| // Copyright 2022 Google LLC |
| // |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file or at |
| // https://developers.google.com/open-source/licenses/bsd |
| |
| // This is a generated file (see the discoveryapis_generator project). |
| |
| // ignore_for_file: camel_case_types |
| // ignore_for_file: comment_references |
| // ignore_for_file: deprecated_member_use_from_same_package |
| // ignore_for_file: doc_directive_unknown |
| // ignore_for_file: lines_longer_than_80_chars |
| // ignore_for_file: non_constant_identifier_names |
| // ignore_for_file: prefer_interpolation_to_compose_strings |
| // ignore_for_file: unintended_html_in_doc_comment |
| // ignore_for_file: unnecessary_brace_in_string_interps |
| // ignore_for_file: unnecessary_lambdas |
| // ignore_for_file: unnecessary_string_interpolations |
| |
| /// GKE Hub API - v2alpha |
| /// |
| /// For more information, see |
| /// <https://cloud.google.com/anthos/multicluster-management/connect/registering-a-cluster> |
| /// |
| /// Create an instance of [GKEHubApi] to access these resources: |
| /// |
| /// - [ProjectsResource] |
| /// - [ProjectsLocationsResource] |
| /// - [ProjectsLocationsMembershipsResource] |
| /// - [ProjectsLocationsMembershipsFeaturesResource] |
| /// - [ProjectsLocationsOperationsResource] |
| library; |
| |
| import 'dart:async' as async; |
| import 'dart:convert' as convert; |
| import 'dart:core' as core; |
| |
| import 'package:_discoveryapis_commons/_discoveryapis_commons.dart' as commons; |
| import 'package:http/http.dart' as http; |
| |
| import '../shared.dart'; |
| import '../src/user_agent.dart'; |
| |
| export 'package:_discoveryapis_commons/_discoveryapis_commons.dart' |
| show ApiRequestError, DetailedApiRequestError; |
| |
| class GKEHubApi { |
| /// See, edit, configure, and delete your Google Cloud data and see the email |
| /// address for your Google Account. |
| static const cloudPlatformScope = |
| 'https://www.googleapis.com/auth/cloud-platform'; |
| |
| final commons.ApiRequester _requester; |
| |
| ProjectsResource get projects => ProjectsResource(_requester); |
| |
| GKEHubApi( |
| http.Client client, { |
| core.String rootUrl = 'https://gkehub.googleapis.com/', |
| core.String servicePath = '', |
| }) : _requester = commons.ApiRequester( |
| client, |
| rootUrl, |
| servicePath, |
| requestHeaders, |
| ); |
| } |
| |
| class ProjectsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsResource get locations => |
| ProjectsLocationsResource(_requester); |
| |
| ProjectsResource(commons.ApiRequester client) : _requester = client; |
| } |
| |
| class ProjectsLocationsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsMembershipsResource get memberships => |
| ProjectsLocationsMembershipsResource(_requester); |
| ProjectsLocationsOperationsResource get operations => |
| ProjectsLocationsOperationsResource(_requester); |
| |
| ProjectsLocationsResource(commons.ApiRequester client) : _requester = client; |
| |
| /// Gets information about a location. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Resource name for the location. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Location]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Location> get(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Location.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists information about the supported locations for this service. |
| /// |
| /// This method lists locations based on the resource scope provided in the |
| /// \[ListLocationsRequest.name\] field: * **Global locations**: If `name` is |
| /// empty, the method lists the public locations available to all projects. * |
| /// **Project-specific locations**: If `name` follows the format |
| /// `projects/{project}`, the method lists locations visible to that specific |
| /// project. This includes public, private, or other project-specific |
| /// locations enabled for the project. For gRPC and client library |
| /// implementations, the resource name is passed as the `name` field. For |
| /// direct service calls, the resource name is incorporated into the request |
| /// path based on the specific service implementation and version. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The resource that owns the locations collection, if applicable. |
| /// Value must have pattern `^projects/\[^/\]+$`. |
| /// |
| /// [extraLocationTypes] - Optional. Do not use this field. It is unsupported |
| /// and is ignored unless explicitly documented otherwise. This is primarily |
| /// for internal usage. |
| /// |
| /// [filter] - A filter to narrow down results to a preferred subset. The |
| /// filtering language accepts strings like `"displayName=tokyo"`, and is |
| /// documented in more detail in \[AIP-160\](https://google.aip.dev/160). |
| /// |
| /// [pageSize] - The maximum number of results to return. If not set, the |
| /// service selects a default. |
| /// |
| /// [pageToken] - A page token received from the `next_page_token` field in |
| /// the response. Send that page token to receive the subsequent page. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListLocationsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListLocationsResponse> list( |
| core.String name, { |
| core.List<core.String>? extraLocationTypes, |
| core.String? filter, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'extraLocationTypes': ?extraLocationTypes, |
| 'filter': ?filter == null ? null : [filter], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name') + '/locations'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListLocationsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsMembershipsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsMembershipsFeaturesResource get features => |
| ProjectsLocationsMembershipsFeaturesResource(_requester); |
| |
| ProjectsLocationsMembershipsResource(commons.ApiRequester client) |
| : _requester = client; |
| } |
| |
| class ProjectsLocationsMembershipsFeaturesResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsMembershipsFeaturesResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Creates membershipFeature under a given parent. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The name of parent where the MembershipFeature will |
| /// be created. Specified in the format `projects / * /locations / * |
| /// /memberships / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/memberships/\[^/\]+$`. |
| /// |
| /// [featureId] - Required. The ID of the membership_feature to create. |
| /// |
| /// [requestId] - Idempotent request UUID. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> create( |
| MembershipFeature request, |
| core.String parent, { |
| core.String? featureId, |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'featureId': ?featureId == null ? null : [featureId], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$parent') + '/features'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Removes a membershipFeature. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the membershipFeature to be deleted. |
| /// Specified in the format `projects / * /locations / * /memberships / * |
| /// /features / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/memberships/\[^/\]+/features/\[^/\]+$`. |
| /// |
| /// [requestId] - Idempotent request UUID. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> delete( |
| core.String name, { |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'DELETE', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// ========= MembershipFeature Services ========= Gets details of a |
| /// membershipFeature. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The MembershipFeature resource name in the format |
| /// `projects / * /locations / * /memberships / * /features / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/memberships/\[^/\]+/features/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [MembershipFeature]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<MembershipFeature> get( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return MembershipFeature.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Lists MembershipFeatures in a given project and location. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The parent where the MembershipFeature will be |
| /// listed. In the format: `projects / * /locations / * /memberships / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/memberships/\[^/\]+$`. |
| /// |
| /// [filter] - Lists MembershipFeatures that match the filter expression, |
| /// following the syntax outlined in https://google.aip.dev/160. Examples: - |
| /// Feature with the name "helloworld" in project "foo-proj" and membership |
| /// "member-bar": name = |
| /// "projects/foo-proj/locations/global/memberships/member-bar/features/helloworld" |
| /// - Features that have a label called `foo`: labels.foo:* - Features that |
| /// have a label called `foo` whose value is `bar`: labels.foo = bar |
| /// |
| /// [orderBy] - One or more fields to compare and use to sort the output. See |
| /// https://google.aip.dev/132#ordering. |
| /// |
| /// [pageSize] - When requesting a 'page' of resources, `page_size` specifies |
| /// number of resources to return. If unspecified or set to 0, all resources |
| /// will be returned. |
| /// |
| /// [pageToken] - Token returned by previous call to `ListFeatures` which |
| /// specifies the position in the list from where to continue listing the |
| /// resources. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListMembershipFeaturesResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListMembershipFeaturesResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$parent') + '/features'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListMembershipFeaturesResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Updates an existing MembershipFeature. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Output only. The resource name of the membershipFeature, in the |
| /// format: |
| /// `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. |
| /// Note that `membershipFeatures` is shortened to `features` in the resource |
| /// name. (see http://go/aip/122#collection-identifiers) |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/memberships/\[^/\]+/features/\[^/\]+$`. |
| /// |
| /// [allowMissing] - Optional. If set to true, and the MembershipFeature is |
| /// not found, a new MembershipFeature will be created. In this situation, |
| /// `update_mask` is ignored. |
| /// |
| /// [requestId] - Idempotent request UUID. |
| /// |
| /// [updateMask] - Required. Mask of fields to update. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> patch( |
| MembershipFeature request, |
| core.String name, { |
| core.bool? allowMissing, |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'allowMissing': ?allowMissing == null ? null : ['${allowMissing}'], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| } |
| |
| class ProjectsLocationsOperationsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsOperationsResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Starts asynchronous cancellation on a long-running operation. |
| /// |
| /// The server makes a best effort to cancel the operation, but success is not |
| /// guaranteed. If the server doesn't support this method, it returns |
| /// `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation |
| /// or other methods to check whether the cancellation succeeded or whether |
| /// the operation completed despite cancellation. On successful cancellation, |
| /// the operation is not deleted; instead, it becomes an operation with an |
| /// Operation.error value with a google.rpc.Status.code of `1`, corresponding |
| /// to `Code.CANCELLED`. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation resource to be cancelled. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/operations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Empty]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Empty> cancel( |
| CancelOperationRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name') + ':cancel'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Empty.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Gets the latest state of a long-running operation. |
| /// |
| /// Clients can use this method to poll the operation result at intervals as |
| /// recommended by the API service. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation resource. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/operations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> get(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists operations that match the specified filter in the request. |
| /// |
| /// If the server doesn't support this method, it returns `UNIMPLEMENTED`. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation's parent resource. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [filter] - The standard list filter. |
| /// |
| /// [pageSize] - The standard list page size. |
| /// |
| /// [pageToken] - The standard list page token. |
| /// |
| /// [returnPartialSuccess] - When set to `true`, operations that are reachable |
| /// are returned as normal, and those that are unreachable are returned in the |
| /// ListOperationsResponse.unreachable field. This can only be `true` when |
| /// reading across collections. For example, when `parent` is set to |
| /// `"projects/example/locations/-"`. This field is not supported by default |
| /// and will result in an `UNIMPLEMENTED` error if set unless explicitly |
| /// documented otherwise in service or product specific documentation. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListOperationsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListOperationsResponse> list( |
| core.String name, { |
| core.String? filter, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.bool? returnPartialSuccess, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'returnPartialSuccess': ?returnPartialSuccess == null |
| ? null |
| : ['${returnPartialSuccess}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v2alpha/' + core.Uri.encodeFull('$name') + '/operations'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListOperationsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| /// State for App Dev Exp Feature. |
| class AppDevExperienceState { |
| /// Status of subcomponent that detects configured Service Mesh resources. |
| AppDevExperienceStatus? networkingInstallSucceeded; |
| |
| AppDevExperienceState({this.networkingInstallSucceeded}); |
| |
| AppDevExperienceState.fromJson(core.Map json_) |
| : this( |
| networkingInstallSucceeded: |
| json_.containsKey('networkingInstallSucceeded') |
| ? AppDevExperienceStatus.fromJson( |
| json_['networkingInstallSucceeded'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final networkingInstallSucceeded = this.networkingInstallSucceeded; |
| return {'networkingInstallSucceeded': ?networkingInstallSucceeded}; |
| } |
| } |
| |
| /// Status specifies state for the subcomponent. |
| class AppDevExperienceStatus { |
| /// Code specifies AppDevExperienceFeature's subcomponent ready state. |
| /// Possible string values are: |
| /// - "CODE_UNSPECIFIED" : Not set. |
| /// - "OK" : AppDevExperienceFeature's specified subcomponent is ready. |
| /// - "FAILED" : AppDevExperienceFeature's specified subcomponent ready state |
| /// is false. This means AppDevExperienceFeature has encountered an issue that |
| /// blocks all, or a portion, of its normal operation. See the `description` |
| /// for more details. |
| /// - "UNKNOWN" : AppDevExperienceFeature's specified subcomponent has a |
| /// pending or unknown state. |
| core.String? code; |
| |
| /// Description is populated if Code is Failed, explaining why it has failed. |
| core.String? description; |
| |
| AppDevExperienceStatus({this.code, this.description}); |
| |
| AppDevExperienceStatus.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| description: json_['description'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final description = this.description; |
| return {'code': ?code, 'description': ?description}; |
| } |
| } |
| |
| /// The request message for Operations.CancelOperation. |
| typedef CancelOperationRequest = $Empty; |
| |
| /// **Cloud Build**: Configurations for each Cloud Build enabled cluster. |
| class CloudBuildSpec { |
| /// Whether it is allowed to run the privileged builds on the cluster or not. |
| /// Possible string values are: |
| /// - "SECURITY_POLICY_UNSPECIFIED" : Unspecified policy |
| /// - "NON_PRIVILEGED" : Privileged build pods are disallowed |
| /// - "PRIVILEGED" : Privileged build pods are allowed |
| core.String? securityPolicy; |
| |
| /// Version of the cloud build software on the cluster. |
| core.String? version; |
| |
| CloudBuildSpec({this.securityPolicy, this.version}); |
| |
| CloudBuildSpec.fromJson(core.Map json_) |
| : this( |
| securityPolicy: json_['securityPolicy'] as core.String?, |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final securityPolicy = this.securityPolicy; |
| final version = this.version; |
| return {'securityPolicy': ?securityPolicy, 'version': ?version}; |
| } |
| } |
| |
| /// GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade. |
| class ClusterUpgradeGKEUpgrade { |
| /// Name of the upgrade, e.g., "k8s_control_plane". |
| core.String? name; |
| |
| /// Version of the upgrade, e.g., "1.22.1-gke.100". |
| core.String? version; |
| |
| ClusterUpgradeGKEUpgrade({this.name, this.version}); |
| |
| ClusterUpgradeGKEUpgrade.fromJson(core.Map json_) |
| : this( |
| name: json_['name'] as core.String?, |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final name = this.name; |
| final version = this.version; |
| return {'name': ?name, 'version': ?version}; |
| } |
| } |
| |
| /// IgnoredMembership represents a membership ignored by the feature. |
| /// |
| /// A membership can be ignored because it was manually upgraded to a newer |
| /// version than RC default. |
| class ClusterUpgradeIgnoredMembership { |
| /// Time when the membership was first set to ignored. |
| core.String? ignoredTime; |
| |
| /// Reason why the membership is ignored. |
| core.String? reason; |
| |
| ClusterUpgradeIgnoredMembership({this.ignoredTime, this.reason}); |
| |
| ClusterUpgradeIgnoredMembership.fromJson(core.Map json_) |
| : this( |
| ignoredTime: json_['ignoredTime'] as core.String?, |
| reason: json_['reason'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final ignoredTime = this.ignoredTime; |
| final reason = this.reason; |
| return {'ignoredTime': ?ignoredTime, 'reason': ?reason}; |
| } |
| } |
| |
| /// MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership. |
| class ClusterUpgradeMembershipGKEUpgradeState { |
| /// Status of the upgrade. |
| ClusterUpgradeUpgradeStatus? status; |
| |
| /// Which upgrade to track the state. |
| ClusterUpgradeGKEUpgrade? upgrade; |
| |
| ClusterUpgradeMembershipGKEUpgradeState({this.status, this.upgrade}); |
| |
| ClusterUpgradeMembershipGKEUpgradeState.fromJson(core.Map json_) |
| : this( |
| status: json_.containsKey('status') |
| ? ClusterUpgradeUpgradeStatus.fromJson( |
| json_['status'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| upgrade: json_.containsKey('upgrade') |
| ? ClusterUpgradeGKEUpgrade.fromJson( |
| json_['upgrade'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final status = this.status; |
| final upgrade = this.upgrade; |
| return {'status': ?status, 'upgrade': ?upgrade}; |
| } |
| } |
| |
| /// Per-membership state for this feature. |
| class ClusterUpgradeState { |
| /// Whether this membership is ignored by the feature. |
| /// |
| /// For example, manually upgraded clusters can be ignored if they are newer |
| /// than the default versions of its release channel. |
| ClusterUpgradeIgnoredMembership? ignored; |
| |
| /// Actual upgrade state against desired. |
| core.List<ClusterUpgradeMembershipGKEUpgradeState>? upgrades; |
| |
| ClusterUpgradeState({this.ignored, this.upgrades}); |
| |
| ClusterUpgradeState.fromJson(core.Map json_) |
| : this( |
| ignored: json_.containsKey('ignored') |
| ? ClusterUpgradeIgnoredMembership.fromJson( |
| json_['ignored'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| upgrades: (json_['upgrades'] as core.List?) |
| ?.map( |
| (value) => ClusterUpgradeMembershipGKEUpgradeState.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final ignored = this.ignored; |
| final upgrades = this.upgrades; |
| return {'ignored': ?ignored, 'upgrades': ?upgrades}; |
| } |
| } |
| |
| /// UpgradeStatus provides status information for each upgrade. |
| class ClusterUpgradeUpgradeStatus { |
| /// Status code of the upgrade. |
| /// Possible string values are: |
| /// - "CODE_UNSPECIFIED" : Required by https://linter.aip.dev/126/unspecified. |
| /// - "INELIGIBLE" : The upgrade is ineligible. At the scope level, this means |
| /// the upgrade is ineligible for all the clusters in the scope. |
| /// - "PENDING" : The upgrade is pending. At the scope level, this means the |
| /// upgrade is pending for all the clusters in the scope. |
| /// - "IN_PROGRESS" : The upgrade is in progress. At the scope level, this |
| /// means the upgrade is in progress for at least one cluster in the scope. |
| /// - "SOAKING" : The upgrade has finished and is soaking until the soaking |
| /// time is up. At the scope level, this means at least one cluster is in |
| /// soaking while the rest are either soaking or complete. |
| /// - "FORCED_SOAKING" : A cluster will be forced to enter soaking if an |
| /// upgrade doesn't finish within a certain limit, despite it's actual status. |
| /// - "COMPLETE" : The upgrade has passed all post conditions (soaking). At |
| /// the scope level, this means all eligible clusters are in COMPLETE status. |
| core.String? code; |
| |
| /// Reason for this status. |
| core.String? reason; |
| |
| /// Last timestamp the status was updated. |
| core.String? updateTime; |
| |
| ClusterUpgradeUpgradeStatus({this.code, this.reason, this.updateTime}); |
| |
| ClusterUpgradeUpgradeStatus.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| reason: json_['reason'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final reason = this.reason; |
| final updateTime = this.updateTime; |
| return {'code': ?code, 'reason': ?reason, 'updateTime': ?updateTime}; |
| } |
| } |
| |
| /// Configuration for Binauthz. |
| class ConfigManagementBinauthzConfig { |
| /// Whether binauthz is enabled in this cluster. |
| core.bool? enabled; |
| |
| ConfigManagementBinauthzConfig({this.enabled}); |
| |
| ConfigManagementBinauthzConfig.fromJson(core.Map json_) |
| : this(enabled: json_['enabled'] as core.bool?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final enabled = this.enabled; |
| return {'enabled': ?enabled}; |
| } |
| } |
| |
| /// State for Binauthz. |
| class ConfigManagementBinauthzState { |
| /// The version of binauthz that is installed. |
| ConfigManagementBinauthzVersion? version; |
| |
| /// The state of the binauthz webhook. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? webhook; |
| |
| ConfigManagementBinauthzState({this.version, this.webhook}); |
| |
| ConfigManagementBinauthzState.fromJson(core.Map json_) |
| : this( |
| version: json_.containsKey('version') |
| ? ConfigManagementBinauthzVersion.fromJson( |
| json_['version'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| webhook: json_['webhook'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final version = this.version; |
| final webhook = this.webhook; |
| return {'version': ?version, 'webhook': ?webhook}; |
| } |
| } |
| |
| /// The version of binauthz. |
| class ConfigManagementBinauthzVersion { |
| /// The version of the binauthz webhook. |
| core.String? webhookVersion; |
| |
| ConfigManagementBinauthzVersion({this.webhookVersion}); |
| |
| ConfigManagementBinauthzVersion.fromJson(core.Map json_) |
| : this(webhookVersion: json_['webhookVersion'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final webhookVersion = this.webhookVersion; |
| return {'webhookVersion': ?webhookVersion}; |
| } |
| } |
| |
| /// Configuration for Config Sync |
| class ConfigManagementConfigSync { |
| /// Configuration for deployment overrides. |
| /// |
| /// Applies only to Config Sync deployments with containers that are not a |
| /// root or namespace reconciler: `reconciler-manager`, `otel-collector`, |
| /// `resource-group-controller-manager`, `admission-webhook`. To override a |
| /// root or namespace reconciler, use the rootsync or reposync fields at |
| /// https://docs.cloud.google.com/kubernetes-engine/config-sync/docs/reference/rootsync-reposync-fields#override-resources |
| /// instead. |
| /// |
| /// Optional. |
| core.List<ConfigManagementDeploymentOverride>? deploymentOverrides; |
| |
| /// Enables the installation of Config Sync. |
| /// |
| /// If set to true, the Feature will manage Config Sync resources, and apply |
| /// the other ConfigSync fields if they exist. If set to false, the Feature |
| /// will ignore all other ConfigSync fields and delete the Config Sync |
| /// resources. If omitted, ConfigSync is considered enabled if the git or oci |
| /// field is present. |
| /// |
| /// Optional. |
| core.bool? enabled; |
| |
| /// Git repo configuration for the cluster. |
| /// |
| /// Optional. |
| ConfigManagementGitConfig? git; |
| |
| /// The Email of the Google Cloud Service Account (GSA) used for exporting |
| /// Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload |
| /// Identity is enabled. |
| /// |
| /// The GSA should have the Monitoring Metric Writer |
| /// (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount |
| /// `default` in the namespace `config-management-monitoring` should be bound |
| /// to the GSA. Deprecated: If Workload Identity Federation for GKE is |
| /// enabled, Google Cloud Service Account is no longer needed for exporting |
| /// Config Sync metrics: |
| /// https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring. |
| /// |
| /// Optional. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.String? metricsGcpServiceAccountEmail; |
| |
| /// OCI repo configuration for the cluster. |
| /// |
| /// Optional. |
| ConfigManagementOciConfig? oci; |
| |
| /// Set to true to enable the Config Sync admission webhook to prevent drifts. |
| /// |
| /// If set to false, disables the Config Sync admission webhook and does not |
| /// prevent drifts. Defaults to false. See |
| /// https://docs.cloud.google.com/kubernetes-engine/config-sync/docs/how-to/prevent-config-drift |
| /// for details. |
| /// |
| /// Optional. |
| core.bool? preventDrift; |
| |
| /// Specifies whether the Config Sync repo is in `hierarchical` or |
| /// `unstructured` mode. |
| /// |
| /// Defaults to `hierarchical`. See |
| /// https://docs.cloud.google.com/kubernetes-engine/config-sync/docs/concepts/configs#organize-configs |
| /// for an explanation. |
| /// |
| /// Optional. |
| core.String? sourceFormat; |
| |
| /// Set to true to stop syncing configs for a single cluster. |
| /// |
| /// Default to false. |
| /// |
| /// Optional. |
| core.bool? stopSyncing; |
| |
| ConfigManagementConfigSync({ |
| this.deploymentOverrides, |
| this.enabled, |
| this.git, |
| this.metricsGcpServiceAccountEmail, |
| this.oci, |
| this.preventDrift, |
| this.sourceFormat, |
| this.stopSyncing, |
| }); |
| |
| ConfigManagementConfigSync.fromJson(core.Map json_) |
| : this( |
| deploymentOverrides: (json_['deploymentOverrides'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementDeploymentOverride.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| enabled: json_['enabled'] as core.bool?, |
| git: json_.containsKey('git') |
| ? ConfigManagementGitConfig.fromJson( |
| json_['git'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| metricsGcpServiceAccountEmail: |
| json_['metricsGcpServiceAccountEmail'] as core.String?, |
| oci: json_.containsKey('oci') |
| ? ConfigManagementOciConfig.fromJson( |
| json_['oci'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| preventDrift: json_['preventDrift'] as core.bool?, |
| sourceFormat: json_['sourceFormat'] as core.String?, |
| stopSyncing: json_['stopSyncing'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final deploymentOverrides = this.deploymentOverrides; |
| final enabled = this.enabled; |
| final git = this.git; |
| final metricsGcpServiceAccountEmail = this.metricsGcpServiceAccountEmail; |
| final oci = this.oci; |
| final preventDrift = this.preventDrift; |
| final sourceFormat = this.sourceFormat; |
| final stopSyncing = this.stopSyncing; |
| return { |
| 'deploymentOverrides': ?deploymentOverrides, |
| 'enabled': ?enabled, |
| 'git': ?git, |
| 'metricsGcpServiceAccountEmail': ?metricsGcpServiceAccountEmail, |
| 'oci': ?oci, |
| 'preventDrift': ?preventDrift, |
| 'sourceFormat': ?sourceFormat, |
| 'stopSyncing': ?stopSyncing, |
| }; |
| } |
| } |
| |
| /// The state of ConfigSync's deployment on a cluster. |
| class ConfigManagementConfigSyncDeploymentState { |
| /// Deployment state of admission-webhook. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? admissionWebhook; |
| |
| /// Deployment state of the git-sync pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? gitSync; |
| |
| /// Deployment state of the importer pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? importer; |
| |
| /// Deployment state of the monitor pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? monitor; |
| |
| /// Deployment state of otel-collector |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? otelCollector; |
| |
| /// Deployment state of reconciler-manager pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? reconcilerManager; |
| |
| /// Deployment state of resource-group-controller-manager |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? resourceGroupControllerManager; |
| |
| /// Deployment state of root-reconciler. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? rootReconciler; |
| |
| /// Deployment state of the syncer pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? syncer; |
| |
| ConfigManagementConfigSyncDeploymentState({ |
| this.admissionWebhook, |
| this.gitSync, |
| this.importer, |
| this.monitor, |
| this.otelCollector, |
| this.reconcilerManager, |
| this.resourceGroupControllerManager, |
| this.rootReconciler, |
| this.syncer, |
| }); |
| |
| ConfigManagementConfigSyncDeploymentState.fromJson(core.Map json_) |
| : this( |
| admissionWebhook: json_['admissionWebhook'] as core.String?, |
| gitSync: json_['gitSync'] as core.String?, |
| importer: json_['importer'] as core.String?, |
| monitor: json_['monitor'] as core.String?, |
| otelCollector: json_['otelCollector'] as core.String?, |
| reconcilerManager: json_['reconcilerManager'] as core.String?, |
| resourceGroupControllerManager: |
| json_['resourceGroupControllerManager'] as core.String?, |
| rootReconciler: json_['rootReconciler'] as core.String?, |
| syncer: json_['syncer'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final admissionWebhook = this.admissionWebhook; |
| final gitSync = this.gitSync; |
| final importer = this.importer; |
| final monitor = this.monitor; |
| final otelCollector = this.otelCollector; |
| final reconcilerManager = this.reconcilerManager; |
| final resourceGroupControllerManager = this.resourceGroupControllerManager; |
| final rootReconciler = this.rootReconciler; |
| final syncer = this.syncer; |
| return { |
| 'admissionWebhook': ?admissionWebhook, |
| 'gitSync': ?gitSync, |
| 'importer': ?importer, |
| 'monitor': ?monitor, |
| 'otelCollector': ?otelCollector, |
| 'reconcilerManager': ?reconcilerManager, |
| 'resourceGroupControllerManager': ?resourceGroupControllerManager, |
| 'rootReconciler': ?rootReconciler, |
| 'syncer': ?syncer, |
| }; |
| } |
| } |
| |
| /// Errors pertaining to the installation of Config Sync |
| class ConfigManagementConfigSyncError { |
| /// A string representing the user facing error message |
| core.String? errorMessage; |
| |
| ConfigManagementConfigSyncError({this.errorMessage}); |
| |
| ConfigManagementConfigSyncError.fromJson(core.Map json_) |
| : this(errorMessage: json_['errorMessage'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final errorMessage = this.errorMessage; |
| return {'errorMessage': ?errorMessage}; |
| } |
| } |
| |
| /// State information for ConfigSync. |
| class ConfigManagementConfigSyncState { |
| /// Whether syncing resources to the cluster is stopped at the cluster level. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "STOP_SYNCING_STATE_UNSPECIFIED" : State cannot be determined |
| /// - "NOT_STOPPED" : Syncing resources to the cluster is not stopped at the |
| /// cluster level. |
| /// - "PENDING" : Some reconcilers stop syncing resources to the cluster, |
| /// while others are still syncing. |
| /// - "STOPPED" : Syncing resources to the cluster is stopped at the cluster |
| /// level. |
| core.String? clusterLevelStopSyncingState; |
| |
| /// The number of RootSync and RepoSync CRs in the cluster. |
| /// |
| /// Output only. |
| core.int? crCount; |
| |
| /// Information about the deployment of ConfigSync, including the version. |
| /// |
| /// of the various Pods deployed |
| /// |
| /// Output only. |
| ConfigManagementConfigSyncDeploymentState? deploymentState; |
| |
| /// Errors pertaining to the installation of Config Sync. |
| /// |
| /// Output only. |
| core.List<ConfigManagementConfigSyncError>? errors; |
| |
| /// The state of the Reposync CRD |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "CRD_STATE_UNSPECIFIED" : CRD's state cannot be determined |
| /// - "NOT_INSTALLED" : CRD is not installed |
| /// - "INSTALLED" : CRD is installed |
| /// - "TERMINATING" : CRD is terminating (i.e., it has been deleted and is |
| /// cleaning up) |
| /// - "INSTALLING" : CRD is installing |
| core.String? reposyncCrd; |
| |
| /// The state of the RootSync CRD |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "CRD_STATE_UNSPECIFIED" : CRD's state cannot be determined |
| /// - "NOT_INSTALLED" : CRD is not installed |
| /// - "INSTALLED" : CRD is installed |
| /// - "TERMINATING" : CRD is terminating (i.e., it has been deleted and is |
| /// cleaning up) |
| /// - "INSTALLING" : CRD is installing |
| core.String? rootsyncCrd; |
| |
| /// The state of CS This field summarizes the other fields in this message. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "STATE_UNSPECIFIED" : CS's state cannot be determined. |
| /// - "CONFIG_SYNC_NOT_INSTALLED" : CS is not installed. |
| /// - "CONFIG_SYNC_INSTALLED" : The expected CS version is installed |
| /// successfully. |
| /// - "CONFIG_SYNC_ERROR" : CS encounters errors. |
| /// - "CONFIG_SYNC_PENDING" : CS is installing or terminating. |
| core.String? state; |
| |
| /// The state of ConfigSync's process to sync configs to a cluster. |
| /// |
| /// Output only. |
| ConfigManagementSyncState? syncState; |
| |
| /// The version of ConfigSync deployed. |
| /// |
| /// Output only. |
| ConfigManagementConfigSyncVersion? version; |
| |
| ConfigManagementConfigSyncState({ |
| this.clusterLevelStopSyncingState, |
| this.crCount, |
| this.deploymentState, |
| this.errors, |
| this.reposyncCrd, |
| this.rootsyncCrd, |
| this.state, |
| this.syncState, |
| this.version, |
| }); |
| |
| ConfigManagementConfigSyncState.fromJson(core.Map json_) |
| : this( |
| clusterLevelStopSyncingState: |
| json_['clusterLevelStopSyncingState'] as core.String?, |
| crCount: json_['crCount'] as core.int?, |
| deploymentState: json_.containsKey('deploymentState') |
| ? ConfigManagementConfigSyncDeploymentState.fromJson( |
| json_['deploymentState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| errors: (json_['errors'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementConfigSyncError.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| reposyncCrd: json_['reposyncCrd'] as core.String?, |
| rootsyncCrd: json_['rootsyncCrd'] as core.String?, |
| state: json_['state'] as core.String?, |
| syncState: json_.containsKey('syncState') |
| ? ConfigManagementSyncState.fromJson( |
| json_['syncState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| version: json_.containsKey('version') |
| ? ConfigManagementConfigSyncVersion.fromJson( |
| json_['version'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final clusterLevelStopSyncingState = this.clusterLevelStopSyncingState; |
| final crCount = this.crCount; |
| final deploymentState = this.deploymentState; |
| final errors = this.errors; |
| final reposyncCrd = this.reposyncCrd; |
| final rootsyncCrd = this.rootsyncCrd; |
| final state = this.state; |
| final syncState = this.syncState; |
| final version = this.version; |
| return { |
| 'clusterLevelStopSyncingState': ?clusterLevelStopSyncingState, |
| 'crCount': ?crCount, |
| 'deploymentState': ?deploymentState, |
| 'errors': ?errors, |
| 'reposyncCrd': ?reposyncCrd, |
| 'rootsyncCrd': ?rootsyncCrd, |
| 'state': ?state, |
| 'syncState': ?syncState, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// Specific versioning information pertaining to ConfigSync's Pods. |
| class ConfigManagementConfigSyncVersion { |
| /// Version of the deployed admission-webhook pod. |
| core.String? admissionWebhook; |
| |
| /// Version of the deployed git-sync pod. |
| core.String? gitSync; |
| |
| /// Version of the deployed importer pod. |
| core.String? importer; |
| |
| /// Version of the deployed monitor pod. |
| core.String? monitor; |
| |
| /// Version of the deployed otel-collector pod |
| core.String? otelCollector; |
| |
| /// Version of the deployed reconciler-manager pod. |
| core.String? reconcilerManager; |
| |
| /// Version of the deployed resource-group-controller-manager pod |
| core.String? resourceGroupControllerManager; |
| |
| /// Version of the deployed reconciler container in root-reconciler pod. |
| core.String? rootReconciler; |
| |
| /// Version of the deployed syncer pod. |
| core.String? syncer; |
| |
| ConfigManagementConfigSyncVersion({ |
| this.admissionWebhook, |
| this.gitSync, |
| this.importer, |
| this.monitor, |
| this.otelCollector, |
| this.reconcilerManager, |
| this.resourceGroupControllerManager, |
| this.rootReconciler, |
| this.syncer, |
| }); |
| |
| ConfigManagementConfigSyncVersion.fromJson(core.Map json_) |
| : this( |
| admissionWebhook: json_['admissionWebhook'] as core.String?, |
| gitSync: json_['gitSync'] as core.String?, |
| importer: json_['importer'] as core.String?, |
| monitor: json_['monitor'] as core.String?, |
| otelCollector: json_['otelCollector'] as core.String?, |
| reconcilerManager: json_['reconcilerManager'] as core.String?, |
| resourceGroupControllerManager: |
| json_['resourceGroupControllerManager'] as core.String?, |
| rootReconciler: json_['rootReconciler'] as core.String?, |
| syncer: json_['syncer'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final admissionWebhook = this.admissionWebhook; |
| final gitSync = this.gitSync; |
| final importer = this.importer; |
| final monitor = this.monitor; |
| final otelCollector = this.otelCollector; |
| final reconcilerManager = this.reconcilerManager; |
| final resourceGroupControllerManager = this.resourceGroupControllerManager; |
| final rootReconciler = this.rootReconciler; |
| final syncer = this.syncer; |
| return { |
| 'admissionWebhook': ?admissionWebhook, |
| 'gitSync': ?gitSync, |
| 'importer': ?importer, |
| 'monitor': ?monitor, |
| 'otelCollector': ?otelCollector, |
| 'reconcilerManager': ?reconcilerManager, |
| 'resourceGroupControllerManager': ?resourceGroupControllerManager, |
| 'rootReconciler': ?rootReconciler, |
| 'syncer': ?syncer, |
| }; |
| } |
| } |
| |
| /// Configuration for a container override. |
| class ConfigManagementContainerOverride { |
| /// The name of the container. |
| /// |
| /// Required. |
| core.String? containerName; |
| |
| /// The cpu limit of the container. |
| /// |
| /// Use the following CPU resource units: |
| /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-cpu. |
| /// |
| /// Optional. |
| core.String? cpuLimit; |
| |
| /// The cpu request of the container. |
| /// |
| /// Use the following CPU resource units: |
| /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-cpu. |
| /// |
| /// Optional. |
| core.String? cpuRequest; |
| |
| /// The memory limit of the container. |
| /// |
| /// Use the following memory resource units: |
| /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory. |
| /// |
| /// Optional. |
| core.String? memoryLimit; |
| |
| /// The memory request of the container. |
| /// |
| /// Use the following memory resource units: |
| /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory. |
| /// |
| /// Optional. |
| core.String? memoryRequest; |
| |
| ConfigManagementContainerOverride({ |
| this.containerName, |
| this.cpuLimit, |
| this.cpuRequest, |
| this.memoryLimit, |
| this.memoryRequest, |
| }); |
| |
| ConfigManagementContainerOverride.fromJson(core.Map json_) |
| : this( |
| containerName: json_['containerName'] as core.String?, |
| cpuLimit: json_['cpuLimit'] as core.String?, |
| cpuRequest: json_['cpuRequest'] as core.String?, |
| memoryLimit: json_['memoryLimit'] as core.String?, |
| memoryRequest: json_['memoryRequest'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final containerName = this.containerName; |
| final cpuLimit = this.cpuLimit; |
| final cpuRequest = this.cpuRequest; |
| final memoryLimit = this.memoryLimit; |
| final memoryRequest = this.memoryRequest; |
| return { |
| 'containerName': ?containerName, |
| 'cpuLimit': ?cpuLimit, |
| 'cpuRequest': ?cpuRequest, |
| 'memoryLimit': ?memoryLimit, |
| 'memoryRequest': ?memoryRequest, |
| }; |
| } |
| } |
| |
| /// Configuration for a deployment override. |
| class ConfigManagementDeploymentOverride { |
| /// The containers of the deployment resource to be overridden. |
| /// |
| /// Optional. |
| core.List<ConfigManagementContainerOverride>? containers; |
| |
| /// The name of the deployment resource to be overridden. |
| /// |
| /// Required. |
| core.String? deploymentName; |
| |
| /// The namespace of the deployment resource to be overridden. |
| /// |
| /// Required. |
| core.String? deploymentNamespace; |
| |
| ConfigManagementDeploymentOverride({ |
| this.containers, |
| this.deploymentName, |
| this.deploymentNamespace, |
| }); |
| |
| ConfigManagementDeploymentOverride.fromJson(core.Map json_) |
| : this( |
| containers: (json_['containers'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementContainerOverride.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| deploymentName: json_['deploymentName'] as core.String?, |
| deploymentNamespace: json_['deploymentNamespace'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final containers = this.containers; |
| final deploymentName = this.deploymentName; |
| final deploymentNamespace = this.deploymentNamespace; |
| return { |
| 'containers': ?containers, |
| 'deploymentName': ?deploymentName, |
| 'deploymentNamespace': ?deploymentNamespace, |
| }; |
| } |
| } |
| |
| /// Model for a config file in the git repo with an associated Sync error. |
| class ConfigManagementErrorResource { |
| /// Group/version/kind of the resource that is causing an error |
| ConfigManagementGroupVersionKind? resourceGvk; |
| |
| /// Metadata name of the resource that is causing an error |
| core.String? resourceName; |
| |
| /// Namespace of the resource that is causing an error |
| core.String? resourceNamespace; |
| |
| /// Path in the git repo of the erroneous config |
| core.String? sourcePath; |
| |
| ConfigManagementErrorResource({ |
| this.resourceGvk, |
| this.resourceName, |
| this.resourceNamespace, |
| this.sourcePath, |
| }); |
| |
| ConfigManagementErrorResource.fromJson(core.Map json_) |
| : this( |
| resourceGvk: json_.containsKey('resourceGvk') |
| ? ConfigManagementGroupVersionKind.fromJson( |
| json_['resourceGvk'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| resourceName: json_['resourceName'] as core.String?, |
| resourceNamespace: json_['resourceNamespace'] as core.String?, |
| sourcePath: json_['sourcePath'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final resourceGvk = this.resourceGvk; |
| final resourceName = this.resourceName; |
| final resourceNamespace = this.resourceNamespace; |
| final sourcePath = this.sourcePath; |
| return { |
| 'resourceGvk': ?resourceGvk, |
| 'resourceName': ?resourceName, |
| 'resourceNamespace': ?resourceNamespace, |
| 'sourcePath': ?sourcePath, |
| }; |
| } |
| } |
| |
| /// State of Policy Controller installation. |
| class ConfigManagementGatekeeperDeploymentState { |
| /// Status of gatekeeper-audit deployment. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? gatekeeperAudit; |
| |
| /// Status of gatekeeper-controller-manager pod. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? gatekeeperControllerManagerState; |
| |
| /// Status of the pod serving the mutation webhook. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? gatekeeperMutation; |
| |
| ConfigManagementGatekeeperDeploymentState({ |
| this.gatekeeperAudit, |
| this.gatekeeperControllerManagerState, |
| this.gatekeeperMutation, |
| }); |
| |
| ConfigManagementGatekeeperDeploymentState.fromJson(core.Map json_) |
| : this( |
| gatekeeperAudit: json_['gatekeeperAudit'] as core.String?, |
| gatekeeperControllerManagerState: |
| json_['gatekeeperControllerManagerState'] as core.String?, |
| gatekeeperMutation: json_['gatekeeperMutation'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final gatekeeperAudit = this.gatekeeperAudit; |
| final gatekeeperControllerManagerState = |
| this.gatekeeperControllerManagerState; |
| final gatekeeperMutation = this.gatekeeperMutation; |
| return { |
| 'gatekeeperAudit': ?gatekeeperAudit, |
| 'gatekeeperControllerManagerState': ?gatekeeperControllerManagerState, |
| 'gatekeeperMutation': ?gatekeeperMutation, |
| }; |
| } |
| } |
| |
| /// Git repo configuration for a single cluster. |
| class ConfigManagementGitConfig { |
| /// The Google Cloud Service Account Email used for auth when secret_type is |
| /// `gcpserviceaccount`. |
| /// |
| /// Optional. |
| core.String? gcpServiceAccountEmail; |
| |
| /// URL for the HTTPS proxy to be used when communicating with the Git repo. |
| /// |
| /// Only specify when secret_type is `cookiefile`, `token`, or `none`. |
| /// |
| /// Optional. |
| core.String? httpsProxy; |
| |
| /// The path within the Git repository that represents the top level of the |
| /// repo to sync. |
| /// |
| /// Default: the root directory of the repository. |
| /// |
| /// Optional. |
| core.String? policyDir; |
| |
| /// Type of secret configured for access to the Git repo. |
| /// |
| /// Must be one of `ssh`, `cookiefile`, `gcenode`, `token`, |
| /// `gcpserviceaccount`, `githubapp` or `none`. The validation of this is |
| /// case-sensitive. |
| /// |
| /// Required. |
| core.String? secretType; |
| |
| /// The branch of the repository to sync from. |
| /// |
| /// Default: master. |
| /// |
| /// Optional. |
| core.String? syncBranch; |
| |
| /// The URL of the Git repository to use as the source of truth. |
| /// |
| /// Required. |
| core.String? syncRepo; |
| |
| /// Git revision (tag or hash) to check out. |
| /// |
| /// Default HEAD. |
| /// |
| /// Optional. |
| core.String? syncRev; |
| |
| /// Period in seconds between consecutive syncs. |
| /// |
| /// Default: 15. |
| /// |
| /// Optional. |
| core.String? syncWaitSecs; |
| |
| ConfigManagementGitConfig({ |
| this.gcpServiceAccountEmail, |
| this.httpsProxy, |
| this.policyDir, |
| this.secretType, |
| this.syncBranch, |
| this.syncRepo, |
| this.syncRev, |
| this.syncWaitSecs, |
| }); |
| |
| ConfigManagementGitConfig.fromJson(core.Map json_) |
| : this( |
| gcpServiceAccountEmail: json_['gcpServiceAccountEmail'] as core.String?, |
| httpsProxy: json_['httpsProxy'] as core.String?, |
| policyDir: json_['policyDir'] as core.String?, |
| secretType: json_['secretType'] as core.String?, |
| syncBranch: json_['syncBranch'] as core.String?, |
| syncRepo: json_['syncRepo'] as core.String?, |
| syncRev: json_['syncRev'] as core.String?, |
| syncWaitSecs: json_['syncWaitSecs'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final gcpServiceAccountEmail = this.gcpServiceAccountEmail; |
| final httpsProxy = this.httpsProxy; |
| final policyDir = this.policyDir; |
| final secretType = this.secretType; |
| final syncBranch = this.syncBranch; |
| final syncRepo = this.syncRepo; |
| final syncRev = this.syncRev; |
| final syncWaitSecs = this.syncWaitSecs; |
| return { |
| 'gcpServiceAccountEmail': ?gcpServiceAccountEmail, |
| 'httpsProxy': ?httpsProxy, |
| 'policyDir': ?policyDir, |
| 'secretType': ?secretType, |
| 'syncBranch': ?syncBranch, |
| 'syncRepo': ?syncRepo, |
| 'syncRev': ?syncRev, |
| 'syncWaitSecs': ?syncWaitSecs, |
| }; |
| } |
| } |
| |
| /// A Kubernetes object's GVK. |
| class ConfigManagementGroupVersionKind { |
| /// Kubernetes Group |
| core.String? group; |
| |
| /// Kubernetes Kind |
| core.String? kind; |
| |
| /// Kubernetes Version |
| core.String? version; |
| |
| ConfigManagementGroupVersionKind({this.group, this.kind, this.version}); |
| |
| ConfigManagementGroupVersionKind.fromJson(core.Map json_) |
| : this( |
| group: json_['group'] as core.String?, |
| kind: json_['kind'] as core.String?, |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final group = this.group; |
| final kind = this.kind; |
| final version = this.version; |
| return {'group': ?group, 'kind': ?kind, 'version': ?version}; |
| } |
| } |
| |
| /// Configuration for Hierarchy Controller. |
| class ConfigManagementHierarchyControllerConfig { |
| /// Whether hierarchical resource quota is enabled in this cluster. |
| core.bool? enableHierarchicalResourceQuota; |
| |
| /// Whether pod tree labels are enabled in this cluster. |
| core.bool? enablePodTreeLabels; |
| |
| /// Whether Hierarchy Controller is enabled in this cluster. |
| core.bool? enabled; |
| |
| ConfigManagementHierarchyControllerConfig({ |
| this.enableHierarchicalResourceQuota, |
| this.enablePodTreeLabels, |
| this.enabled, |
| }); |
| |
| ConfigManagementHierarchyControllerConfig.fromJson(core.Map json_) |
| : this( |
| enableHierarchicalResourceQuota: |
| json_['enableHierarchicalResourceQuota'] as core.bool?, |
| enablePodTreeLabels: json_['enablePodTreeLabels'] as core.bool?, |
| enabled: json_['enabled'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final enableHierarchicalResourceQuota = |
| this.enableHierarchicalResourceQuota; |
| final enablePodTreeLabels = this.enablePodTreeLabels; |
| final enabled = this.enabled; |
| return { |
| 'enableHierarchicalResourceQuota': ?enableHierarchicalResourceQuota, |
| 'enablePodTreeLabels': ?enablePodTreeLabels, |
| 'enabled': ?enabled, |
| }; |
| } |
| } |
| |
| /// Deployment state for Hierarchy Controller |
| class ConfigManagementHierarchyControllerDeploymentState { |
| /// The deployment state for Hierarchy Controller extension (e.g. |
| /// v0.7.0-hc.1). |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? extension; |
| |
| /// The deployment state for open source HNC (e.g. v0.7.0-hc.0). |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? hnc; |
| |
| ConfigManagementHierarchyControllerDeploymentState({ |
| this.extension, |
| this.hnc, |
| }); |
| |
| ConfigManagementHierarchyControllerDeploymentState.fromJson(core.Map json_) |
| : this( |
| extension: json_['extension'] as core.String?, |
| hnc: json_['hnc'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final extension = this.extension; |
| final hnc = this.hnc; |
| return {'extension': ?extension, 'hnc': ?hnc}; |
| } |
| } |
| |
| /// State for Hierarchy Controller. |
| class ConfigManagementHierarchyControllerState { |
| /// The deployment state for Hierarchy Controller. |
| ConfigManagementHierarchyControllerDeploymentState? state; |
| |
| /// The version for Hierarchy Controller. |
| ConfigManagementHierarchyControllerVersion? version; |
| |
| ConfigManagementHierarchyControllerState({this.state, this.version}); |
| |
| ConfigManagementHierarchyControllerState.fromJson(core.Map json_) |
| : this( |
| state: json_.containsKey('state') |
| ? ConfigManagementHierarchyControllerDeploymentState.fromJson( |
| json_['state'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| version: json_.containsKey('version') |
| ? ConfigManagementHierarchyControllerVersion.fromJson( |
| json_['version'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final state = this.state; |
| final version = this.version; |
| return {'state': ?state, 'version': ?version}; |
| } |
| } |
| |
| /// Version for Hierarchy Controller. |
| class ConfigManagementHierarchyControllerVersion { |
| /// Version for Hierarchy Controller extension. |
| core.String? extension; |
| |
| /// Version for open source HNC. |
| core.String? hnc; |
| |
| ConfigManagementHierarchyControllerVersion({this.extension, this.hnc}); |
| |
| ConfigManagementHierarchyControllerVersion.fromJson(core.Map json_) |
| : this( |
| extension: json_['extension'] as core.String?, |
| hnc: json_['hnc'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final extension = this.extension; |
| final hnc = this.hnc; |
| return {'extension': ?extension, 'hnc': ?hnc}; |
| } |
| } |
| |
| /// Errors pertaining to the installation of ACM. |
| class ConfigManagementInstallError { |
| /// A string representing the user facing error message. |
| core.String? errorMessage; |
| |
| ConfigManagementInstallError({this.errorMessage}); |
| |
| ConfigManagementInstallError.fromJson(core.Map json_) |
| : this(errorMessage: json_['errorMessage'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final errorMessage = this.errorMessage; |
| return {'errorMessage': ?errorMessage}; |
| } |
| } |
| |
| /// OCI repo configuration for a single cluster. |
| class ConfigManagementOciConfig { |
| /// The Google Cloud Service Account Email used for auth when secret_type is |
| /// `gcpserviceaccount`. |
| /// |
| /// Optional. |
| core.String? gcpServiceAccountEmail; |
| |
| /// The absolute path of the directory that contains the local resources. |
| /// |
| /// Default: the root directory of the image. |
| /// |
| /// Optional. |
| core.String? policyDir; |
| |
| /// Type of secret configured for access to the OCI repo. |
| /// |
| /// Must be one of `gcenode`, `gcpserviceaccount`, `k8sserviceaccount` or |
| /// `none`. The validation of this is case-sensitive. |
| /// |
| /// Required. |
| core.String? secretType; |
| |
| /// The OCI image repository URL for the package to sync from. |
| /// |
| /// e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. |
| /// |
| /// Required. |
| core.String? syncRepo; |
| |
| /// Period in seconds between consecutive syncs. |
| /// |
| /// Default: 15. |
| /// |
| /// Optional. |
| core.String? syncWaitSecs; |
| |
| ConfigManagementOciConfig({ |
| this.gcpServiceAccountEmail, |
| this.policyDir, |
| this.secretType, |
| this.syncRepo, |
| this.syncWaitSecs, |
| }); |
| |
| ConfigManagementOciConfig.fromJson(core.Map json_) |
| : this( |
| gcpServiceAccountEmail: json_['gcpServiceAccountEmail'] as core.String?, |
| policyDir: json_['policyDir'] as core.String?, |
| secretType: json_['secretType'] as core.String?, |
| syncRepo: json_['syncRepo'] as core.String?, |
| syncWaitSecs: json_['syncWaitSecs'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final gcpServiceAccountEmail = this.gcpServiceAccountEmail; |
| final policyDir = this.policyDir; |
| final secretType = this.secretType; |
| final syncRepo = this.syncRepo; |
| final syncWaitSecs = this.syncWaitSecs; |
| return { |
| 'gcpServiceAccountEmail': ?gcpServiceAccountEmail, |
| 'policyDir': ?policyDir, |
| 'secretType': ?secretType, |
| 'syncRepo': ?syncRepo, |
| 'syncWaitSecs': ?syncWaitSecs, |
| }; |
| } |
| } |
| |
| /// State information for an ACM's Operator. |
| class ConfigManagementOperatorState { |
| /// The state of the Operator's deployment. |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Deployment's state cannot be |
| /// determined. |
| /// - "NOT_INSTALLED" : Deployment is not installed. |
| /// - "INSTALLED" : Deployment is installed. |
| /// - "ERROR" : Deployment was attempted to be installed, but has errors. |
| /// - "PENDING" : Deployment is installing or terminating |
| core.String? deploymentState; |
| |
| /// Install errors. |
| core.List<ConfigManagementInstallError>? errors; |
| |
| /// The semenatic version number of the operator. |
| core.String? version; |
| |
| ConfigManagementOperatorState({ |
| this.deploymentState, |
| this.errors, |
| this.version, |
| }); |
| |
| ConfigManagementOperatorState.fromJson(core.Map json_) |
| : this( |
| deploymentState: json_['deploymentState'] as core.String?, |
| errors: (json_['errors'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementInstallError.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final deploymentState = this.deploymentState; |
| final errors = this.errors; |
| final version = this.version; |
| return { |
| 'deploymentState': ?deploymentState, |
| 'errors': ?errors, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// Configuration for Policy Controller |
| class ConfigManagementPolicyController { |
| /// Sets the interval for Policy Controller Audit Scans (in seconds). |
| /// |
| /// When set to 0, this disables audit functionality altogether. |
| core.String? auditIntervalSeconds; |
| |
| /// Enables the installation of Policy Controller. |
| /// |
| /// If false, the rest of PolicyController fields take no effect. |
| core.bool? enabled; |
| |
| /// The set of namespaces that are excluded from Policy Controller checks. |
| /// |
| /// Namespaces do not need to currently exist on the cluster. |
| core.List<core.String>? exemptableNamespaces; |
| |
| /// Logs all denies and dry run failures. |
| core.bool? logDeniesEnabled; |
| |
| /// Monitoring specifies the configuration of monitoring. |
| ConfigManagementPolicyControllerMonitoring? monitoring; |
| |
| /// Enable or disable mutation in policy controller. |
| /// |
| /// If true, mutation CRDs, webhook and controller deployment will be deployed |
| /// to the cluster. |
| core.bool? mutationEnabled; |
| |
| /// Enables the ability to use Constraint Templates that reference to objects |
| /// other than the object currently being evaluated. |
| core.bool? referentialRulesEnabled; |
| |
| /// Installs the default template library along with Policy Controller. |
| core.bool? templateLibraryInstalled; |
| |
| /// Last time this membership spec was updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| ConfigManagementPolicyController({ |
| this.auditIntervalSeconds, |
| this.enabled, |
| this.exemptableNamespaces, |
| this.logDeniesEnabled, |
| this.monitoring, |
| this.mutationEnabled, |
| this.referentialRulesEnabled, |
| this.templateLibraryInstalled, |
| this.updateTime, |
| }); |
| |
| ConfigManagementPolicyController.fromJson(core.Map json_) |
| : this( |
| auditIntervalSeconds: json_['auditIntervalSeconds'] as core.String?, |
| enabled: json_['enabled'] as core.bool?, |
| exemptableNamespaces: (json_['exemptableNamespaces'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| logDeniesEnabled: json_['logDeniesEnabled'] as core.bool?, |
| monitoring: json_.containsKey('monitoring') |
| ? ConfigManagementPolicyControllerMonitoring.fromJson( |
| json_['monitoring'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| mutationEnabled: json_['mutationEnabled'] as core.bool?, |
| referentialRulesEnabled: json_['referentialRulesEnabled'] as core.bool?, |
| templateLibraryInstalled: |
| json_['templateLibraryInstalled'] as core.bool?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final auditIntervalSeconds = this.auditIntervalSeconds; |
| final enabled = this.enabled; |
| final exemptableNamespaces = this.exemptableNamespaces; |
| final logDeniesEnabled = this.logDeniesEnabled; |
| final monitoring = this.monitoring; |
| final mutationEnabled = this.mutationEnabled; |
| final referentialRulesEnabled = this.referentialRulesEnabled; |
| final templateLibraryInstalled = this.templateLibraryInstalled; |
| final updateTime = this.updateTime; |
| return { |
| 'auditIntervalSeconds': ?auditIntervalSeconds, |
| 'enabled': ?enabled, |
| 'exemptableNamespaces': ?exemptableNamespaces, |
| 'logDeniesEnabled': ?logDeniesEnabled, |
| 'monitoring': ?monitoring, |
| 'mutationEnabled': ?mutationEnabled, |
| 'referentialRulesEnabled': ?referentialRulesEnabled, |
| 'templateLibraryInstalled': ?templateLibraryInstalled, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// State for the migration of PolicyController from ACM -\> PoCo Hub. |
| class ConfigManagementPolicyControllerMigration { |
| /// Last time this membership spec was copied to PoCo feature. |
| core.String? copyTime; |
| |
| /// Stage of the migration. |
| /// Possible string values are: |
| /// - "STAGE_UNSPECIFIED" : Unknown state of migration. |
| /// - "ACM_MANAGED" : ACM Hub/Operator manages policycontroller. No migration |
| /// yet completed. |
| /// - "POCO_MANAGED" : All migrations steps complete; Poco Hub now manages |
| /// policycontroller. |
| core.String? stage; |
| |
| ConfigManagementPolicyControllerMigration({this.copyTime, this.stage}); |
| |
| ConfigManagementPolicyControllerMigration.fromJson(core.Map json_) |
| : this( |
| copyTime: json_['copyTime'] as core.String?, |
| stage: json_['stage'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final copyTime = this.copyTime; |
| final stage = this.stage; |
| return {'copyTime': ?copyTime, 'stage': ?stage}; |
| } |
| } |
| |
| /// PolicyControllerMonitoring specifies the backends Policy Controller should |
| /// export metrics to. |
| /// |
| /// For example, to specify metrics should be exported to Cloud Monitoring and |
| /// Prometheus, specify backends: \["cloudmonitoring", "prometheus"\] |
| typedef ConfigManagementPolicyControllerMonitoring = $Shared; |
| |
| /// State for PolicyControllerState. |
| class ConfigManagementPolicyControllerState { |
| /// The state about the policy controller installation. |
| ConfigManagementGatekeeperDeploymentState? deploymentState; |
| |
| /// Record state of ACM -\> PoCo Hub migration for this feature. |
| ConfigManagementPolicyControllerMigration? migration; |
| |
| /// The version of Gatekeeper Policy Controller deployed. |
| ConfigManagementPolicyControllerVersion? version; |
| |
| ConfigManagementPolicyControllerState({ |
| this.deploymentState, |
| this.migration, |
| this.version, |
| }); |
| |
| ConfigManagementPolicyControllerState.fromJson(core.Map json_) |
| : this( |
| deploymentState: json_.containsKey('deploymentState') |
| ? ConfigManagementGatekeeperDeploymentState.fromJson( |
| json_['deploymentState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| migration: json_.containsKey('migration') |
| ? ConfigManagementPolicyControllerMigration.fromJson( |
| json_['migration'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| version: json_.containsKey('version') |
| ? ConfigManagementPolicyControllerVersion.fromJson( |
| json_['version'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final deploymentState = this.deploymentState; |
| final migration = this.migration; |
| final version = this.version; |
| return { |
| 'deploymentState': ?deploymentState, |
| 'migration': ?migration, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// The build version of Gatekeeper Policy Controller is using. |
| class ConfigManagementPolicyControllerVersion { |
| /// The gatekeeper image tag that is composed of ACM version, git tag, build |
| /// number. |
| core.String? version; |
| |
| ConfigManagementPolicyControllerVersion({this.version}); |
| |
| ConfigManagementPolicyControllerVersion.fromJson(core.Map json_) |
| : this(version: json_['version'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final version = this.version; |
| return {'version': ?version}; |
| } |
| } |
| |
| /// **Anthos Config Management**: Configuration for a single cluster. |
| /// |
| /// Intended to parallel the ConfigManagement CR. |
| class ConfigManagementSpec { |
| /// Deprecated: Binauthz configuration will be ignored and should not be set. |
| /// |
| /// Optional. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| ConfigManagementBinauthzConfig? binauthz; |
| |
| /// User-specified cluster name used by the Config Sync cluster-name-selector |
| /// annotation or ClusterSelector object, for applying configs to only a |
| /// subset of clusters. |
| /// |
| /// Read more about the cluster-name-selector annotation and ClusterSelector |
| /// object at |
| /// https://docs.cloud.google.com/kubernetes-engine/config-sync/docs/how-to/cluster-scoped-objects#limiting-configs. |
| /// Only set this field if a name different from the cluster's fleet |
| /// membership name is used by the Config Sync cluster-name-selector |
| /// annotation or ClusterSelector. |
| /// |
| /// Optional. |
| core.String? cluster; |
| |
| /// Config Sync configuration for the cluster. |
| /// |
| /// Optional. |
| ConfigManagementConfigSync? configSync; |
| |
| /// Hierarchy Controller configuration for the cluster. |
| /// |
| /// Deprecated: Configuring Hierarchy Controller through the configmanagement |
| /// feature is no longer recommended. Use |
| /// https://github.com/kubernetes-sigs/hierarchical-namespaces instead. |
| /// |
| /// Optional. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| ConfigManagementHierarchyControllerConfig? hierarchyController; |
| |
| /// Deprecated: From version 1.21.0, automatic Feature management is |
| /// unavailable, and Config Sync only supports manual upgrades. |
| /// |
| /// Optional. |
| /// Possible string values are: |
| /// - "MANAGEMENT_UNSPECIFIED" : Unspecified |
| /// - "MANAGEMENT_AUTOMATIC" : Google will manage the Feature for the cluster. |
| /// - "MANAGEMENT_MANUAL" : User will manually manage the Feature for the |
| /// cluster. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.String? management; |
| |
| /// Policy Controller configuration for the cluster. |
| /// |
| /// Deprecated: Configuring Policy Controller through the configmanagement |
| /// feature is no longer recommended. Use the policycontroller feature |
| /// instead. |
| /// |
| /// Optional. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| ConfigManagementPolicyController? policyController; |
| |
| /// Version of Config Sync to install. |
| /// |
| /// Defaults to the latest supported Config Sync version if the config_sync |
| /// field is enabled. See supported versions at |
| /// https://cloud.google.com/kubernetes-engine/config-sync/docs/get-support-config-sync#version_support_policy. |
| /// |
| /// Optional. |
| core.String? version; |
| |
| ConfigManagementSpec({ |
| this.binauthz, |
| this.cluster, |
| this.configSync, |
| this.hierarchyController, |
| this.management, |
| this.policyController, |
| this.version, |
| }); |
| |
| ConfigManagementSpec.fromJson(core.Map json_) |
| : this( |
| binauthz: json_.containsKey('binauthz') |
| ? ConfigManagementBinauthzConfig.fromJson( |
| json_['binauthz'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| cluster: json_['cluster'] as core.String?, |
| configSync: json_.containsKey('configSync') |
| ? ConfigManagementConfigSync.fromJson( |
| json_['configSync'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| hierarchyController: json_.containsKey('hierarchyController') |
| ? ConfigManagementHierarchyControllerConfig.fromJson( |
| json_['hierarchyController'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| management: json_['management'] as core.String?, |
| policyController: json_.containsKey('policyController') |
| ? ConfigManagementPolicyController.fromJson( |
| json_['policyController'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final binauthz = this.binauthz; |
| final cluster = this.cluster; |
| final configSync = this.configSync; |
| final hierarchyController = this.hierarchyController; |
| final management = this.management; |
| final policyController = this.policyController; |
| final version = this.version; |
| return { |
| 'binauthz': ?binauthz, |
| 'cluster': ?cluster, |
| 'configSync': ?configSync, |
| 'hierarchyController': ?hierarchyController, |
| 'management': ?management, |
| 'policyController': ?policyController, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// **Anthos Config Management**: State for a single cluster. |
| class ConfigManagementState { |
| /// Binauthz status. |
| /// |
| /// Output only. |
| ConfigManagementBinauthzState? binauthzState; |
| |
| /// This field is set to the `cluster_name` field of the Membership Spec if it |
| /// is not empty. |
| /// |
| /// Otherwise, it is set to the cluster's fleet membership name. |
| /// |
| /// Output only. |
| core.String? clusterName; |
| |
| /// Current sync status. |
| /// |
| /// Output only. |
| ConfigManagementConfigSyncState? configSyncState; |
| |
| /// Hierarchy Controller status. |
| /// |
| /// Output only. |
| ConfigManagementHierarchyControllerState? hierarchyControllerState; |
| |
| /// The Kubernetes API server version of the cluster. |
| /// |
| /// Output only. |
| core.String? kubernetesApiServerVersion; |
| |
| /// Membership configuration in the cluster. |
| /// |
| /// This represents the actual state in the cluster, while the MembershipSpec |
| /// in the FeatureSpec represents the intended state. |
| /// |
| /// Output only. |
| ConfigManagementSpec? membershipSpec; |
| |
| /// Current install status of ACM's Operator. |
| /// |
| /// Output only. |
| ConfigManagementOperatorState? operatorState; |
| |
| /// PolicyController status. |
| /// |
| /// Output only. |
| ConfigManagementPolicyControllerState? policyControllerState; |
| |
| ConfigManagementState({ |
| this.binauthzState, |
| this.clusterName, |
| this.configSyncState, |
| this.hierarchyControllerState, |
| this.kubernetesApiServerVersion, |
| this.membershipSpec, |
| this.operatorState, |
| this.policyControllerState, |
| }); |
| |
| ConfigManagementState.fromJson(core.Map json_) |
| : this( |
| binauthzState: json_.containsKey('binauthzState') |
| ? ConfigManagementBinauthzState.fromJson( |
| json_['binauthzState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| clusterName: json_['clusterName'] as core.String?, |
| configSyncState: json_.containsKey('configSyncState') |
| ? ConfigManagementConfigSyncState.fromJson( |
| json_['configSyncState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| hierarchyControllerState: json_.containsKey('hierarchyControllerState') |
| ? ConfigManagementHierarchyControllerState.fromJson( |
| json_['hierarchyControllerState'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| kubernetesApiServerVersion: |
| json_['kubernetesApiServerVersion'] as core.String?, |
| membershipSpec: json_.containsKey('membershipSpec') |
| ? ConfigManagementSpec.fromJson( |
| json_['membershipSpec'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| operatorState: json_.containsKey('operatorState') |
| ? ConfigManagementOperatorState.fromJson( |
| json_['operatorState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| policyControllerState: json_.containsKey('policyControllerState') |
| ? ConfigManagementPolicyControllerState.fromJson( |
| json_['policyControllerState'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final binauthzState = this.binauthzState; |
| final clusterName = this.clusterName; |
| final configSyncState = this.configSyncState; |
| final hierarchyControllerState = this.hierarchyControllerState; |
| final kubernetesApiServerVersion = this.kubernetesApiServerVersion; |
| final membershipSpec = this.membershipSpec; |
| final operatorState = this.operatorState; |
| final policyControllerState = this.policyControllerState; |
| return { |
| 'binauthzState': ?binauthzState, |
| 'clusterName': ?clusterName, |
| 'configSyncState': ?configSyncState, |
| 'hierarchyControllerState': ?hierarchyControllerState, |
| 'kubernetesApiServerVersion': ?kubernetesApiServerVersion, |
| 'membershipSpec': ?membershipSpec, |
| 'operatorState': ?operatorState, |
| 'policyControllerState': ?policyControllerState, |
| }; |
| } |
| } |
| |
| /// An ACM created error representing a problem syncing configurations. |
| class ConfigManagementSyncError { |
| /// An ACM defined error code |
| core.String? code; |
| |
| /// A description of the error |
| core.String? errorMessage; |
| |
| /// A list of config(s) associated with the error, if any |
| core.List<ConfigManagementErrorResource>? errorResources; |
| |
| ConfigManagementSyncError({ |
| this.code, |
| this.errorMessage, |
| this.errorResources, |
| }); |
| |
| ConfigManagementSyncError.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| errorMessage: json_['errorMessage'] as core.String?, |
| errorResources: (json_['errorResources'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementErrorResource.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final errorMessage = this.errorMessage; |
| final errorResources = this.errorResources; |
| return { |
| 'code': ?code, |
| 'errorMessage': ?errorMessage, |
| 'errorResources': ?errorResources, |
| }; |
| } |
| } |
| |
| /// State indicating an ACM's progress syncing configurations to a cluster. |
| class ConfigManagementSyncState { |
| /// Sync status code. |
| /// Possible string values are: |
| /// - "SYNC_CODE_UNSPECIFIED" : Config Sync cannot determine a sync code |
| /// - "SYNCED" : Config Sync successfully synced the git Repo with the cluster |
| /// - "PENDING" : Config Sync is in the progress of syncing a new change |
| /// - "ERROR" : Indicates an error configuring Config Sync, and user action is |
| /// required |
| /// - "NOT_CONFIGURED" : Config Sync has been installed but not configured |
| /// - "NOT_INSTALLED" : Config Sync has not been installed |
| /// - "UNAUTHORIZED" : Error authorizing with the cluster |
| /// - "UNREACHABLE" : Cluster could not be reached |
| core.String? code; |
| |
| /// A list of errors resulting from problematic configs. |
| /// |
| /// This list will be truncated after 100 errors, although it is unlikely for |
| /// that many errors to simultaneously exist. |
| core.List<ConfigManagementSyncError>? errors; |
| |
| /// Token indicating the state of the importer. |
| core.String? importToken; |
| |
| /// Deprecated: use last_sync_time instead. |
| /// |
| /// Timestamp of when ACM last successfully synced the repo. The time format |
| /// is specified in https://golang.org/pkg/time/#Time.String |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.String? lastSync; |
| |
| /// Timestamp type of when ACM last successfully synced the repo. |
| core.String? lastSyncTime; |
| |
| /// Token indicating the state of the repo. |
| core.String? sourceToken; |
| |
| /// Token indicating the state of the syncer. |
| core.String? syncToken; |
| |
| ConfigManagementSyncState({ |
| this.code, |
| this.errors, |
| this.importToken, |
| this.lastSync, |
| this.lastSyncTime, |
| this.sourceToken, |
| this.syncToken, |
| }); |
| |
| ConfigManagementSyncState.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| errors: (json_['errors'] as core.List?) |
| ?.map( |
| (value) => ConfigManagementSyncError.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| importToken: json_['importToken'] as core.String?, |
| lastSync: json_['lastSync'] as core.String?, |
| lastSyncTime: json_['lastSyncTime'] as core.String?, |
| sourceToken: json_['sourceToken'] as core.String?, |
| syncToken: json_['syncToken'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final errors = this.errors; |
| final importToken = this.importToken; |
| final lastSync = this.lastSync; |
| final lastSyncTime = this.lastSyncTime; |
| final sourceToken = this.sourceToken; |
| final syncToken = this.syncToken; |
| return { |
| 'code': ?code, |
| 'errors': ?errors, |
| 'importToken': ?importToken, |
| 'lastSync': ?lastSync, |
| 'lastSyncTime': ?lastSyncTime, |
| 'sourceToken': ?sourceToken, |
| 'syncToken': ?syncToken, |
| }; |
| } |
| } |
| |
| /// A generic empty message that you can re-use to avoid defining duplicated |
| /// empty messages in your APIs. |
| /// |
| /// A typical example is to use it as the request or the response type of an API |
| /// method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns |
| /// (google.protobuf.Empty); } |
| typedef Empty = $Empty; |
| |
| /// FeatureSpec contains user input per-feature spec information. |
| class FeatureSpec { |
| /// Cloudbuild-specific FeatureSpec. |
| CloudBuildSpec? cloudbuild; |
| |
| /// Config Management FeatureSpec. |
| ConfigManagementSpec? configmanagement; |
| |
| /// IdentityService FeatureSpec. |
| IdentityServiceSpec? identityservice; |
| |
| /// Whether this per-Feature spec was inherited from a fleet-level default. |
| /// |
| /// This field can be updated by users by either overriding a Feature config |
| /// (updated to USER implicitly) or setting to FLEET explicitly. |
| Origin? origin; |
| |
| /// Policycontroller-specific FeatureSpec. |
| PolicyControllerSpec? policycontroller; |
| |
| /// Rbacrolebindingactuation-specific FeatureSpec. |
| RBACRoleBindingActuationSpec? rbacrolebindingactuation; |
| |
| /// ServiceMesh Feature Spec. |
| ServiceMeshSpec? servicemesh; |
| |
| /// Workloadcertificate-specific FeatureSpec. |
| WorkloadCertificateSpec? workloadcertificate; |
| |
| FeatureSpec({ |
| this.cloudbuild, |
| this.configmanagement, |
| this.identityservice, |
| this.origin, |
| this.policycontroller, |
| this.rbacrolebindingactuation, |
| this.servicemesh, |
| this.workloadcertificate, |
| }); |
| |
| FeatureSpec.fromJson(core.Map json_) |
| : this( |
| cloudbuild: json_.containsKey('cloudbuild') |
| ? CloudBuildSpec.fromJson( |
| json_['cloudbuild'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| configmanagement: json_.containsKey('configmanagement') |
| ? ConfigManagementSpec.fromJson( |
| json_['configmanagement'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| identityservice: json_.containsKey('identityservice') |
| ? IdentityServiceSpec.fromJson( |
| json_['identityservice'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| origin: json_.containsKey('origin') |
| ? Origin.fromJson( |
| json_['origin'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| policycontroller: json_.containsKey('policycontroller') |
| ? PolicyControllerSpec.fromJson( |
| json_['policycontroller'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| rbacrolebindingactuation: json_.containsKey('rbacrolebindingactuation') |
| ? RBACRoleBindingActuationSpec.fromJson( |
| json_['rbacrolebindingactuation'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| servicemesh: json_.containsKey('servicemesh') |
| ? ServiceMeshSpec.fromJson( |
| json_['servicemesh'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| workloadcertificate: json_.containsKey('workloadcertificate') |
| ? WorkloadCertificateSpec.fromJson( |
| json_['workloadcertificate'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final cloudbuild = this.cloudbuild; |
| final configmanagement = this.configmanagement; |
| final identityservice = this.identityservice; |
| final origin = this.origin; |
| final policycontroller = this.policycontroller; |
| final rbacrolebindingactuation = this.rbacrolebindingactuation; |
| final servicemesh = this.servicemesh; |
| final workloadcertificate = this.workloadcertificate; |
| return { |
| 'cloudbuild': ?cloudbuild, |
| 'configmanagement': ?configmanagement, |
| 'identityservice': ?identityservice, |
| 'origin': ?origin, |
| 'policycontroller': ?policycontroller, |
| 'rbacrolebindingactuation': ?rbacrolebindingactuation, |
| 'servicemesh': ?servicemesh, |
| 'workloadcertificate': ?workloadcertificate, |
| }; |
| } |
| } |
| |
| /// FeatureState contains high-level state information and per-feature state |
| /// information for this MembershipFeature. |
| class FeatureState { |
| /// Appdevexperience specific state. |
| AppDevExperienceState? appdevexperience; |
| |
| /// Cluster upgrade state. |
| ClusterUpgradeState? clusterupgrade; |
| |
| /// Config Management state |
| ConfigManagementState? configmanagement; |
| |
| /// Identity service state |
| IdentityServiceState? identityservice; |
| |
| /// Metering state |
| MeteringState? metering; |
| |
| /// Policy Controller state |
| PolicyControllerState? policycontroller; |
| |
| /// RBAC Role Binding Actuation state |
| RBACRoleBindingActuationState? rbacrolebindingactuation; |
| |
| /// Service mesh state |
| ServiceMeshState? servicemesh; |
| |
| /// The high-level state of this MembershipFeature. |
| State? state; |
| |
| /// Workload Identity state |
| WorkloadIdentityState? workloadidentity; |
| |
| FeatureState({ |
| this.appdevexperience, |
| this.clusterupgrade, |
| this.configmanagement, |
| this.identityservice, |
| this.metering, |
| this.policycontroller, |
| this.rbacrolebindingactuation, |
| this.servicemesh, |
| this.state, |
| this.workloadidentity, |
| }); |
| |
| FeatureState.fromJson(core.Map json_) |
| : this( |
| appdevexperience: json_.containsKey('appdevexperience') |
| ? AppDevExperienceState.fromJson( |
| json_['appdevexperience'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| clusterupgrade: json_.containsKey('clusterupgrade') |
| ? ClusterUpgradeState.fromJson( |
| json_['clusterupgrade'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| configmanagement: json_.containsKey('configmanagement') |
| ? ConfigManagementState.fromJson( |
| json_['configmanagement'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| identityservice: json_.containsKey('identityservice') |
| ? IdentityServiceState.fromJson( |
| json_['identityservice'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| metering: json_.containsKey('metering') |
| ? MeteringState.fromJson( |
| json_['metering'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| policycontroller: json_.containsKey('policycontroller') |
| ? PolicyControllerState.fromJson( |
| json_['policycontroller'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| rbacrolebindingactuation: json_.containsKey('rbacrolebindingactuation') |
| ? RBACRoleBindingActuationState.fromJson( |
| json_['rbacrolebindingactuation'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| servicemesh: json_.containsKey('servicemesh') |
| ? ServiceMeshState.fromJson( |
| json_['servicemesh'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| state: json_.containsKey('state') |
| ? State.fromJson( |
| json_['state'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| workloadidentity: json_.containsKey('workloadidentity') |
| ? WorkloadIdentityState.fromJson( |
| json_['workloadidentity'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final appdevexperience = this.appdevexperience; |
| final clusterupgrade = this.clusterupgrade; |
| final configmanagement = this.configmanagement; |
| final identityservice = this.identityservice; |
| final metering = this.metering; |
| final policycontroller = this.policycontroller; |
| final rbacrolebindingactuation = this.rbacrolebindingactuation; |
| final servicemesh = this.servicemesh; |
| final state = this.state; |
| final workloadidentity = this.workloadidentity; |
| return { |
| 'appdevexperience': ?appdevexperience, |
| 'clusterupgrade': ?clusterupgrade, |
| 'configmanagement': ?configmanagement, |
| 'identityservice': ?identityservice, |
| 'metering': ?metering, |
| 'policycontroller': ?policycontroller, |
| 'rbacrolebindingactuation': ?rbacrolebindingactuation, |
| 'servicemesh': ?servicemesh, |
| 'state': ?state, |
| 'workloadidentity': ?workloadidentity, |
| }; |
| } |
| } |
| |
| /// The `Status` type defines a logical error model that is suitable for |
| /// different programming environments, including REST APIs and RPC APIs. |
| /// |
| /// It is used by [gRPC](https://github.com/grpc). Each `Status` message |
| /// contains three pieces of data: error code, error message, and error details. |
| /// You can find out more about this error model and how to work with it in the |
| /// [API Design Guide](https://cloud.google.com/apis/design/errors). |
| typedef GoogleRpcStatus = $Status; |
| |
| /// Configuration of an auth method for a member/cluster. |
| /// |
| /// Only one authentication method (e.g., OIDC and LDAP) can be set per |
| /// AuthMethod. |
| class IdentityServiceAuthMethod { |
| /// AzureAD specific Configuration. |
| IdentityServiceAzureADConfig? azureadConfig; |
| |
| /// GoogleConfig specific configuration |
| IdentityServiceGoogleConfig? googleConfig; |
| |
| /// LDAP specific configuration. |
| IdentityServiceLdapConfig? ldapConfig; |
| |
| /// Identifier for auth config. |
| core.String? name; |
| |
| /// OIDC specific configuration. |
| IdentityServiceOidcConfig? oidcConfig; |
| |
| /// Proxy server address to use for auth method. |
| core.String? proxy; |
| |
| /// SAML specific configuration. |
| IdentityServiceSamlConfig? samlConfig; |
| |
| IdentityServiceAuthMethod({ |
| this.azureadConfig, |
| this.googleConfig, |
| this.ldapConfig, |
| this.name, |
| this.oidcConfig, |
| this.proxy, |
| this.samlConfig, |
| }); |
| |
| IdentityServiceAuthMethod.fromJson(core.Map json_) |
| : this( |
| azureadConfig: json_.containsKey('azureadConfig') |
| ? IdentityServiceAzureADConfig.fromJson( |
| json_['azureadConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| googleConfig: json_.containsKey('googleConfig') |
| ? IdentityServiceGoogleConfig.fromJson( |
| json_['googleConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ldapConfig: json_.containsKey('ldapConfig') |
| ? IdentityServiceLdapConfig.fromJson( |
| json_['ldapConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| name: json_['name'] as core.String?, |
| oidcConfig: json_.containsKey('oidcConfig') |
| ? IdentityServiceOidcConfig.fromJson( |
| json_['oidcConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| proxy: json_['proxy'] as core.String?, |
| samlConfig: json_.containsKey('samlConfig') |
| ? IdentityServiceSamlConfig.fromJson( |
| json_['samlConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final azureadConfig = this.azureadConfig; |
| final googleConfig = this.googleConfig; |
| final ldapConfig = this.ldapConfig; |
| final name = this.name; |
| final oidcConfig = this.oidcConfig; |
| final proxy = this.proxy; |
| final samlConfig = this.samlConfig; |
| return { |
| 'azureadConfig': ?azureadConfig, |
| 'googleConfig': ?googleConfig, |
| 'ldapConfig': ?ldapConfig, |
| 'name': ?name, |
| 'oidcConfig': ?oidcConfig, |
| 'proxy': ?proxy, |
| 'samlConfig': ?samlConfig, |
| }; |
| } |
| } |
| |
| /// Configuration for the AzureAD Auth flow. |
| class IdentityServiceAzureADConfig { |
| /// ID for the registered client application that makes authentication |
| /// requests to the Azure AD identity provider. |
| core.String? clientId; |
| |
| /// Input only. |
| /// |
| /// Unencrypted AzureAD client secret will be passed to the GKE Hub CLH. |
| core.String? clientSecret; |
| |
| /// Encrypted AzureAD client secret. |
| /// |
| /// Output only. |
| core.String? encryptedClientSecret; |
| core.List<core.int> get encryptedClientSecretAsBytes => |
| convert.base64.decode(encryptedClientSecret!); |
| |
| set encryptedClientSecretAsBytes(core.List<core.int> bytes_) { |
| encryptedClientSecret = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| /// Format of the AzureAD groups that the client wants for auth. |
| /// |
| /// Optional. |
| core.String? groupFormat; |
| |
| /// The redirect URL that kubectl uses for authorization. |
| core.String? kubectlRedirectUri; |
| |
| /// Kind of Azure AD account to be authenticated. |
| /// |
| /// Supported values are or for accounts belonging to a specific tenant. |
| core.String? tenant; |
| |
| /// Claim in the AzureAD ID Token that holds the user details. |
| /// |
| /// Optional. |
| core.String? userClaim; |
| |
| IdentityServiceAzureADConfig({ |
| this.clientId, |
| this.clientSecret, |
| this.encryptedClientSecret, |
| this.groupFormat, |
| this.kubectlRedirectUri, |
| this.tenant, |
| this.userClaim, |
| }); |
| |
| IdentityServiceAzureADConfig.fromJson(core.Map json_) |
| : this( |
| clientId: json_['clientId'] as core.String?, |
| clientSecret: json_['clientSecret'] as core.String?, |
| encryptedClientSecret: json_['encryptedClientSecret'] as core.String?, |
| groupFormat: json_['groupFormat'] as core.String?, |
| kubectlRedirectUri: json_['kubectlRedirectUri'] as core.String?, |
| tenant: json_['tenant'] as core.String?, |
| userClaim: json_['userClaim'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final clientId = this.clientId; |
| final clientSecret = this.clientSecret; |
| final encryptedClientSecret = this.encryptedClientSecret; |
| final groupFormat = this.groupFormat; |
| final kubectlRedirectUri = this.kubectlRedirectUri; |
| final tenant = this.tenant; |
| final userClaim = this.userClaim; |
| return { |
| 'clientId': ?clientId, |
| 'clientSecret': ?clientSecret, |
| 'encryptedClientSecret': ?encryptedClientSecret, |
| 'groupFormat': ?groupFormat, |
| 'kubectlRedirectUri': ?kubectlRedirectUri, |
| 'tenant': ?tenant, |
| 'userClaim': ?userClaim, |
| }; |
| } |
| } |
| |
| /// Configuration options for the AIS diagnostic interface. |
| class IdentityServiceDiagnosticInterface { |
| /// Determines whether to enable the diagnostic interface. |
| core.bool? enabled; |
| |
| /// Determines the expiration time of the diagnostic interface enablement. |
| /// |
| /// When reached, requests to the interface would be automatically rejected. |
| core.String? expirationTime; |
| |
| IdentityServiceDiagnosticInterface({this.enabled, this.expirationTime}); |
| |
| IdentityServiceDiagnosticInterface.fromJson(core.Map json_) |
| : this( |
| enabled: json_['enabled'] as core.bool?, |
| expirationTime: json_['expirationTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final enabled = this.enabled; |
| final expirationTime = this.expirationTime; |
| return {'enabled': ?enabled, 'expirationTime': ?expirationTime}; |
| } |
| } |
| |
| /// Configuration for the Google Plugin Auth flow. |
| class IdentityServiceGoogleConfig { |
| /// Disable automatic configuration of Google Plugin on supported platforms. |
| core.bool? disable; |
| |
| IdentityServiceGoogleConfig({this.disable}); |
| |
| IdentityServiceGoogleConfig.fromJson(core.Map json_) |
| : this(disable: json_['disable'] as core.bool?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final disable = this.disable; |
| return {'disable': ?disable}; |
| } |
| } |
| |
| /// Contains the properties for locating and authenticating groups in the |
| /// directory. |
| class IdentityServiceGroupConfig { |
| /// The location of the subtree in the LDAP directory to search for group |
| /// entries. |
| /// |
| /// Required. |
| core.String? baseDn; |
| |
| /// Optional filter to be used when searching for groups a user belongs to. |
| /// |
| /// This can be used to explicitly match only certain groups in order to |
| /// reduce the amount of groups returned for each user. This defaults to |
| /// "(objectClass=Group)". |
| /// |
| /// Optional. |
| core.String? filter; |
| |
| /// The identifying name of each group a user belongs to. |
| /// |
| /// For example, if this is set to "distinguishedName" then RBACs and other |
| /// group expectations should be written as full DNs. This defaults to |
| /// "distinguishedName". |
| /// |
| /// Optional. |
| core.String? idAttribute; |
| |
| IdentityServiceGroupConfig({this.baseDn, this.filter, this.idAttribute}); |
| |
| IdentityServiceGroupConfig.fromJson(core.Map json_) |
| : this( |
| baseDn: json_['baseDn'] as core.String?, |
| filter: json_['filter'] as core.String?, |
| idAttribute: json_['idAttribute'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final baseDn = this.baseDn; |
| final filter = this.filter; |
| final idAttribute = this.idAttribute; |
| return {'baseDn': ?baseDn, 'filter': ?filter, 'idAttribute': ?idAttribute}; |
| } |
| } |
| |
| /// Holds non-protocol-related configuration options. |
| class IdentityServiceIdentityServiceOptions { |
| /// Configuration options for the AIS diagnostic interface. |
| IdentityServiceDiagnosticInterface? diagnosticInterface; |
| |
| /// Determines the lifespan of STS tokens issued by Anthos Identity Service. |
| core.String? sessionDuration; |
| |
| IdentityServiceIdentityServiceOptions({ |
| this.diagnosticInterface, |
| this.sessionDuration, |
| }); |
| |
| IdentityServiceIdentityServiceOptions.fromJson(core.Map json_) |
| : this( |
| diagnosticInterface: json_.containsKey('diagnosticInterface') |
| ? IdentityServiceDiagnosticInterface.fromJson( |
| json_['diagnosticInterface'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| sessionDuration: json_['sessionDuration'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final diagnosticInterface = this.diagnosticInterface; |
| final sessionDuration = this.sessionDuration; |
| return { |
| 'diagnosticInterface': ?diagnosticInterface, |
| 'sessionDuration': ?sessionDuration, |
| }; |
| } |
| } |
| |
| /// Configuration for the LDAP Auth flow. |
| class IdentityServiceLdapConfig { |
| /// Contains the properties for locating and authenticating groups in the |
| /// directory. |
| /// |
| /// Optional. |
| IdentityServiceGroupConfig? group; |
| |
| /// Server settings for the external LDAP server. |
| /// |
| /// Required. |
| IdentityServiceServerConfig? server; |
| |
| /// Contains the credentials of the service account which is authorized to |
| /// perform the LDAP search in the directory. |
| /// |
| /// The credentials can be supplied by the combination of the DN and password |
| /// or the client certificate. |
| /// |
| /// Required. |
| IdentityServiceServiceAccountConfig? serviceAccount; |
| |
| /// Defines where users exist in the LDAP directory. |
| /// |
| /// Required. |
| IdentityServiceUserConfig? user; |
| |
| IdentityServiceLdapConfig({ |
| this.group, |
| this.server, |
| this.serviceAccount, |
| this.user, |
| }); |
| |
| IdentityServiceLdapConfig.fromJson(core.Map json_) |
| : this( |
| group: json_.containsKey('group') |
| ? IdentityServiceGroupConfig.fromJson( |
| json_['group'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| server: json_.containsKey('server') |
| ? IdentityServiceServerConfig.fromJson( |
| json_['server'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| serviceAccount: json_.containsKey('serviceAccount') |
| ? IdentityServiceServiceAccountConfig.fromJson( |
| json_['serviceAccount'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| user: json_.containsKey('user') |
| ? IdentityServiceUserConfig.fromJson( |
| json_['user'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final group = this.group; |
| final server = this.server; |
| final serviceAccount = this.serviceAccount; |
| final user = this.user; |
| return { |
| 'group': ?group, |
| 'server': ?server, |
| 'serviceAccount': ?serviceAccount, |
| 'user': ?user, |
| }; |
| } |
| } |
| |
| /// Configuration for OIDC Auth flow. |
| class IdentityServiceOidcConfig { |
| /// PEM-encoded CA for OIDC provider. |
| core.String? certificateAuthorityData; |
| |
| /// ID for OIDC client application. |
| core.String? clientId; |
| |
| /// Input only. |
| /// |
| /// Unencrypted OIDC client secret will be passed to the GKE Hub CLH. |
| core.String? clientSecret; |
| |
| /// Flag to denote if reverse proxy is used to connect to auth provider. |
| /// |
| /// This flag should be set to true when provider is not reachable by Google |
| /// Cloud Console. |
| core.bool? deployCloudConsoleProxy; |
| |
| /// Enable access token. |
| core.bool? enableAccessToken; |
| |
| /// Encrypted OIDC Client secret |
| /// |
| /// Output only. |
| core.String? encryptedClientSecret; |
| core.List<core.int> get encryptedClientSecretAsBytes => |
| convert.base64.decode(encryptedClientSecret!); |
| |
| set encryptedClientSecretAsBytes(core.List<core.int> bytes_) { |
| encryptedClientSecret = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| /// Comma-separated list of key-value pairs. |
| core.String? extraParams; |
| |
| /// Prefix to prepend to group name. |
| core.String? groupPrefix; |
| |
| /// Claim in OIDC ID token that holds group information. |
| core.String? groupsClaim; |
| |
| /// URI for the OIDC provider. |
| /// |
| /// This should point to the level below .well-known/openid-configuration. |
| core.String? issuerUri; |
| |
| /// Registered redirect uri to redirect users going through OAuth flow using |
| /// kubectl plugin. |
| core.String? kubectlRedirectUri; |
| |
| /// Comma-separated list of identifiers. |
| core.String? scopes; |
| |
| /// Claim in OIDC ID token that holds username. |
| core.String? userClaim; |
| |
| /// Prefix to prepend to user name. |
| core.String? userPrefix; |
| |
| IdentityServiceOidcConfig({ |
| this.certificateAuthorityData, |
| this.clientId, |
| this.clientSecret, |
| this.deployCloudConsoleProxy, |
| this.enableAccessToken, |
| this.encryptedClientSecret, |
| this.extraParams, |
| this.groupPrefix, |
| this.groupsClaim, |
| this.issuerUri, |
| this.kubectlRedirectUri, |
| this.scopes, |
| this.userClaim, |
| this.userPrefix, |
| }); |
| |
| IdentityServiceOidcConfig.fromJson(core.Map json_) |
| : this( |
| certificateAuthorityData: |
| json_['certificateAuthorityData'] as core.String?, |
| clientId: json_['clientId'] as core.String?, |
| clientSecret: json_['clientSecret'] as core.String?, |
| deployCloudConsoleProxy: json_['deployCloudConsoleProxy'] as core.bool?, |
| enableAccessToken: json_['enableAccessToken'] as core.bool?, |
| encryptedClientSecret: json_['encryptedClientSecret'] as core.String?, |
| extraParams: json_['extraParams'] as core.String?, |
| groupPrefix: json_['groupPrefix'] as core.String?, |
| groupsClaim: json_['groupsClaim'] as core.String?, |
| issuerUri: json_['issuerUri'] as core.String?, |
| kubectlRedirectUri: json_['kubectlRedirectUri'] as core.String?, |
| scopes: json_['scopes'] as core.String?, |
| userClaim: json_['userClaim'] as core.String?, |
| userPrefix: json_['userPrefix'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateAuthorityData = this.certificateAuthorityData; |
| final clientId = this.clientId; |
| final clientSecret = this.clientSecret; |
| final deployCloudConsoleProxy = this.deployCloudConsoleProxy; |
| final enableAccessToken = this.enableAccessToken; |
| final encryptedClientSecret = this.encryptedClientSecret; |
| final extraParams = this.extraParams; |
| final groupPrefix = this.groupPrefix; |
| final groupsClaim = this.groupsClaim; |
| final issuerUri = this.issuerUri; |
| final kubectlRedirectUri = this.kubectlRedirectUri; |
| final scopes = this.scopes; |
| final userClaim = this.userClaim; |
| final userPrefix = this.userPrefix; |
| return { |
| 'certificateAuthorityData': ?certificateAuthorityData, |
| 'clientId': ?clientId, |
| 'clientSecret': ?clientSecret, |
| 'deployCloudConsoleProxy': ?deployCloudConsoleProxy, |
| 'enableAccessToken': ?enableAccessToken, |
| 'encryptedClientSecret': ?encryptedClientSecret, |
| 'extraParams': ?extraParams, |
| 'groupPrefix': ?groupPrefix, |
| 'groupsClaim': ?groupsClaim, |
| 'issuerUri': ?issuerUri, |
| 'kubectlRedirectUri': ?kubectlRedirectUri, |
| 'scopes': ?scopes, |
| 'userClaim': ?userClaim, |
| 'userPrefix': ?userPrefix, |
| }; |
| } |
| } |
| |
| /// Configuration for the SAML Auth flow. |
| class IdentityServiceSamlConfig { |
| /// The mapping of additional user attributes like nickname, birthday and |
| /// address etc.. |
| /// |
| /// `key` is the name of this additional attribute. `value` is a string |
| /// presenting as CEL(common expression language, go/cel) used for getting the |
| /// value from the resources. Take nickname as an example, in this case, `key` |
| /// is "attribute.nickname" and `value` is "assertion.nickname". |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? attributeMapping; |
| |
| /// Prefix to prepend to group name. |
| /// |
| /// Optional. |
| core.String? groupPrefix; |
| |
| /// The SAML attribute to read groups from. |
| /// |
| /// This value is expected to be a string and will be passed along as-is (with |
| /// the option of being prefixed by the `group_prefix`). |
| /// |
| /// Optional. |
| core.String? groupsAttribute; |
| |
| /// The list of IdP certificates to validate the SAML response against. |
| /// |
| /// Required. |
| core.List<core.String>? identityProviderCertificates; |
| |
| /// The entity ID of the SAML IdP. |
| /// |
| /// Required. |
| core.String? identityProviderId; |
| |
| /// The URI where the SAML IdP exposes the SSO service. |
| /// |
| /// Required. |
| core.String? identityProviderSsoUri; |
| |
| /// The SAML attribute to read username from. |
| /// |
| /// If unspecified, the username will be read from the NameID element of the |
| /// assertion in SAML response. This value is expected to be a string and will |
| /// be passed along as-is (with the option of being prefixed by the |
| /// `user_prefix`). |
| /// |
| /// Optional. |
| core.String? userAttribute; |
| |
| /// Prefix to prepend to user name. |
| /// |
| /// Optional. |
| core.String? userPrefix; |
| |
| IdentityServiceSamlConfig({ |
| this.attributeMapping, |
| this.groupPrefix, |
| this.groupsAttribute, |
| this.identityProviderCertificates, |
| this.identityProviderId, |
| this.identityProviderSsoUri, |
| this.userAttribute, |
| this.userPrefix, |
| }); |
| |
| IdentityServiceSamlConfig.fromJson(core.Map json_) |
| : this( |
| attributeMapping: |
| (json_['attributeMapping'] as core.Map<core.String, core.dynamic>?) |
| ?.map((key, value) => core.MapEntry(key, value as core.String)), |
| groupPrefix: json_['groupPrefix'] as core.String?, |
| groupsAttribute: json_['groupsAttribute'] as core.String?, |
| identityProviderCertificates: |
| (json_['identityProviderCertificates'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| identityProviderId: json_['identityProviderId'] as core.String?, |
| identityProviderSsoUri: json_['identityProviderSsoUri'] as core.String?, |
| userAttribute: json_['userAttribute'] as core.String?, |
| userPrefix: json_['userPrefix'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final attributeMapping = this.attributeMapping; |
| final groupPrefix = this.groupPrefix; |
| final groupsAttribute = this.groupsAttribute; |
| final identityProviderCertificates = this.identityProviderCertificates; |
| final identityProviderId = this.identityProviderId; |
| final identityProviderSsoUri = this.identityProviderSsoUri; |
| final userAttribute = this.userAttribute; |
| final userPrefix = this.userPrefix; |
| return { |
| 'attributeMapping': ?attributeMapping, |
| 'groupPrefix': ?groupPrefix, |
| 'groupsAttribute': ?groupsAttribute, |
| 'identityProviderCertificates': ?identityProviderCertificates, |
| 'identityProviderId': ?identityProviderId, |
| 'identityProviderSsoUri': ?identityProviderSsoUri, |
| 'userAttribute': ?userAttribute, |
| 'userPrefix': ?userPrefix, |
| }; |
| } |
| } |
| |
| /// Server settings for the external LDAP server. |
| class IdentityServiceServerConfig { |
| /// Contains a Base64 encoded, PEM formatted certificate authority certificate |
| /// for the LDAP server. |
| /// |
| /// This must be provided for the "ldaps" and "startTLS" connections. |
| /// |
| /// Optional. |
| core.String? certificateAuthorityData; |
| core.List<core.int> get certificateAuthorityDataAsBytes => |
| convert.base64.decode(certificateAuthorityData!); |
| |
| set certificateAuthorityDataAsBytes(core.List<core.int> bytes_) { |
| certificateAuthorityData = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| /// Defines the connection type to communicate with the LDAP server. |
| /// |
| /// If `starttls` or `ldaps` is specified, the certificate_authority_data |
| /// should not be empty. |
| /// |
| /// Optional. |
| core.String? connectionType; |
| |
| /// Defines the hostname or IP of the LDAP server. |
| /// |
| /// Port is optional and will default to 389, if unspecified. For example, |
| /// "ldap.server.example" or "10.10.10.10:389". |
| /// |
| /// Required. |
| core.String? host; |
| |
| IdentityServiceServerConfig({ |
| this.certificateAuthorityData, |
| this.connectionType, |
| this.host, |
| }); |
| |
| IdentityServiceServerConfig.fromJson(core.Map json_) |
| : this( |
| certificateAuthorityData: |
| json_['certificateAuthorityData'] as core.String?, |
| connectionType: json_['connectionType'] as core.String?, |
| host: json_['host'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateAuthorityData = this.certificateAuthorityData; |
| final connectionType = this.connectionType; |
| final host = this.host; |
| return { |
| 'certificateAuthorityData': ?certificateAuthorityData, |
| 'connectionType': ?connectionType, |
| 'host': ?host, |
| }; |
| } |
| } |
| |
| /// Contains the credentials of the service account which is authorized to |
| /// perform the LDAP search in the directory. |
| /// |
| /// The credentials can be supplied by the combination of the DN and password or |
| /// the client certificate. |
| class IdentityServiceServiceAccountConfig { |
| /// Credentials for basic auth. |
| IdentityServiceSimpleBindCredentials? simpleBindCredentials; |
| |
| IdentityServiceServiceAccountConfig({this.simpleBindCredentials}); |
| |
| IdentityServiceServiceAccountConfig.fromJson(core.Map json_) |
| : this( |
| simpleBindCredentials: json_.containsKey('simpleBindCredentials') |
| ? IdentityServiceSimpleBindCredentials.fromJson( |
| json_['simpleBindCredentials'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final simpleBindCredentials = this.simpleBindCredentials; |
| return {'simpleBindCredentials': ?simpleBindCredentials}; |
| } |
| } |
| |
| /// The structure holds the LDAP simple binding credential. |
| class IdentityServiceSimpleBindCredentials { |
| /// The distinguished name(DN) of the service account object/user. |
| /// |
| /// Required. |
| core.String? dn; |
| |
| /// The encrypted password of the service account object/user. |
| /// |
| /// Output only. |
| core.String? encryptedPassword; |
| core.List<core.int> get encryptedPasswordAsBytes => |
| convert.base64.decode(encryptedPassword!); |
| |
| set encryptedPasswordAsBytes(core.List<core.int> bytes_) { |
| encryptedPassword = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| /// Input only. |
| /// |
| /// The password of the service account object/user. |
| /// |
| /// Required. |
| core.String? password; |
| |
| IdentityServiceSimpleBindCredentials({ |
| this.dn, |
| this.encryptedPassword, |
| this.password, |
| }); |
| |
| IdentityServiceSimpleBindCredentials.fromJson(core.Map json_) |
| : this( |
| dn: json_['dn'] as core.String?, |
| encryptedPassword: json_['encryptedPassword'] as core.String?, |
| password: json_['password'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final dn = this.dn; |
| final encryptedPassword = this.encryptedPassword; |
| final password = this.password; |
| return { |
| 'dn': ?dn, |
| 'encryptedPassword': ?encryptedPassword, |
| 'password': ?password, |
| }; |
| } |
| } |
| |
| /// **IdentityService**: Configuration for a single membership. |
| class IdentityServiceSpec { |
| /// A member may support multiple auth methods. |
| core.List<IdentityServiceAuthMethod>? authMethods; |
| |
| /// non-protocol-related configuration options. |
| /// |
| /// Optional. |
| IdentityServiceIdentityServiceOptions? identityServiceOptions; |
| |
| IdentityServiceSpec({this.authMethods, this.identityServiceOptions}); |
| |
| IdentityServiceSpec.fromJson(core.Map json_) |
| : this( |
| authMethods: (json_['authMethods'] as core.List?) |
| ?.map( |
| (value) => IdentityServiceAuthMethod.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| identityServiceOptions: json_.containsKey('identityServiceOptions') |
| ? IdentityServiceIdentityServiceOptions.fromJson( |
| json_['identityServiceOptions'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final authMethods = this.authMethods; |
| final identityServiceOptions = this.identityServiceOptions; |
| return { |
| 'authMethods': ?authMethods, |
| 'identityServiceOptions': ?identityServiceOptions, |
| }; |
| } |
| } |
| |
| /// **IdentityService**: State for a single membership, analyzed and reported by |
| /// feature controller. |
| class IdentityServiceState { |
| /// The reason of the failure. |
| core.String? failureReason; |
| |
| /// Installed AIS version. |
| /// |
| /// This is the AIS version installed on this member. The values makes sense |
| /// iff state is OK. |
| core.String? installedVersion; |
| |
| /// Last reconciled membership configuration |
| IdentityServiceSpec? memberConfig; |
| |
| /// Deployment state on this member |
| /// Possible string values are: |
| /// - "DEPLOYMENT_STATE_UNSPECIFIED" : Unspecified state |
| /// - "OK" : deployment succeeds |
| /// - "ERROR" : Failure with error. |
| core.String? state; |
| |
| IdentityServiceState({ |
| this.failureReason, |
| this.installedVersion, |
| this.memberConfig, |
| this.state, |
| }); |
| |
| IdentityServiceState.fromJson(core.Map json_) |
| : this( |
| failureReason: json_['failureReason'] as core.String?, |
| installedVersion: json_['installedVersion'] as core.String?, |
| memberConfig: json_.containsKey('memberConfig') |
| ? IdentityServiceSpec.fromJson( |
| json_['memberConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| state: json_['state'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final failureReason = this.failureReason; |
| final installedVersion = this.installedVersion; |
| final memberConfig = this.memberConfig; |
| final state = this.state; |
| return { |
| 'failureReason': ?failureReason, |
| 'installedVersion': ?installedVersion, |
| 'memberConfig': ?memberConfig, |
| 'state': ?state, |
| }; |
| } |
| } |
| |
| /// Defines where users exist in the LDAP directory. |
| class IdentityServiceUserConfig { |
| /// The location of the subtree in the LDAP directory to search for user |
| /// entries. |
| /// |
| /// Required. |
| core.String? baseDn; |
| |
| /// Filter to apply when searching for the user. |
| /// |
| /// This can be used to further restrict the user accounts which are allowed |
| /// to login. This defaults to "(objectClass=User)". |
| /// |
| /// Optional. |
| core.String? filter; |
| |
| /// Determines which attribute to use as the user's identity after they are |
| /// authenticated. |
| /// |
| /// This is distinct from the loginAttribute field to allow users to login |
| /// with a username, but then have their actual identifier be an email address |
| /// or full Distinguished Name (DN). For example, setting loginAttribute to |
| /// "sAMAccountName" and identifierAttribute to "userPrincipalName" would |
| /// allow a user to login as "bsmith", but actual RBAC policies for the user |
| /// would be written as "bsmith@example.com". Using "userPrincipalName" is |
| /// recommended since this will be unique for each user. This defaults to |
| /// "userPrincipalName". |
| /// |
| /// Optional. |
| core.String? idAttribute; |
| |
| /// The name of the attribute which matches against the input username. |
| /// |
| /// This is used to find the user in the LDAP database e.g. "(=)" and is |
| /// combined with the optional filter field. This defaults to |
| /// "userPrincipalName". |
| /// |
| /// Optional. |
| core.String? loginAttribute; |
| |
| IdentityServiceUserConfig({ |
| this.baseDn, |
| this.filter, |
| this.idAttribute, |
| this.loginAttribute, |
| }); |
| |
| IdentityServiceUserConfig.fromJson(core.Map json_) |
| : this( |
| baseDn: json_['baseDn'] as core.String?, |
| filter: json_['filter'] as core.String?, |
| idAttribute: json_['idAttribute'] as core.String?, |
| loginAttribute: json_['loginAttribute'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final baseDn = this.baseDn; |
| final filter = this.filter; |
| final idAttribute = this.idAttribute; |
| final loginAttribute = this.loginAttribute; |
| return { |
| 'baseDn': ?baseDn, |
| 'filter': ?filter, |
| 'idAttribute': ?idAttribute, |
| 'loginAttribute': ?loginAttribute, |
| }; |
| } |
| } |
| |
| /// LifecycleState describes the state of a MembershipFeature *resource* in the |
| /// GkeHub API. |
| /// |
| /// See `FeatureState` for the "running state" of the MembershipFeature. |
| class LifecycleState { |
| /// The current state of the Feature resource in the Hub API. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "STATE_UNSPECIFIED" : State is unknown or not set. |
| /// - "ENABLING" : The MembershipFeature is being enabled, and the |
| /// MembershipFeature resource is being created. Once complete, the |
| /// corresponding MembershipFeature will be enabled in this Hub. |
| /// - "ACTIVE" : The MembershipFeature is enabled in this Hub, and the |
| /// MembershipFeature resource is fully available. |
| /// - "DISABLING" : The MembershipFeature is being disabled in this Hub, and |
| /// the MembershipFeature resource is being deleted. |
| /// - "UPDATING" : The MembershipFeature resource is being updated. |
| /// - "SERVICE_UPDATING" : The MembershipFeature resource is being updated by |
| /// the Hub Service. |
| core.String? state; |
| |
| LifecycleState({this.state}); |
| |
| LifecycleState.fromJson(core.Map json_) |
| : this(state: json_['state'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final state = this.state; |
| return {'state': ?state}; |
| } |
| } |
| |
| /// The response message for Locations.ListLocations. |
| class ListLocationsResponse { |
| /// A list of locations that matches the specified filter in the request. |
| core.List<Location>? locations; |
| |
| /// The standard List next-page token. |
| core.String? nextPageToken; |
| |
| ListLocationsResponse({this.locations, this.nextPageToken}); |
| |
| ListLocationsResponse.fromJson(core.Map json_) |
| : this( |
| locations: (json_['locations'] as core.List?) |
| ?.map( |
| (value) => Location.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final locations = this.locations; |
| final nextPageToken = this.nextPageToken; |
| return {'locations': ?locations, 'nextPageToken': ?nextPageToken}; |
| } |
| } |
| |
| /// Response message for the `GkeHubFeature.ListMembershipFeatures` method. |
| class ListMembershipFeaturesResponse { |
| /// The list of matching MembershipFeatures. |
| core.List<MembershipFeature>? membershipFeatures; |
| |
| /// A token to request the next page of resources from the |
| /// `ListMembershipFeatures` method. |
| /// |
| /// The value of an empty string means that there are no more resources to |
| /// return. |
| core.String? nextPageToken; |
| |
| /// List of locations that could not be reached while fetching this list. |
| core.List<core.String>? unreachable; |
| |
| ListMembershipFeaturesResponse({ |
| this.membershipFeatures, |
| this.nextPageToken, |
| this.unreachable, |
| }); |
| |
| ListMembershipFeaturesResponse.fromJson(core.Map json_) |
| : this( |
| membershipFeatures: (json_['membershipFeatures'] as core.List?) |
| ?.map( |
| (value) => MembershipFeature.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final membershipFeatures = this.membershipFeatures; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'membershipFeatures': ?membershipFeatures, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// The response message for Operations.ListOperations. |
| class ListOperationsResponse { |
| /// The standard List next-page token. |
| core.String? nextPageToken; |
| |
| /// A list of operations that matches the specified filter in the request. |
| core.List<Operation>? operations; |
| |
| /// Unordered list. |
| /// |
| /// Unreachable resources. Populated when the request sets |
| /// `ListOperationsRequest.return_partial_success` and reads across |
| /// collections. For example, when attempting to list all resources across all |
| /// supported locations. |
| core.List<core.String>? unreachable; |
| |
| ListOperationsResponse({ |
| this.nextPageToken, |
| this.operations, |
| this.unreachable, |
| }); |
| |
| ListOperationsResponse.fromJson(core.Map json_) |
| : this( |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| operations: (json_['operations'] as core.List?) |
| ?.map( |
| (value) => Operation.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final nextPageToken = this.nextPageToken; |
| final operations = this.operations; |
| final unreachable = this.unreachable; |
| return { |
| 'nextPageToken': ?nextPageToken, |
| 'operations': ?operations, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// A resource that represents a Google Cloud location. |
| typedef Location = $Location; |
| |
| /// MembershipFeature represents the settings and status of a Fleet Feature |
| /// enabled on a single Fleet Membership. |
| class MembershipFeature { |
| /// When the MembershipFeature resource was created. |
| /// |
| /// Output only. |
| core.String? createTime; |
| |
| /// When the MembershipFeature resource was deleted. |
| /// |
| /// Output only. |
| core.String? deleteTime; |
| |
| /// Google Cloud labels for this MembershipFeature. |
| core.Map<core.String, core.String>? labels; |
| |
| /// Lifecycle information of the resource itself. |
| /// |
| /// Output only. |
| LifecycleState? lifecycleState; |
| |
| /// The resource name of the membershipFeature, in the format: |
| /// `projects/{project}/locations/{location}/memberships/{membership}/features/{feature}`. |
| /// |
| /// Note that `membershipFeatures` is shortened to `features` in the resource |
| /// name. (see http://go/aip/122#collection-identifiers) |
| /// |
| /// Output only. |
| core.String? name; |
| |
| /// Spec of this membershipFeature. |
| /// |
| /// Optional. |
| FeatureSpec? spec; |
| |
| /// State of the this membershipFeature. |
| /// |
| /// Output only. |
| FeatureState? state; |
| |
| /// When the MembershipFeature resource was last updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| MembershipFeature({ |
| this.createTime, |
| this.deleteTime, |
| this.labels, |
| this.lifecycleState, |
| this.name, |
| this.spec, |
| this.state, |
| this.updateTime, |
| }); |
| |
| MembershipFeature.fromJson(core.Map json_) |
| : this( |
| createTime: json_['createTime'] as core.String?, |
| deleteTime: json_['deleteTime'] as core.String?, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| lifecycleState: json_.containsKey('lifecycleState') |
| ? LifecycleState.fromJson( |
| json_['lifecycleState'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| name: json_['name'] as core.String?, |
| spec: json_.containsKey('spec') |
| ? FeatureSpec.fromJson( |
| json_['spec'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| state: json_.containsKey('state') |
| ? FeatureState.fromJson( |
| json_['state'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final createTime = this.createTime; |
| final deleteTime = this.deleteTime; |
| final labels = this.labels; |
| final lifecycleState = this.lifecycleState; |
| final name = this.name; |
| final spec = this.spec; |
| final state = this.state; |
| final updateTime = this.updateTime; |
| return { |
| 'createTime': ?createTime, |
| 'deleteTime': ?deleteTime, |
| 'labels': ?labels, |
| 'lifecycleState': ?lifecycleState, |
| 'name': ?name, |
| 'spec': ?spec, |
| 'state': ?state, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// **Metering**: State for a single membership, analyzed and reported by |
| /// feature controller. |
| class MeteringState { |
| /// The time stamp of the most recent measurement of the number of vCPUs in |
| /// the cluster. |
| core.String? lastMeasurementTime; |
| |
| /// The vCPUs capacity in the cluster according to the most recent measurement |
| /// (1/1000 precision). |
| core.double? preciseLastMeasuredClusterVcpuCapacity; |
| |
| MeteringState({ |
| this.lastMeasurementTime, |
| this.preciseLastMeasuredClusterVcpuCapacity, |
| }); |
| |
| MeteringState.fromJson(core.Map json_) |
| : this( |
| lastMeasurementTime: json_['lastMeasurementTime'] as core.String?, |
| preciseLastMeasuredClusterVcpuCapacity: |
| (json_['preciseLastMeasuredClusterVcpuCapacity'] as core.num?) |
| ?.toDouble(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final lastMeasurementTime = this.lastMeasurementTime; |
| final preciseLastMeasuredClusterVcpuCapacity = |
| this.preciseLastMeasuredClusterVcpuCapacity; |
| return { |
| 'lastMeasurementTime': ?lastMeasurementTime, |
| 'preciseLastMeasuredClusterVcpuCapacity': |
| ?preciseLastMeasuredClusterVcpuCapacity, |
| }; |
| } |
| } |
| |
| /// This resource represents a long-running operation that is the result of a |
| /// network API call. |
| class Operation { |
| /// If the value is `false`, it means the operation is still in progress. |
| /// |
| /// If `true`, the operation is completed, and either `error` or `response` is |
| /// available. |
| core.bool? done; |
| |
| /// The error result of the operation in case of failure or cancellation. |
| GoogleRpcStatus? error; |
| |
| /// Service-specific metadata associated with the operation. |
| /// |
| /// It typically contains progress information and common metadata such as |
| /// create time. Some services might not provide such metadata. Any method |
| /// that returns a long-running operation should document the metadata type, |
| /// if any. |
| /// |
| /// The values for Object must be JSON objects. It can consist of `num`, |
| /// `String`, `bool` and `null` as well as `Map` and `List` values. |
| core.Map<core.String, core.Object?>? metadata; |
| |
| /// The server-assigned name, which is only unique within the same service |
| /// that originally returns it. |
| /// |
| /// If you use the default HTTP mapping, the `name` should be a resource name |
| /// ending with `operations/{unique_id}`. |
| core.String? name; |
| |
| /// The normal, successful response of the operation. |
| /// |
| /// If the original method returns no data on success, such as `Delete`, the |
| /// response is `google.protobuf.Empty`. If the original method is standard |
| /// `Get`/`Create`/`Update`, the response should be the resource. For other |
| /// methods, the response should have the type `XxxResponse`, where `Xxx` is |
| /// the original method name. For example, if the original method name is |
| /// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. |
| /// |
| /// The values for Object must be JSON objects. It can consist of `num`, |
| /// `String`, `bool` and `null` as well as `Map` and `List` values. |
| core.Map<core.String, core.Object?>? response; |
| |
| Operation({this.done, this.error, this.metadata, this.name, this.response}); |
| |
| Operation.fromJson(core.Map json_) |
| : this( |
| done: json_['done'] as core.bool?, |
| error: json_.containsKey('error') |
| ? GoogleRpcStatus.fromJson( |
| json_['error'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| metadata: json_.containsKey('metadata') |
| ? json_['metadata'] as core.Map<core.String, core.dynamic> |
| : null, |
| name: json_['name'] as core.String?, |
| response: json_.containsKey('response') |
| ? json_['response'] as core.Map<core.String, core.dynamic> |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final done = this.done; |
| final error = this.error; |
| final metadata = this.metadata; |
| final name = this.name; |
| final response = this.response; |
| return { |
| 'done': ?done, |
| 'error': ?error, |
| 'metadata': ?metadata, |
| 'name': ?name, |
| 'response': ?response, |
| }; |
| } |
| } |
| |
| /// Origin defines where this FeatureSpec originated from. |
| class Origin { |
| /// Type specifies which type of origin is set. |
| /// Possible string values are: |
| /// - "TYPE_UNSPECIFIED" : Type is unknown or not set. |
| /// - "FLEET" : Per-Feature spec was inherited from the fleet-level default. |
| /// - "FLEET_OUT_OF_SYNC" : Per-Feature spec was inherited from the |
| /// fleet-level default but is now out of sync with the current default. |
| /// - "USER" : Per-Feature spec was inherited from a user specification. |
| core.String? type; |
| |
| Origin({this.type}); |
| |
| Origin.fromJson(core.Map json_) : this(type: json_['type'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final type = this.type; |
| return {'type': ?type}; |
| } |
| } |
| |
| /// BundleInstallSpec is the specification configuration for a single managed |
| /// bundle. |
| class PolicyControllerBundleInstallSpec { |
| /// the set of namespaces to be exempted from the bundle |
| core.List<core.String>? exemptedNamespaces; |
| |
| PolicyControllerBundleInstallSpec({this.exemptedNamespaces}); |
| |
| PolicyControllerBundleInstallSpec.fromJson(core.Map json_) |
| : this( |
| exemptedNamespaces: (json_['exemptedNamespaces'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final exemptedNamespaces = this.exemptedNamespaces; |
| return {'exemptedNamespaces': ?exemptedNamespaces}; |
| } |
| } |
| |
| /// Configuration for Policy Controller |
| class PolicyControllerHubConfig { |
| /// Sets the interval for Policy Controller Audit Scans (in seconds). |
| /// |
| /// When set to 0, this disables audit functionality altogether. |
| core.String? auditIntervalSeconds; |
| |
| /// The maximum number of audit violations to be stored in a constraint. |
| /// |
| /// If not set, the internal default (currently 20) will be used. |
| core.String? constraintViolationLimit; |
| |
| /// Map of deployment configs to deployments (“admission”, “audit”, |
| /// “mutation”). |
| core.Map<core.String, PolicyControllerPolicyControllerDeploymentConfig>? |
| deploymentConfigs; |
| |
| /// The set of namespaces that are excluded from Policy Controller checks. |
| /// |
| /// Namespaces do not need to currently exist on the cluster. |
| core.List<core.String>? exemptableNamespaces; |
| |
| /// The install_spec represents the intended state specified by the latest |
| /// request that mutated install_spec in the feature spec, not the lifecycle |
| /// state of the feature observed by the Hub feature controller that is |
| /// reported in the feature state. |
| /// Possible string values are: |
| /// - "INSTALL_SPEC_UNSPECIFIED" : Spec is unknown. |
| /// - "INSTALL_SPEC_NOT_INSTALLED" : Request to uninstall Policy Controller. |
| /// - "INSTALL_SPEC_ENABLED" : Request to install and enable Policy |
| /// Controller. |
| /// - "INSTALL_SPEC_SUSPENDED" : Request to suspend Policy Controller i.e. its |
| /// webhooks. If Policy Controller is not installed, it will be installed but |
| /// suspended. |
| /// - "INSTALL_SPEC_DETACHED" : Request to stop all reconciliation actions by |
| /// PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from |
| /// affecting cluster resources. |
| core.String? installSpec; |
| |
| /// Logs all denies and dry run failures. |
| core.bool? logDeniesEnabled; |
| |
| /// Monitoring specifies the configuration of monitoring. |
| PolicyControllerMonitoringConfig? monitoring; |
| |
| /// Enables the ability to mutate resources using Policy Controller. |
| core.bool? mutationEnabled; |
| |
| /// Specifies the desired policy content on the cluster |
| PolicyControllerPolicyContentSpec? policyContent; |
| |
| /// Enables the ability to use Constraint Templates that reference to objects |
| /// other than the object currently being evaluated. |
| core.bool? referentialRulesEnabled; |
| |
| PolicyControllerHubConfig({ |
| this.auditIntervalSeconds, |
| this.constraintViolationLimit, |
| this.deploymentConfigs, |
| this.exemptableNamespaces, |
| this.installSpec, |
| this.logDeniesEnabled, |
| this.monitoring, |
| this.mutationEnabled, |
| this.policyContent, |
| this.referentialRulesEnabled, |
| }); |
| |
| PolicyControllerHubConfig.fromJson(core.Map json_) |
| : this( |
| auditIntervalSeconds: json_['auditIntervalSeconds'] as core.String?, |
| constraintViolationLimit: |
| json_['constraintViolationLimit'] as core.String?, |
| deploymentConfigs: |
| (json_['deploymentConfigs'] as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| PolicyControllerPolicyControllerDeploymentConfig.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| exemptableNamespaces: (json_['exemptableNamespaces'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| installSpec: json_['installSpec'] as core.String?, |
| logDeniesEnabled: json_['logDeniesEnabled'] as core.bool?, |
| monitoring: json_.containsKey('monitoring') |
| ? PolicyControllerMonitoringConfig.fromJson( |
| json_['monitoring'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| mutationEnabled: json_['mutationEnabled'] as core.bool?, |
| policyContent: json_.containsKey('policyContent') |
| ? PolicyControllerPolicyContentSpec.fromJson( |
| json_['policyContent'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| referentialRulesEnabled: json_['referentialRulesEnabled'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final auditIntervalSeconds = this.auditIntervalSeconds; |
| final constraintViolationLimit = this.constraintViolationLimit; |
| final deploymentConfigs = this.deploymentConfigs; |
| final exemptableNamespaces = this.exemptableNamespaces; |
| final installSpec = this.installSpec; |
| final logDeniesEnabled = this.logDeniesEnabled; |
| final monitoring = this.monitoring; |
| final mutationEnabled = this.mutationEnabled; |
| final policyContent = this.policyContent; |
| final referentialRulesEnabled = this.referentialRulesEnabled; |
| return { |
| 'auditIntervalSeconds': ?auditIntervalSeconds, |
| 'constraintViolationLimit': ?constraintViolationLimit, |
| 'deploymentConfigs': ?deploymentConfigs, |
| 'exemptableNamespaces': ?exemptableNamespaces, |
| 'installSpec': ?installSpec, |
| 'logDeniesEnabled': ?logDeniesEnabled, |
| 'monitoring': ?monitoring, |
| 'mutationEnabled': ?mutationEnabled, |
| 'policyContent': ?policyContent, |
| 'referentialRulesEnabled': ?referentialRulesEnabled, |
| }; |
| } |
| } |
| |
| /// MonitoringConfig specifies the backends Policy Controller should export |
| /// metrics to. |
| /// |
| /// For example, to specify metrics should be exported to Cloud Monitoring and |
| /// Prometheus, specify backends: \["cloudmonitoring", "prometheus"\] |
| typedef PolicyControllerMonitoringConfig = $Shared; |
| |
| /// OnClusterState represents the state of a sub-component of Policy Controller. |
| class PolicyControllerOnClusterState { |
| /// Surface potential errors or information logs. |
| core.String? details; |
| |
| /// The lifecycle state of this component. |
| /// Possible string values are: |
| /// - "LIFECYCLE_STATE_UNSPECIFIED" : The lifecycle state is unspecified. |
| /// - "NOT_INSTALLED" : The PC does not exist on the given cluster, and no k8s |
| /// resources of any type that are associated with the PC should exist there. |
| /// The cluster does not possess a membership with the PCH. |
| /// - "INSTALLING" : The PCH possesses a Membership, however the PC is not |
| /// fully installed on the cluster. In this state the hub can be expected to |
| /// be taking actions to install the PC on the cluster. |
| /// - "ACTIVE" : The PC is fully installed on the cluster and in an |
| /// operational mode. In this state PCH will be reconciling state with the PC, |
| /// and the PC will be performing it's operational tasks per that software. |
| /// Entering a READY state requires that the hub has confirmed the PC is |
| /// installed and its pods are operational with the version of the PC the PCH |
| /// expects. |
| /// - "UPDATING" : The PC is fully installed, but in the process of changing |
| /// the configuration (including changing the version of PC either up and |
| /// down, or modifying the manifests of PC) of the resources running on the |
| /// cluster. The PCH has a Membership, is aware of the version the cluster |
| /// should be running in, but has not confirmed for itself that the PC is |
| /// running with that version. |
| /// - "DECOMMISSIONING" : The PC may have resources on the cluster, but the |
| /// PCH wishes to remove the Membership. The Membership still exists. |
| /// - "CLUSTER_ERROR" : The PC is not operational, and the PCH is unable to |
| /// act to make it operational. Entering a CLUSTER_ERROR state happens |
| /// automatically when the PCH determines that a PC installed on the cluster |
| /// is non-operative or that the cluster does not meet requirements set for |
| /// the PCH to administer the cluster but has nevertheless been given an |
| /// instruction to do so (such as ‘install'). |
| /// - "HUB_ERROR" : In this state, the PC may still be operational, and only |
| /// the PCH is unable to act. The hub should not issue instructions to change |
| /// the PC state, or otherwise interfere with the on-cluster resources. |
| /// Entering a HUB_ERROR state happens automatically when the PCH determines |
| /// the hub is in an unhealthy state and it wishes to ‘take hands off' to |
| /// avoid corrupting the PC or other data. |
| /// - "SUSPENDED" : Policy Controller (PC) is installed but suspended. This |
| /// means that the policies are not enforced, but violations are still |
| /// recorded (through audit). |
| /// - "DETACHED" : PoCo Hub is not taking any action to reconcile cluster |
| /// objects. Changes to those objects will not be overwritten by PoCo Hub. |
| core.String? state; |
| |
| PolicyControllerOnClusterState({this.details, this.state}); |
| |
| PolicyControllerOnClusterState.fromJson(core.Map json_) |
| : this( |
| details: json_['details'] as core.String?, |
| state: json_['state'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final details = this.details; |
| final state = this.state; |
| return {'details': ?details, 'state': ?state}; |
| } |
| } |
| |
| /// PolicyContentSpec defines the user's desired content configuration on the |
| /// cluster. |
| class PolicyControllerPolicyContentSpec { |
| /// map of bundle name to BundleInstallSpec. |
| /// |
| /// The bundle name maps to the `bundleName` key in the |
| /// `policycontroller.gke.io/constraintData` annotation on a constraint. |
| core.Map<core.String, PolicyControllerBundleInstallSpec>? bundles; |
| |
| /// Configures the installation of the Template Library. |
| PolicyControllerTemplateLibraryConfig? templateLibrary; |
| |
| PolicyControllerPolicyContentSpec({this.bundles, this.templateLibrary}); |
| |
| PolicyControllerPolicyContentSpec.fromJson(core.Map json_) |
| : this( |
| bundles: (json_['bundles'] as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| PolicyControllerBundleInstallSpec.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| templateLibrary: json_.containsKey('templateLibrary') |
| ? PolicyControllerTemplateLibraryConfig.fromJson( |
| json_['templateLibrary'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final bundles = this.bundles; |
| final templateLibrary = this.templateLibrary; |
| return {'bundles': ?bundles, 'templateLibrary': ?templateLibrary}; |
| } |
| } |
| |
| /// The state of the policy controller policy content |
| class PolicyControllerPolicyContentState { |
| /// The state of the any bundles included in the chosen version of the |
| /// manifest |
| core.Map<core.String, PolicyControllerOnClusterState>? bundleStates; |
| |
| /// The state of the referential data sync configuration. |
| /// |
| /// This could represent the state of either the syncSet object(s) or the |
| /// config object, depending on the version of PoCo configured by the user. |
| PolicyControllerOnClusterState? referentialSyncConfigState; |
| |
| /// The state of the template library |
| PolicyControllerOnClusterState? templateLibraryState; |
| |
| PolicyControllerPolicyContentState({ |
| this.bundleStates, |
| this.referentialSyncConfigState, |
| this.templateLibraryState, |
| }); |
| |
| PolicyControllerPolicyContentState.fromJson(core.Map json_) |
| : this( |
| bundleStates: |
| (json_['bundleStates'] as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| PolicyControllerOnClusterState.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| referentialSyncConfigState: |
| json_.containsKey('referentialSyncConfigState') |
| ? PolicyControllerOnClusterState.fromJson( |
| json_['referentialSyncConfigState'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| templateLibraryState: json_.containsKey('templateLibraryState') |
| ? PolicyControllerOnClusterState.fromJson( |
| json_['templateLibraryState'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final bundleStates = this.bundleStates; |
| final referentialSyncConfigState = this.referentialSyncConfigState; |
| final templateLibraryState = this.templateLibraryState; |
| return { |
| 'bundleStates': ?bundleStates, |
| 'referentialSyncConfigState': ?referentialSyncConfigState, |
| 'templateLibraryState': ?templateLibraryState, |
| }; |
| } |
| } |
| |
| /// Deployment-specific configuration. |
| class PolicyControllerPolicyControllerDeploymentConfig { |
| /// Container resource requirements. |
| PolicyControllerResourceRequirements? containerResources; |
| |
| /// Pod affinity configuration. |
| /// Possible string values are: |
| /// - "AFFINITY_UNSPECIFIED" : No affinity configuration has been specified. |
| /// - "NO_AFFINITY" : Affinity configurations will be removed from the |
| /// deployment. |
| /// - "ANTI_AFFINITY" : Anti-affinity configuration will be applied to this |
| /// deployment. Default for admissions deployment. |
| core.String? podAffinity; |
| |
| /// Pod anti-affinity enablement. |
| /// |
| /// Deprecated: use `pod_affinity` instead. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.bool? podAntiAffinity; |
| |
| /// Pod tolerations of node taints. |
| core.List<PolicyControllerToleration>? podTolerations; |
| |
| /// Pod replica count. |
| core.String? replicaCount; |
| |
| PolicyControllerPolicyControllerDeploymentConfig({ |
| this.containerResources, |
| this.podAffinity, |
| this.podAntiAffinity, |
| this.podTolerations, |
| this.replicaCount, |
| }); |
| |
| PolicyControllerPolicyControllerDeploymentConfig.fromJson(core.Map json_) |
| : this( |
| containerResources: json_.containsKey('containerResources') |
| ? PolicyControllerResourceRequirements.fromJson( |
| json_['containerResources'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| podAffinity: json_['podAffinity'] as core.String?, |
| podAntiAffinity: json_['podAntiAffinity'] as core.bool?, |
| podTolerations: (json_['podTolerations'] as core.List?) |
| ?.map( |
| (value) => PolicyControllerToleration.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| replicaCount: json_['replicaCount'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final containerResources = this.containerResources; |
| final podAffinity = this.podAffinity; |
| final podAntiAffinity = this.podAntiAffinity; |
| final podTolerations = this.podTolerations; |
| final replicaCount = this.replicaCount; |
| return { |
| 'containerResources': ?containerResources, |
| 'podAffinity': ?podAffinity, |
| 'podAntiAffinity': ?podAntiAffinity, |
| 'podTolerations': ?podTolerations, |
| 'replicaCount': ?replicaCount, |
| }; |
| } |
| } |
| |
| /// ResourceList contains container resource requirements. |
| class PolicyControllerResourceList { |
| /// CPU requirement expressed in Kubernetes resource units. |
| core.String? cpu; |
| |
| /// Memory requirement expressed in Kubernetes resource units. |
| core.String? memory; |
| |
| PolicyControllerResourceList({this.cpu, this.memory}); |
| |
| PolicyControllerResourceList.fromJson(core.Map json_) |
| : this( |
| cpu: json_['cpu'] as core.String?, |
| memory: json_['memory'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final cpu = this.cpu; |
| final memory = this.memory; |
| return {'cpu': ?cpu, 'memory': ?memory}; |
| } |
| } |
| |
| /// ResourceRequirements describes the compute resource requirements. |
| class PolicyControllerResourceRequirements { |
| /// Limits describes the maximum amount of compute resources allowed for use |
| /// by the running container. |
| PolicyControllerResourceList? limits; |
| |
| /// Requests describes the amount of compute resources reserved for the |
| /// container by the kube-scheduler. |
| PolicyControllerResourceList? requests; |
| |
| PolicyControllerResourceRequirements({this.limits, this.requests}); |
| |
| PolicyControllerResourceRequirements.fromJson(core.Map json_) |
| : this( |
| limits: json_.containsKey('limits') |
| ? PolicyControllerResourceList.fromJson( |
| json_['limits'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| requests: json_.containsKey('requests') |
| ? PolicyControllerResourceList.fromJson( |
| json_['requests'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final limits = this.limits; |
| final requests = this.requests; |
| return {'limits': ?limits, 'requests': ?requests}; |
| } |
| } |
| |
| /// **Policy Controller**: Configuration for a single cluster. |
| /// |
| /// Intended to parallel the PolicyController CR. |
| class PolicyControllerSpec { |
| /// Policy Controller configuration for the cluster. |
| PolicyControllerHubConfig? policyControllerHubConfig; |
| |
| /// Version of Policy Controller installed. |
| core.String? version; |
| |
| PolicyControllerSpec({this.policyControllerHubConfig, this.version}); |
| |
| PolicyControllerSpec.fromJson(core.Map json_) |
| : this( |
| policyControllerHubConfig: |
| json_.containsKey('policyControllerHubConfig') |
| ? PolicyControllerHubConfig.fromJson( |
| json_['policyControllerHubConfig'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| version: json_['version'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final policyControllerHubConfig = this.policyControllerHubConfig; |
| final version = this.version; |
| return { |
| 'policyControllerHubConfig': ?policyControllerHubConfig, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// **Policy Controller**: State for a single cluster. |
| class PolicyControllerState { |
| /// Currently these include (also serving as map keys): 1. |
| /// |
| /// "admission" 2. "audit" 3. "mutation" |
| core.Map<core.String, PolicyControllerOnClusterState>? componentStates; |
| |
| /// The overall content state observed by the Hub Feature controller. |
| PolicyControllerPolicyContentState? policyContentState; |
| |
| /// The overall Policy Controller lifecycle state observed by the Hub Feature |
| /// controller. |
| /// Possible string values are: |
| /// - "LIFECYCLE_STATE_UNSPECIFIED" : The lifecycle state is unspecified. |
| /// - "NOT_INSTALLED" : The PC does not exist on the given cluster, and no k8s |
| /// resources of any type that are associated with the PC should exist there. |
| /// The cluster does not possess a membership with the PCH. |
| /// - "INSTALLING" : The PCH possesses a Membership, however the PC is not |
| /// fully installed on the cluster. In this state the hub can be expected to |
| /// be taking actions to install the PC on the cluster. |
| /// - "ACTIVE" : The PC is fully installed on the cluster and in an |
| /// operational mode. In this state PCH will be reconciling state with the PC, |
| /// and the PC will be performing it's operational tasks per that software. |
| /// Entering a READY state requires that the hub has confirmed the PC is |
| /// installed and its pods are operational with the version of the PC the PCH |
| /// expects. |
| /// - "UPDATING" : The PC is fully installed, but in the process of changing |
| /// the configuration (including changing the version of PC either up and |
| /// down, or modifying the manifests of PC) of the resources running on the |
| /// cluster. The PCH has a Membership, is aware of the version the cluster |
| /// should be running in, but has not confirmed for itself that the PC is |
| /// running with that version. |
| /// - "DECOMMISSIONING" : The PC may have resources on the cluster, but the |
| /// PCH wishes to remove the Membership. The Membership still exists. |
| /// - "CLUSTER_ERROR" : The PC is not operational, and the PCH is unable to |
| /// act to make it operational. Entering a CLUSTER_ERROR state happens |
| /// automatically when the PCH determines that a PC installed on the cluster |
| /// is non-operative or that the cluster does not meet requirements set for |
| /// the PCH to administer the cluster but has nevertheless been given an |
| /// instruction to do so (such as ‘install'). |
| /// - "HUB_ERROR" : In this state, the PC may still be operational, and only |
| /// the PCH is unable to act. The hub should not issue instructions to change |
| /// the PC state, or otherwise interfere with the on-cluster resources. |
| /// Entering a HUB_ERROR state happens automatically when the PCH determines |
| /// the hub is in an unhealthy state and it wishes to ‘take hands off' to |
| /// avoid corrupting the PC or other data. |
| /// - "SUSPENDED" : Policy Controller (PC) is installed but suspended. This |
| /// means that the policies are not enforced, but violations are still |
| /// recorded (through audit). |
| /// - "DETACHED" : PoCo Hub is not taking any action to reconcile cluster |
| /// objects. Changes to those objects will not be overwritten by PoCo Hub. |
| core.String? state; |
| |
| PolicyControllerState({ |
| this.componentStates, |
| this.policyContentState, |
| this.state, |
| }); |
| |
| PolicyControllerState.fromJson(core.Map json_) |
| : this( |
| componentStates: |
| (json_['componentStates'] as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| PolicyControllerOnClusterState.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| policyContentState: json_.containsKey('policyContentState') |
| ? PolicyControllerPolicyContentState.fromJson( |
| json_['policyContentState'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| state: json_['state'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final componentStates = this.componentStates; |
| final policyContentState = this.policyContentState; |
| final state = this.state; |
| return { |
| 'componentStates': ?componentStates, |
| 'policyContentState': ?policyContentState, |
| 'state': ?state, |
| }; |
| } |
| } |
| |
| /// The config specifying which default library templates to install. |
| class PolicyControllerTemplateLibraryConfig { |
| /// Configures the manner in which the template library is installed on the |
| /// cluster. |
| /// Possible string values are: |
| /// - "INSTALLATION_UNSPECIFIED" : No installation strategy has been |
| /// specified. |
| /// - "NOT_INSTALLED" : Do not install the template library. |
| /// - "ALL" : Install the entire template library. |
| core.String? installation; |
| |
| PolicyControllerTemplateLibraryConfig({this.installation}); |
| |
| PolicyControllerTemplateLibraryConfig.fromJson(core.Map json_) |
| : this(installation: json_['installation'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final installation = this.installation; |
| return {'installation': ?installation}; |
| } |
| } |
| |
| /// Toleration of a node taint. |
| class PolicyControllerToleration { |
| /// Matches a taint effect. |
| core.String? effect; |
| |
| /// Matches a taint key (not necessarily unique). |
| core.String? key; |
| |
| /// Matches a taint operator. |
| core.String? operator; |
| |
| /// Matches a taint value. |
| core.String? value; |
| |
| PolicyControllerToleration({ |
| this.effect, |
| this.key, |
| this.operator, |
| this.value, |
| }); |
| |
| PolicyControllerToleration.fromJson(core.Map json_) |
| : this( |
| effect: json_['effect'] as core.String?, |
| key: json_['key'] as core.String?, |
| operator: json_['operator'] as core.String?, |
| value: json_['value'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final effect = this.effect; |
| final key = this.key; |
| final operator = this.operator; |
| final value = this.value; |
| return { |
| 'effect': ?effect, |
| 'key': ?key, |
| 'operator': ?operator, |
| 'value': ?value, |
| }; |
| } |
| } |
| |
| /// RBACRoleBindingState is the status of an RBACRoleBinding which exists on a |
| /// membership. |
| class RBACRoleBindingActuationRBACRoleBindingState { |
| /// The reason for the failure. |
| core.String? description; |
| |
| /// The state of the RBACRoleBinding. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "ROLE_BINDING_STATE_UNSPECIFIED" : Unspecified state. |
| /// - "OK" : RBACRoleBinding is created properly on the cluster. |
| /// - "CUSTOM_ROLE_MISSING_FROM_CLUSTER" : The RBACRoleBinding was created on |
| /// the cluster but the specified custom role does not exist on the cluster, |
| /// hence the RBACRoleBinding has no effect. |
| core.String? state; |
| |
| /// The time the RBACRoleBinding status was last updated. |
| core.String? updateTime; |
| |
| RBACRoleBindingActuationRBACRoleBindingState({ |
| this.description, |
| this.state, |
| this.updateTime, |
| }); |
| |
| RBACRoleBindingActuationRBACRoleBindingState.fromJson(core.Map json_) |
| : this( |
| description: json_['description'] as core.String?, |
| state: json_['state'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final description = this.description; |
| final state = this.state; |
| final updateTime = this.updateTime; |
| return { |
| 'description': ?description, |
| 'state': ?state, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// **RBAC RoleBinding Actuation**: The membership-specific input for |
| /// RBACRoleBindingActuation feature. |
| typedef RBACRoleBindingActuationSpec = $Empty; |
| |
| /// **RBAC RoleBinding Actuation**: A membership-specific Feature state for the |
| /// RBACRoleBindingActuation fleet feature. |
| class RBACRoleBindingActuationState { |
| /// The state of RBACRoleBindings using custom roles that exist on the |
| /// cluster, keyed by RBACRoleBinding resource name with format: |
| /// projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}. |
| /// |
| /// Output only. |
| core.Map<core.String, RBACRoleBindingActuationRBACRoleBindingState>? |
| rbacrolebindingStates; |
| |
| RBACRoleBindingActuationState({this.rbacrolebindingStates}); |
| |
| RBACRoleBindingActuationState.fromJson(core.Map json_) |
| : this( |
| rbacrolebindingStates: |
| (json_['rbacrolebindingStates'] |
| as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| RBACRoleBindingActuationRBACRoleBindingState.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final rbacrolebindingStates = this.rbacrolebindingStates; |
| return {'rbacrolebindingStates': ?rbacrolebindingStates}; |
| } |
| } |
| |
| /// AnalysisMessage is a single message produced by an analyzer, and it used to |
| /// communicate to the end user about the state of their Service Mesh |
| /// configuration. |
| class ServiceMeshAnalysisMessage { |
| /// A UI can combine these args with a template (based on message_base.type) |
| /// to produce an internationalized message. |
| /// |
| /// The values for Object must be JSON objects. It can consist of `num`, |
| /// `String`, `bool` and `null` as well as `Map` and `List` values. |
| core.Map<core.String, core.Object?>? args; |
| |
| /// A human readable description of what the error means. |
| /// |
| /// It is suitable for non-internationalize display purposes. |
| core.String? description; |
| |
| /// Details common to all types of Istio and ServiceMesh analysis messages. |
| ServiceMeshAnalysisMessageBase? messageBase; |
| |
| /// A list of strings specifying the resource identifiers that were the cause |
| /// of message generation. |
| /// |
| /// A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member |
| /// cluster * MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the cause is a |
| /// resource in a cluster |
| core.List<core.String>? resourcePaths; |
| |
| ServiceMeshAnalysisMessage({ |
| this.args, |
| this.description, |
| this.messageBase, |
| this.resourcePaths, |
| }); |
| |
| ServiceMeshAnalysisMessage.fromJson(core.Map json_) |
| : this( |
| args: json_.containsKey('args') |
| ? json_['args'] as core.Map<core.String, core.dynamic> |
| : null, |
| description: json_['description'] as core.String?, |
| messageBase: json_.containsKey('messageBase') |
| ? ServiceMeshAnalysisMessageBase.fromJson( |
| json_['messageBase'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| resourcePaths: (json_['resourcePaths'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final args = this.args; |
| final description = this.description; |
| final messageBase = this.messageBase; |
| final resourcePaths = this.resourcePaths; |
| return { |
| 'args': ?args, |
| 'description': ?description, |
| 'messageBase': ?messageBase, |
| 'resourcePaths': ?resourcePaths, |
| }; |
| } |
| } |
| |
| /// AnalysisMessageBase describes some common information that is needed for all |
| /// messages. |
| class ServiceMeshAnalysisMessageBase { |
| /// A url pointing to the Service Mesh or Istio documentation for this |
| /// specific error type. |
| core.String? documentationUrl; |
| |
| /// Represents how severe a message is. |
| /// Possible string values are: |
| /// - "LEVEL_UNSPECIFIED" : Illegal. Same |
| /// istio.analysis.v1alpha1.AnalysisMessageBase.Level.UNKNOWN. |
| /// - "ERROR" : ERROR represents a misconfiguration that must be fixed. |
| /// - "WARNING" : WARNING represents a misconfiguration that should be fixed. |
| /// - "INFO" : INFO represents an informational finding. |
| core.String? level; |
| |
| /// Represents the specific type of a message. |
| ServiceMeshType? type; |
| |
| ServiceMeshAnalysisMessageBase({ |
| this.documentationUrl, |
| this.level, |
| this.type, |
| }); |
| |
| ServiceMeshAnalysisMessageBase.fromJson(core.Map json_) |
| : this( |
| documentationUrl: json_['documentationUrl'] as core.String?, |
| level: json_['level'] as core.String?, |
| type: json_.containsKey('type') |
| ? ServiceMeshType.fromJson( |
| json_['type'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final documentationUrl = this.documentationUrl; |
| final level = this.level; |
| final type = this.type; |
| return { |
| 'documentationUrl': ?documentationUrl, |
| 'level': ?level, |
| 'type': ?type, |
| }; |
| } |
| } |
| |
| /// Condition being reported. |
| class ServiceMeshCondition { |
| /// Unique identifier of the condition which describes the condition |
| /// recognizable to the user. |
| /// Possible string values are: |
| /// - "CODE_UNSPECIFIED" : Default Unspecified code |
| /// - "MESH_IAM_PERMISSION_DENIED" : Mesh IAM permission denied error code |
| /// - "MESH_IAM_CROSS_PROJECT_PERMISSION_DENIED" : Permission denied error |
| /// code for cross-project |
| /// - "CNI_CONFIG_UNSUPPORTED" : CNI config unsupported error code |
| /// - "GKE_SANDBOX_UNSUPPORTED" : GKE sandbox unsupported error code |
| /// - "NODEPOOL_WORKLOAD_IDENTITY_FEDERATION_REQUIRED" : Nodepool workload |
| /// identity federation required error code |
| /// - "CNI_INSTALLATION_FAILED" : CNI installation failed error code |
| /// - "CNI_POD_UNSCHEDULABLE" : CNI pod unschedulable error code |
| /// - "CLUSTER_HAS_ZERO_NODES" : Cluster has zero node code |
| /// - "CANONICAL_SERVICE_ERROR" : Failure to reconcile CanonicalServices |
| /// - "UNSUPPORTED_MULTIPLE_CONTROL_PLANES" : Multiple control planes |
| /// unsupported error code |
| /// - "VPCSC_GA_SUPPORTED" : VPC-SC GA is supported for this control plane. |
| /// - "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT" : User is using deprecated |
| /// ControlPlaneManagement and they have not yet set Management. |
| /// - "DEPRECATED_SPEC_CONTROL_PLANE_MANAGEMENT_SAFE" : User is using |
| /// deprecated ControlPlaneManagement and they have already set Management. |
| /// - "CONFIG_APPLY_INTERNAL_ERROR" : Configuration (Istio/k8s resources) |
| /// failed to apply due to internal error. |
| /// - "CONFIG_VALIDATION_ERROR" : Configuration failed to be applied due to |
| /// being invalid. |
| /// - "CONFIG_VALIDATION_WARNING" : Encountered configuration(s) with possible |
| /// unintended behavior or invalid configuration. These configs may not have |
| /// been applied. |
| /// - "QUOTA_EXCEEDED_BACKEND_SERVICES" : BackendService quota exceeded error |
| /// code. |
| /// - "QUOTA_EXCEEDED_HEALTH_CHECKS" : HealthCheck quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_HTTP_ROUTES" : HTTPRoute quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_TCP_ROUTES" : TCPRoute quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_TLS_ROUTES" : TLS routes quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_TRAFFIC_POLICIES" : TrafficPolicy quota exceeded error |
| /// code. |
| /// - "QUOTA_EXCEEDED_ENDPOINT_POLICIES" : EndpointPolicy quota exceeded error |
| /// code. |
| /// - "QUOTA_EXCEEDED_GATEWAYS" : Gateway quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_MESHES" : Mesh quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_SERVER_TLS_POLICIES" : ServerTLSPolicy quota exceeded |
| /// error code. |
| /// - "QUOTA_EXCEEDED_CLIENT_TLS_POLICIES" : ClientTLSPolicy quota exceeded |
| /// error code. |
| /// - "QUOTA_EXCEEDED_SERVICE_LB_POLICIES" : ServiceLBPolicy quota exceeded |
| /// error code. |
| /// - "QUOTA_EXCEEDED_HTTP_FILTERS" : HTTPFilter quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_TCP_FILTERS" : TCPFilter quota exceeded error code. |
| /// - "QUOTA_EXCEEDED_NETWORK_ENDPOINT_GROUPS" : NetworkEndpointGroup quota |
| /// exceeded error code. |
| /// - "CONFIG_APPLY_BLOCKED" : Configuration failed to apply due to fleet |
| /// being blocked. |
| /// - "LEGACY_MC_SECRETS" : Legacy istio secrets found for multicluster error |
| /// code |
| /// - "WORKLOAD_IDENTITY_REQUIRED" : Workload identity required error code |
| /// - "NON_STANDARD_BINARY_USAGE" : Non-standard binary usage error code |
| /// - "UNSUPPORTED_GATEWAY_CLASS" : Unsupported gateway class error code |
| /// - "MANAGED_CNI_NOT_ENABLED" : Managed CNI not enabled error code |
| /// - "MODERNIZATION_SCHEDULED" : Modernization is scheduled for a cluster. |
| /// - "MODERNIZATION_IN_PROGRESS" : Modernization is in progress for a |
| /// cluster. |
| /// - "MODERNIZATION_COMPLETED" : Modernization is completed for a cluster. |
| /// - "MODERNIZATION_ABORTED" : Modernization is aborted for a cluster. |
| /// - "MODERNIZATION_PREPARING" : Preparing cluster so that its workloads can |
| /// be migrated. |
| /// - "MODERNIZATION_STALLED" : Modernization is stalled for a cluster. |
| /// - "MODERNIZATION_PREPARED" : Cluster has been prepared for its workloads |
| /// to be migrated. |
| /// - "MODERNIZATION_MIGRATING_WORKLOADS" : Migrating the cluster's workloads |
| /// to the new implementation. |
| /// - "MODERNIZATION_ROLLING_BACK_CLUSTER" : Rollback is in progress for |
| /// modernization of a cluster. |
| /// - "MODERNIZATION_WILL_BE_SCHEDULED" : Modernization will be scheduled for |
| /// a fleet. |
| /// - "MODERNIZATION_MANUAL" : Fleet is opted out from automated |
| /// modernization. |
| /// - "MODERNIZATION_ELIGIBLE" : Fleet is eligible for modernization. |
| /// - "MODERNIZATION_MODERNIZING" : Modernization of one or more clusters in a |
| /// fleet is in progress. |
| /// - "MODERNIZATION_MODERNIZED_SOAKING" : Modernization of all the fleet's |
| /// clusters is complete. Soaking before finalizing the modernization. |
| /// - "MODERNIZATION_FINALIZED" : Modernization is finalized for all clusters |
| /// in a fleet. Rollback is no longer allowed. |
| /// - "MODERNIZATION_ROLLING_BACK_FLEET" : Rollback is in progress for |
| /// modernization of all clusters in a fleet. |
| core.String? code; |
| |
| /// A short summary about the issue. |
| core.String? details; |
| |
| /// Links contains actionable information. |
| core.String? documentationLink; |
| |
| /// Severity level of the condition. |
| /// Possible string values are: |
| /// - "SEVERITY_UNSPECIFIED" : Unspecified severity |
| /// - "ERROR" : Indicates an issue that prevents the mesh from operating |
| /// correctly |
| /// - "WARNING" : Indicates a setting is likely wrong, but the mesh is still |
| /// able to operate |
| /// - "INFO" : An informational message, not requiring any action |
| core.String? severity; |
| |
| ServiceMeshCondition({ |
| this.code, |
| this.details, |
| this.documentationLink, |
| this.severity, |
| }); |
| |
| ServiceMeshCondition.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| details: json_['details'] as core.String?, |
| documentationLink: json_['documentationLink'] as core.String?, |
| severity: json_['severity'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final details = this.details; |
| final documentationLink = this.documentationLink; |
| final severity = this.severity; |
| return { |
| 'code': ?code, |
| 'details': ?details, |
| 'documentationLink': ?documentationLink, |
| 'severity': ?severity, |
| }; |
| } |
| } |
| |
| /// Status of control plane management. |
| class ServiceMeshControlPlaneManagement { |
| /// Explanation of state. |
| core.List<ServiceMeshStatusDetails>? details; |
| |
| /// Implementation of managed control plane. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "IMPLEMENTATION_UNSPECIFIED" : Unspecified |
| /// - "ISTIOD" : A Google build of istiod is used for the managed control |
| /// plane. |
| /// - "TRAFFIC_DIRECTOR" : Traffic director is used for the managed control |
| /// plane. |
| /// - "UPDATING" : The control plane implementation is being updated. |
| core.String? implementation; |
| |
| /// LifecycleState of control plane management. |
| /// Possible string values are: |
| /// - "LIFECYCLE_STATE_UNSPECIFIED" : Unspecified |
| /// - "DISABLED" : DISABLED means that the component is not enabled. |
| /// - "FAILED_PRECONDITION" : FAILED_PRECONDITION means that provisioning |
| /// cannot proceed because of some characteristic of the member cluster. |
| /// - "PROVISIONING" : PROVISIONING means that provisioning is in progress. |
| /// - "ACTIVE" : ACTIVE means that the component is ready for use. |
| /// - "STALLED" : STALLED means that provisioning could not be done. |
| /// - "NEEDS_ATTENTION" : NEEDS_ATTENTION means that the component is ready, |
| /// but some user intervention is required. (For example that the user should |
| /// migrate workloads to a new control plane revision.) |
| /// - "DEGRADED" : DEGRADED means that the component is ready, but operating |
| /// in a degraded state. |
| /// - "DEPROVISIONING" : DEPROVISIONING means that deprovisioning is in |
| /// progress. |
| core.String? state; |
| |
| ServiceMeshControlPlaneManagement({ |
| this.details, |
| this.implementation, |
| this.state, |
| }); |
| |
| ServiceMeshControlPlaneManagement.fromJson(core.Map json_) |
| : this( |
| details: (json_['details'] as core.List?) |
| ?.map( |
| (value) => ServiceMeshStatusDetails.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| implementation: json_['implementation'] as core.String?, |
| state: json_['state'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final details = this.details; |
| final implementation = this.implementation; |
| final state = this.state; |
| return { |
| 'details': ?details, |
| 'implementation': ?implementation, |
| 'state': ?state, |
| }; |
| } |
| } |
| |
| /// Status of data plane management. |
| /// |
| /// Only reported per-member. |
| class ServiceMeshDataPlaneManagement { |
| /// Explanation of the status. |
| core.List<ServiceMeshStatusDetails>? details; |
| |
| /// Lifecycle status of data plane management. |
| /// Possible string values are: |
| /// - "LIFECYCLE_STATE_UNSPECIFIED" : Unspecified |
| /// - "DISABLED" : DISABLED means that the component is not enabled. |
| /// - "FAILED_PRECONDITION" : FAILED_PRECONDITION means that provisioning |
| /// cannot proceed because of some characteristic of the member cluster. |
| /// - "PROVISIONING" : PROVISIONING means that provisioning is in progress. |
| /// - "ACTIVE" : ACTIVE means that the component is ready for use. |
| /// - "STALLED" : STALLED means that provisioning could not be done. |
| /// - "NEEDS_ATTENTION" : NEEDS_ATTENTION means that the component is ready, |
| /// but some user intervention is required. (For example that the user should |
| /// migrate workloads to a new control plane revision.) |
| /// - "DEGRADED" : DEGRADED means that the component is ready, but operating |
| /// in a degraded state. |
| /// - "DEPROVISIONING" : DEPROVISIONING means that deprovisioning is in |
| /// progress. |
| core.String? state; |
| |
| ServiceMeshDataPlaneManagement({this.details, this.state}); |
| |
| ServiceMeshDataPlaneManagement.fromJson(core.Map json_) |
| : this( |
| details: (json_['details'] as core.List?) |
| ?.map( |
| (value) => ServiceMeshStatusDetails.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| state: json_['state'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final details = this.details; |
| final state = this.state; |
| return {'details': ?details, 'state': ?state}; |
| } |
| } |
| |
| /// **Service Mesh**: Spec for a single Membership for the servicemesh feature |
| class ServiceMeshSpec { |
| /// Specifies the API that will be used for configuring the mesh workloads. |
| /// |
| /// Optional. |
| /// Possible string values are: |
| /// - "CONFIG_API_UNSPECIFIED" : Unspecified |
| /// - "CONFIG_API_ISTIO" : Use the Istio API for configuration. |
| /// - "CONFIG_API_GATEWAY" : Use the K8s Gateway API for configuration. |
| core.String? configApi; |
| |
| /// Deprecated: use `management` instead Enables automatic control plane |
| /// management. |
| /// Possible string values are: |
| /// - "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" : Unspecified |
| /// - "AUTOMATIC" : Google should provision a control plane revision and make |
| /// it available in the cluster. Google will enroll this revision in a release |
| /// channel and keep it up to date. The control plane revision may be a |
| /// managed service, or a managed install. |
| /// - "MANUAL" : User will manually configure the control plane (e.g. via CLI, |
| /// or via the ControlPlaneRevision KRM API) |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.String? controlPlane; |
| |
| /// Determines which release channel to use for default injection and service |
| /// mesh APIs. |
| /// Possible string values are: |
| /// - "CHANNEL_UNSPECIFIED" : Unspecified |
| /// - "RAPID" : RAPID channel is offered on an early access basis for |
| /// customers who want to test new releases. |
| /// - "REGULAR" : REGULAR channel is intended for production users who want to |
| /// take advantage of new features. |
| /// - "STABLE" : STABLE channel includes versions that are known to be stable |
| /// and reliable in production. |
| @core.Deprecated( |
| 'Not supported. Member documentation may have more information.', |
| ) |
| core.String? defaultChannel; |
| |
| /// Enables automatic Service Mesh management. |
| /// |
| /// Optional. |
| /// Possible string values are: |
| /// - "MANAGEMENT_UNSPECIFIED" : Unspecified. |
| /// - "MANAGEMENT_AUTOMATIC" : Google should manage my Service Mesh for the |
| /// cluster. |
| /// - "MANAGEMENT_MANUAL" : User will manually configure their service mesh |
| /// components. |
| /// - "MANAGEMENT_NOT_INSTALLED" : Google should remove any managed Service |
| /// Mesh components from this cluster and deprovision any resources. |
| core.String? management; |
| |
| ServiceMeshSpec({ |
| this.configApi, |
| this.controlPlane, |
| this.defaultChannel, |
| this.management, |
| }); |
| |
| ServiceMeshSpec.fromJson(core.Map json_) |
| : this( |
| configApi: json_['configApi'] as core.String?, |
| controlPlane: json_['controlPlane'] as core.String?, |
| defaultChannel: json_['defaultChannel'] as core.String?, |
| management: json_['management'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final configApi = this.configApi; |
| final controlPlane = this.controlPlane; |
| final defaultChannel = this.defaultChannel; |
| final management = this.management; |
| return { |
| 'configApi': ?configApi, |
| 'controlPlane': ?controlPlane, |
| 'defaultChannel': ?defaultChannel, |
| 'management': ?management, |
| }; |
| } |
| } |
| |
| /// **Service Mesh**: State for a single Membership, as analyzed by the Service |
| /// Mesh Hub Controller. |
| class ServiceMeshState { |
| /// Results of running Service Mesh analyzers. |
| /// |
| /// Output only. |
| core.List<ServiceMeshAnalysisMessage>? analysisMessages; |
| |
| /// List of conditions reported for this membership. |
| /// |
| /// Output only. |
| core.List<ServiceMeshCondition>? conditions; |
| |
| /// The API version (i.e. Istio CRD version) for configuring service mesh in |
| /// this cluster. |
| /// |
| /// This version is influenced by the `default_channel` field. |
| core.String? configApiVersion; |
| |
| /// Status of control plane management |
| /// |
| /// Output only. |
| ServiceMeshControlPlaneManagement? controlPlaneManagement; |
| |
| /// Status of data plane management. |
| /// |
| /// Output only. |
| ServiceMeshDataPlaneManagement? dataPlaneManagement; |
| |
| ServiceMeshState({ |
| this.analysisMessages, |
| this.conditions, |
| this.configApiVersion, |
| this.controlPlaneManagement, |
| this.dataPlaneManagement, |
| }); |
| |
| ServiceMeshState.fromJson(core.Map json_) |
| : this( |
| analysisMessages: (json_['analysisMessages'] as core.List?) |
| ?.map( |
| (value) => ServiceMeshAnalysisMessage.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| conditions: (json_['conditions'] as core.List?) |
| ?.map( |
| (value) => ServiceMeshCondition.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| configApiVersion: json_['configApiVersion'] as core.String?, |
| controlPlaneManagement: json_.containsKey('controlPlaneManagement') |
| ? ServiceMeshControlPlaneManagement.fromJson( |
| json_['controlPlaneManagement'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| dataPlaneManagement: json_.containsKey('dataPlaneManagement') |
| ? ServiceMeshDataPlaneManagement.fromJson( |
| json_['dataPlaneManagement'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final analysisMessages = this.analysisMessages; |
| final conditions = this.conditions; |
| final configApiVersion = this.configApiVersion; |
| final controlPlaneManagement = this.controlPlaneManagement; |
| final dataPlaneManagement = this.dataPlaneManagement; |
| return { |
| 'analysisMessages': ?analysisMessages, |
| 'conditions': ?conditions, |
| 'configApiVersion': ?configApiVersion, |
| 'controlPlaneManagement': ?controlPlaneManagement, |
| 'dataPlaneManagement': ?dataPlaneManagement, |
| }; |
| } |
| } |
| |
| /// Structured and human-readable details for a status. |
| class ServiceMeshStatusDetails { |
| /// A machine-readable code that further describes a broad status. |
| core.String? code; |
| |
| /// Human-readable explanation of code. |
| core.String? details; |
| |
| ServiceMeshStatusDetails({this.code, this.details}); |
| |
| ServiceMeshStatusDetails.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| details: json_['details'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final details = this.details; |
| return {'code': ?code, 'details': ?details}; |
| } |
| } |
| |
| /// A unique identifier for the type of message. |
| /// |
| /// Display_name is intended to be human-readable, code is intended to be |
| /// machine readable. There should be a one-to-one mapping between display_name |
| /// and code. (i.e. do not re-use display_names or codes between message types.) |
| /// See istio.analysis.v1alpha1.AnalysisMessageBase.Type |
| class ServiceMeshType { |
| /// A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, intended |
| /// to uniquely identify the message type. |
| /// |
| /// (e.g. "IST0001" is mapped to the "InternalError" message type.) |
| core.String? code; |
| |
| /// A human-readable name for the message type. |
| /// |
| /// e.g. "InternalError", "PodMissingProxy". This should be the same for all |
| /// messages of the same type. (This corresponds to the `name` field in |
| /// open-source Istio.) |
| core.String? displayName; |
| |
| ServiceMeshType({this.code, this.displayName}); |
| |
| ServiceMeshType.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| displayName: json_['displayName'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final displayName = this.displayName; |
| return {'code': ?code, 'displayName': ?displayName}; |
| } |
| } |
| |
| /// High-level state of a MembershipFeature. |
| class State { |
| /// The high-level, machine-readable status of this MembershipFeature. |
| /// Possible string values are: |
| /// - "CODE_UNSPECIFIED" : Unknown or not set. |
| /// - "OK" : The MembershipFeature is operating normally. |
| /// - "WARNING" : The MembershipFeature has encountered an issue, and is |
| /// operating in a degraded state. The MembershipFeature may need intervention |
| /// to return to normal operation. See the description and any associated |
| /// MembershipFeature-specific details for more information. |
| /// - "ERROR" : The MembershipFeature is not operating or is in a severely |
| /// degraded state. The MembershipFeature may need intervention to return to |
| /// normal operation. See the description and any associated |
| /// MembershipFeature-specific details for more information. |
| core.String? code; |
| |
| /// A human-readable description of the current status. |
| core.String? description; |
| |
| /// The time this status and any related Feature-specific details were |
| /// updated. |
| core.String? updateTime; |
| |
| State({this.code, this.description, this.updateTime}); |
| |
| State.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| description: json_['description'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final description = this.description; |
| final updateTime = this.updateTime; |
| return { |
| 'code': ?code, |
| 'description': ?description, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// **WorkloadCertificate**: The membership-specific input for |
| /// WorkloadCertificate feature. |
| class WorkloadCertificateSpec { |
| /// CertificateManagement specifies workload certificate management. |
| /// Possible string values are: |
| /// - "CERTIFICATE_MANAGEMENT_UNSPECIFIED" : Disable workload certificate |
| /// feature. |
| /// - "DISABLED" : Disable workload certificate feature. |
| /// - "ENABLED" : Enable workload certificate feature. |
| core.String? certificateManagement; |
| |
| WorkloadCertificateSpec({this.certificateManagement}); |
| |
| WorkloadCertificateSpec.fromJson(core.Map json_) |
| : this( |
| certificateManagement: json_['certificateManagement'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateManagement = this.certificateManagement; |
| return {'certificateManagement': ?certificateManagement}; |
| } |
| } |
| |
| /// IdentityProviderStateDetail represents the state of an Identity Provider. |
| class WorkloadIdentityIdentityProviderStateDetail { |
| /// The state of the Identity Provider. |
| /// Possible string values are: |
| /// - "IDENTITY_PROVIDER_STATE_UNSPECIFIED" : Unknown state. |
| /// - "IDENTITY_PROVIDER_STATE_OK" : The Identity Provider was created/updated |
| /// successfully. |
| /// - "IDENTITY_PROVIDER_STATE_ERROR" : The Identity Provider was not |
| /// created/updated successfully. The error message is in the description |
| /// field. |
| core.String? code; |
| |
| /// A human-readable description of the current state or returned error. |
| core.String? description; |
| |
| WorkloadIdentityIdentityProviderStateDetail({this.code, this.description}); |
| |
| WorkloadIdentityIdentityProviderStateDetail.fromJson(core.Map json_) |
| : this( |
| code: json_['code'] as core.String?, |
| description: json_['description'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final code = this.code; |
| final description = this.description; |
| return {'code': ?code, 'description': ?description}; |
| } |
| } |
| |
| /// **WorkloadIdentity**: The membership-specific state for WorkloadIdentity |
| /// feature. |
| class WorkloadIdentityState { |
| /// Deprecated, this field will be erased after code is changed to use the new |
| /// field. |
| core.String? description; |
| |
| /// The state of the Identity Providers corresponding to the membership. |
| core.Map<core.String, WorkloadIdentityIdentityProviderStateDetail>? |
| identityProviderStateDetails; |
| |
| WorkloadIdentityState({this.description, this.identityProviderStateDetails}); |
| |
| WorkloadIdentityState.fromJson(core.Map json_) |
| : this( |
| description: json_['description'] as core.String?, |
| identityProviderStateDetails: |
| (json_['identityProviderStateDetails'] |
| as core.Map<core.String, core.dynamic>?) |
| ?.map( |
| (key, value) => core.MapEntry( |
| key, |
| WorkloadIdentityIdentityProviderStateDetail.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ), |
| ), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final description = this.description; |
| final identityProviderStateDetails = this.identityProviderStateDetails; |
| return { |
| 'description': ?description, |
| 'identityProviderStateDetails': ?identityProviderStateDetails, |
| }; |
| } |
| } |