diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/inventory.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/inventory.proto index 8f89d8b89b9..92c2b81c832 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/inventory.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/inventory.proto @@ -264,12 +264,9 @@ message Inventory { google.protobuf.Timestamp install_time = 5; } - // Contains information about a Windows application as retrieved from the - // Windows Registry. For more information about these fields, see - // - // [Windows Installer Properties for the Uninstall - // Registry](https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key){: - // class="external" } + // Contains information about a Windows application that is retrieved from the + // Windows Registry. For more information about these fields, see: + // https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key message WindowsApplication { // The name of the application or product. string display_name = 1; @@ -305,7 +302,8 @@ message Inventory { map items = 2; // Output only. Timestamp of the last reported inventory for the VM. - google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 4 + [(google.api.field_behavior) = OUTPUT_ONLY]; } // A request message for getting inventory data for the specified VM. diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy.proto index a07e251f6b9..7b113f91b3a 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy.proto @@ -28,6 +28,21 @@ option ruby_package = "Google::Cloud::OsConfig::V1"; // An OS policy defines the desired state configuration for a VM. message OSPolicy { + // Policy mode + enum Mode { + // Invalid mode + MODE_UNSPECIFIED = 0; + + // This mode checks if the configuration resources in the policy are in + // their desired state. No actions are performed if they are not in the + // desired state. This mode is used for reporting purposes. + VALIDATION = 1; + + // This mode checks if the configuration resources in the policy are in + // their desired state, and if not, enforces the desired state. + ENFORCEMENT = 2; + } + // Filtering criteria to select VMs based on inventory details. message InventoryFilter { // Required. The OS short name @@ -96,6 +111,19 @@ message OSPolicy { // A resource that manages a system package. message PackageResource { + // The desired state that the OS Config agent maintains on the VM. + enum DesiredState { + // Unspecified is invalid. + DESIRED_STATE_UNSPECIFIED = 0; + + // Ensure that the package is installed. + INSTALLED = 1; + + // The agent ensures that the package is not installed and + // uninstalls it if detected. + REMOVED = 2; + } + // A deb package file. dpkg packages only support INSTALLED state. message Deb { // Required. A deb package. @@ -164,19 +192,6 @@ message OSPolicy { repeated string properties = 2; } - // The desired state that the OS Config agent maintains on the VM. - enum DesiredState { - // Unspecified is invalid. - DESIRED_STATE_UNSPECIFIED = 0; - - // Ensure that the package is installed. - INSTALLED = 1; - - // The agent ensures that the package is not installed and - // uninstalls it if detected. - REMOVED = 2; - } - // Required. The desired state the agent should maintain for this package. DesiredState desired_state = 1 [(google.api.field_behavior) = REQUIRED]; @@ -498,21 +513,6 @@ message OSPolicy { repeated Resource resources = 2 [(google.api.field_behavior) = REQUIRED]; } - // Policy mode - enum Mode { - // Invalid mode - MODE_UNSPECIFIED = 0; - - // This mode checks if the configuration resources in the policy are in - // their desired state. No actions are performed if they are not in the - // desired state. This mode is used for reporting purposes. - VALIDATION = 1; - - // This mode checks if the configuration resources in the policy are in - // their desired state, and if not, enforces the desired state. - ENFORCEMENT = 2; - } - // Required. The id of the OS policy with the following restrictions: // // * Must contain only lowercase letters, numbers, and hyphens. diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy_assignment_reports.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy_assignment_reports.proto index f610fc5a884..aa4b2b11b4e 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy_assignment_reports.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/os_policy_assignment_reports.proto @@ -114,6 +114,27 @@ message OSPolicyAssignmentReport { // Compliance data for an OS policy message OSPolicyCompliance { + // Possible compliance states for an os policy. + enum ComplianceState { + // The policy is in an unknown compliance state. + // + // Refer to the field `compliance_state_reason` to learn the exact reason + // for the policy to be in this compliance state. + UNKNOWN = 0; + + // Policy is compliant. + // + // The policy is compliant if all the underlying resources are also + // compliant. + COMPLIANT = 1; + + // Policy is non-compliant. + // + // The policy is non-compliant if one or more underlying resources are + // non-compliant. + NON_COMPLIANT = 2; + } + // Compliance data for an OS policy resource. message OSPolicyResourceCompliance { // Step performed by the OS Config agent for configuring an @@ -152,13 +173,6 @@ message OSPolicyAssignmentReport { string error_message = 2; } - // ExecResource specific output. - message ExecResourceOutput { - // Output from enforcement phase output file (if run). - // Output size is limited to 100K bytes. - bytes enforcement_output = 2; - } - // Possible compliance states for a resource. enum ComplianceState { // The resource is in an unknown compliance state. @@ -174,6 +188,13 @@ message OSPolicyAssignmentReport { NON_COMPLIANT = 2; } + // ExecResource specific output. + message ExecResourceOutput { + // Output from enforcement phase output file (if run). + // Output size is limited to 100K bytes. + bytes enforcement_output = 2; + } + // The ID of the OS policy resource. string os_policy_resource_id = 1; @@ -207,27 +228,6 @@ message OSPolicyAssignmentReport { } } - // Possible compliance states for an os policy. - enum ComplianceState { - // The policy is in an unknown compliance state. - // - // Refer to the field `compliance_state_reason` to learn the exact reason - // for the policy to be in this compliance state. - UNKNOWN = 0; - - // Policy is compliant. - // - // The policy is compliant if all the underlying resources are also - // compliant. - COMPLIANT = 1; - - // Policy is non-compliant. - // - // The policy is non-compliant if one or more underlying resources are - // non-compliant. - NON_COMPLIANT = 2; - } - // The OS policy id string os_policy_id = 1; diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_common.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_common.proto index 43059e9a62e..2b72d6ae945 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_common.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_common.proto @@ -1,4 +1,4 @@ -// Copyright 2020 Google LLC +// Copyright 2021 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_service.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_service.proto index ae256fe68f4..515905c87d5 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_service.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/osconfig_service.proto @@ -16,12 +16,12 @@ syntax = "proto3"; package google.cloud.osconfig.v1; -import "google/api/annotations.proto"; import "google/api/client.proto"; import "google/api/resource.proto"; import "google/cloud/osconfig/v1/patch_deployments.proto"; import "google/cloud/osconfig/v1/patch_jobs.proto"; import "google/protobuf/empty.proto"; +import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.OsConfig.V1"; option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1;osconfig"; @@ -123,4 +123,36 @@ service OsConfigService { }; option (google.api.method_signature) = "name"; } + + // Update an OS Config patch deployment. + rpc UpdatePatchDeployment(UpdatePatchDeploymentRequest) + returns (PatchDeployment) { + option (google.api.http) = { + patch: "/v1/{patch_deployment.name=projects/*/patchDeployments/*}" + body: "patch_deployment" + }; + option (google.api.method_signature) = "patch_deployment,update_mask"; + } + + // Change state of patch deployment to "PAUSED". + // Patch deployment in paused state doesn't generate patch jobs. + rpc PausePatchDeployment(PausePatchDeploymentRequest) + returns (PatchDeployment) { + option (google.api.http) = { + post: "/v1/{name=projects/*/patchDeployments/*}:pause" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // Change state of patch deployment back to "ACTIVE". + // Patch deployment in active state continues to generate patch jobs. + rpc ResumePatchDeployment(ResumePatchDeploymentRequest) + returns (PatchDeployment) { + option (google.api.http) = { + post: "/v1/{name=projects/*/patchDeployments/*}:resume" + body: "*" + }; + option (google.api.method_signature) = "name"; + } } diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_deployments.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_deployments.proto index 8cf85288297..d5708544f8b 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_deployments.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_deployments.proto @@ -20,6 +20,7 @@ import "google/api/field_behavior.proto"; import "google/api/resource.proto"; import "google/cloud/osconfig/v1/patch_jobs.proto"; import "google/protobuf/duration.proto"; +import "google/protobuf/field_mask.proto"; import "google/protobuf/timestamp.proto"; import "google/type/datetime.proto"; import "google/type/dayofweek.proto"; @@ -43,6 +44,19 @@ message PatchDeployment { pattern: "projects/{project}/patchDeployments/{patch_deployment}" }; + // Represents state of patch peployment. + enum State { + // The default value. This value is used if the state is omitted. + STATE_UNSPECIFIED = 0; + + // Active value means that patch deployment generates Patch Jobs. + ACTIVE = 1; + + // Paused value means that patch deployment does not generate + // Patch jobs. Requires user action to move in and out from this state. + PAUSED = 2; + } + // Unique name for the patch deployment resource in a project. The patch // deployment name is in the form: // `projects/{project_id}/patchDeployments/{patch_deployment_id}`. @@ -94,6 +108,9 @@ message PatchDeployment { // Optional. Rollout strategy of the patch job. PatchRollout rollout = 11 [(google.api.field_behavior) = OPTIONAL]; + + // Output only. Current state of the patch deployment. + State state = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; } // Sets the time for a one time patch deployment. Timestamp is in @@ -111,16 +128,16 @@ message RecurringSchedule { // Invalid. A frequency must be specified. FREQUENCY_UNSPECIFIED = 0; - // Indicates that the frequency should be expressed in terms of - // weeks. + // Indicates that the frequency of recurrence should be expressed in terms + // of weeks. WEEKLY = 1; - // Indicates that the frequency should be expressed in terms of - // months. + // Indicates that the frequency of recurrence should be expressed in terms + // of months. MONTHLY = 2; - // Indicates that the frequency should be expressed in terms of - // days. + // Indicates that the frequency of recurrence should be expressed in terms + // of days. DAILY = 3; } @@ -197,6 +214,15 @@ message WeekDayOfMonth { // Required. A day of the week. google.type.DayOfWeek day_of_week = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Represents the number of days before or after the given week day + // of month that the patch deployment is scheduled for. For example if + // `week_ordinal` and `day_of_week` values point to the second day of the + // month and this `day_offset` value is set to `3`, the patch deployment takes + // place three days after the second Tuesday of the month. If this value is + // negative, for example -5, the patches are deployed five days before before + // the second Tuesday of the month. Allowed values are in range [-30, 30]. + int32 day_offset = 3 [(google.api.field_behavior) = OPTIONAL]; } // A request message for creating a patch deployment. @@ -276,3 +302,38 @@ message DeletePatchDeploymentRequest { } ]; } + +// A request message for updating a patch deployment. +message UpdatePatchDeploymentRequest { + // Required. The patch deployment to Update. + PatchDeployment patch_deployment = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Field mask that controls which fields of the patch deployment + // should be updated. + google.protobuf.FieldMask update_mask = 2 + [(google.api.field_behavior) = OPTIONAL]; +} + +// A request message for pausing a patch deployment. +message PausePatchDeploymentRequest { + // Required. The resource name of the patch deployment in the form + // `projects/*/patchDeployments/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "osconfig.googleapis.com/PatchDeployment" + } + ]; +} + +// A request message for resuming a patch deployment. +message ResumePatchDeploymentRequest { + // Required. The resource name of the patch deployment in the form + // `projects/*/patchDeployments/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "osconfig.googleapis.com/PatchDeployment" + } + ]; +} diff --git a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_jobs.proto b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_jobs.proto index 1fffb532a11..4edfc8df555 100644 --- a/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_jobs.proto +++ b/packages/google-cloud-asset/protos/google/cloud/osconfig/v1/patch_jobs.proto @@ -183,6 +183,34 @@ message PatchJob { pattern: "projects/{project}/patchJobs/{patch_job}" }; + // Enumeration of the various states a patch job passes through as it + // executes. + enum State { + // State must be specified. + STATE_UNSPECIFIED = 0; + + // The patch job was successfully initiated. + STARTED = 1; + + // The patch job is looking up instances to run the patch on. + INSTANCE_LOOKUP = 2; + + // Instances are being patched. + PATCHING = 3; + + // Patch job completed successfully. + SUCCEEDED = 4; + + // Patch job completed but there were errors. + COMPLETED_WITH_ERRORS = 5; + + // The patch job was canceled. + CANCELED = 6; + + // The patch job timed out. + TIMED_OUT = 7; + } + // A summary of the current patch state across all instances that this patch // job affects. Contains counts of instances in different states. These states // map to `InstancePatchState`. List patch job instance details to see the @@ -236,34 +264,6 @@ message PatchJob { int64 no_agent_detected_instance_count = 15; } - // Enumeration of the various states a patch job passes through as it - // executes. - enum State { - // State must be specified. - STATE_UNSPECIFIED = 0; - - // The patch job was successfully initiated. - STARTED = 1; - - // The patch job is looking up instances to run the patch on. - INSTANCE_LOOKUP = 2; - - // Instances are being patched. - PATCHING = 3; - - // Patch job completed successfully. - SUCCEEDED = 4; - - // Patch job completed but there were errors. - COMPLETED_WITH_ERRORS = 5; - - // The patch job was canceled. - CANCELED = 6; - - // The patch job timed out. - TIMED_OUT = 7; - } - // Unique identifier for this patch job in the form // `projects/*/patchJobs/*` string name = 1; @@ -369,6 +369,9 @@ message PatchConfig { // The `ExecStep` to run after the patch update. ExecStep post_step = 9; + + // Allows the patch job to run on Managed instance groups (MIGs). + bool mig_instances_allowed = 10; } // Namespace for instance state enums.