properties: + connectionType: + description: Output only. Type of the PSC connection. + type: string + forwardingRule: + description: 'Output only. The URI of the consumer side + forwarding rule. Format: projects/{project}/regions/{region}/forwardingRules/{forwarding_rule}' + type: string + ipAddress: + description: Output only. The IP allocated on the consumer + network for the PSC forwarding rule. + type: string + network: + description: Required. The network where the PSC endpoints + are created, in the form of projects/{project_id}/global/networks/{network_id}. + type: string + port: + description: Optional. Output only. port will only be set + for Primary/Reader or Discovery endpoint. + format: int32 + type: integer + projectID: + description: Required. The consumer project_id where PSC + connections are established. This should be the same project_id + that the cluster is being created in. + type: string + pscConnectionID: + description: Output only. The PSC connection id of the forwarding + rule connected to the service attachment. + type: string + pscConnectionStatus: + description: 'Output only. The status of the PSC connection: + whether a connection exists and ACTIVE or it no longer + exists. Please note that this value is updated periodically. + Please use Private Service Connect APIs for the latest + status.' + type: string + serviceAttachment: + description: Output only. The service attachment which is + the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + type: string + type: object + type: array + state: + description: Output only. Current state of the instance. + type: string + stateInfo: + description: Output only. Additional information about the state + of the instance. + properties: + updateInfo: + description: Output only. Describes ongoing update when instance + state is UPDATING. + properties: + targetReplicaCount: + description: Output only. Target number of replica nodes + per shard for the instance. + format: int32 + type: integer + targetShardCount: + description: Output only. Target number of shards for + the instance. + format: int32 + type: integer + type: object + type: object + transitEncryptionMode: + description: Optional. Immutable. In-transit encryption mode of + the instance. + type: string + uid: + description: Output only. System assigned, unique identifier for + the instance. + type: string + updateTime: + description: Output only. Latest update timestamp of the instance. + type: string + zoneDistributionConfig: + description: Optional. Immutable. Zone distribution configuration + of the instance for node allocation. + properties: + mode: + description: Optional. Current zone distribution mode. Defaults + to MULTI_ZONE. + type: string + zone: + description: Optional. Defines zone where all resources will + be allocated with SINGLE_ZONE mode. Ignored for MULTI_ZONE + mode. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90337,7 +93968,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -91274,7 +94905,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -99349,7 +102980,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99540,7 +103171,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99835,7 +103466,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99962,7 +103593,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -100263,7 +103894,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100834,7 +104465,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100993,7 +104624,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101372,7 +105003,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101554,7 +105185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -101631,7 +105262,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -101901,7 +105532,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102288,7 +105919,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102563,7 +106194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102821,7 +106452,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -103050,7 +106681,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -103294,7 +106925,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103531,7 +107162,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103878,7 +107509,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -104785,7 +108416,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105106,7 +108737,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105332,7 +108963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105799,7 +109430,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106533,7 +110164,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106709,7 +110340,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107039,7 +110670,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107360,7 +110991,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -107580,7 +111211,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -107741,7 +111372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -108099,7 +111730,7 @@ spec: type: string type: object id: - description: Required. ID of the artifact, which the installation + description: Required. Id of the artifact, which the installation and update steps of this recipe can reference. Artifacts in a recipe cannot have the same id. type: string @@ -108510,7 +112141,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -109512,7 +113143,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -110203,7 +113834,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -110339,7 +113970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -110842,7 +114473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -111847,7 +115478,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -112758,7 +116389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -113174,7 +116805,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113259,7 +116890,374 @@ spec: description: Optional. Whether the approvers need to provide a justification for their actions. type: boolean - step: + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. + type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: description: Optional. List of approval steps in this workflow. These steps are followed in the specified order sequentially. Only 1 step is supported. @@ -113564,7 +117562,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113789,7 +117787,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113945,7 +117943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114112,7 +118110,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114316,7 +118314,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114471,7 +118469,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114979,7 +118977,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115196,7 +119194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -115450,7 +119448,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115607,7 +119605,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -115946,7 +119944,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -116152,7 +120150,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116670,7 +120668,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116848,7 +120846,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117129,7 +121127,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118174,7 +122172,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119304,7 +123302,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119617,7 +123615,8 @@ spec: type: object type: array ttl: - description: Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret]. + description: 'Input only. A duration in seconds with up to nine fractional + digits, ending with ''s''. Example: "3.5s".' type: string versionAliases: additionalProperties: @@ -119685,6 +123684,11 @@ spec: observedState: description: ObservedState is the state of the resource as most recently observed in GCP. + properties: + versionAliases: + additionalProperties: + type: string + type: object type: object type: object type: object @@ -119697,7 +123701,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119711,6 +123715,7 @@ spec: categories: - gcp kind: SecretManagerSecretVersion + listKind: SecretManagerSecretVersionList plural: secretmanagersecretversions shortNames: - gcpsecretmanagersecretversion @@ -119738,55 +123743,52 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SecretManagerSecretVersion is the Schema for the SecretManagerSecretVersion + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SecretManagerSecretVersionSpec defines the desired state + of SecretManagerSecretVersion properties: deletionPolicy: - description: |- - The deletion policy for the secret version. Setting 'ABANDON' allows the resource - to be abandoned rather than deleted. Setting 'DISABLE' allows the resource to be - disabled rather than deleted. Default is 'DELETE'. Possible values are: - * DELETE - * DISABLE - * ABANDON. + description: 'DEPRECATED. You do not need to set this field in direct + reconciler mode. Use delete-policy annotation instead. https://cloud.google.com/config-connector/docs/how-to/managing-deleting-resources#keeping_resources_after_deletion + The deletion policy for the secret version. Setting ''ABANDON'' + allows the resource to be abandoned rather than deleted. Setting + ''DISABLE'' allows the resource to be disabled rather than deleted. + Default is ''DELETE''. Possible values are: * DELETE * DISABLE * + ABANDON.' type: string enabled: - description: The current state of the SecretVersion. + description: Should enable or disable the current SecretVersion. - + Enabled version can be accessed and described. - Disabled version + cannot be accessed, but the secret's contents still exist type: boolean isSecretDataBase64: - description: Immutable. If set to 'true', the secret data is expected - to be base64-encoded string and would be sent as is. + description: DEPRECATED. You do not need to set this field in direct + reconciler mode. type: boolean resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: The SecretVersion number. If given, Config Connector + acquires the resource from the Secret Manager service. If not given, + Config Connector adds a new secret version to the GCP service, and + you can find out the version number from `status.observedState.version` type: string secretData: - description: Immutable. The secret data. Must be no larger than 64KiB. - oneOf: - - not: - required: - - valueFrom - required: - - value - - not: - required: - - value - required: - - valueFrom + description: The actual secret data. Config Connector supports secret + data stored in Kubernetes secret or plain data (base64) properties: value: description: Value of the field. Cannot be used if 'valueFrom' @@ -119807,13 +123809,15 @@ spec: description: Name of the Secret to extract a value from. type: string required: - - name - key + - name type: object type: object type: object secretRef: - description: Secret Manager secret resource + description: The resource name of the [Secret][google.cloud.secretmanager.v1.Secret] + to create a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + for. oneOf: - not: required: @@ -119830,25 +123834,24 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `SecretManagerSecret` - resource.' + description: A reference to an externally managed SecretManagerSecret + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/secrets/{{secretID}}". type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The name of a SecretManagerSecret resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The namespace of a SecretManagerSecret resource. type: string type: object - required: - - secretData - - secretRef type: object status: + description: SecretManagerSecretVersionStatus defines the config connector + machine state of SecretManagerSecretVersion properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -119873,16 +123876,20 @@ spec: type: object type: array createTime: - description: The time at which the Secret was created. + description: 'DEPRECATING NOTE: Please use status.observedState.createTime + instead.' type: string destroyTime: - description: The time at which the Secret was destroyed. Only present - if state is DESTROYED. + description: 'DEPRECATING NOTE: Please use status.observedState.destroyTime + instead.' + type: string + externalRef: + description: A unique specifier for the SecretManagerSecretVersion + resource in GCP. type: string name: - description: |- - The resource name of the SecretVersion. Format: - 'projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}'. + description: 'DEPRECATING NOTE: Please use status.observedState.name + instead.' type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -119890,9 +123897,121 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clientSpecifiedPayloadChecksum: + description: Output only. True if payload checksum specified in + [SecretPayload][google.cloud.secretmanager.v1.SecretPayload] + object has been received by [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService] + on [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + type: boolean + createTime: + description: Output only. The time at which the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was created. + type: string + customerManagedEncryption: + description: Output only. The customer-managed encryption status + of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used and [Secret][google.cloud.secretmanager.v1.Secret] + is a Regionalised Secret. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of the Cloud KMS + CryptoKeyVersion used to encrypt the secret payload, in + the following format: `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + destroyTime: + description: Output only. The time this [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was destroyed. Only present if [state][google.cloud.secretmanager.v1.SecretVersion.state] + is [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED]. + type: string + name: + description: |- + Output only. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the + format `projects/*/secrets/*/versions/*`. + + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] IDs in a + [Secret][google.cloud.secretmanager.v1.Secret] start at 1 and are + incremented for each subsequent version of the secret. + type: string + replicationStatus: + description: The replication status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + properties: + automatic: + description: |- + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with + automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has an automatic + replication policy. + properties: + customerManagedEncryption: + description: Output only. The customer-managed encryption + status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of the Cloud + KMS CryptoKeyVersion used to encrypt the secret + payload, in the following format: `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + type: object + userManaged: + description: |- + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with + user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has a user-managed + replication policy. + properties: + replicas: + description: Output only. The list of replica statuses + for the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + items: + properties: + customerManagedEncryption: + description: Output only. The customer-managed encryption + status of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption + is used. + properties: + kmsKeyVersionName: + description: 'Required. The resource name of + the Cloud KMS CryptoKeyVersion used to encrypt + the secret payload, in the following format: + `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.' + type: string + type: object + location: + description: 'Output only. The canonical ID of the + replica location. For example: `"us-east1"`.' + type: string + type: object + type: array + type: object + type: object + scheduledDestroyTime: + description: Optional. Output only. Scheduled destroy time for + secret version. This is a part of the Delayed secret version + destroy feature. For a Secret with a valid version destroy TTL, + when a secert version is destroyed, the version is moved to + disabled state and it is scheduled for destruction. The version + is destroyed only after the `scheduled_destroy_time`. + type: string + type: object version: - description: The version of the Secret. + description: DEPRECATED. type: string type: object required: @@ -119902,18 +124021,588 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerinstances.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerInstance + listKind: SecureSourceManagerInstanceList + plural: securesourcemanagerinstances + shortNames: + - gcpsecuresourcemanagerinstance + - gcpsecuresourcemanagerinstances + singular: securesourcemanagerinstance + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerInstance is the Schema for the SecureSourceManagerInstance + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerInstanceSpec defines the desired state + of SecureSourceManagerInstance + properties: + kmsKeyRef: + description: Optional. Immutable. Customer-managed encryption key + name. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - location + - projectRef + type: object + status: + description: SecureSourceManagerInstanceStatus defines the config connector + machine state of SecureSourceManagerInstance + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerInstance + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + hostConfig: + description: Output only. A list of hostnames for this instance. + properties: + api: + description: 'Output only. API hostname. This is the hostname + to use for **Host: Data Plane** endpoints.' + type: string + gitHTTP: + description: Output only. Git HTTP hostname. + type: string + gitSSH: + description: Output only. Git SSH hostname. + type: string + html: + description: Output only. HTML hostname. + type: string + type: object + state: + description: Output only. Current state of the instance. + type: string + stateNote: + description: Output only. An optional field providing information + about the current instance state. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerRepository + listKind: SecureSourceManagerRepositoryList + plural: securesourcemanagerrepositories + shortNames: + - gcpsecuresourcemanagerrepository + - gcpsecuresourcemanagerrepositories + singular: securesourcemanagerrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerRepositorySpec defines the desired state + of SecureSourceManagerRepository + properties: + initialConfig: + description: Input only. Initial configurations for the repository. + properties: + defaultBranch: + description: Default branch name of the repository. + type: string + gitignores: + description: 'List of gitignore template names user can choose + from. Valid values: actionscript, ada, agda, android, anjuta, + ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, + atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, + c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, + c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, + concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, + dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, + drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, + godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, + igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, + jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, + joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, + ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, + lemon-stand, libre-office, lilypond, linux, lithium, logtalk, + lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + mercurial, mercury, metals, meta-programming-system, meteor, + microsoft-office, model-sim, momentics, mono-develop, nanoc, + net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, + ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, + packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, + plone, prestashop, processing, psoc-creator, puppet, pure-script, + putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, + redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, + scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, + smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, + svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, + tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, + typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, + virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + web-methods, windows, word-press, xcode, xilinx, xilinx-ise, + xojo, yeoman, yii, zend-framework, zephir.' + items: + type: string + type: array + license: + description: 'License template name user can choose from. Valid + values: license-0bsd, license-389-exception, aal, abstyles, + adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, + antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, + apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, + artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, + borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, + bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, + caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, + cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, + cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, + cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, + cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, + cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, + cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, + cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, + cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, + cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, + cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, + clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, + condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, + cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, + cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, + doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, + efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, + erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, + eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, + frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, + fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, + gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, + gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, + gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, + gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, + gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, + glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, + gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, + ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, + intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, + jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, + lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, + lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, + libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, + liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, + lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, + lppl-1-3c, lzma-exception, make-index, mif-exception, miros, + mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, + mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, + mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, + mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, + ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, + occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, + ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, + ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, + ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, + oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, + oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, + openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, + osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, + parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, + polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, + ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, + qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, + rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, + sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, + sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, + sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, + spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, + swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, + tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, + unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, + w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, + x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, + ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, + zpl-1-1, zpl-2-0, zpl-2-1.' + type: string + readme: + description: 'README template name. Valid template name(s) are: + default.' + type: string + type: object + instanceRef: + description: The name of the instance in which the repository is hosted, + formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed SecureSourceManagerInstance + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/instances/{{instanceID}}". + type: string + name: + description: The name of a SecureSourceManagerInstance resource. + type: string + namespace: + description: The namespace of a SecureSourceManagerInstance resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The SecureSourceManagerRepository name. If + not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - instanceRef + - location + - projectRef + type: object + status: + description: SecureSourceManagerRepositoryStatus defines the config connector + machine state of SecureSourceManagerRepository + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerRepository + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + etag: + description: Output only. This checksum is computed by the server + based on the value of other fields, and may be sent on update + and delete requests to ensure the client has an up-to-date value + before proceeding. + type: string + uid: + description: Output only. Unique identifier of the repository. + type: string + uris: + description: Output only. URIs for the repository. + properties: + api: + description: Output only. API is the URI for API access. + type: string + gitHTTPS: + description: Output only. git_https is the git HTTPS URI for + git operations. + type: string + html: + description: Output only. HTML is the URI for user to view + the repository in a browser. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120118,7 +124807,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120281,7 +124970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120501,7 +125190,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120658,7 +125347,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120810,7 +125499,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120957,7 +125646,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121135,7 +125824,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121276,7 +125965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121458,7 +126147,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121657,7 +126346,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121866,11 +126555,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: spannerinstances.spanner.cnrm.cloud.google.com @@ -121880,6 +126568,7 @@ spec: categories: - gcp kind: SpannerInstance + listKind: SpannerInstanceList plural: spannerinstances shortNames: - gcpspannerinstance @@ -121907,53 +126596,63 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SpannerInstance is the Schema for the SpannerInstance API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SpannerInstanceSpec defines the desired state of SpannerInstance properties: config: - description: |- - Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines the geographic placement and - replication of your databases in this instance. It determines where your data - is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. - In order to obtain a valid list please consult the - [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). + description: Immutable. The name of the instance's configuration (similar + but not quite the same as a region) which defines the geographic + placement and replication of your databases in this instance. It + determines where your data is stored. Values are typically of the + form 'regional-europe-west1' , 'us-central' etc. In order to obtain + a valid list please consult the [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). type: string + x-kubernetes-validations: + - message: Config field is immutable + rule: self == oldSelf displayName: - description: |- - The descriptive name for this instance as it appears in UIs. Must be - unique per project and between 4 and 30 characters in length. + description: The descriptive name for this instance as it appears + in UIs. Must be unique per project and between 4 and 30 characters + in length. type: string numNodes: + format: int32 type: integer processingUnits: + format: int32 type: integer resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SpannerInstance name. If not given, the + metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - config - displayName type: object status: + description: SpannerInstanceStatus defines the config connector machine + state of SpannerInstance properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the SpannerInstance's current state. items: properties: lastTransitionTime: @@ -121977,13 +126676,22 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the SpannerInstance resource in + GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object state: description: 'Instance status: ''CREATING'' or ''READY''.' type: string @@ -121995,18 +126703,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122177,7 +126879,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122721,7 +127423,7 @@ spec: properties: external: description: A reference to an externally managed Compute - Network resource. Should be in the format `projects//global/networks/`. + Network resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -122998,7 +127700,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123174,7 +127876,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123415,7 +128117,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123585,7 +128287,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123992,7 +128694,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124178,7 +128880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124346,7 +129048,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124549,7 +129251,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124711,7 +129413,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125349,7 +130051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125532,7 +130234,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125709,7 +130411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125874,7 +130576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126048,7 +130750,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126268,7 +130970,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126655,7 +131357,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127102,7 +131804,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127247,7 +131949,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127483,7 +132185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127698,7 +132400,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127886,7 +132588,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128396,7 +133098,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128578,7 +133280,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -128768,7 +133470,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129047,7 +133749,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129239,7 +133941,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -129312,6 +134014,335 @@ spec: description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) that are applied to the workstation cluster and that are also propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + location: + description: The location of the cluster. + type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object + privateClusterConfig: + description: Optional. Configuration for private workstation cluster. + properties: + allowedProjects: + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. + items: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + type: array + enablePrivateEndpoint: + description: Immutable. Whether Workstations endpoint is private. + type: boolean + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceID: + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object + required: + - networkRef + - projectRef + - subnetworkRef + type: object + status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster + properties: + annotations: + description: Optional. Client-specified annotations. items: properties: key: @@ -129322,6 +134353,23 @@ spec: type: string type: object type: array + displayName: + description: Optional. Human-readable name for this workstation cluster. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array location: description: The location of the cluster. type: string @@ -129346,7 +134394,7 @@ spec: properties: external: description: A reference to an externally managed Compute Network - resource. Should be in the format `projects//global/networks/`. + resource. Should be in the format `projects/{{projectID}}/global/networks/{{network}}`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -129567,6 +134615,7 @@ spec: code: description: The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. + format: int32 type: integer message: description: A developer-facing error message, which should @@ -129602,3 +134651,1699 @@ spec: storage: true subresources: status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: workstationconfigs.workstations.cnrm.cloud.google.com +spec: + group: workstations.cnrm.cloud.google.com + names: + categories: + - gcp + kind: WorkstationConfig + listKind: WorkstationConfigList + plural: workstationconfigs + shortNames: + - gcpworkstationconfig + - gcpworkstationconfigs + singular: workstationconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: WorkstationConfig is the Schema for the WorkstationConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationConfigSpec defines the desired state of WorkstationConfig + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + container: + description: Optional. Container that runs upon startup for each workstation + using this workstation configuration. + properties: + args: + description: Optional. Arguments passed to the entrypoint. + items: + type: string + type: array + command: + description: Optional. If set, overrides the default ENTRYPOINT + specified by the image. + items: + type: string + type: array + env: + description: Optional. Environment variables passed to the container's + entrypoint. + items: + properties: + name: + description: Name is the name of the environment variable. + type: string + value: + description: Value is the value of the environment variable. + type: string + type: object + type: array + image: + description: |- + Optional. A Docker container image that defines a custom environment. + + Cloud Workstations provides a number of + [preconfigured + images](https://cloud.google.com/workstations/docs/preconfigured-base-images), + but you can create your own + [custom container + images](https://cloud.google.com/workstations/docs/custom-container-images). + If using a private image, the `host.gceInstance.serviceAccount` field + must be specified in the workstation configuration and must have + permission to pull the specified image. Otherwise, the image must be + publicly accessible. + type: string + runAsUser: + description: Optional. If set, overrides the USER specified in + the image with the given uid. + format: int32 + type: integer + workingDir: + description: Optional. If set, overrides the default DIR specified + by the image. + type: string + type: object + displayName: + description: Optional. Human-readable name for this workstation configuration. + type: string + encryptionKey: + description: |- + Immutable. Encrypts resources of this workstation configuration using a + customer-managed encryption key (CMEK). + + If specified, the boot disk of the Compute Engine instance and the + persistent disk are encrypted using this encryption key. If + this field is not set, the disks are encrypted using a generated + key. Customer-managed encryption keys do not protect disk metadata. + + If the customer-managed encryption key is rotated, when the workstation + instance is stopped, the system attempts to recreate the + persistent disk with the new version of the key. Be sure to keep + older versions of the key until the persistent disk is recreated. + Otherwise, data on the persistent disk might be lost. + + If the encryption key is revoked, the workstation session automatically + stops within 7 hours. + + Immutable after the workstation configuration is created. + properties: + kmsCryptoKeyRef: + description: Immutable. A reference to the Google Cloud KMS encryption + key. For example, `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. + The key must be in the same region as the workstation configuration. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + serviceAccountRef: + description: Immutable. A reference to a service account to use + with the specified KMS key. We recommend that you use a separate + service account and follow KMS best practices. For more information, + see [Separation of duties](https://cloud.google.com/kms/docs/separation-of-duties) + and `gcloud kms keys add-iam-policy-binding` [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + host: + description: Optional. Runtime host for the workstation. + properties: + gceInstance: + description: Specifies a Compute Engine instance as the host. + properties: + bootDiskSizeGB: + description: Optional. The size of the boot disk for the VM + in gigabytes (GB). The minimum boot disk size is `30` GB. + Defaults to `50` GB. + format: int32 + type: integer + confidentialInstanceConfig: + description: Optional. A set of Compute Engine Confidential + VM instance options. + properties: + enableConfidentialCompute: + description: Optional. Whether the instance has confidential + compute enabled. + type: boolean + type: object + disablePublicIPAddresses: + description: Optional. When set to true, disables public IP + addresses for VMs. If you disable public IP addresses, you + must set up Private Google Access or Cloud NAT on your network. + If you use Private Google Access and you use `private.googleapis.com` + or `restricted.googleapis.com` for Container Registry and + Artifact Registry, make sure that you set up DNS records + for domains `*.gcr.io` and `*.pkg.dev`. Defaults to false + (VMs have public IP addresses). + type: boolean + enableNestedVirtualization: + description: |- + Optional. Whether to enable nested virtualization on Cloud Workstations + VMs created under this workstation configuration. + + Nested virtualization lets you run virtual machine (VM) instances + inside your workstation. Before enabling nested virtualization, + consider the following important considerations. Cloud Workstations + instances are subject to the [same restrictions as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + + * **Organization policy**: projects, folders, or + organizations may be restricted from creating nested VMs if the + **Disable VM nested virtualization** constraint is enforced in + the organization policy. For more information, see the + Compute Engine section, + [Checking whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. + * **Machine Type**: nested virtualization can only be enabled on + workstation configurations that specify a + [machine_type][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.machine_type] + in the N1 or N2 machine series. + * **GPUs**: nested virtualization may not be enabled on workstation + configurations with accelerators. + * **Operating System**: Because + [Container-Optimized + OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) + does not support nested virtualization, when nested virtualization is + enabled, the underlying Compute Engine VM instances boot from an + [Ubuntu + LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) + image. + type: boolean + machineType: + description: Optional. The type of machine to use for VM instances—for + example, `"e2-standard-4"`. For more information about machine + types that Cloud Workstations supports, see the list of + [available machine types](https://cloud.google.com/workstations/docs/available-machine-types). + type: string + poolSize: + description: Optional. The number of VMs that the system should + keep idle so that new workstations can be started quickly + for new users. Defaults to `0` in the API. + format: int32 + type: integer + serviceAccountRef: + description: |- + Optional. A reference to the service account for Cloud + Workstations VMs created with this configuration. When specified, be + sure that the service account has `logginglogEntries.create` permission + on the project so it can write logs out to Cloud Logging. If using a + custom container image, the service account must have permissions to + pull the specified image. + + If you as the administrator want to be able to `ssh` into the + underlying VM, you need to set this value to a service account + for which you have the `iam.serviceAccounts.actAs` permission. + Conversely, if you don't want anyone to be able to `ssh` into the + underlying VM, use a service account where no one has that + permission. + + If not set, VMs run with a service account provided by the + Cloud Workstations service, and the image must be publicly + accessible. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` + resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + serviceAccountScopes: + description: Optional. Scopes to grant to the [service_account][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.service_account]. + Various scopes are automatically added based on feature + usage. When specified, users of workstations under this + configuration must have `iam.serviceAccounts.actAs` on the + service account. + items: + type: string + type: array + shieldedInstanceConfig: + description: Optional. A set of Compute Engine Shielded instance + options. + properties: + enableIntegrityMonitoring: + description: Optional. Whether the instance has integrity + monitoring enabled. + type: boolean + enableSecureBoot: + description: Optional. Whether the instance has Secure + Boot enabled. + type: boolean + enableVTPM: + description: Optional. Whether the instance has the vTPM + enabled. + type: boolean + type: object + tags: + description: Optional. Network tags to add to the Compute + Engine VMs backing the workstations. This option applies + [network tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) + to VMs created with this configuration. These network tags + enable the creation of [firewall rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). + items: + type: string + type: array + type: object + type: object + idleTimeout: + description: |- + Optional. Number of seconds to wait before automatically stopping a + workstation after it last received user traffic. + + A value of `"0s"` indicates that Cloud Workstations VMs created with this + configuration should never time out due to idleness. + Provide + [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) + terminated by `s` for seconds—for example, `"7200s"` (2 hours). + The default is `"1200s"` (20 minutes). + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation configuration and that are also + propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationCluster + for this WorkstationConfig. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationCluster + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}". + type: string + name: + description: The name of a WorkstationCluster resource. + type: string + namespace: + description: The namespace of a WorkstationCluster resource. + type: string + type: object + persistentDirectories: + description: Optional. Directories to persist across workstation sessions. + items: + properties: + gcePD: + description: A PersistentDirectory backed by a Compute Engine + persistent disk. + properties: + diskType: + description: Optional. The [type of the persistent disk](https://cloud.google.com/compute/docs/disks#disk-types) + for the home directory. Defaults to `"pd-standard"`. + type: string + fsType: + description: Optional. Type of file system that the disk + should be formatted with. The workstation image must support + this file system type. Must be empty if [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. Defaults to `"ext4"`. + type: string + reclaimPolicy: + description: Optional. Whether the persistent disk should + be deleted when the workstation is deleted. Valid values + are `DELETE` and `RETAIN`. Defaults to `DELETE`. + type: string + sizeGB: + description: |- + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. + + Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. + Defaults to `200`. If less than `200` GB, the + [disk_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.disk_type] + must be + `"pd-balanced"` or `"pd-ssd"`. + format: int32 + type: integer + sourceSnapshot: + description: Optional. Name of the snapshot to use as the + source for the disk. If set, [size_gb][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.size_gb] + and [fs_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.fs_type] + must be empty. + type: string + type: object + mountPath: + description: Optional. Location of this directory in the running + workstation. + type: string + type: object + type: array + readinessChecks: + description: Optional. Readiness checks to perform when starting a + workstation using this workstation configuration. Mark a workstation + as running only after all specified readiness checks return 200 + status codes. + items: + properties: + path: + description: Optional. Path to which the request should be sent. + type: string + port: + description: Optional. Port to which the request should be sent. + format: int32 + type: integer + type: object + type: array + replicaZones: + description: |- + Optional. Immutable. Specifies the zones used to replicate the VM and disk + resources within the region. If set, exactly two zones within the + workstation cluster's region must be specified—for example, + `['us-central1-a', 'us-central1-f']`. If this field is empty, two default + zones within the region are used. + + Immutable after the workstation configuration is created. + items: + type: string + type: array + resourceID: + description: Immutable. The WorkstationConfig name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + runningTimeout: + description: |- + Optional. Number of seconds that a workstation can run until it is + automatically shut down. We recommend that workstations be shut down daily + to reduce costs and so that security updates can be applied upon restart. + The + [idle_timeout][google.cloud.workstations.v1.WorkstationConfig.idle_timeout] + and + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + fields are independent of each other. Note that the + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + field shuts down VMs after the specified time, regardless of whether or not + the VMs are idle. + + Provide duration terminated by `s` for seconds—for example, `"54000s"` + (15 hours). Defaults to `"43200s"` (12 hours). A value of `"0s"` indicates + that workstations using this configuration should never time out. If + [encryption_key][google.cloud.workstations.v1.WorkstationConfig.encryption_key] + is set, it must be greater than `"0s"` and less than + `"86400s"` (24 hours). + + Warning: A value of `"0s"` indicates that Cloud Workstations VMs created + with this configuration have no maximum running time. This is strongly + discouraged because you incur costs and will not pick up security updates. + type: string + required: + - parentRef + type: object + status: + description: WorkstationConfigStatus defines the config connector machine + state of WorkstationConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation configuration + was created. + type: string + degraded: + description: Output only. Whether this resource is degraded, in + which case it may require user action to restore full functionality. + See also the [conditions][google.cloud.workstations.v1.WorkstationConfig.conditions] + field. + type: boolean + deleteTime: + description: Output only. Time when this workstation configuration + was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the current + resource state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + host: + description: Output only. Observed state of the runtime host for + the workstation configuration. + properties: + gceInstance: + description: Output only. Observed state of the Compute Engine + runtime host for the workstation configuration. + properties: + pooledInstances: + description: Output only. Number of instances currently + available in the pool for faster workstation startup. + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. A system-assigned unique identifier + for this workstation configuration. + type: string + updateTime: + description: Output only. Time when this workstation configuration + was most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationConfig is the Schema for the WorkstationConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationConfigSpec defines the desired state of WorkstationConfig + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + container: + description: Optional. Container that runs upon startup for each workstation + using this workstation configuration. + properties: + args: + description: Optional. Arguments passed to the entrypoint. + items: + type: string + type: array + command: + description: Optional. If set, overrides the default ENTRYPOINT + specified by the image. + items: + type: string + type: array + env: + description: Optional. Environment variables passed to the container's + entrypoint. + items: + properties: + name: + description: Name is the name of the environment variable. + type: string + value: + description: Value is the value of the environment variable. + type: string + type: object + type: array + image: + description: |- + Optional. A Docker container image that defines a custom environment. + + Cloud Workstations provides a number of + [preconfigured + images](https://cloud.google.com/workstations/docs/preconfigured-base-images), + but you can create your own + [custom container + images](https://cloud.google.com/workstations/docs/custom-container-images). + If using a private image, the `host.gceInstance.serviceAccount` field + must be specified in the workstation configuration and must have + permission to pull the specified image. Otherwise, the image must be + publicly accessible. + type: string + runAsUser: + description: Optional. If set, overrides the USER specified in + the image with the given uid. + format: int32 + type: integer + workingDir: + description: Optional. If set, overrides the default DIR specified + by the image. + type: string + type: object + displayName: + description: Optional. Human-readable name for this workstation configuration. + type: string + encryptionKey: + description: |- + Immutable. Encrypts resources of this workstation configuration using a + customer-managed encryption key (CMEK). + + If specified, the boot disk of the Compute Engine instance and the + persistent disk are encrypted using this encryption key. If + this field is not set, the disks are encrypted using a generated + key. Customer-managed encryption keys do not protect disk metadata. + + If the customer-managed encryption key is rotated, when the workstation + instance is stopped, the system attempts to recreate the + persistent disk with the new version of the key. Be sure to keep + older versions of the key until the persistent disk is recreated. + Otherwise, data on the persistent disk might be lost. + + If the encryption key is revoked, the workstation session automatically + stops within 7 hours. + + Immutable after the workstation configuration is created. + properties: + kmsCryptoKeyRef: + description: Immutable. A reference to the Google Cloud KMS encryption + key. For example, `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. + The key must be in the same region as the workstation configuration. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + serviceAccountRef: + description: Immutable. A reference to a service account to use + with the specified KMS key. We recommend that you use a separate + service account and follow KMS best practices. For more information, + see [Separation of duties](https://cloud.google.com/kms/docs/separation-of-duties) + and `gcloud kms keys add-iam-policy-binding` [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + host: + description: Optional. Runtime host for the workstation. + properties: + gceInstance: + description: Specifies a Compute Engine instance as the host. + properties: + bootDiskSizeGB: + description: Optional. The size of the boot disk for the VM + in gigabytes (GB). The minimum boot disk size is `30` GB. + Defaults to `50` GB. + format: int32 + type: integer + confidentialInstanceConfig: + description: Optional. A set of Compute Engine Confidential + VM instance options. + properties: + enableConfidentialCompute: + description: Optional. Whether the instance has confidential + compute enabled. + type: boolean + type: object + disablePublicIPAddresses: + description: Optional. When set to true, disables public IP + addresses for VMs. If you disable public IP addresses, you + must set up Private Google Access or Cloud NAT on your network. + If you use Private Google Access and you use `private.googleapis.com` + or `restricted.googleapis.com` for Container Registry and + Artifact Registry, make sure that you set up DNS records + for domains `*.gcr.io` and `*.pkg.dev`. Defaults to false + (VMs have public IP addresses). + type: boolean + enableNestedVirtualization: + description: |- + Optional. Whether to enable nested virtualization on Cloud Workstations + VMs created under this workstation configuration. + + Nested virtualization lets you run virtual machine (VM) instances + inside your workstation. Before enabling nested virtualization, + consider the following important considerations. Cloud Workstations + instances are subject to the [same restrictions as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + + * **Organization policy**: projects, folders, or + organizations may be restricted from creating nested VMs if the + **Disable VM nested virtualization** constraint is enforced in + the organization policy. For more information, see the + Compute Engine section, + [Checking whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. + * **Machine Type**: nested virtualization can only be enabled on + workstation configurations that specify a + [machine_type][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.machine_type] + in the N1 or N2 machine series. + * **GPUs**: nested virtualization may not be enabled on workstation + configurations with accelerators. + * **Operating System**: Because + [Container-Optimized + OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) + does not support nested virtualization, when nested virtualization is + enabled, the underlying Compute Engine VM instances boot from an + [Ubuntu + LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) + image. + type: boolean + machineType: + description: Optional. The type of machine to use for VM instances—for + example, `"e2-standard-4"`. For more information about machine + types that Cloud Workstations supports, see the list of + [available machine types](https://cloud.google.com/workstations/docs/available-machine-types). + type: string + poolSize: + description: Optional. The number of VMs that the system should + keep idle so that new workstations can be started quickly + for new users. Defaults to `0` in the API. + format: int32 + type: integer + serviceAccountRef: + description: |- + Optional. A reference to the service account for Cloud + Workstations VMs created with this configuration. When specified, be + sure that the service account has `logginglogEntries.create` permission + on the project so it can write logs out to Cloud Logging. If using a + custom container image, the service account must have permissions to + pull the specified image. + + If you as the administrator want to be able to `ssh` into the + underlying VM, you need to set this value to a service account + for which you have the `iam.serviceAccounts.actAs` permission. + Conversely, if you don't want anyone to be able to `ssh` into the + underlying VM, use a service account where no one has that + permission. + + If not set, VMs run with a service account provided by the + Cloud Workstations service, and the image must be publicly + accessible. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` + resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + serviceAccountScopes: + description: Optional. Scopes to grant to the [service_account][google.cloud.workstations.v1.WorkstationConfig.Host.GceInstance.service_account]. + Various scopes are automatically added based on feature + usage. When specified, users of workstations under this + configuration must have `iam.serviceAccounts.actAs` on the + service account. + items: + type: string + type: array + shieldedInstanceConfig: + description: Optional. A set of Compute Engine Shielded instance + options. + properties: + enableIntegrityMonitoring: + description: Optional. Whether the instance has integrity + monitoring enabled. + type: boolean + enableSecureBoot: + description: Optional. Whether the instance has Secure + Boot enabled. + type: boolean + enableVTPM: + description: Optional. Whether the instance has the vTPM + enabled. + type: boolean + type: object + tags: + description: Optional. Network tags to add to the Compute + Engine VMs backing the workstations. This option applies + [network tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) + to VMs created with this configuration. These network tags + enable the creation of [firewall rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). + items: + type: string + type: array + type: object + type: object + idleTimeout: + description: |- + Optional. Number of seconds to wait before automatically stopping a + workstation after it last received user traffic. + + A value of `"0s"` indicates that Cloud Workstations VMs created with this + configuration should never time out due to idleness. + Provide + [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) + terminated by `s` for seconds—for example, `"7200s"` (2 hours). + The default is `"1200s"` (20 minutes). + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation configuration and that are also + propagated to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationCluster + for this WorkstationConfig. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationCluster + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}". + type: string + name: + description: The name of a WorkstationCluster resource. + type: string + namespace: + description: The namespace of a WorkstationCluster resource. + type: string + type: object + persistentDirectories: + description: Optional. Directories to persist across workstation sessions. + items: + properties: + gcePD: + description: A PersistentDirectory backed by a Compute Engine + persistent disk. + properties: + diskType: + description: Optional. The [type of the persistent disk](https://cloud.google.com/compute/docs/disks#disk-types) + for the home directory. Defaults to `"pd-standard"`. + type: string + fsType: + description: Optional. Type of file system that the disk + should be formatted with. The workstation image must support + this file system type. Must be empty if [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. Defaults to `"ext4"`. + type: string + reclaimPolicy: + description: Optional. Whether the persistent disk should + be deleted when the workstation is deleted. Valid values + are `DELETE` and `RETAIN`. Defaults to `DELETE`. + type: string + sizeGB: + description: |- + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + [source_snapshot][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.source_snapshot] + is set. + + Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. + Defaults to `200`. If less than `200` GB, the + [disk_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.disk_type] + must be + `"pd-balanced"` or `"pd-ssd"`. + format: int32 + type: integer + sourceSnapshot: + description: Optional. Name of the snapshot to use as the + source for the disk. If set, [size_gb][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.size_gb] + and [fs_type][google.cloud.workstations.v1.WorkstationConfig.PersistentDirectory.GceRegionalPersistentDisk.fs_type] + must be empty. + type: string + type: object + mountPath: + description: Optional. Location of this directory in the running + workstation. + type: string + type: object + type: array + readinessChecks: + description: Optional. Readiness checks to perform when starting a + workstation using this workstation configuration. Mark a workstation + as running only after all specified readiness checks return 200 + status codes. + items: + properties: + path: + description: Optional. Path to which the request should be sent. + type: string + port: + description: Optional. Port to which the request should be sent. + format: int32 + type: integer + type: object + type: array + replicaZones: + description: |- + Optional. Immutable. Specifies the zones used to replicate the VM and disk + resources within the region. If set, exactly two zones within the + workstation cluster's region must be specified—for example, + `['us-central1-a', 'us-central1-f']`. If this field is empty, two default + zones within the region are used. + + Immutable after the workstation configuration is created. + items: + type: string + type: array + resourceID: + description: Immutable. The WorkstationConfig name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + runningTimeout: + description: |- + Optional. Number of seconds that a workstation can run until it is + automatically shut down. We recommend that workstations be shut down daily + to reduce costs and so that security updates can be applied upon restart. + The + [idle_timeout][google.cloud.workstations.v1.WorkstationConfig.idle_timeout] + and + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + fields are independent of each other. Note that the + [running_timeout][google.cloud.workstations.v1.WorkstationConfig.running_timeout] + field shuts down VMs after the specified time, regardless of whether or not + the VMs are idle. + + Provide duration terminated by `s` for seconds—for example, `"54000s"` + (15 hours). Defaults to `"43200s"` (12 hours). A value of `"0s"` indicates + that workstations using this configuration should never time out. If + [encryption_key][google.cloud.workstations.v1.WorkstationConfig.encryption_key] + is set, it must be greater than `"0s"` and less than + `"86400s"` (24 hours). + + Warning: A value of `"0s"` indicates that Cloud Workstations VMs created + with this configuration have no maximum running time. This is strongly + discouraged because you incur costs and will not pick up security updates. + type: string + required: + - parentRef + type: object + status: + description: WorkstationConfigStatus defines the config connector machine + state of WorkstationConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the WorkstationConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation configuration + was created. + type: string + degraded: + description: Output only. Whether this resource is degraded, in + which case it may require user action to restore full functionality. + See also the [conditions][google.cloud.workstations.v1.WorkstationConfig.conditions] + field. + type: boolean + deleteTime: + description: Output only. Time when this workstation configuration + was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the current + resource state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + host: + description: Output only. Observed state of the runtime host for + the workstation configuration. + properties: + gceInstance: + description: Output only. Observed state of the Compute Engine + runtime host for the workstation configuration. + properties: + pooledInstances: + description: Output only. Number of instances currently + available in the pool for faster workstation startup. + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. A system-assigned unique identifier + for this workstation configuration. + type: string + updateTime: + description: Output only. Time when this workstation configuration + was most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.127.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: workstations.workstations.cnrm.cloud.google.com +spec: + group: workstations.cnrm.cloud.google.com + names: + categories: + - gcp + kind: Workstation + listKind: WorkstationList + plural: workstations + shortNames: + - gcpworkstation + - gcpworkstations + singular: workstation + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: Workstation is the Schema for the Workstation API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationSpec defines the desired state of Workstation + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationConfig + for this Workstation. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationConfig + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}/workstationConfigs/{{workstationconfigID}}". + type: string + name: + description: The name of a WorkstationConfig resource. + type: string + namespace: + description: The namespace of a WorkstationConfig resource. + type: string + type: object + resourceID: + description: Immutable. The Workstation name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - parentRef + type: object + status: + description: WorkstationStatus defines the config connector machine state + of Workstation + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the Workstation resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation was created. + type: string + deleteTime: + description: Output only. Time when this workstation was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + host: + description: Output only. Host to which clients can send HTTPS + traffic that will be received by the workstation. Authorized + traffic will be received to the workstation as HTTP on port + 80. To send traffic to a different port, clients may prefix + the host with the destination port in the format `{port}-{host}`. + type: string + startTime: + description: Output only. Time when this workstation was most + recently successfully started, regardless of the workstation's + initial state. + type: string + state: + description: Output only. Current state of the workstation. + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation. + type: string + updateTime: + description: Output only. Time when this workstation was most + recently updated. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Workstation is the Schema for the Workstation API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationSpec defines the desired state of Workstation + properties: + annotations: + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the label. + type: string + value: + description: Value for the label. + type: string + type: object + type: array + parentRef: + description: Parent is a reference to the parent WorkstationConfig + for this Workstation. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed WorkstationConfig + resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/workstationClusters/{{workstationclusterID}}/workstationConfigs/{{workstationconfigID}}". + type: string + name: + description: The name of a WorkstationConfig resource. + type: string + namespace: + description: The namespace of a WorkstationConfig resource. + type: string + type: object + resourceID: + description: Immutable. The Workstation name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - parentRef + type: object + status: + description: WorkstationStatus defines the config connector machine state + of Workstation + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the Workstation resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Time when this workstation was created. + type: string + deleteTime: + description: Output only. Time when this workstation was soft-deleted. + type: string + etag: + description: Output only. Checksum computed by the server. May + be sent on update and delete requests to make sure that the + client has an up-to-date value before proceeding. + type: string + host: + description: Output only. Host to which clients can send HTTPS + traffic that will be received by the workstation. Authorized + traffic will be received to the workstation as HTTP on port + 80. To send traffic to a different port, clients may prefix + the host with the destination port in the format `{port}-{host}`. + type: string + startTime: + description: Output only. Time when this workstation was most + recently successfully started, regardless of the workstation's + initial state. + type: string + state: + description: Output only. Current state of the workstation. + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation. + type: string + updateTime: + description: Output only. Time when this workstation was most + recently updated. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml index ace1ff4053..10354035e9 100644 --- a/operator/channels/packages/configconnector/1.124.0/namespaced/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.127.0/namespaced/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -869,6 +881,18 @@ rules: - update - patch - delete +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -1097,6 +1121,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1282,7 +1318,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1332,7 +1368,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1390,7 +1426,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1415,7 +1451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1445,7 +1481,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-cluster-role @@ -1476,7 +1512,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1819,6 +1855,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1995,6 +2039,14 @@ rules: - get - list - watch +- apiGroups: + - memorystore.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - mlengine.cnrm.cloud.google.com resources: @@ -2147,6 +2199,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2272,7 +2332,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2335,7 +2395,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2353,7 +2413,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2371,7 +2431,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2394,7 +2454,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2411,7 +2471,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2428,7 +2488,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-binding @@ -2445,7 +2505,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2462,7 +2522,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2479,7 +2539,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2500,7 +2560,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2518,7 +2578,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2531,8 +2591,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.124.0 - image: gcr.io/gke-release/cnrm/recorder:7a86865 + value: 1.127.0 + image: gcr.io/gke-release/cnrm/recorder:1.127.0 imagePullPolicy: Always name: recorder ports: @@ -2584,7 +2644,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2599,7 +2659,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2614,7 +2674,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:7a86865 + image: gcr.io/gke-release/cnrm/webhook:1.127.0 imagePullPolicy: Always name: webhook ports: @@ -2644,7 +2704,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2659,7 +2719,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2667,7 +2727,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:7a86865 + image: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 imagePullPolicy: Always name: deletiondefender ports: @@ -2697,7 +2757,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2712,7 +2772,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2720,7 +2780,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/unmanageddetector:7a86865 + image: gcr.io/gke-release/cnrm/unmanageddetector:1.127.0 imagePullPolicy: Always name: unmanageddetector ports: @@ -2751,7 +2811,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml b/operator/channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml similarity index 93% rename from operator/channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml rename to operator/channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml index 90208295cc..2bc839c1ed 100644 --- a/operator/channels/packages/configconnector/1.124.0/namespaced/per-namespace-components.yaml +++ b/operator/channels/packages/configconnector/1.127.0/namespaced/per-namespace-components.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 iam.gke.io/gcp-service-account: cnrm-system-${NAMESPACE?}@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -14,7 +14,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -35,7 +35,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -56,7 +56,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -75,7 +75,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -93,7 +93,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -117,7 +117,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -134,7 +134,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.127.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:7a86865 + image: gcr.io/gke-release/cnrm/controller:1.127.0 imagePullPolicy: Always name: manager ports: diff --git a/operator/channels/stable b/operator/channels/stable index 3bc421e21b..006aa56966 100644 --- a/operator/channels/stable +++ b/operator/channels/stable @@ -1,2 +1,2 @@ manifests: - - version: 1.126.0 + - version: 1.127.0 diff --git a/operator/config/autopilot/kustomization.yaml b/operator/config/autopilot/kustomization.yaml index 8807560824..87717dd74d 100644 --- a/operator/config/autopilot/kustomization.yaml +++ b/operator/config/autopilot/kustomization.yaml @@ -22,7 +22,7 @@ commonLabels: commonAnnotations: # Given our weekly release schedule, the version of the operator should remain the same of ConfigConnector Core, # if we have to release the operator independently with the KCC core, append extension e.g. 1.6.0-operator.x - cnrm.cloud.google.com/operator-version: "1.126.0" + cnrm.cloud.google.com/operator-version: "1.127.0" bases: - ../crd diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index bfb7f26333..1314e18b6b 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -22,7 +22,7 @@ commonLabels: commonAnnotations: # Given our weekly release schedule, the version of the operator should remain the same of ConfigConnector Core, # if we have to release the operator independently with the KCC core, append extension e.g. 1.6.0-operator.x - cnrm.cloud.google.com/operator-version: "1.126.0" + cnrm.cloud.google.com/operator-version: "1.127.0" bases: - ../crd diff --git a/operator/config/gke-addon/image_configmap.yaml b/operator/config/gke-addon/image_configmap.yaml index 8e509e7eec..1eb38a2615 100644 --- a/operator/config/gke-addon/image_configmap.yaml +++ b/operator/config/gke-addon/image_configmap.yaml @@ -1,10 +1,10 @@ apiVersion: v1 data: - cnrm.controller: gcr.io/gke-release/cnrm/controller:1.126.0 - cnrm.deletiondefender: gcr.io/gke-release/cnrm/deletiondefender:1.126.0 - cnrm.recorder: gcr.io/gke-release/cnrm/recorder:1.126.0 - cnrm.unmanageddetector: gcr.io/gke-release/cnrm/unmanageddetector:1.126.0 - cnrm.webhook: gcr.io/gke-release/cnrm/webhook:1.126.0 + cnrm.controller: gcr.io/gke-release/cnrm/controller:1.127.0 + cnrm.deletiondefender: gcr.io/gke-release/cnrm/deletiondefender:1.127.0 + cnrm.recorder: gcr.io/gke-release/cnrm/recorder:1.127.0 + cnrm.unmanageddetector: gcr.io/gke-release/cnrm/unmanageddetector:1.127.0 + cnrm.webhook: gcr.io/gke-release/cnrm/webhook:1.127.0 prom-to-sd: gcr.io/gke-release/prometheus-to-sd:v0.11.12-gke.11 kind: ConfigMap metadata: diff --git a/version/VERSION b/version/VERSION index c96f047721..a7fd4875b4 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -1.126.0 +1.127.0