diff --git a/alloydb/v1beta/alloydb-api.json b/alloydb/v1beta/alloydb-api.json index 12a78f8405..734a85024d 100644 --- a/alloydb/v1beta/alloydb-api.json +++ b/alloydb/v1beta/alloydb-api.json @@ -1570,7 +1570,7 @@ } } }, - "revision": "20241204", + "revision": "20241228", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AuthorizedNetwork": { @@ -3142,19 +3142,23 @@ "id": "Node", "properties": { "id": { - "description": "The identifier of the VM e.g. \"test-read-0601-407e52be-ms3l\".", + "description": "Output only. The identifier of the VM e.g. \"test-read-0601-407e52be-ms3l\".", + "readOnly": true, "type": "string" }, "ip": { - "description": "The private IP address of the VM e.g. \"10.57.0.34\".", + "description": "Output only. The private IP address of the VM e.g. \"10.57.0.34\".", + "readOnly": true, "type": "string" }, "state": { - "description": "Determined by state of the compute VM and postgres-service health. Compute VM state can have values listed in https://cloud.google.com/compute/docs/instances/instance-life-cycle and postgres-service health can have values: HEALTHY and UNHEALTHY.", + "description": "Output only. Determined by state of the compute VM and postgres-service health. Compute VM state can have values listed in https://cloud.google.com/compute/docs/instances/instance-life-cycle and postgres-service health can have values: HEALTHY and UNHEALTHY.", + "readOnly": true, "type": "string" }, "zoneId": { - "description": "The Compute Engine zone of the VM e.g. \"us-central1-b\".", + "description": "Output only. The Compute Engine zone of the VM e.g. \"us-central1-b\".", + "readOnly": true, "type": "string" } }, @@ -4021,7 +4025,9 @@ "SIGNAL_TYPE_SUPERUSER_WRITING_TO_USER_TABLES", "SIGNAL_TYPE_USER_GRANTED_ALL_PERMISSIONS", "SIGNAL_TYPE_DATA_EXPORT_TO_EXTERNAL_CLOUD_STORAGE_BUCKET", - "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET" + "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET", + "SIGNAL_TYPE_WEAK_PASSWORD_HASH_ALGORITHM", + "SIGNAL_TYPE_NO_USER_PASSWORD_POLICY" ], "enumDeprecated": [ false, @@ -4102,6 +4108,8 @@ false, false, false, + false, + false, false ], "enumDescriptions": [ @@ -4183,7 +4191,9 @@ "Detects events where a Cloud SQL superuser (postgres for PostgreSQL servers or root for MySQL users) writes to non-system tables.", "Detects events where a database user or role has been granted all privileges to a database, or to all tables, procedures, or functions in a schema.", "Detects if database instance data exported to a Cloud Storage bucket outside of the organization.", - "Detects if database instance data exported to a Cloud Storage bucket that is owned by the organization and is publicly accessible." + "Detects if database instance data exported to a Cloud Storage bucket that is owned by the organization and is publicly accessible.", + "Detects if a database instance is using a weak password hash algorithm.", + "Detects if a database instance has no user password policy set." ], "type": "string" }, @@ -4554,7 +4564,9 @@ "SIGNAL_TYPE_SUPERUSER_WRITING_TO_USER_TABLES", "SIGNAL_TYPE_USER_GRANTED_ALL_PERMISSIONS", "SIGNAL_TYPE_DATA_EXPORT_TO_EXTERNAL_CLOUD_STORAGE_BUCKET", - "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET" + "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET", + "SIGNAL_TYPE_WEAK_PASSWORD_HASH_ALGORITHM", + "SIGNAL_TYPE_NO_USER_PASSWORD_POLICY" ], "enumDeprecated": [ false, @@ -4635,6 +4647,8 @@ false, false, false, + false, + false, false ], "enumDescriptions": [ @@ -4716,7 +4730,9 @@ "Detects events where a Cloud SQL superuser (postgres for PostgreSQL servers or root for MySQL users) writes to non-system tables.", "Detects events where a database user or role has been granted all privileges to a database, or to all tables, procedures, or functions in a schema.", "Detects if database instance data exported to a Cloud Storage bucket outside of the organization.", - "Detects if database instance data exported to a Cloud Storage bucket that is owned by the organization and is publicly accessible." + "Detects if database instance data exported to a Cloud Storage bucket that is owned by the organization and is publicly accessible.", + "Detects if a database instance is using a weak password hash algorithm.", + "Detects if a database instance has no user password policy set." ], "type": "string" } @@ -4786,7 +4802,8 @@ "id": "StorageDatabasecenterPartnerapiV1mainMachineConfiguration", "properties": { "cpuCount": { - "description": "The number of CPUs. TODO(b/342344482, b/342346271) add proto validations again after bug fix.", + "deprecated": true, + "description": "The number of CPUs. Deprecated. Use vcpu_count instead. TODO(b/342344482, b/342346271) add proto validations again after bug fix.", "format": "int32", "type": "integer" }, diff --git a/alloydb/v1beta/alloydb-gen.go b/alloydb/v1beta/alloydb-gen.go index e1ea7b394d..a188edd972 100644 --- a/alloydb/v1beta/alloydb-gen.go +++ b/alloydb/v1beta/alloydb-gen.go @@ -1955,16 +1955,17 @@ func (s NetworkConfig) MarshalJSON() ([]byte, error) { // are ephemereal, they can change during update, failover, autohealing and // resize operations. type Node struct { - // Id: The identifier of the VM e.g. "test-read-0601-407e52be-ms3l". + // Id: Output only. The identifier of the VM e.g. + // "test-read-0601-407e52be-ms3l". Id string `json:"id,omitempty"` - // Ip: The private IP address of the VM e.g. "10.57.0.34". + // Ip: Output only. The private IP address of the VM e.g. "10.57.0.34". Ip string `json:"ip,omitempty"` - // State: Determined by state of the compute VM and postgres-service health. - // Compute VM state can have values listed in + // State: Output only. Determined by state of the compute VM and + // postgres-service health. Compute VM state can have values listed in // https://cloud.google.com/compute/docs/instances/instance-life-cycle and // postgres-service health can have values: HEALTHY and UNHEALTHY. State string `json:"state,omitempty"` - // ZoneId: The Compute Engine zone of the VM e.g. "us-central1-b". + // ZoneId: Output only. The Compute Engine zone of the VM e.g. "us-central1-b". ZoneId string `json:"zoneId,omitempty"` // ForceSendFields is a list of field names (e.g. "Id") to unconditionally // include in API requests. By default, fields with empty or default values are @@ -3116,6 +3117,10 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET" - Detects if // database instance data exported to a Cloud Storage bucket that is owned by // the organization and is publicly accessible. + // "SIGNAL_TYPE_WEAK_PASSWORD_HASH_ALGORITHM" - Detects if a database + // instance is using a weak password hash algorithm. + // "SIGNAL_TYPE_NO_USER_PASSWORD_POLICY" - Detects if a database instance has + // no user password policy set. SignalType string `json:"signalType,omitempty"` // Possible values: // "STATE_UNSPECIFIED" - Unspecified state. @@ -3545,6 +3550,10 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceRecommendationSignalDa // "SIGNAL_TYPE_DATA_EXPORT_TO_PUBLIC_CLOUD_STORAGE_BUCKET" - Detects if // database instance data exported to a Cloud Storage bucket that is owned by // the organization and is publicly accessible. + // "SIGNAL_TYPE_WEAK_PASSWORD_HASH_ALGORITHM" - Detects if a database + // instance is using a weak password hash algorithm. + // "SIGNAL_TYPE_NO_USER_PASSWORD_POLICY" - Detects if a database instance has + // no user password policy set. SignalType string `json:"signalType,omitempty"` // ForceSendFields is a list of field names (e.g. "AdditionalMetadata") to // unconditionally include in API requests. By default, fields with empty or @@ -3639,8 +3648,8 @@ func (s StorageDatabasecenterPartnerapiV1mainInternalResourceMetadata) MarshalJS // MachineConfiguration describes the configuration of a machine specific to // Database Resource. type StorageDatabasecenterPartnerapiV1mainMachineConfiguration struct { - // CpuCount: The number of CPUs. TODO(b/342344482, b/342346271) add proto - // validations again after bug fix. + // CpuCount: The number of CPUs. Deprecated. Use vcpu_count instead. + // TODO(b/342344482, b/342346271) add proto validations again after bug fix. CpuCount int64 `json:"cpuCount,omitempty"` // MemorySizeInBytes: Memory size in bytes. TODO(b/342344482, b/342346271) add // proto validations again after bug fix. diff --git a/cloudkms/v1/cloudkms-api.json b/cloudkms/v1/cloudkms-api.json index a80a98cb9b..65aff0443c 100644 --- a/cloudkms/v1/cloudkms-api.json +++ b/cloudkms/v1/cloudkms-api.json @@ -98,6 +98,11 @@ "description": "Regional Endpoint", "endpointUrl": "https://cloudkms.us-south1.rep.googleapis.com/", "location": "us-south1" + }, + { + "description": "Regional Endpoint", + "endpointUrl": "https://cloudkms.us.rep.googleapis.com/", + "location": "us" } ], "fullyEncodeReservedExpansion": true, @@ -2132,7 +2137,7 @@ } } }, - "revision": "20241111", + "revision": "20250102", "rootUrl": "https://cloudkms.googleapis.com/", "schemas": { "AsymmetricDecryptRequest": { diff --git a/container/v1/container-api.json b/container/v1/container-api.json index 98259cd7aa..b699a9b7cc 100644 --- a/container/v1/container-api.json +++ b/container/v1/container-api.json @@ -2540,7 +2540,7 @@ } } }, - "revision": "20241203", + "revision": "20241228", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -3628,6 +3628,10 @@ "$ref": "DefaultSnatStatus", "description": "The desired status of whether to disable default sNAT for this cluster." }, + "desiredDisableL4LbFirewallReconciliation": { + "description": "Enable/Disable L4 LB VPC firewall reconciliation for the cluster.", + "type": "boolean" + }, "desiredDnsConfig": { "$ref": "DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." @@ -5358,6 +5362,10 @@ "$ref": "DefaultSnatStatus", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, + "disableL4LbFirewallReconciliation": { + "description": "Disable L4 load balancer VPC firewalls to enable firewall policies.", + "type": "boolean" + }, "dnsConfig": { "$ref": "DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." @@ -8024,6 +8032,23 @@ "format": "google-datetime", "type": "string" }, + "eventType": { + "description": "The type of the event.", + "enum": [ + "EVENT_TYPE_UNSPECIFIED", + "END_OF_SUPPORT" + ], + "enumDescriptions": [ + "EVENT_TYPE_UNSPECIFIED indicates the event type is unspecified.", + "END_OF_SUPPORT indicates GKE version reaches end of support, check standard_support_end_time and extended_support_end_time for more details." + ], + "type": "string" + }, + "extendedSupportEndTime": { + "description": "The end of extended support timestamp.", + "format": "google-datetime", + "type": "string" + }, "operation": { "description": "The operation associated with this upgrade.", "type": "string" @@ -8046,6 +8071,11 @@ ], "type": "string" }, + "standardSupportEndTime": { + "description": "The end of standard support timestamp.", + "format": "google-datetime", + "type": "string" + }, "startTime": { "description": "The time when the operation was started.", "format": "google-datetime", diff --git a/container/v1/container-gen.go b/container/v1/container-gen.go index d6c126a93a..b1afad5317 100644 --- a/container/v1/container-gen.go +++ b/container/v1/container-gen.go @@ -1496,6 +1496,9 @@ type ClusterUpdate struct { // DesiredDefaultSnatStatus: The desired status of whether to disable default // sNAT for this cluster. DesiredDefaultSnatStatus *DefaultSnatStatus `json:"desiredDefaultSnatStatus,omitempty"` + // DesiredDisableL4LbFirewallReconciliation: Enable/Disable L4 LB VPC firewall + // reconciliation for the cluster. + DesiredDisableL4LbFirewallReconciliation bool `json:"desiredDisableL4LbFirewallReconciliation,omitempty"` // DesiredDnsConfig: DNSConfig contains clusterDNS config for this cluster. DesiredDnsConfig *DNSConfig `json:"desiredDnsConfig,omitempty"` // DesiredEnableCiliumClusterwideNetworkPolicy: Enable/Disable Cilium @@ -3872,6 +3875,9 @@ type NetworkConfig struct { // When disabled is set to false, default IP masquerade rules will be applied // to the nodes to prevent sNAT on cluster internal traffic. DefaultSnatStatus *DefaultSnatStatus `json:"defaultSnatStatus,omitempty"` + // DisableL4LbFirewallReconciliation: Disable L4 load balancer VPC firewalls to + // enable firewall policies. + DisableL4LbFirewallReconciliation bool `json:"disableL4LbFirewallReconciliation,omitempty"` // DnsConfig: DNSConfig contains clusterDNS config for this cluster. DnsConfig *DNSConfig `json:"dnsConfig,omitempty"` // EnableCiliumClusterwideNetworkPolicy: Whether CiliumClusterwideNetworkPolicy @@ -7232,6 +7238,17 @@ type UpgradeInfoEvent struct { Description string `json:"description,omitempty"` // EndTime: The time when the operation ended. EndTime string `json:"endTime,omitempty"` + // EventType: The type of the event. + // + // Possible values: + // "EVENT_TYPE_UNSPECIFIED" - EVENT_TYPE_UNSPECIFIED indicates the event type + // is unspecified. + // "END_OF_SUPPORT" - END_OF_SUPPORT indicates GKE version reaches end of + // support, check standard_support_end_time and extended_support_end_time for + // more details. + EventType string `json:"eventType,omitempty"` + // ExtendedSupportEndTime: The end of extended support timestamp. + ExtendedSupportEndTime string `json:"extendedSupportEndTime,omitempty"` // Operation: The operation associated with this upgrade. Operation string `json:"operation,omitempty"` // Resource: Optional relative path to the resource. For example in node pool @@ -7245,6 +7262,8 @@ type UpgradeInfoEvent struct { // "MASTER" - Master / control plane // "NODE_POOL" - Node pool ResourceType string `json:"resourceType,omitempty"` + // StandardSupportEndTime: The end of standard support timestamp. + StandardSupportEndTime string `json:"standardSupportEndTime,omitempty"` // StartTime: The time when the operation was started. StartTime string `json:"startTime,omitempty"` // State: Output only. The state of the upgrade. diff --git a/container/v1beta1/container-api.json b/container/v1beta1/container-api.json index c2a5568889..138810c253 100644 --- a/container/v1beta1/container-api.json +++ b/container/v1beta1/container-api.json @@ -2685,7 +2685,7 @@ } } }, - "revision": "20241203", + "revision": "20241228", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -3944,6 +3944,10 @@ "$ref": "DefaultSnatStatus", "description": "The desired status of whether to disable default sNAT for this cluster." }, + "desiredDisableL4LbFirewallReconciliation": { + "description": "Enable/Disable L4 LB VPC firewall reconciliation for the cluster.", + "type": "boolean" + }, "desiredDnsConfig": { "$ref": "DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." @@ -5962,6 +5966,10 @@ "$ref": "DefaultSnatStatus", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, + "disableL4LbFirewallReconciliation": { + "description": "Disable L4 load balancer VPC firewalls to enable firewall policies.", + "type": "boolean" + }, "dnsConfig": { "$ref": "DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." @@ -8899,6 +8907,23 @@ "format": "google-datetime", "type": "string" }, + "eventType": { + "description": "The type of the event.", + "enum": [ + "EVENT_TYPE_UNSPECIFIED", + "END_OF_SUPPORT" + ], + "enumDescriptions": [ + "EVENT_TYPE_UNSPECIFIED indicates the event type is unspecified.", + "END_OF_SUPPORT indicates GKE version reaches end of support, check standard_support_end_time and extended_support_end_time for more details." + ], + "type": "string" + }, + "extendedSupportEndTime": { + "description": "The end of extended support timestamp.", + "format": "google-datetime", + "type": "string" + }, "operation": { "description": "The operation associated with this upgrade.", "type": "string" @@ -8921,6 +8946,11 @@ ], "type": "string" }, + "standardSupportEndTime": { + "description": "The end of standard support timestamp.", + "format": "google-datetime", + "type": "string" + }, "startTime": { "description": "The time when the operation was started.", "format": "google-datetime", diff --git a/container/v1beta1/container-gen.go b/container/v1beta1/container-gen.go index a54dc11069..4fddc35365 100644 --- a/container/v1beta1/container-gen.go +++ b/container/v1beta1/container-gen.go @@ -1678,6 +1678,9 @@ type ClusterUpdate struct { // DesiredDefaultSnatStatus: The desired status of whether to disable default // sNAT for this cluster. DesiredDefaultSnatStatus *DefaultSnatStatus `json:"desiredDefaultSnatStatus,omitempty"` + // DesiredDisableL4LbFirewallReconciliation: Enable/Disable L4 LB VPC firewall + // reconciliation for the cluster. + DesiredDisableL4LbFirewallReconciliation bool `json:"desiredDisableL4LbFirewallReconciliation,omitempty"` // DesiredDnsConfig: DNSConfig contains clusterDNS config for this cluster. DesiredDnsConfig *DNSConfig `json:"desiredDnsConfig,omitempty"` // DesiredEnableCiliumClusterwideNetworkPolicy: Enable/Disable Cilium @@ -4393,6 +4396,9 @@ type NetworkConfig struct { // When disabled is set to false, default IP masquerade rules will be applied // to the nodes to prevent sNAT on cluster internal traffic. DefaultSnatStatus *DefaultSnatStatus `json:"defaultSnatStatus,omitempty"` + // DisableL4LbFirewallReconciliation: Disable L4 load balancer VPC firewalls to + // enable firewall policies. + DisableL4LbFirewallReconciliation bool `json:"disableL4LbFirewallReconciliation,omitempty"` // DnsConfig: DNSConfig contains clusterDNS config for this cluster. DnsConfig *DNSConfig `json:"dnsConfig,omitempty"` // EnableCiliumClusterwideNetworkPolicy: Whether CiliumClusterWideNetworkPolicy @@ -8045,6 +8051,17 @@ type UpgradeInfoEvent struct { Description string `json:"description,omitempty"` // EndTime: The time when the operation ended. EndTime string `json:"endTime,omitempty"` + // EventType: The type of the event. + // + // Possible values: + // "EVENT_TYPE_UNSPECIFIED" - EVENT_TYPE_UNSPECIFIED indicates the event type + // is unspecified. + // "END_OF_SUPPORT" - END_OF_SUPPORT indicates GKE version reaches end of + // support, check standard_support_end_time and extended_support_end_time for + // more details. + EventType string `json:"eventType,omitempty"` + // ExtendedSupportEndTime: The end of extended support timestamp. + ExtendedSupportEndTime string `json:"extendedSupportEndTime,omitempty"` // Operation: The operation associated with this upgrade. Operation string `json:"operation,omitempty"` // Resource: Optional relative path to the resource. For example in node pool @@ -8058,6 +8075,8 @@ type UpgradeInfoEvent struct { // "MASTER" - Master / control plane // "NODE_POOL" - Node pool ResourceType string `json:"resourceType,omitempty"` + // StandardSupportEndTime: The end of standard support timestamp. + StandardSupportEndTime string `json:"standardSupportEndTime,omitempty"` // StartTime: The time when the operation was started. StartTime string `json:"startTime,omitempty"` // State: Output only. The state of the upgrade. diff --git a/dialogflow/v3beta1/dialogflow-api.json b/dialogflow/v3beta1/dialogflow-api.json index 38b8abe847..2dc82967be 100644 --- a/dialogflow/v3beta1/dialogflow-api.json +++ b/dialogflow/v3beta1/dialogflow-api.json @@ -5272,7 +5272,7 @@ } } }, - "revision": "20241216", + "revision": "20250103", "rootUrl": "https://dialogflow.googleapis.com/", "schemas": { "GoogleCloudDialogflowCxV3AdvancedSettings": { @@ -7779,6 +7779,16 @@ "$ref": "GoogleCloudDialogflowCxV3beta1AgentPersonalizationSettings", "description": "Optional. Settings for end user personalization." }, + "satisfiesPzi": { + "description": "Optional. Output only. A read only boolean field reflecting Zone Isolation status of the agent.", + "readOnly": true, + "type": "boolean" + }, + "satisfiesPzs": { + "description": "Optional. Output only. A read only boolean field reflecting Zone Separation status of the agent.", + "readOnly": true, + "type": "boolean" + }, "securitySettings": { "description": "Name of the SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.", "type": "string" @@ -12194,6 +12204,10 @@ }, "type": "array" }, + "speechSettings": { + "$ref": "GoogleCloudDialogflowCxV3beta1AdvancedSettingsSpeechSettings", + "description": "Optional. Playbook level Settings for speech to text detection." + }, "tokenCount": { "description": "Output only. Estimated number of tokes current playbook takes when sent to the LLM.", "format": "int64", diff --git a/dialogflow/v3beta1/dialogflow-gen.go b/dialogflow/v3beta1/dialogflow-gen.go index fb11289e9c..0bcf197f5b 100644 --- a/dialogflow/v3beta1/dialogflow-gen.go +++ b/dialogflow/v3beta1/dialogflow-gen.go @@ -4058,6 +4058,12 @@ type GoogleCloudDialogflowCxV3beta1Agent struct { Name string `json:"name,omitempty"` // PersonalizationSettings: Optional. Settings for end user personalization. PersonalizationSettings *GoogleCloudDialogflowCxV3beta1AgentPersonalizationSettings `json:"personalizationSettings,omitempty"` + // SatisfiesPzi: Optional. Output only. A read only boolean field reflecting + // Zone Isolation status of the agent. + SatisfiesPzi bool `json:"satisfiesPzi,omitempty"` + // SatisfiesPzs: Optional. Output only. A read only boolean field reflecting + // Zone Separation status of the agent. + SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` // SecuritySettings: Name of the SecuritySettings reference for the agent. // Format: `projects//locations//securitySettings/`. SecuritySettings string `json:"securitySettings,omitempty"` @@ -10307,6 +10313,9 @@ type GoogleCloudDialogflowCxV3beta1Playbook struct { // current playbook in the instructions. If not provided explicitly, they are // will be implied using the tool being referenced in goal and steps. ReferencedTools []string `json:"referencedTools,omitempty"` + // SpeechSettings: Optional. Playbook level Settings for speech to text + // detection. + SpeechSettings *GoogleCloudDialogflowCxV3beta1AdvancedSettingsSpeechSettings `json:"speechSettings,omitempty"` // TokenCount: Output only. Estimated number of tokes current playbook takes // when sent to the LLM. TokenCount int64 `json:"tokenCount,omitempty,string"` diff --git a/dlp/v2/dlp-api.json b/dlp/v2/dlp-api.json index db68334d63..3471aa7078 100644 --- a/dlp/v2/dlp-api.json +++ b/dlp/v2/dlp-api.json @@ -5025,7 +5025,7 @@ } } }, - "revision": "20241215", + "revision": "20250105", "rootUrl": "https://dlp.googleapis.com/", "schemas": { "GooglePrivacyDlpV2Action": { @@ -6526,7 +6526,7 @@ "type": "object" }, "GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig": { - "description": "Replaces an identifier with a surrogate using Format Preserving Encryption (FPE) with the FFX mode of operation; however when used in the `ReidentifyContent` API method, it serves the opposite function by reversing the surrogate back into the original identifier. The identifier must be encoded as ASCII. For a given crypto key and context, the same identifier will be replaced with the same surrogate. Identifiers must be at least two characters long. In the case that the identifier is the empty string, it will be skipped. See https://cloud.google.com/sensitive-data-protection/docs/pseudonymization to learn more. Note: We recommend using CryptoDeterministicConfig for all use cases which do not require preserving the input alphabet space and size, plus warrant referential integrity.", + "description": "Replaces an identifier with a surrogate using Format Preserving Encryption (FPE) with the FFX mode of operation; however when used in the `ReidentifyContent` API method, it serves the opposite function by reversing the surrogate back into the original identifier. The identifier must be encoded as ASCII. For a given crypto key and context, the same identifier will be replaced with the same surrogate. Identifiers must be at least two characters long. In the case that the identifier is the empty string, it will be skipped. See https://cloud.google.com/sensitive-data-protection/docs/pseudonymization to learn more. Note: We recommend using CryptoDeterministicConfig for all use cases which do not require preserving the input alphabet space and size, plus warrant referential integrity. FPE incurs significant latency costs.", "id": "GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig", "properties": { "commonAlphabet": { @@ -8147,7 +8147,7 @@ "properties": { "profileTable": { "$ref": "GooglePrivacyDlpV2BigQueryTable", - "description": "Store all table and column profiles in an existing table or a new table in an existing dataset. Each re-generation will result in new rows in BigQuery. Data is inserted using [streaming insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) and so data may be in the buffer for a period of time after the profile has finished. The Pub/Sub notification is sent before the streaming buffer is guaranteed to be written, so data may not be instantly visible to queries by the time your topic receives the Pub/Sub notification." + "description": "Store all profiles to BigQuery. * The system will create a new dataset and table for you if none are are provided. The dataset will be named `sensitive_data_protection_discovery` and table will be named `discovery_profiles`. This table will be placed in the same project as the container project running the scan. The configuration will be updated with the fields set after the first profile is generated and the dataset and table are created. * See [Analyze data profiles stored in BigQuery](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles) * See [Sample queries for your BigQuery table](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#sample_sql_queries). * Data is inserted using [streaming insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) and so data may be in the buffer for a period of time after the profile has finished. * The Pub/Sub notification is sent before the streaming buffer is guaranteed to be written, so data may not be instantly visible to queries by the time your topic receives the Pub/Sub notification. * The best practice is to use the same table for an entire organization so that you can take advantage of the provided Looker reports. If you use VPC Service Controls to define security perimeters, then you must use a separate table for each boundary." } }, "type": "object" @@ -10443,7 +10443,7 @@ }, "cryptoReplaceFfxFpeConfig": { "$ref": "GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig", - "description": "Ffx-Fpe" + "description": "Ffx-Fpe. Strongly discouraged, consider using CryptoDeterministicConfig instead. Fpe is computationally expensive incurring latency costs." }, "dateShiftConfig": { "$ref": "GooglePrivacyDlpV2DateShiftConfig", diff --git a/dlp/v2/dlp-gen.go b/dlp/v2/dlp-gen.go index 380a9fc4fb..2baf357f70 100644 --- a/dlp/v2/dlp-gen.go +++ b/dlp/v2/dlp-gen.go @@ -2707,7 +2707,7 @@ func (s GooglePrivacyDlpV2CryptoKey) MarshalJSON() ([]byte, error) { // https://cloud.google.com/sensitive-data-protection/docs/pseudonymization to // learn more. Note: We recommend using CryptoDeterministicConfig for all use // cases which do not require preserving the input alphabet space and size, -// plus warrant referential integrity. +// plus warrant referential integrity. FPE incurs significant latency costs. type GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig struct { // CommonAlphabet: Common alphabets. // @@ -4949,14 +4949,26 @@ func (s GooglePrivacyDlpV2ExclusionRule) MarshalJSON() ([]byte, error) { // GooglePrivacyDlpV2Export: If set, the detailed data profiles will be // persisted to the location of your choice whenever updated. type GooglePrivacyDlpV2Export struct { - // ProfileTable: Store all table and column profiles in an existing table or a - // new table in an existing dataset. Each re-generation will result in new rows - // in BigQuery. Data is inserted using streaming insert + // ProfileTable: Store all profiles to BigQuery. * The system will create a new + // dataset and table for you if none are are provided. The dataset will be + // named `sensitive_data_protection_discovery` and table will be named + // `discovery_profiles`. This table will be placed in the same project as the + // container project running the scan. The configuration will be updated with + // the fields set after the first profile is generated and the dataset and + // table are created. * See Analyze data profiles stored in BigQuery + // (https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles) + // * See Sample queries for your BigQuery table + // (https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#sample_sql_queries). + // * Data is inserted using streaming insert // (https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) // and so data may be in the buffer for a period of time after the profile has - // finished. The Pub/Sub notification is sent before the streaming buffer is + // finished. * The Pub/Sub notification is sent before the streaming buffer is // guaranteed to be written, so data may not be instantly visible to queries by - // the time your topic receives the Pub/Sub notification. + // the time your topic receives the Pub/Sub notification. * The best practice + // is to use the same table for an entire organization so that you can take + // advantage of the provided Looker reports. If you use VPC Service Controls to + // define security perimeters, then you must use a separate table for each + // boundary. ProfileTable *GooglePrivacyDlpV2BigQueryTable `json:"profileTable,omitempty"` // ForceSendFields is a list of field names (e.g. "ProfileTable") to // unconditionally include in API requests. By default, fields with empty or @@ -8072,7 +8084,9 @@ type GooglePrivacyDlpV2PrimitiveTransformation struct { CryptoDeterministicConfig *GooglePrivacyDlpV2CryptoDeterministicConfig `json:"cryptoDeterministicConfig,omitempty"` // CryptoHashConfig: Crypto CryptoHashConfig *GooglePrivacyDlpV2CryptoHashConfig `json:"cryptoHashConfig,omitempty"` - // CryptoReplaceFfxFpeConfig: Ffx-Fpe + // CryptoReplaceFfxFpeConfig: Ffx-Fpe. Strongly discouraged, consider using + // CryptoDeterministicConfig instead. Fpe is computationally expensive + // incurring latency costs. CryptoReplaceFfxFpeConfig *GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig `json:"cryptoReplaceFfxFpeConfig,omitempty"` // DateShiftConfig: Date Shift DateShiftConfig *GooglePrivacyDlpV2DateShiftConfig `json:"dateShiftConfig,omitempty"` diff --git a/gkehub/v2/gkehub-api.json b/gkehub/v2/gkehub-api.json index 18a836ffbb..fee9e7c471 100644 --- a/gkehub/v2/gkehub-api.json +++ b/gkehub/v2/gkehub-api.json @@ -471,7 +471,7 @@ } } }, - "revision": "20241206", + "revision": "20250103", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AppDevExperienceState": { @@ -702,36 +702,36 @@ "properties": { "allowVerticalScale": { "deprecated": true, - "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", + "description": "Optional. Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "type": "boolean" }, "enabled": { - "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + "description": "Optional. Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", "type": "boolean" }, "git": { "$ref": "ConfigManagementGitConfig", - "description": "Git repo configuration for the cluster." + "description": "Optional. Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "deprecated": true, - "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud Service Account is no longer needed for exporting Config Sync metrics: https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring.", + "description": "Optional. The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud Service Account is no longer needed for exporting Config Sync metrics: https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring.", "type": "string" }, "oci": { "$ref": "ConfigManagementOciConfig", - "description": "OCI repo configuration for the cluster." + "description": "Optional. OCI repo configuration for the cluster." }, "preventDrift": { - "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.", + "description": "Optional. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.", "type": "boolean" }, "sourceFormat": { - "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode.", + "description": "Optional. Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode.", "type": "string" }, "stopSyncing": { - "description": "Set to true to stop syncing configs for a single cluster. Default to false.", + "description": "Optional. Set to true to stop syncing configs for a single cluster. Default to false.", "type": "boolean" } }, @@ -922,7 +922,7 @@ "id": "ConfigManagementConfigSyncState", "properties": { "clusterLevelStopSyncingState": { - "description": "Whether syncing resources to the cluster is stopped at the cluster level.", + "description": "Output only. Whether syncing resources to the cluster is stopped at the cluster level.", "enum": [ "STOP_SYNCING_STATE_UNSPECIFIED", "NOT_STOPPED", @@ -935,6 +935,7 @@ "Some reconcilers stop syncing resources to the cluster, while others are still syncing.", "Syncing resources to the cluster is stopped at the cluster level." ], + "readOnly": true, "type": "string" }, "crCount": { @@ -945,17 +946,19 @@ }, "deploymentState": { "$ref": "ConfigManagementConfigSyncDeploymentState", - "description": "Information about the deployment of ConfigSync, including the version. of the various Pods deployed" + "description": "Output only. Information about the deployment of ConfigSync, including the version. of the various Pods deployed", + "readOnly": true }, "errors": { - "description": "Errors pertaining to the installation of Config Sync.", + "description": "Output only. Errors pertaining to the installation of Config Sync.", "items": { "$ref": "ConfigManagementConfigSyncError" }, + "readOnly": true, "type": "array" }, "reposyncCrd": { - "description": "The state of the Reposync CRD", + "description": "Output only. The state of the Reposync CRD", "enum": [ "CRD_STATE_UNSPECIFIED", "NOT_INSTALLED", @@ -970,10 +973,11 @@ "CRD is terminating (i.e., it has been deleted and is cleaning up)", "CRD is installing" ], + "readOnly": true, "type": "string" }, "rootsyncCrd": { - "description": "The state of the RootSync CRD", + "description": "Output only. The state of the RootSync CRD", "enum": [ "CRD_STATE_UNSPECIFIED", "NOT_INSTALLED", @@ -988,10 +992,11 @@ "CRD is terminating (i.e., it has been deleted and is cleaning up)", "CRD is installing" ], + "readOnly": true, "type": "string" }, "state": { - "description": "The state of CS This field summarizes the other fields in this message.", + "description": "Output only. The state of CS This field summarizes the other fields in this message.", "enum": [ "STATE_UNSPECIFIED", "CONFIG_SYNC_NOT_INSTALLED", @@ -1006,15 +1011,18 @@ "CS encounters errors.", "CS is installing or terminating." ], + "readOnly": true, "type": "string" }, "syncState": { "$ref": "ConfigManagementSyncState", - "description": "The state of ConfigSync's process to sync configs to a cluster." + "description": "Output only. The state of ConfigSync's process to sync configs to a cluster.", + "readOnly": true }, "version": { "$ref": "ConfigManagementConfigSyncVersion", - "description": "The version of ConfigSync deployed." + "description": "Output only. The version of ConfigSync deployed.", + "readOnly": true } }, "type": "object" @@ -1151,35 +1159,35 @@ "id": "ConfigManagementGitConfig", "properties": { "gcpServiceAccountEmail": { - "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "description": "Optional. The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", "type": "string" }, "httpsProxy": { - "description": "URL for the HTTPS proxy to be used when communicating with the Git repo.", + "description": "Optional. URL for the HTTPS proxy to be used when communicating with the Git repo.", "type": "string" }, "policyDir": { - "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.", + "description": "Optional. The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.", "type": "string" }, "secretType": { - "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.", + "description": "Required. Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.", "type": "string" }, "syncBranch": { - "description": "The branch of the repository to sync from. Default: master.", + "description": "Optional. The branch of the repository to sync from. Default: master.", "type": "string" }, "syncRepo": { - "description": "The URL of the Git repository to use as the source of truth.", + "description": "Optional. The URL of the Git repository to use as the source of truth.", "type": "string" }, "syncRev": { - "description": "Git revision (tag or hash) to check out. Default HEAD.", + "description": "Optional. Git revision (tag or hash) to check out. Default HEAD.", "type": "string" }, "syncWaitSecs": { - "description": "Period in seconds between consecutive syncs. Default: 15.", + "description": "Optional. Period in seconds between consecutive syncs. Default: 15.", "format": "int64", "type": "string" } @@ -1313,23 +1321,23 @@ "id": "ConfigManagementOciConfig", "properties": { "gcpServiceAccountEmail": { - "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", + "description": "Optional. The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.", "type": "string" }, "policyDir": { - "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image.", + "description": "Optional. The absolute path of the directory that contains the local resources. Default: the root directory of the image.", "type": "string" }, "secretType": { - "description": "Type of secret configured for access to the Git repo.", + "description": "Optional. Type of secret configured for access to the Git repo.", "type": "string" }, "syncRepo": { - "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.", + "description": "Optional. The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.", "type": "string" }, "syncWaitSecs": { - "description": "Period in seconds between consecutive syncs. Default: 15.", + "description": "Optional. Period in seconds between consecutive syncs. Default: 15.", "format": "int64", "type": "string" } @@ -1508,22 +1516,23 @@ "binauthz": { "$ref": "ConfigManagementBinauthzConfig", "deprecated": true, - "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." + "description": "Optional. Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." }, "cluster": { - "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.", + "description": "Optional. The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.", "type": "string" }, "configSync": { "$ref": "ConfigManagementConfigSync", - "description": "Config Sync configuration for the cluster." + "description": "Optional. Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "ConfigManagementHierarchyControllerConfig", - "description": "Hierarchy Controller configuration for the cluster. Deprecated: Configuring Hierarchy Controller through the configmanagement feature is no longer recommended. Use https://github.com/kubernetes-sigs/hierarchical-namespaces instead." + "deprecated": true, + "description": "Optional. Hierarchy Controller configuration for the cluster. Deprecated: Configuring Hierarchy Controller through the configmanagement feature is no longer recommended. Use https://github.com/kubernetes-sigs/hierarchical-namespaces instead." }, "management": { - "description": "Enables automatic Feature management.", + "description": "Optional. Enables automatic Feature management.", "enum": [ "MANAGEMENT_UNSPECIFIED", "MANAGEMENT_AUTOMATIC", @@ -1538,10 +1547,11 @@ }, "policyController": { "$ref": "ConfigManagementPolicyController", - "description": "Policy Controller configuration for the cluster. Deprecated: Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the policycontroller feature instead." + "deprecated": true, + "description": "Optional. Policy Controller configuration for the cluster. Deprecated: Configuring Policy Controller through the configmanagement feature is no longer recommended. Use the policycontroller feature instead." }, "version": { - "description": "Version of ACM installed.", + "description": "Optional. Version of ACM installed.", "type": "string" } }, @@ -1553,31 +1563,38 @@ "properties": { "binauthzState": { "$ref": "ConfigManagementBinauthzState", - "description": "Binauthz status." + "description": "Output only. Binauthz status.", + "readOnly": true }, "clusterName": { - "description": "This field is set to the `cluster_name` field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.", + "description": "Output only. This field is set to the `cluster_name` field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.", + "readOnly": true, "type": "string" }, "configSyncState": { "$ref": "ConfigManagementConfigSyncState", - "description": "Current sync status." + "description": "Output only. Current sync status.", + "readOnly": true }, "hierarchyControllerState": { "$ref": "ConfigManagementHierarchyControllerState", - "description": "Hierarchy Controller status." + "description": "Output only. Hierarchy Controller status.", + "readOnly": true }, "membershipSpec": { "$ref": "ConfigManagementSpec", - "description": "Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state." + "description": "Output only. Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state.", + "readOnly": true }, "operatorState": { "$ref": "ConfigManagementOperatorState", - "description": "Current install status of ACM's Operator." + "description": "Output only. Current install status of ACM's Operator.", + "readOnly": true }, "policyControllerState": { "$ref": "ConfigManagementPolicyControllerState", - "description": "PolicyController status." + "description": "Output only. PolicyController status.", + "readOnly": true } }, "type": "object" diff --git a/gkehub/v2/gkehub-gen.go b/gkehub/v2/gkehub-gen.go index 1c43c719d1..8a57c8590a 100644 --- a/gkehub/v2/gkehub-gen.go +++ b/gkehub/v2/gkehub-gen.go @@ -529,38 +529,39 @@ func (s ConfigManagementBinauthzVersion) MarshalJSON() ([]byte, error) { // ConfigManagementConfigSync: Configuration for Config Sync type ConfigManagementConfigSync struct { - // AllowVerticalScale: Set to true to allow the vertical scaling. Defaults to - // false which disallows vertical scaling. This field is deprecated. + // AllowVerticalScale: Optional. Set to true to allow the vertical scaling. + // Defaults to false which disallows vertical scaling. This field is + // deprecated. AllowVerticalScale bool `json:"allowVerticalScale,omitempty"` - // Enabled: Enables the installation of ConfigSync. If set to true, ConfigSync - // resources will be created and the other ConfigSync fields will be applied if - // exist. If set to false, all other ConfigSync fields will be ignored, - // ConfigSync resources will be deleted. If omitted, ConfigSync resources will - // be managed depends on the presence of the git or oci field. + // Enabled: Optional. Enables the installation of ConfigSync. If set to true, + // ConfigSync resources will be created and the other ConfigSync fields will be + // applied if exist. If set to false, all other ConfigSync fields will be + // ignored, ConfigSync resources will be deleted. If omitted, ConfigSync + // resources will be managed depends on the presence of the git or oci field. Enabled bool `json:"enabled,omitempty"` - // Git: Git repo configuration for the cluster. + // Git: Optional. Git repo configuration for the cluster. Git *ConfigManagementGitConfig `json:"git,omitempty"` - // MetricsGcpServiceAccountEmail: The Email of the Google Cloud Service Account - // (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud - // Monarch when Workload Identity is enabled. The GSA should have the - // Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The - // Kubernetes ServiceAccount `default` in the namespace + // MetricsGcpServiceAccountEmail: Optional. The Email of the Google Cloud + // Service Account (GSA) used for exporting Config Sync metrics to Cloud + // Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA + // should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM + // role. The Kubernetes ServiceAccount `default` in the namespace // `config-management-monitoring` should be bound to the GSA. Deprecated: If // Workload Identity Federation for GKE is enabled, Google Cloud Service // Account is no longer needed for exporting Config Sync metrics: // https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring. MetricsGcpServiceAccountEmail string `json:"metricsGcpServiceAccountEmail,omitempty"` - // Oci: OCI repo configuration for the cluster. + // Oci: Optional. OCI repo configuration for the cluster. Oci *ConfigManagementOciConfig `json:"oci,omitempty"` - // PreventDrift: Set to true to enable the Config Sync admission webhook to - // prevent drifts. If set to `false`, disables the Config Sync admission - // webhook and does not prevent drifts. + // PreventDrift: Optional. Set to true to enable the Config Sync admission + // webhook to prevent drifts. If set to `false`, disables the Config Sync + // admission webhook and does not prevent drifts. PreventDrift bool `json:"preventDrift,omitempty"` - // SourceFormat: Specifies whether the Config Sync Repo is in "hierarchical" or - // "unstructured" mode. + // SourceFormat: Optional. Specifies whether the Config Sync Repo is in + // "hierarchical" or "unstructured" mode. SourceFormat string `json:"sourceFormat,omitempty"` - // StopSyncing: Set to true to stop syncing configs for a single cluster. - // Default to false. + // StopSyncing: Optional. Set to true to stop syncing configs for a single + // cluster. Default to false. StopSyncing bool `json:"stopSyncing,omitempty"` // ForceSendFields is a list of field names (e.g. "AllowVerticalScale") to // unconditionally include in API requests. By default, fields with empty or @@ -708,8 +709,8 @@ func (s ConfigManagementConfigSyncError) MarshalJSON() ([]byte, error) { // ConfigManagementConfigSyncState: State information for ConfigSync. type ConfigManagementConfigSyncState struct { - // ClusterLevelStopSyncingState: Whether syncing resources to the cluster is - // stopped at the cluster level. + // ClusterLevelStopSyncingState: Output only. Whether syncing resources to the + // cluster is stopped at the cluster level. // // Possible values: // "STOP_SYNCING_STATE_UNSPECIFIED" - State cannot be determined @@ -723,12 +724,12 @@ type ConfigManagementConfigSyncState struct { // CrCount: Output only. The number of RootSync and RepoSync CRs in the // cluster. CrCount int64 `json:"crCount,omitempty"` - // DeploymentState: Information about the deployment of ConfigSync, including - // the version. of the various Pods deployed + // DeploymentState: Output only. Information about the deployment of + // ConfigSync, including the version. of the various Pods deployed DeploymentState *ConfigManagementConfigSyncDeploymentState `json:"deploymentState,omitempty"` - // Errors: Errors pertaining to the installation of Config Sync. + // Errors: Output only. Errors pertaining to the installation of Config Sync. Errors []*ConfigManagementConfigSyncError `json:"errors,omitempty"` - // ReposyncCrd: The state of the Reposync CRD + // ReposyncCrd: Output only. The state of the Reposync CRD // // Possible values: // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined @@ -738,7 +739,7 @@ type ConfigManagementConfigSyncState struct { // cleaning up) // "INSTALLING" - CRD is installing ReposyncCrd string `json:"reposyncCrd,omitempty"` - // RootsyncCrd: The state of the RootSync CRD + // RootsyncCrd: Output only. The state of the RootSync CRD // // Possible values: // "CRD_STATE_UNSPECIFIED" - CRD's state cannot be determined @@ -748,8 +749,8 @@ type ConfigManagementConfigSyncState struct { // cleaning up) // "INSTALLING" - CRD is installing RootsyncCrd string `json:"rootsyncCrd,omitempty"` - // State: The state of CS This field summarizes the other fields in this - // message. + // State: Output only. The state of CS This field summarizes the other fields + // in this message. // // Possible values: // "STATE_UNSPECIFIED" - CS's state cannot be determined. @@ -759,9 +760,10 @@ type ConfigManagementConfigSyncState struct { // "CONFIG_SYNC_ERROR" - CS encounters errors. // "CONFIG_SYNC_PENDING" - CS is installing or terminating. State string `json:"state,omitempty"` - // SyncState: The state of ConfigSync's process to sync configs to a cluster. + // SyncState: Output only. The state of ConfigSync's process to sync configs to + // a cluster. SyncState *ConfigManagementSyncState `json:"syncState,omitempty"` - // Version: The version of ConfigSync deployed. + // Version: Output only. The version of ConfigSync deployed. Version *ConfigManagementConfigSyncVersion `json:"version,omitempty"` // ForceSendFields is a list of field names (e.g. // "ClusterLevelStopSyncingState") to unconditionally include in API requests. @@ -902,26 +904,30 @@ func (s ConfigManagementGatekeeperDeploymentState) MarshalJSON() ([]byte, error) // ConfigManagementGitConfig: Git repo configuration for a single cluster. type ConfigManagementGitConfig struct { - // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth - // when secret_type is gcpServiceAccount. + // GcpServiceAccountEmail: Optional. The Google Cloud Service Account Email + // used for auth when secret_type is gcpServiceAccount. GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` - // HttpsProxy: URL for the HTTPS proxy to be used when communicating with the - // Git repo. + // HttpsProxy: Optional. URL for the HTTPS proxy to be used when communicating + // with the Git repo. HttpsProxy string `json:"httpsProxy,omitempty"` - // PolicyDir: The path within the Git repository that represents the top level - // of the repo to sync. Default: the root directory of the repository. + // PolicyDir: Optional. The path within the Git repository that represents the + // top level of the repo to sync. Default: the root directory of the + // repository. PolicyDir string `json:"policyDir,omitempty"` - // SecretType: Type of secret configured for access to the Git repo. Must be - // one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The - // validation of this is case-sensitive. Required. + // SecretType: Required. Type of secret configured for access to the Git repo. + // Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. + // The validation of this is case-sensitive. Required. SecretType string `json:"secretType,omitempty"` - // SyncBranch: The branch of the repository to sync from. Default: master. + // SyncBranch: Optional. The branch of the repository to sync from. Default: + // master. SyncBranch string `json:"syncBranch,omitempty"` - // SyncRepo: The URL of the Git repository to use as the source of truth. + // SyncRepo: Optional. The URL of the Git repository to use as the source of + // truth. SyncRepo string `json:"syncRepo,omitempty"` - // SyncRev: Git revision (tag or hash) to check out. Default HEAD. + // SyncRev: Optional. Git revision (tag or hash) to check out. Default HEAD. SyncRev string `json:"syncRev,omitempty"` - // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + // SyncWaitSecs: Optional. Period in seconds between consecutive syncs. + // Default: 15. SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to // unconditionally include in API requests. By default, fields with empty or @@ -1109,18 +1115,20 @@ func (s ConfigManagementInstallError) MarshalJSON() ([]byte, error) { // ConfigManagementOciConfig: OCI repo configuration for a single cluster. type ConfigManagementOciConfig struct { - // GcpServiceAccountEmail: The Google Cloud Service Account Email used for auth - // when secret_type is gcpServiceAccount. + // GcpServiceAccountEmail: Optional. The Google Cloud Service Account Email + // used for auth when secret_type is gcpServiceAccount. GcpServiceAccountEmail string `json:"gcpServiceAccountEmail,omitempty"` - // PolicyDir: The absolute path of the directory that contains the local - // resources. Default: the root directory of the image. + // PolicyDir: Optional. The absolute path of the directory that contains the + // local resources. Default: the root directory of the image. PolicyDir string `json:"policyDir,omitempty"` - // SecretType: Type of secret configured for access to the Git repo. + // SecretType: Optional. Type of secret configured for access to the Git repo. SecretType string `json:"secretType,omitempty"` - // SyncRepo: The OCI image repository URL for the package to sync from. e.g. + // SyncRepo: Optional. The OCI image repository URL for the package to sync + // from. e.g. // `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. SyncRepo string `json:"syncRepo,omitempty"` - // SyncWaitSecs: Period in seconds between consecutive syncs. Default: 15. + // SyncWaitSecs: Optional. Period in seconds between consecutive syncs. + // Default: 15. SyncWaitSecs int64 `json:"syncWaitSecs,omitempty,string"` // ForceSendFields is a list of field names (e.g. "GcpServiceAccountEmail") to // unconditionally include in API requests. By default, fields with empty or @@ -1334,10 +1342,10 @@ func (s ConfigManagementPolicyControllerVersion) MarshalJSON() ([]byte, error) { // ConfigManagementSpec: **Anthos Config Management**: Configuration for a // single cluster. Intended to parallel the ConfigManagement CR. type ConfigManagementSpec struct { - // Binauthz: Binauthz conifguration for the cluster. Deprecated: This field - // will be ignored and should not be set. + // Binauthz: Optional. Binauthz conifguration for the cluster. Deprecated: This + // field will be ignored and should not be set. Binauthz *ConfigManagementBinauthzConfig `json:"binauthz,omitempty"` - // Cluster: The user-specified cluster name used by Config Sync + // Cluster: Optional. The user-specified cluster name used by Config Sync // cluster-name-selector annotation or ClusterSelector, for applying configs to // only a subset of clusters. Omit this field if the cluster's fleet membership // name is used by Config Sync cluster-name-selector annotation or @@ -1345,14 +1353,14 @@ type ConfigManagementSpec struct { // membership name is used by Config Sync cluster-name-selector annotation or // ClusterSelector. Cluster string `json:"cluster,omitempty"` - // ConfigSync: Config Sync configuration for the cluster. + // ConfigSync: Optional. Config Sync configuration for the cluster. ConfigSync *ConfigManagementConfigSync `json:"configSync,omitempty"` - // HierarchyController: Hierarchy Controller configuration for the cluster. - // Deprecated: Configuring Hierarchy Controller through the configmanagement - // feature is no longer recommended. Use + // HierarchyController: Optional. Hierarchy Controller configuration for the + // cluster. Deprecated: Configuring Hierarchy Controller through the + // configmanagement feature is no longer recommended. Use // https://github.com/kubernetes-sigs/hierarchical-namespaces instead. HierarchyController *ConfigManagementHierarchyControllerConfig `json:"hierarchyController,omitempty"` - // Management: Enables automatic Feature management. + // Management: Optional. Enables automatic Feature management. // // Possible values: // "MANAGEMENT_UNSPECIFIED" - Unspecified @@ -1360,11 +1368,11 @@ type ConfigManagementSpec struct { // "MANAGEMENT_MANUAL" - User will manually manage the Feature for the // cluster. Management string `json:"management,omitempty"` - // PolicyController: Policy Controller configuration for the cluster. + // PolicyController: Optional. Policy Controller configuration for the cluster. // Deprecated: Configuring Policy Controller through the configmanagement // feature is no longer recommended. Use the policycontroller feature instead. PolicyController *ConfigManagementPolicyController `json:"policyController,omitempty"` - // Version: Version of ACM installed. + // Version: Optional. Version of ACM installed. Version string `json:"version,omitempty"` // ForceSendFields is a list of field names (e.g. "Binauthz") to // unconditionally include in API requests. By default, fields with empty or @@ -1387,23 +1395,23 @@ func (s ConfigManagementSpec) MarshalJSON() ([]byte, error) { // ConfigManagementState: **Anthos Config Management**: State for a single // cluster. type ConfigManagementState struct { - // BinauthzState: Binauthz status. + // BinauthzState: Output only. Binauthz status. BinauthzState *ConfigManagementBinauthzState `json:"binauthzState,omitempty"` - // ClusterName: This field is set to the `cluster_name` field of the Membership - // Spec if it is not empty. Otherwise, it is set to the cluster's fleet - // membership name. + // ClusterName: Output only. This field is set to the `cluster_name` field of + // the Membership Spec if it is not empty. Otherwise, it is set to the + // cluster's fleet membership name. ClusterName string `json:"clusterName,omitempty"` - // ConfigSyncState: Current sync status. + // ConfigSyncState: Output only. Current sync status. ConfigSyncState *ConfigManagementConfigSyncState `json:"configSyncState,omitempty"` - // HierarchyControllerState: Hierarchy Controller status. + // HierarchyControllerState: Output only. Hierarchy Controller status. HierarchyControllerState *ConfigManagementHierarchyControllerState `json:"hierarchyControllerState,omitempty"` - // MembershipSpec: Membership configuration in the cluster. This represents the - // actual state in the cluster, while the MembershipSpec in the FeatureSpec - // represents the intended state. + // MembershipSpec: Output only. Membership configuration in the cluster. This + // represents the actual state in the cluster, while the MembershipSpec in the + // FeatureSpec represents the intended state. MembershipSpec *ConfigManagementSpec `json:"membershipSpec,omitempty"` - // OperatorState: Current install status of ACM's Operator. + // OperatorState: Output only. Current install status of ACM's Operator. OperatorState *ConfigManagementOperatorState `json:"operatorState,omitempty"` - // PolicyControllerState: PolicyController status. + // PolicyControllerState: Output only. PolicyController status. PolicyControllerState *ConfigManagementPolicyControllerState `json:"policyControllerState,omitempty"` // ForceSendFields is a list of field names (e.g. "BinauthzState") to // unconditionally include in API requests. By default, fields with empty or diff --git a/tpu/v2alpha1/tpu-api.json b/tpu/v2alpha1/tpu-api.json index bb6ba0462c..7a92e659ef 100644 --- a/tpu/v2alpha1/tpu-api.json +++ b/tpu/v2alpha1/tpu-api.json @@ -1021,7 +1021,7 @@ } } }, - "revision": "20241126", + "revision": "20250103", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -1698,10 +1698,10 @@ }, "networkConfig": { "$ref": "NetworkConfig", - "description": "Network configurations for the TPU node." + "description": "Network configurations for the TPU node. network_config and network_configs are mutually exclusive, you can only specify one of them. If both are specified, an error will be returned." }, "networkConfigs": { - "description": "Optional. Repeated network configurations for the TPU node.", + "description": "Optional. Repeated network configurations for the TPU node. This field is used to specify multiple networks configs for the TPU node. network_config and network_configs are mutually exclusive, you can only specify one of them. If both are specified, an error will be returned.", "items": { "$ref": "NetworkConfig" }, diff --git a/tpu/v2alpha1/tpu-gen.go b/tpu/v2alpha1/tpu-gen.go index 8133b2adee..bf610f73d3 100644 --- a/tpu/v2alpha1/tpu-gen.go +++ b/tpu/v2alpha1/tpu-gen.go @@ -1084,9 +1084,14 @@ type Node struct { MultisliceNode bool `json:"multisliceNode,omitempty"` // Name: Output only. Immutable. The name of the TPU. Name string `json:"name,omitempty"` - // NetworkConfig: Network configurations for the TPU node. + // NetworkConfig: Network configurations for the TPU node. network_config and + // network_configs are mutually exclusive, you can only specify one of them. If + // both are specified, an error will be returned. NetworkConfig *NetworkConfig `json:"networkConfig,omitempty"` // NetworkConfigs: Optional. Repeated network configurations for the TPU node. + // This field is used to specify multiple networks configs for the TPU node. + // network_config and network_configs are mutually exclusive, you can only + // specify one of them. If both are specified, an error will be returned. NetworkConfigs []*NetworkConfig `json:"networkConfigs,omitempty"` // NetworkEndpoints: Output only. The network endpoints where TPU workers can // be accessed and sent work. It is recommended that runtime clients of the