From aab582331d72e7afebaa4a6936e6c1950e1857cf Mon Sep 17 00:00:00 2001 From: Jazel Canseco Date: Mon, 12 Jul 2021 15:20:03 -0700 Subject: [PATCH] Update for version 1.56.0 --- ...beta1_accesscontextmanageraccesslevel.yaml | 2 +- ...eta1_accesscontextmanageraccesspolicy.yaml | 2 +- ..._accesscontextmanagerserviceperimeter.yaml | 2 +- ...ry_v1beta1_artifactregistryrepository.yaml | 2 +- crds/bigquery_v1beta1_bigquerydataset.yaml | 2 +- crds/bigquery_v1beta1_bigqueryjob.yaml | 2 +- crds/bigquery_v1beta1_bigquerytable.yaml | 2 +- crds/bigtable_v1beta1_bigtableappprofile.yaml | 2 +- crds/bigtable_v1beta1_bigtablegcpolicy.yaml | 2 +- crds/bigtable_v1beta1_bigtableinstance.yaml | 34 +- crds/bigtable_v1beta1_bigtabletable.yaml | 2 +- ...n_v1beta1_binaryauthorizationattestor.yaml | 2 +- ...ion_v1beta1_binaryauthorizationpolicy.yaml | 431 ++++ .../cloudbuild_v1beta1_cloudbuildtrigger.yaml | 2 +- ...udidentity_v1beta1_cloudidentitygroup.yaml | 4 +- ...udscheduler_v1beta1_cloudschedulerjob.yaml | 2 +- crds/compute_v1beta1_computeaddress.yaml | 2 +- .../compute_v1beta1_computebackendbucket.yaml | 2 +- ...compute_v1beta1_computebackendservice.yaml | 2 +- crds/compute_v1beta1_computedisk.yaml | 2 +- ...ute_v1beta1_computeexternalvpngateway.yaml | 2 +- crds/compute_v1beta1_computefirewall.yaml | 2 +- ...compute_v1beta1_computeforwardingrule.yaml | 2 +- crds/compute_v1beta1_computehealthcheck.yaml | 2 +- ...ompute_v1beta1_computehttphealthcheck.yaml | 2 +- ...mpute_v1beta1_computehttpshealthcheck.yaml | 4 +- crds/compute_v1beta1_computeimage.yaml | 2 +- crds/compute_v1beta1_computeinstance.yaml | 2 +- .../compute_v1beta1_computeinstancegroup.yaml | 2 +- ...e_v1beta1_computeinstancegroupmanager.yaml | 523 +++++ ...mpute_v1beta1_computeinstancetemplate.yaml | 2 +- ...v1beta1_computeinterconnectattachment.yaml | 2 +- crds/compute_v1beta1_computenetwork.yaml | 2 +- ...e_v1beta1_computenetworkendpointgroup.yaml | 2 +- ...compute_v1beta1_computenetworkpeering.yaml | 2 +- crds/compute_v1beta1_computenodegroup.yaml | 2 +- crds/compute_v1beta1_computenodetemplate.yaml | 2 +- ...ompute_v1beta1_computeprojectmetadata.yaml | 2 +- crds/compute_v1beta1_computereservation.yaml | 2 +- ...compute_v1beta1_computeresourcepolicy.yaml | 2 +- crds/compute_v1beta1_computeroute.yaml | 2 +- crds/compute_v1beta1_computerouter.yaml | 2 +- ...ompute_v1beta1_computerouterinterface.yaml | 2 +- crds/compute_v1beta1_computerouternat.yaml | 2 +- crds/compute_v1beta1_computerouterpeer.yaml | 2 +- ...compute_v1beta1_computesecuritypolicy.yaml | 2 +- ...e_v1beta1_computesharedvpchostproject.yaml | 2 +- ...1beta1_computesharedvpcserviceproject.yaml | 2 +- crds/compute_v1beta1_computesnapshot.yaml | 2 +- ...compute_v1beta1_computesslcertificate.yaml | 2 +- crds/compute_v1beta1_computesslpolicy.yaml | 2 +- crds/compute_v1beta1_computesubnetwork.yaml | 2 +- ...ompute_v1beta1_computetargetgrpcproxy.yaml | 2 +- ...ompute_v1beta1_computetargethttpproxy.yaml | 2 +- ...mpute_v1beta1_computetargethttpsproxy.yaml | 2 +- ...compute_v1beta1_computetargetinstance.yaml | 2 +- crds/compute_v1beta1_computetargetpool.yaml | 2 +- ...compute_v1beta1_computetargetsslproxy.yaml | 2 +- ...compute_v1beta1_computetargettcpproxy.yaml | 2 +- ...mpute_v1beta1_computetargetvpngateway.yaml | 2 +- crds/compute_v1beta1_computeurlmap.yaml | 2 +- crds/compute_v1beta1_computevpngateway.yaml | 2 +- crds/compute_v1beta1_computevpntunnel.yaml | 2 +- crds/container_v1beta1_containercluster.yaml | 2 +- crds/container_v1beta1_containernodepool.yaml | 2 +- ...nalysis_v1beta1_containeranalysisnote.yaml | 2 +- ...aflow_v1beta1_dataflowflextemplatejob.yaml | 2 +- crds/dataflow_v1beta1_dataflowjob.yaml | 2 +- ...datafusion_v1beta1_datafusioninstance.yaml | 2 +- ...roc_v1beta1_dataprocautoscalingpolicy.yaml | 2 +- crds/dataproc_v1beta1_dataproccluster.yaml | 2 +- ...proc_v1beta1_dataprocworkflowtemplate.yaml | 2 +- crds/dns_v1beta1_dnsmanagedzone.yaml | 2 +- crds/dns_v1beta1_dnspolicy.yaml | 2 +- crds/dns_v1beta1_dnsrecordset.yaml | 2 +- crds/firestore_v1beta1_firestoreindex.yaml | 2 +- ...ameservices_v1beta1_gameservicesrealm.yaml | 2 +- crds/gkehub_v1beta1_gkehubfeature.yaml | 2 +- crds/gkehub_v1beta1_gkehubmembership.yaml | 2 +- crds/iam_v1beta1_iamauditconfig.yaml | 2 +- crds/iam_v1beta1_iamcustomrole.yaml | 2 +- crds/iam_v1beta1_iampartialpolicy.yaml | 2 +- crds/iam_v1beta1_iampolicy.yaml | 2 +- crds/iam_v1beta1_iampolicymember.yaml | 2 +- crds/iam_v1beta1_iamserviceaccount.yaml | 2 +- crds/iam_v1beta1_iamserviceaccountkey.yaml | 2 +- crds/iap_v1beta1_iapbrand.yaml | 2 +- ...p_v1beta1_iapidentityawareproxyclient.yaml | 2 +- ...1beta1_identityplatformoauthidpconfig.yaml | 2 +- ...atform_v1beta1_identityplatformtenant.yaml | 2 +- ..._identityplatformtenantoauthidpconfig.yaml | 2 +- crds/kms_v1beta1_kmscryptokey.yaml | 2 +- crds/kms_v1beta1_kmskeyring.yaml | 2 +- crds/logging_v1beta1_logginglogexclusion.yaml | 2 +- crds/logging_v1beta1_logginglogsink.yaml | 2 +- crds/memcache_v1beta1_memcacheinstance.yaml | 2 +- ...itoring_v1beta1_monitoringalertpolicy.yaml | 2 +- ...onitoring_v1beta1_monitoringdashboard.yaml | 2 +- crds/monitoring_v1beta1_monitoringgroup.yaml | 2 +- ...v1beta1_monitoringnotificationchannel.yaml | 2 +- ...a1_networksecurityauthorizationpolicy.yaml | 2 +- ...1beta1_networksecurityclienttlspolicy.yaml | 2 +- ...1beta1_networksecurityservertlspolicy.yaml | 2 +- ...v1beta1_networkservicesendpointpolicy.yaml | 2 +- .../osconfig_v1beta1_osconfigguestpolicy.yaml | 2 +- crds/pubsub_v1beta1_pubsubsubscription.yaml | 2 +- crds/pubsub_v1beta1_pubsubtopic.yaml | 2 +- crds/redis_v1beta1_redisinstance.yaml | 2 +- crds/resourcemanager_v1beta1_folder.yaml | 2 +- crds/resourcemanager_v1beta1_project.yaml | 2 +- ...cemanager_v1beta1_resourcemanagerlien.yaml | 2 +- ...manager_v1beta1_resourcemanagerpolicy.yaml | 2 +- ...etmanager_v1beta1_secretmanagersecret.yaml | 60 +- ...er_v1beta1_secretmanagersecretversion.yaml | 2 +- ...g_v1beta1_servicenetworkingconnection.yaml | 2 +- crds/serviceusage_v1beta1_service.yaml | 2 +- ...urcerepo_v1beta1_sourcereporepository.yaml | 2 +- crds/spanner_v1beta1_spannerdatabase.yaml | 2 +- crds/spanner_v1beta1_spannerinstance.yaml | 4 +- crds/sql_v1beta1_sqldatabase.yaml | 2 +- crds/sql_v1beta1_sqlinstance.yaml | 2 +- crds/sql_v1beta1_sqlsslcert.yaml | 2 +- crds/sql_v1beta1_sqluser.yaml | 2 +- crds/storage_v1beta1_storagebucket.yaml | 2 +- ...ge_v1beta1_storagebucketaccesscontrol.yaml | 2 +- ...ta1_storagedefaultobjectaccesscontrol.yaml | 2 +- crds/storage_v1beta1_storagenotification.yaml | 2 +- ...getransfer_v1beta1_storagetransferjob.yaml | 2 +- .../0-cnrm-system.yaml | 81 +- .../install-bundle-gcp-identity/crds.yaml | 1826 +++++++++++++---- .../0-cnrm-system.yaml | 67 +- .../install-bundle-namespaced/crds.yaml | 1826 +++++++++++++---- .../per-namespace-components.yaml | 18 +- .../0-cnrm-system.yaml | 81 +- .../crds.yaml | 1826 +++++++++++++---- .../v1beta1/bigtableinstance_types.go | 8 + .../bigtable/v1beta1/zz_generated.deepcopy.go | 5 + .../binaryauthorizationpolicy_types.go | 176 ++ .../binaryauthorization/v1beta1/register.go | 6 + .../v1beta1/zz_generated.deepcopy.go | 271 +++ .../v1beta1/cloudidentitygroup_types.go | 2 +- .../v1beta1/computehttpshealthcheck_types.go | 2 +- .../computeinstancegroupmanager_types.go | 296 +++ pkg/apis/compute/v1beta1/register.go | 6 + .../compute/v1beta1/zz_generated.deepcopy.go | 508 +++++ .../v1beta1/secretmanagersecret_types.go | 30 + .../v1beta1/zz_generated.deepcopy.go | 46 + .../spanner/v1beta1/spannerinstance_types.go | 2 +- .../v1beta1/binaryauthorization_client.go | 5 + .../v1beta1/binaryauthorizationpolicy.go | 198 ++ .../fake/fake_binaryauthorization_client.go | 4 + .../fake/fake_binaryauthorizationpolicy.go | 145 ++ .../v1beta1/generated_expansion.go | 2 + .../typed/compute/v1beta1/compute_client.go | 5 + .../v1beta1/computeinstancegroupmanager.go | 198 ++ .../v1beta1/fake/fake_compute_client.go | 4 + .../fake/fake_computeinstancegroupmanager.go | 145 ++ .../compute/v1beta1/generated_expansion.go | 2 + ...n_v1beta1_binaryauthorizationattestor.yaml | 23 + ...ion_v1beta1_binaryauthorizationpolicy.yaml | 34 + ...nalysis_v1beta1_containeranalysisnote.yaml | 21 + ...ion_v1beta1_binaryauthorizationpolicy.yaml | 31 + .../resourcemanager_v1beta1_project.yaml | 28 + .../serviceusage_v1beta1_service.yaml | 22 + ...n_v1beta1_binaryauthorizationattestor.yaml | 23 + ...ion_v1beta1_binaryauthorizationpolicy.yaml | 34 + ...nalysis_v1beta1_containeranalysisnote.yaml | 21 + ...n_v1beta1_binaryauthorizationattestor.yaml | 23 + ...ion_v1beta1_binaryauthorizationpolicy.yaml | 34 + ...nalysis_v1beta1_containeranalysisnote.yaml | 21 + ...n_v1beta1_binaryauthorizationattestor.yaml | 23 + ...ion_v1beta1_binaryauthorizationpolicy.yaml | 34 + ...nalysis_v1beta1_containeranalysisnote.yaml | 21 + .../compute_v1beta1_computehealthcheck.yaml | 22 + ...e_v1beta1_computeinstancegroupmanager.yaml | 35 + ...mpute_v1beta1_computeinstancetemplate.yaml | 29 + .../compute_v1beta1_computenetwork.yaml | 21 + .../compute_v1beta1_computesubnetwork.yaml | 24 + .../compute_v1beta1_computehealthcheck.yaml | 22 + ...e_v1beta1_computeinstancegroupmanager.yaml | 34 + ...mpute_v1beta1_computeinstancetemplate.yaml | 29 + .../compute_v1beta1_computenetwork.yaml | 21 + .../compute_v1beta1_computesubnetwork.yaml | 24 + 183 files changed, 8287 insertions(+), 1460 deletions(-) create mode 100644 crds/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 crds/compute_v1beta1_computeinstancegroupmanager.yaml create mode 100644 pkg/apis/binaryauthorization/v1beta1/binaryauthorizationpolicy_types.go create mode 100644 pkg/apis/compute/v1beta1/computeinstancegroupmanager_types.go create mode 100644 pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorizationpolicy.go create mode 100644 pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorizationpolicy.go create mode 100644 pkg/client/clientset/versioned/typed/compute/v1beta1/computeinstancegroupmanager.go create mode 100644 pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_computeinstancegroupmanager.go create mode 100644 samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/cluster-policy/containeranalysis_v1beta1_containeranalysisnote.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/default-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/default-policy/resourcemanager_v1beta1_project.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/default-policy/serviceusage_v1beta1_service.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/namespace-policy/containeranalysis_v1beta1_containeranalysisnote.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-account-policy/containeranalysis_v1beta1_containeranalysisnote.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml create mode 100644 samples/resources/binaryauthorizationpolicy/service-identity-policy/containeranalysis_v1beta1_containeranalysisnote.yaml create mode 100644 samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml create mode 100644 samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml create mode 100644 samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml create mode 100644 samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml create mode 100644 samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml create mode 100644 samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml create mode 100644 samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml create mode 100644 samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml create mode 100644 samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml create mode 100644 samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml diff --git a/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesslevel.yaml b/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesslevel.yaml index ce0b2a6715..e0f591432d 100644 --- a/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesslevel.yaml +++ b/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesslevel.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesspolicy.yaml b/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesspolicy.yaml index a5862f9304..1376083d60 100644 --- a/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesspolicy.yaml +++ b/crds/accesscontextmanager_v1beta1_accesscontextmanageraccesspolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/accesscontextmanager_v1beta1_accesscontextmanagerserviceperimeter.yaml b/crds/accesscontextmanager_v1beta1_accesscontextmanagerserviceperimeter.yaml index 8be7ccabc7..1885e81518 100644 --- a/crds/accesscontextmanager_v1beta1_accesscontextmanagerserviceperimeter.yaml +++ b/crds/accesscontextmanager_v1beta1_accesscontextmanagerserviceperimeter.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/artifactregistry_v1beta1_artifactregistryrepository.yaml b/crds/artifactregistry_v1beta1_artifactregistryrepository.yaml index beb8cd5d11..aa075ce845 100644 --- a/crds/artifactregistry_v1beta1_artifactregistryrepository.yaml +++ b/crds/artifactregistry_v1beta1_artifactregistryrepository.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigquery_v1beta1_bigquerydataset.yaml b/crds/bigquery_v1beta1_bigquerydataset.yaml index 50f72965c9..179910f36e 100644 --- a/crds/bigquery_v1beta1_bigquerydataset.yaml +++ b/crds/bigquery_v1beta1_bigquerydataset.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigquery_v1beta1_bigqueryjob.yaml b/crds/bigquery_v1beta1_bigqueryjob.yaml index 6d92b491d2..750aea5683 100644 --- a/crds/bigquery_v1beta1_bigqueryjob.yaml +++ b/crds/bigquery_v1beta1_bigqueryjob.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigquery_v1beta1_bigquerytable.yaml b/crds/bigquery_v1beta1_bigquerytable.yaml index 18916d59ba..e52a40f7a7 100644 --- a/crds/bigquery_v1beta1_bigquerytable.yaml +++ b/crds/bigquery_v1beta1_bigquerytable.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigtable_v1beta1_bigtableappprofile.yaml b/crds/bigtable_v1beta1_bigtableappprofile.yaml index bd6040193b..45c52534ed 100644 --- a/crds/bigtable_v1beta1_bigtableappprofile.yaml +++ b/crds/bigtable_v1beta1_bigtableappprofile.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigtable_v1beta1_bigtablegcpolicy.yaml b/crds/bigtable_v1beta1_bigtablegcpolicy.yaml index ee406b6f0f..476bb299ae 100644 --- a/crds/bigtable_v1beta1_bigtablegcpolicy.yaml +++ b/crds/bigtable_v1beta1_bigtablegcpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/bigtable_v1beta1_bigtableinstance.yaml b/crds/bigtable_v1beta1_bigtableinstance.yaml index 5e78a5d16e..d2f46f4b70 100644 --- a/crds/bigtable_v1beta1_bigtableinstance.yaml +++ b/crds/bigtable_v1beta1_bigtableinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78,6 +78,38 @@ spec: clusterId: description: The ID of the Cloud Bigtable cluster. type: string + kmsKeyRef: + description: |- + Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable + cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains + this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key. + 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. + 3) All clusters within an instance must use the same CMEK key access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a KMSCryptoKey. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object numNodes: description: The number of nodes in your Cloud Bigtable cluster. For PRODUCTION instances where the numNodes will be managed diff --git a/crds/bigtable_v1beta1_bigtabletable.yaml b/crds/bigtable_v1beta1_bigtabletable.yaml index 8f79892939..de48007dc4 100644 --- a/crds/bigtable_v1beta1_bigtabletable.yaml +++ b/crds/bigtable_v1beta1_bigtabletable.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml b/crds/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml index 77f3c8d5a1..8809050d22 100644 --- a/crds/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml +++ b/crds/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/crds/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..8634903de4 --- /dev/null +++ b/crds/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,431 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: binaryauthorizationpolicies.binaryauthorization.cnrm.cloud.google.com +spec: + group: binaryauthorization.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BinaryAuthorizationPolicy + plural: binaryauthorizationpolicies + shortNames: + - gcpbinaryauthorizationpolicy + - gcpbinaryauthorizationpolicies + singular: binaryauthorizationpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + admissionWhitelistPatterns: + description: Optional. Admission policy allowlisting. A matching admission + request will always be permitted. This feature is typically used + to exclude Google or third-party infrastructure images from Binary + Authorization policies. + items: + properties: + namePattern: + description: An image name pattern to allowlist, in the form + `registry/path/to/image`. This supports a trailing `*` as + a wildcard, but this is allowed only in text after the `registry/` + part. + type: string + type: object + type: array + clusterAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-cluster admission rules. Cluster spec + format: location.clusterId. There can be at most one admission rule + per cluster spec. A location is either a compute zone (e.g. us-central1-a) + or a region (e.g. us-central1). For clusterId syntax restrictions + see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.' + type: object + defaultAdmissionRule: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: + description: Optional. A descriptive comment. + type: string + globalPolicyEvaluationMode: + description: 'Optional. Controls the evaluation of a Google-maintained + global admission policy for common system-level images. Images not + covered by the global policy will be subject to the project admission + policy. This setting has no effect when specified inside a global + admission policy. Possible values: GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, + ENABLE, DISABLE' + type: string + istioServiceIdentityAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-istio-service-identity admission rules. + Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default' + type: object + kubernetesNamespaceAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-namespace admission rules. + K8s namespace spec format: [a-z.-]+, e.g. ''some-namespace''' + type: object + kubernetesServiceAccountAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-service-account admission rules. + Service account spec format: namespace:serviceaccount. e.g. ''test-ns:default''' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - defaultAdmissionRule + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + description: Output only. The resource name, in the format `projects/*/policy`. + There is at most one policy per project. + type: string + updateTime: + description: Output only. Time when the policy was last updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/crds/cloudbuild_v1beta1_cloudbuildtrigger.yaml b/crds/cloudbuild_v1beta1_cloudbuildtrigger.yaml index acc6ac9b20..0f4508b263 100644 --- a/crds/cloudbuild_v1beta1_cloudbuildtrigger.yaml +++ b/crds/cloudbuild_v1beta1_cloudbuildtrigger.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/cloudidentity_v1beta1_cloudidentitygroup.yaml b/crds/cloudidentity_v1beta1_cloudidentitygroup.yaml index 02f2bdd685..c51ee78837 100644 --- a/crds/cloudidentity_v1beta1_cloudidentitygroup.yaml +++ b/crds/cloudidentity_v1beta1_cloudidentitygroup.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -109,7 +109,7 @@ spec: type: object initialGroupConfig: description: |- - The initial configuration options for creating a Group. + Immutable. The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) diff --git a/crds/cloudscheduler_v1beta1_cloudschedulerjob.yaml b/crds/cloudscheduler_v1beta1_cloudschedulerjob.yaml index 516c9e78d8..0d7dff36c9 100644 --- a/crds/cloudscheduler_v1beta1_cloudschedulerjob.yaml +++ b/crds/cloudscheduler_v1beta1_cloudschedulerjob.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/compute_v1beta1_computeaddress.yaml b/crds/compute_v1beta1_computeaddress.yaml index 27ef3975bb..3fdb057d40 100644 --- a/crds/compute_v1beta1_computeaddress.yaml +++ b/crds/compute_v1beta1_computeaddress.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computebackendbucket.yaml b/crds/compute_v1beta1_computebackendbucket.yaml index 5918d43548..d217a89327 100644 --- a/crds/compute_v1beta1_computebackendbucket.yaml +++ b/crds/compute_v1beta1_computebackendbucket.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computebackendservice.yaml b/crds/compute_v1beta1_computebackendservice.yaml index b5d59c4fcd..8cfeab550b 100644 --- a/crds/compute_v1beta1_computebackendservice.yaml +++ b/crds/compute_v1beta1_computebackendservice.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computedisk.yaml b/crds/compute_v1beta1_computedisk.yaml index b4df727375..7083a43c90 100644 --- a/crds/compute_v1beta1_computedisk.yaml +++ b/crds/compute_v1beta1_computedisk.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeexternalvpngateway.yaml b/crds/compute_v1beta1_computeexternalvpngateway.yaml index d0c32a3b90..67fafe9600 100644 --- a/crds/compute_v1beta1_computeexternalvpngateway.yaml +++ b/crds/compute_v1beta1_computeexternalvpngateway.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computefirewall.yaml b/crds/compute_v1beta1_computefirewall.yaml index 8b4c71b0e3..3bd7ab3f2b 100644 --- a/crds/compute_v1beta1_computefirewall.yaml +++ b/crds/compute_v1beta1_computefirewall.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeforwardingrule.yaml b/crds/compute_v1beta1_computeforwardingrule.yaml index 0f15a79a73..8edace6f94 100644 --- a/crds/compute_v1beta1_computeforwardingrule.yaml +++ b/crds/compute_v1beta1_computeforwardingrule.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computehealthcheck.yaml b/crds/compute_v1beta1_computehealthcheck.yaml index ab4de43d71..bd6903e320 100644 --- a/crds/compute_v1beta1_computehealthcheck.yaml +++ b/crds/compute_v1beta1_computehealthcheck.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computehttphealthcheck.yaml b/crds/compute_v1beta1_computehttphealthcheck.yaml index 2dc77b7f72..9a327965b3 100644 --- a/crds/compute_v1beta1_computehttphealthcheck.yaml +++ b/crds/compute_v1beta1_computehttphealthcheck.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computehttpshealthcheck.yaml b/crds/compute_v1beta1_computehttpshealthcheck.yaml index 2e63647a44..640b5211b1 100644 --- a/crds/compute_v1beta1_computehttpshealthcheck.yaml +++ b/crds/compute_v1beta1_computehttpshealthcheck.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -94,7 +94,7 @@ spec: port: description: |- The TCP port number for the HTTPS health check request. - The default value is 80. + The default value is 443. type: integer requestPath: description: |- diff --git a/crds/compute_v1beta1_computeimage.yaml b/crds/compute_v1beta1_computeimage.yaml index de49d8fd47..1f78551c03 100644 --- a/crds/compute_v1beta1_computeimage.yaml +++ b/crds/compute_v1beta1_computeimage.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeinstance.yaml b/crds/compute_v1beta1_computeinstance.yaml index d97996382a..fd6df8dc7b 100644 --- a/crds/compute_v1beta1_computeinstance.yaml +++ b/crds/compute_v1beta1_computeinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeinstancegroup.yaml b/crds/compute_v1beta1_computeinstancegroup.yaml index c0b79858cb..7d9331c29b 100644 --- a/crds/compute_v1beta1_computeinstancegroup.yaml +++ b/crds/compute_v1beta1_computeinstancegroup.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeinstancegroupmanager.yaml b/crds/compute_v1beta1_computeinstancegroupmanager.yaml new file mode 100644 index 0000000000..297010059e --- /dev/null +++ b/crds/compute_v1beta1_computeinstancegroupmanager.yaml @@ -0,0 +1,523 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: computeinstancegroupmanagers.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeInstanceGroupManager + plural: computeinstancegroupmanagers + shortNames: + - gcpcomputeinstancegroupmanager + - gcpcomputeinstancegroupmanagers + singular: computeinstancegroupmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + autoHealingPolicies: + description: The autohealing policy for this managed instance group. + items: + properties: + healthCheckRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The healthcheck that signals autohealing + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + initialDelaySec: + description: The number of seconds that the managed instance + group waits before it applies autohealing policies to new + instances or recently recreated instances. + format: int64 + type: integer + type: object + type: array + baseInstanceName: + description: 'The base instance name to use for instances in this + group. The value must be 1-58 characters long. Instances are named + by appending a hyphen and a random four-character string to the + base instance name. The base instance name must comply with RFC1035. ' + type: string + description: + description: 'An optional description of this resource. Provide this + property when you create the resource. ' + type: string + distributionPolicy: + description: Policy specifying intended distribution of instances + in regional managed instance group. + properties: + zones: + description: Zones where the regional managed instance group will + create and manage instances. + items: + properties: + zone: + description: The URL of the zone. The zone must exist in + the region where the managed instance group is located. + type: string + type: object + type: array + type: object + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'The instance template that is specified for this + managed instance group. The group uses this template to create + all new instances in the managed instance group. ' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + location: + description: The location of this resource. + type: string + namedPorts: + description: Named ports configured for the Instance Groups complementary + to this Instance Group Manager. + items: + properties: + name: + description: 'The name for this named port. The name must be + 1-63 characters long, and comply with RFC1035. ' + type: string + port: + description: The port number, which can be a value between 1 + and 65535. + format: int64 + type: integer + type: object + type: array + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project id of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + targetPools: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + targetSize: + description: 'The target number of running instances for this managed + instance group. Deleting or abandoning instances reduces this number. + Resizing the group changes this number. ' + format: int64 + type: integer + updatePolicy: + description: The update policy for this managed instance group. + properties: + instanceRedistributionType: + description: 'The instance redistribution policy for regional + managed instance groups. Possible values: PROACTIVE, NONE' + type: string + maxSurge: + description: The maximum number of instances that can be created + above the specified targetSize during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + maxUnavailable: + description: The maximum number of instances that can be unavailable + during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + minimalAction: + description: 'Minimal action to be taken on an instance. Possible + values: RESTART, REPLACE' + type: string + type: object + versions: + description: Specifies the instance templates used by this managed + instance group to create instances. + items: + properties: + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The group uses this template to create new + instances in the managed instance group until the targetSize + for this version is reached. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + name: + description: Name of the version. Unique among all versions + in the scope of this managed instance group. + type: string + targetSize: + description: Specifies the intended number of instances to be + created from the instanceTemplate. + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between + 0 to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + type: object + type: array + required: + - baseInstanceName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: 'The creation timestamp for this managed instance group + in RFC3339 text format. ' + format: date-time + type: string + currentActions: + description: 'The list of instance actions and the number of instances + in this managed instance group that are scheduled for each of those + actions. ' + properties: + abandoning: + description: 'The total number of instances in the managed instance + group that are scheduled to be abandoned. Abandoning an instance + removes it from the managed instance group without deleting + it. ' + format: int64 + type: integer + creating: + description: 'The number of instances in the managed instance + group that are scheduled to be created or are currently being + created. If the group fails to create any of these instances, + it tries again until it creates the instance successfully. If + you have disabled creation retries, this field will not be populated; + instead, the creatingWithoutRetries field will be populated. ' + format: int64 + type: integer + creatingWithoutRetries: + description: 'The number of instances that the managed instance + group will attempt to create. The group attempts to create each + instance only once. If the group fails to create any of these + instances, it decreases the group''s targetSize value accordingly. ' + format: int64 + type: integer + deleting: + description: 'The number of instances in the managed instance + group that are scheduled to be deleted or are currently being + deleted. ' + format: int64 + type: integer + none: + description: 'The number of instances in the managed instance + group that are running and have no scheduled actions. ' + format: int64 + type: integer + recreating: + description: 'The number of instances in the managed instance + group that are scheduled to be recreated or are currently being + being recreated. Recreating an instance deletes the existing + root persistent disk and creates a new disk from the image that + is defined in the instance template. ' + format: int64 + type: integer + refreshing: + description: 'The number of instances in the managed instance + group that are being reconfigured with properties that do not + require a restart or a recreate action. For example, setting + or removing target pools for the instance. ' + format: int64 + type: integer + restarting: + description: 'The number of instances in the managed instance + group that are scheduled to be restarted or are currently being + restarted. ' + format: int64 + type: integer + type: object + id: + description: A unique identifier for this resource + format: int64 + type: integer + instanceGroup: + description: The instance group being managed + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + region: + description: The region the managed instance group resides in + type: string + status: + description: The status of this managed instance group. + properties: + autoscalar: + description: The autoscalar that targets this instance group manager + type: string + isStable: + description: A bit indicating whether the managed instance group + is in a stable state. + type: boolean + versionTarget: + description: A status of consistency of Instances' versions with + their target version specified by version field on Instance + Group Manager. + properties: + isReached: + description: A bit indicating whether version target has been + reached in this managed instance group, i.e. all instances + are in their target version. Instances' target version are + specified by version field on Instance Group Manager. + type: boolean + type: object + type: object + updatePolicy: + properties: + maxSurge: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + maxUnavailable: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + type: object + zone: + description: The zone the managed instance group resides. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/crds/compute_v1beta1_computeinstancetemplate.yaml b/crds/compute_v1beta1_computeinstancetemplate.yaml index d5b721ef70..129758a090 100644 --- a/crds/compute_v1beta1_computeinstancetemplate.yaml +++ b/crds/compute_v1beta1_computeinstancetemplate.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeinterconnectattachment.yaml b/crds/compute_v1beta1_computeinterconnectattachment.yaml index 36cbb1c743..d1089661c5 100644 --- a/crds/compute_v1beta1_computeinterconnectattachment.yaml +++ b/crds/compute_v1beta1_computeinterconnectattachment.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computenetwork.yaml b/crds/compute_v1beta1_computenetwork.yaml index 1e1b882f0c..44d26c0b45 100644 --- a/crds/compute_v1beta1_computenetwork.yaml +++ b/crds/compute_v1beta1_computenetwork.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computenetworkendpointgroup.yaml b/crds/compute_v1beta1_computenetworkendpointgroup.yaml index d4eedc9fe5..f318cd57f5 100644 --- a/crds/compute_v1beta1_computenetworkendpointgroup.yaml +++ b/crds/compute_v1beta1_computenetworkendpointgroup.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computenetworkpeering.yaml b/crds/compute_v1beta1_computenetworkpeering.yaml index ca0a9857a3..f78c902c3d 100644 --- a/crds/compute_v1beta1_computenetworkpeering.yaml +++ b/crds/compute_v1beta1_computenetworkpeering.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computenodegroup.yaml b/crds/compute_v1beta1_computenodegroup.yaml index 9c28e5947d..d45414f882 100644 --- a/crds/compute_v1beta1_computenodegroup.yaml +++ b/crds/compute_v1beta1_computenodegroup.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computenodetemplate.yaml b/crds/compute_v1beta1_computenodetemplate.yaml index 3b83134d19..976d130ba2 100644 --- a/crds/compute_v1beta1_computenodetemplate.yaml +++ b/crds/compute_v1beta1_computenodetemplate.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeprojectmetadata.yaml b/crds/compute_v1beta1_computeprojectmetadata.yaml index 893962335a..16235e2af4 100644 --- a/crds/compute_v1beta1_computeprojectmetadata.yaml +++ b/crds/compute_v1beta1_computeprojectmetadata.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computereservation.yaml b/crds/compute_v1beta1_computereservation.yaml index 7d5072c6ee..3180b94fc1 100644 --- a/crds/compute_v1beta1_computereservation.yaml +++ b/crds/compute_v1beta1_computereservation.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeresourcepolicy.yaml b/crds/compute_v1beta1_computeresourcepolicy.yaml index 31f499933a..bb15dd36f5 100644 --- a/crds/compute_v1beta1_computeresourcepolicy.yaml +++ b/crds/compute_v1beta1_computeresourcepolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeroute.yaml b/crds/compute_v1beta1_computeroute.yaml index ad0e8b940e..dc0dc5b299 100644 --- a/crds/compute_v1beta1_computeroute.yaml +++ b/crds/compute_v1beta1_computeroute.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computerouter.yaml b/crds/compute_v1beta1_computerouter.yaml index 4a1fb5e1bb..ad960ae1ce 100644 --- a/crds/compute_v1beta1_computerouter.yaml +++ b/crds/compute_v1beta1_computerouter.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computerouterinterface.yaml b/crds/compute_v1beta1_computerouterinterface.yaml index 83699f2ca5..f586ae48d7 100644 --- a/crds/compute_v1beta1_computerouterinterface.yaml +++ b/crds/compute_v1beta1_computerouterinterface.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computerouternat.yaml b/crds/compute_v1beta1_computerouternat.yaml index e501cc6183..e71d36d1cd 100644 --- a/crds/compute_v1beta1_computerouternat.yaml +++ b/crds/compute_v1beta1_computerouternat.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computerouterpeer.yaml b/crds/compute_v1beta1_computerouterpeer.yaml index 70f068eadd..b622399ca8 100644 --- a/crds/compute_v1beta1_computerouterpeer.yaml +++ b/crds/compute_v1beta1_computerouterpeer.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesecuritypolicy.yaml b/crds/compute_v1beta1_computesecuritypolicy.yaml index 346f469609..fbe65505e5 100644 --- a/crds/compute_v1beta1_computesecuritypolicy.yaml +++ b/crds/compute_v1beta1_computesecuritypolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesharedvpchostproject.yaml b/crds/compute_v1beta1_computesharedvpchostproject.yaml index 909f8dbec2..b6dd798e0c 100644 --- a/crds/compute_v1beta1_computesharedvpchostproject.yaml +++ b/crds/compute_v1beta1_computesharedvpchostproject.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesharedvpcserviceproject.yaml b/crds/compute_v1beta1_computesharedvpcserviceproject.yaml index 78a8cca334..d3af153c27 100644 --- a/crds/compute_v1beta1_computesharedvpcserviceproject.yaml +++ b/crds/compute_v1beta1_computesharedvpcserviceproject.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesnapshot.yaml b/crds/compute_v1beta1_computesnapshot.yaml index 656e85a482..854bcf9f25 100644 --- a/crds/compute_v1beta1_computesnapshot.yaml +++ b/crds/compute_v1beta1_computesnapshot.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesslcertificate.yaml b/crds/compute_v1beta1_computesslcertificate.yaml index 33870f81f7..f5fb058315 100644 --- a/crds/compute_v1beta1_computesslcertificate.yaml +++ b/crds/compute_v1beta1_computesslcertificate.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesslpolicy.yaml b/crds/compute_v1beta1_computesslpolicy.yaml index f6910051e0..7167650f8a 100644 --- a/crds/compute_v1beta1_computesslpolicy.yaml +++ b/crds/compute_v1beta1_computesslpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computesubnetwork.yaml b/crds/compute_v1beta1_computesubnetwork.yaml index 1aee52a297..8b8b3dc71e 100644 --- a/crds/compute_v1beta1_computesubnetwork.yaml +++ b/crds/compute_v1beta1_computesubnetwork.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargetgrpcproxy.yaml b/crds/compute_v1beta1_computetargetgrpcproxy.yaml index 1843226475..0f676463ca 100644 --- a/crds/compute_v1beta1_computetargetgrpcproxy.yaml +++ b/crds/compute_v1beta1_computetargetgrpcproxy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargethttpproxy.yaml b/crds/compute_v1beta1_computetargethttpproxy.yaml index 9b7ea231ad..67b09bfada 100644 --- a/crds/compute_v1beta1_computetargethttpproxy.yaml +++ b/crds/compute_v1beta1_computetargethttpproxy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargethttpsproxy.yaml b/crds/compute_v1beta1_computetargethttpsproxy.yaml index e11a424717..2af12f3ca7 100644 --- a/crds/compute_v1beta1_computetargethttpsproxy.yaml +++ b/crds/compute_v1beta1_computetargethttpsproxy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargetinstance.yaml b/crds/compute_v1beta1_computetargetinstance.yaml index f5b3cb69d8..a61deae79e 100644 --- a/crds/compute_v1beta1_computetargetinstance.yaml +++ b/crds/compute_v1beta1_computetargetinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargetpool.yaml b/crds/compute_v1beta1_computetargetpool.yaml index 25ec81d630..cd1abb5161 100644 --- a/crds/compute_v1beta1_computetargetpool.yaml +++ b/crds/compute_v1beta1_computetargetpool.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargetsslproxy.yaml b/crds/compute_v1beta1_computetargetsslproxy.yaml index db2a38ac9d..853ff61561 100644 --- a/crds/compute_v1beta1_computetargetsslproxy.yaml +++ b/crds/compute_v1beta1_computetargetsslproxy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargettcpproxy.yaml b/crds/compute_v1beta1_computetargettcpproxy.yaml index 39215786bd..dada26f6bd 100644 --- a/crds/compute_v1beta1_computetargettcpproxy.yaml +++ b/crds/compute_v1beta1_computetargettcpproxy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computetargetvpngateway.yaml b/crds/compute_v1beta1_computetargetvpngateway.yaml index d678638551..4c7bdb0c9d 100644 --- a/crds/compute_v1beta1_computetargetvpngateway.yaml +++ b/crds/compute_v1beta1_computetargetvpngateway.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computeurlmap.yaml b/crds/compute_v1beta1_computeurlmap.yaml index e2c827535f..3b0cba553a 100644 --- a/crds/compute_v1beta1_computeurlmap.yaml +++ b/crds/compute_v1beta1_computeurlmap.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computevpngateway.yaml b/crds/compute_v1beta1_computevpngateway.yaml index f0c615d384..358ab6caaf 100644 --- a/crds/compute_v1beta1_computevpngateway.yaml +++ b/crds/compute_v1beta1_computevpngateway.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/compute_v1beta1_computevpntunnel.yaml b/crds/compute_v1beta1_computevpntunnel.yaml index cd7b4eaf54..137c7464f5 100644 --- a/crds/compute_v1beta1_computevpntunnel.yaml +++ b/crds/compute_v1beta1_computevpntunnel.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/container_v1beta1_containercluster.yaml b/crds/container_v1beta1_containercluster.yaml index 0fe866520d..5904c04d46 100644 --- a/crds/container_v1beta1_containercluster.yaml +++ b/crds/container_v1beta1_containercluster.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/container_v1beta1_containernodepool.yaml b/crds/container_v1beta1_containernodepool.yaml index f0d609569e..13b402b391 100644 --- a/crds/container_v1beta1_containernodepool.yaml +++ b/crds/container_v1beta1_containernodepool.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/containeranalysis_v1beta1_containeranalysisnote.yaml b/crds/containeranalysis_v1beta1_containeranalysisnote.yaml index 9bc4bb0ab2..d4613d1dce 100644 --- a/crds/containeranalysis_v1beta1_containeranalysisnote.yaml +++ b/crds/containeranalysis_v1beta1_containeranalysisnote.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/dataflow_v1beta1_dataflowflextemplatejob.yaml b/crds/dataflow_v1beta1_dataflowflextemplatejob.yaml index 1ca2e1ec34..eb2fc14052 100644 --- a/crds/dataflow_v1beta1_dataflowflextemplatejob.yaml +++ b/crds/dataflow_v1beta1_dataflowflextemplatejob.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/dataflow_v1beta1_dataflowjob.yaml b/crds/dataflow_v1beta1_dataflowjob.yaml index 3335990d98..54473541c3 100644 --- a/crds/dataflow_v1beta1_dataflowjob.yaml +++ b/crds/dataflow_v1beta1_dataflowjob.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/datafusion_v1beta1_datafusioninstance.yaml b/crds/datafusion_v1beta1_datafusioninstance.yaml index 6072033d42..1eb45473fa 100644 --- a/crds/datafusion_v1beta1_datafusioninstance.yaml +++ b/crds/datafusion_v1beta1_datafusioninstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/dataproc_v1beta1_dataprocautoscalingpolicy.yaml b/crds/dataproc_v1beta1_dataprocautoscalingpolicy.yaml index 470af88539..462ab7fbc8 100644 --- a/crds/dataproc_v1beta1_dataprocautoscalingpolicy.yaml +++ b/crds/dataproc_v1beta1_dataprocautoscalingpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/dataproc_v1beta1_dataproccluster.yaml b/crds/dataproc_v1beta1_dataproccluster.yaml index 77261568a8..2a7700b1d8 100644 --- a/crds/dataproc_v1beta1_dataproccluster.yaml +++ b/crds/dataproc_v1beta1_dataproccluster.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/dataproc_v1beta1_dataprocworkflowtemplate.yaml b/crds/dataproc_v1beta1_dataprocworkflowtemplate.yaml index 31eeaafb6a..ac198e7f7b 100644 --- a/crds/dataproc_v1beta1_dataprocworkflowtemplate.yaml +++ b/crds/dataproc_v1beta1_dataprocworkflowtemplate.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/dns_v1beta1_dnsmanagedzone.yaml b/crds/dns_v1beta1_dnsmanagedzone.yaml index 99b8e22da7..f2cebeb2c1 100644 --- a/crds/dns_v1beta1_dnsmanagedzone.yaml +++ b/crds/dns_v1beta1_dnsmanagedzone.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/dns_v1beta1_dnspolicy.yaml b/crds/dns_v1beta1_dnspolicy.yaml index 8979100570..028bb5bfdc 100644 --- a/crds/dns_v1beta1_dnspolicy.yaml +++ b/crds/dns_v1beta1_dnspolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/dns_v1beta1_dnsrecordset.yaml b/crds/dns_v1beta1_dnsrecordset.yaml index 54280883d2..f0c507b768 100644 --- a/crds/dns_v1beta1_dnsrecordset.yaml +++ b/crds/dns_v1beta1_dnsrecordset.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/firestore_v1beta1_firestoreindex.yaml b/crds/firestore_v1beta1_firestoreindex.yaml index a21fc1b4a4..255de9fcca 100644 --- a/crds/firestore_v1beta1_firestoreindex.yaml +++ b/crds/firestore_v1beta1_firestoreindex.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/gameservices_v1beta1_gameservicesrealm.yaml b/crds/gameservices_v1beta1_gameservicesrealm.yaml index fb8a658dbc..c5058f0ded 100644 --- a/crds/gameservices_v1beta1_gameservicesrealm.yaml +++ b/crds/gameservices_v1beta1_gameservicesrealm.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/gkehub_v1beta1_gkehubfeature.yaml b/crds/gkehub_v1beta1_gkehubfeature.yaml index e1b7cfa502..ce79de8ed5 100644 --- a/crds/gkehub_v1beta1_gkehubfeature.yaml +++ b/crds/gkehub_v1beta1_gkehubfeature.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/gkehub_v1beta1_gkehubmembership.yaml b/crds/gkehub_v1beta1_gkehubmembership.yaml index d7c4b9bf46..edbbb741e0 100644 --- a/crds/gkehub_v1beta1_gkehubmembership.yaml +++ b/crds/gkehub_v1beta1_gkehubmembership.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/iam_v1beta1_iamauditconfig.yaml b/crds/iam_v1beta1_iamauditconfig.yaml index c718861217..ee69f3a515 100644 --- a/crds/iam_v1beta1_iamauditconfig.yaml +++ b/crds/iam_v1beta1_iamauditconfig.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iamcustomrole.yaml b/crds/iam_v1beta1_iamcustomrole.yaml index e9ce61f5be..69aae84270 100644 --- a/crds/iam_v1beta1_iamcustomrole.yaml +++ b/crds/iam_v1beta1_iamcustomrole.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iampartialpolicy.yaml b/crds/iam_v1beta1_iampartialpolicy.yaml index fc6844e56f..12e9e21732 100644 --- a/crds/iam_v1beta1_iampartialpolicy.yaml +++ b/crds/iam_v1beta1_iampartialpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iampolicy.yaml b/crds/iam_v1beta1_iampolicy.yaml index 31c5233e48..5a12179a4d 100644 --- a/crds/iam_v1beta1_iampolicy.yaml +++ b/crds/iam_v1beta1_iampolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iampolicymember.yaml b/crds/iam_v1beta1_iampolicymember.yaml index 389f12e8be..cf006ef1a5 100644 --- a/crds/iam_v1beta1_iampolicymember.yaml +++ b/crds/iam_v1beta1_iampolicymember.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iamserviceaccount.yaml b/crds/iam_v1beta1_iamserviceaccount.yaml index 33331f2be2..08422d22f2 100644 --- a/crds/iam_v1beta1_iamserviceaccount.yaml +++ b/crds/iam_v1beta1_iamserviceaccount.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iam_v1beta1_iamserviceaccountkey.yaml b/crds/iam_v1beta1_iamserviceaccountkey.yaml index 1dceb498b3..5a2e6102b3 100644 --- a/crds/iam_v1beta1_iamserviceaccountkey.yaml +++ b/crds/iam_v1beta1_iamserviceaccountkey.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/iap_v1beta1_iapbrand.yaml b/crds/iap_v1beta1_iapbrand.yaml index 77c8b337ae..58e3908095 100644 --- a/crds/iap_v1beta1_iapbrand.yaml +++ b/crds/iap_v1beta1_iapbrand.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/iap_v1beta1_iapidentityawareproxyclient.yaml b/crds/iap_v1beta1_iapidentityawareproxyclient.yaml index 15f3118c86..e06bc3e289 100644 --- a/crds/iap_v1beta1_iapidentityawareproxyclient.yaml +++ b/crds/iap_v1beta1_iapidentityawareproxyclient.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/identityplatform_v1beta1_identityplatformoauthidpconfig.yaml b/crds/identityplatform_v1beta1_identityplatformoauthidpconfig.yaml index aac682c658..67ce8890b0 100644 --- a/crds/identityplatform_v1beta1_identityplatformoauthidpconfig.yaml +++ b/crds/identityplatform_v1beta1_identityplatformoauthidpconfig.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/identityplatform_v1beta1_identityplatformtenant.yaml b/crds/identityplatform_v1beta1_identityplatformtenant.yaml index 16fc609438..7837dba0b0 100644 --- a/crds/identityplatform_v1beta1_identityplatformtenant.yaml +++ b/crds/identityplatform_v1beta1_identityplatformtenant.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/identityplatform_v1beta1_identityplatformtenantoauthidpconfig.yaml b/crds/identityplatform_v1beta1_identityplatformtenantoauthidpconfig.yaml index 2018337487..5c1c0bd03f 100644 --- a/crds/identityplatform_v1beta1_identityplatformtenantoauthidpconfig.yaml +++ b/crds/identityplatform_v1beta1_identityplatformtenantoauthidpconfig.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/kms_v1beta1_kmscryptokey.yaml b/crds/kms_v1beta1_kmscryptokey.yaml index cd910dd11b..c0402af42f 100644 --- a/crds/kms_v1beta1_kmscryptokey.yaml +++ b/crds/kms_v1beta1_kmscryptokey.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/kms_v1beta1_kmskeyring.yaml b/crds/kms_v1beta1_kmskeyring.yaml index aaf47f2b5a..3505b9f728 100644 --- a/crds/kms_v1beta1_kmskeyring.yaml +++ b/crds/kms_v1beta1_kmskeyring.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/logging_v1beta1_logginglogexclusion.yaml b/crds/logging_v1beta1_logginglogexclusion.yaml index dc3f364ac4..7bda2c267d 100644 --- a/crds/logging_v1beta1_logginglogexclusion.yaml +++ b/crds/logging_v1beta1_logginglogexclusion.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/logging_v1beta1_logginglogsink.yaml b/crds/logging_v1beta1_logginglogsink.yaml index 15fb400411..18637fec24 100644 --- a/crds/logging_v1beta1_logginglogsink.yaml +++ b/crds/logging_v1beta1_logginglogsink.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/memcache_v1beta1_memcacheinstance.yaml b/crds/memcache_v1beta1_memcacheinstance.yaml index e844acf894..4e977b4af1 100644 --- a/crds/memcache_v1beta1_memcacheinstance.yaml +++ b/crds/memcache_v1beta1_memcacheinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/monitoring_v1beta1_monitoringalertpolicy.yaml b/crds/monitoring_v1beta1_monitoringalertpolicy.yaml index 7e3d31d464..18f7316738 100644 --- a/crds/monitoring_v1beta1_monitoringalertpolicy.yaml +++ b/crds/monitoring_v1beta1_monitoringalertpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/monitoring_v1beta1_monitoringdashboard.yaml b/crds/monitoring_v1beta1_monitoringdashboard.yaml index 09080cdb0f..0c39ef0268 100644 --- a/crds/monitoring_v1beta1_monitoringdashboard.yaml +++ b/crds/monitoring_v1beta1_monitoringdashboard.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/monitoring_v1beta1_monitoringgroup.yaml b/crds/monitoring_v1beta1_monitoringgroup.yaml index df1e9ed6fe..130e370381 100644 --- a/crds/monitoring_v1beta1_monitoringgroup.yaml +++ b/crds/monitoring_v1beta1_monitoringgroup.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/monitoring_v1beta1_monitoringnotificationchannel.yaml b/crds/monitoring_v1beta1_monitoringnotificationchannel.yaml index c88e402b0f..9886fc2b90 100644 --- a/crds/monitoring_v1beta1_monitoringnotificationchannel.yaml +++ b/crds/monitoring_v1beta1_monitoringnotificationchannel.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/networksecurity_v1beta1_networksecurityauthorizationpolicy.yaml b/crds/networksecurity_v1beta1_networksecurityauthorizationpolicy.yaml index 57587e12e3..cb0fcb7155 100644 --- a/crds/networksecurity_v1beta1_networksecurityauthorizationpolicy.yaml +++ b/crds/networksecurity_v1beta1_networksecurityauthorizationpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/networksecurity_v1beta1_networksecurityclienttlspolicy.yaml b/crds/networksecurity_v1beta1_networksecurityclienttlspolicy.yaml index bc815df31b..56ef8bac89 100644 --- a/crds/networksecurity_v1beta1_networksecurityclienttlspolicy.yaml +++ b/crds/networksecurity_v1beta1_networksecurityclienttlspolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/networksecurity_v1beta1_networksecurityservertlspolicy.yaml b/crds/networksecurity_v1beta1_networksecurityservertlspolicy.yaml index d96ffe7922..562571cd46 100644 --- a/crds/networksecurity_v1beta1_networksecurityservertlspolicy.yaml +++ b/crds/networksecurity_v1beta1_networksecurityservertlspolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/networkservices_v1beta1_networkservicesendpointpolicy.yaml b/crds/networkservices_v1beta1_networkservicesendpointpolicy.yaml index 7506184afa..643cfdbadb 100644 --- a/crds/networkservices_v1beta1_networkservicesendpointpolicy.yaml +++ b/crds/networkservices_v1beta1_networkservicesendpointpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/osconfig_v1beta1_osconfigguestpolicy.yaml b/crds/osconfig_v1beta1_osconfigguestpolicy.yaml index 7fdcea9fc7..c611c95e35 100644 --- a/crds/osconfig_v1beta1_osconfigguestpolicy.yaml +++ b/crds/osconfig_v1beta1_osconfigguestpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" diff --git a/crds/pubsub_v1beta1_pubsubsubscription.yaml b/crds/pubsub_v1beta1_pubsubsubscription.yaml index cc6a1827c4..93a1725990 100644 --- a/crds/pubsub_v1beta1_pubsubsubscription.yaml +++ b/crds/pubsub_v1beta1_pubsubsubscription.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/pubsub_v1beta1_pubsubtopic.yaml b/crds/pubsub_v1beta1_pubsubtopic.yaml index 1190a8fc24..762363d49c 100644 --- a/crds/pubsub_v1beta1_pubsubtopic.yaml +++ b/crds/pubsub_v1beta1_pubsubtopic.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/redis_v1beta1_redisinstance.yaml b/crds/redis_v1beta1_redisinstance.yaml index c15caaae5d..7c1a5dc5b5 100644 --- a/crds/redis_v1beta1_redisinstance.yaml +++ b/crds/redis_v1beta1_redisinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/resourcemanager_v1beta1_folder.yaml b/crds/resourcemanager_v1beta1_folder.yaml index 5f3c9e0903..19e62feb43 100644 --- a/crds/resourcemanager_v1beta1_folder.yaml +++ b/crds/resourcemanager_v1beta1_folder.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/resourcemanager_v1beta1_project.yaml b/crds/resourcemanager_v1beta1_project.yaml index 980bb580fb..d8b8b42e46 100644 --- a/crds/resourcemanager_v1beta1_project.yaml +++ b/crds/resourcemanager_v1beta1_project.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/resourcemanager_v1beta1_resourcemanagerlien.yaml b/crds/resourcemanager_v1beta1_resourcemanagerlien.yaml index 36bb2b75c8..c066e41eba 100644 --- a/crds/resourcemanager_v1beta1_resourcemanagerlien.yaml +++ b/crds/resourcemanager_v1beta1_resourcemanagerlien.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/resourcemanager_v1beta1_resourcemanagerpolicy.yaml b/crds/resourcemanager_v1beta1_resourcemanagerpolicy.yaml index fef3ca9ffa..272c048aaa 100644 --- a/crds/resourcemanager_v1beta1_resourcemanagerpolicy.yaml +++ b/crds/resourcemanager_v1beta1_resourcemanagerpolicy.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/secretmanager_v1beta1_secretmanagersecret.yaml b/crds/secretmanager_v1beta1_secretmanagersecret.yaml index 93b0a5d38d..1042b6655f 100644 --- a/crds/secretmanager_v1beta1_secretmanagersecret.yaml +++ b/crds/secretmanager_v1beta1_secretmanagersecret.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -70,6 +70,11 @@ spec: type: object spec: properties: + expireTime: + description: |- + Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string replication: description: |- Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed @@ -141,6 +146,59 @@ spec: for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + rotation: + description: The rotation time and period for a Secret. At 'next_rotation_time', + Secret Manager will send a Pub/Sub notification to the topics configured + on the Secret. 'topics' must be set to configure rotation. + properties: + nextRotationTime: + description: |- + Timestamp in UTC at which the Secret is scheduled to rotate. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string + rotationPeriod: + description: |- + Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). + If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + type: string + type: object + topics: + items: + description: |- + A list of up to 10 Pub/Sub topics to which messages are + published when control plane operations are called on the secret + or its versions. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The name of a PubSubTopic. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + ttl: + description: |- + Immutable. The TTL for the Secret. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + type: string required: - replication type: object diff --git a/crds/secretmanager_v1beta1_secretmanagersecretversion.yaml b/crds/secretmanager_v1beta1_secretmanagersecretversion.yaml index 29423f15fa..73b82a16dc 100644 --- a/crds/secretmanager_v1beta1_secretmanagersecretversion.yaml +++ b/crds/secretmanager_v1beta1_secretmanagersecretversion.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/servicenetworking_v1beta1_servicenetworkingconnection.yaml b/crds/servicenetworking_v1beta1_servicenetworkingconnection.yaml index 88a3404a25..1c2aaf464b 100644 --- a/crds/servicenetworking_v1beta1_servicenetworkingconnection.yaml +++ b/crds/servicenetworking_v1beta1_servicenetworkingconnection.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/serviceusage_v1beta1_service.yaml b/crds/serviceusage_v1beta1_service.yaml index cb150b59f8..37db286aa1 100644 --- a/crds/serviceusage_v1beta1_service.yaml +++ b/crds/serviceusage_v1beta1_service.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/sourcerepo_v1beta1_sourcereporepository.yaml b/crds/sourcerepo_v1beta1_sourcereporepository.yaml index 88db79cc78..b40a705f03 100644 --- a/crds/sourcerepo_v1beta1_sourcereporepository.yaml +++ b/crds/sourcerepo_v1beta1_sourcereporepository.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/spanner_v1beta1_spannerdatabase.yaml b/crds/spanner_v1beta1_spannerdatabase.yaml index 84bbd317ce..24040de9dd 100644 --- a/crds/spanner_v1beta1_spannerdatabase.yaml +++ b/crds/spanner_v1beta1_spannerdatabase.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/spanner_v1beta1_spannerinstance.yaml b/crds/spanner_v1beta1_spannerinstance.yaml index a39612f349..a9bb305b8e 100644 --- a/crds/spanner_v1beta1_spannerinstance.yaml +++ b/crds/spanner_v1beta1_spannerinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73,7 +73,7 @@ spec: config: description: |- Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines defines the geographic placement and + quite the same as a region) which defines the geographic placement and replication of your databases in this instance. It determines where your data is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. In order to obtain a valid list please consult the diff --git a/crds/sql_v1beta1_sqldatabase.yaml b/crds/sql_v1beta1_sqldatabase.yaml index 29ffa4e5c6..2e3b8781e1 100644 --- a/crds/sql_v1beta1_sqldatabase.yaml +++ b/crds/sql_v1beta1_sqldatabase.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/sql_v1beta1_sqlinstance.yaml b/crds/sql_v1beta1_sqlinstance.yaml index b11db54993..2d947df84c 100644 --- a/crds/sql_v1beta1_sqlinstance.yaml +++ b/crds/sql_v1beta1_sqlinstance.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/sql_v1beta1_sqlsslcert.yaml b/crds/sql_v1beta1_sqlsslcert.yaml index c3f6e8acb9..16fa551aa0 100644 --- a/crds/sql_v1beta1_sqlsslcert.yaml +++ b/crds/sql_v1beta1_sqlsslcert.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/sql_v1beta1_sqluser.yaml b/crds/sql_v1beta1_sqluser.yaml index a83cab165a..748878236b 100644 --- a/crds/sql_v1beta1_sqluser.yaml +++ b/crds/sql_v1beta1_sqluser.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/storage_v1beta1_storagebucket.yaml b/crds/storage_v1beta1_storagebucket.yaml index 3dd9514831..ea43a3ea35 100644 --- a/crds/storage_v1beta1_storagebucket.yaml +++ b/crds/storage_v1beta1_storagebucket.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/storage_v1beta1_storagebucketaccesscontrol.yaml b/crds/storage_v1beta1_storagebucketaccesscontrol.yaml index 1b72f17023..03e9edaed1 100644 --- a/crds/storage_v1beta1_storagebucketaccesscontrol.yaml +++ b/crds/storage_v1beta1_storagebucketaccesscontrol.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/storage_v1beta1_storagedefaultobjectaccesscontrol.yaml b/crds/storage_v1beta1_storagedefaultobjectaccesscontrol.yaml index efef3af4d0..ce1f672b97 100644 --- a/crds/storage_v1beta1_storagedefaultobjectaccesscontrol.yaml +++ b/crds/storage_v1beta1_storagedefaultobjectaccesscontrol.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/storage_v1beta1_storagenotification.yaml b/crds/storage_v1beta1_storagenotification.yaml index d5d1227a96..ff0759c778 100644 --- a/crds/storage_v1beta1_storagenotification.yaml +++ b/crds/storage_v1beta1_storagenotification.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/crds/storagetransfer_v1beta1_storagetransferjob.yaml b/crds/storagetransfer_v1beta1_storagetransferjob.yaml index e69322152e..bf3da41cc6 100644 --- a/crds/storagetransfer_v1beta1_storagetransferjob.yaml +++ b/crds/storagetransfer_v1beta1_storagetransferjob.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/install-bundles/install-bundle-gcp-identity/0-cnrm-system.yaml b/install-bundles/install-bundle-gcp-identity/0-cnrm-system.yaml index 2036f99d7c..3bfc6fe114 100644 --- a/install-bundles/install-bundle-gcp-identity/0-cnrm-system.yaml +++ b/install-bundles/install-bundle-gcp-identity/0-cnrm-system.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -25,7 +25,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-controller-manager @@ -35,7 +35,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -45,7 +45,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -55,7 +55,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -65,7 +65,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -86,7 +86,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -107,10 +107,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" name: cnrm-admin rules: - apiGroups: @@ -168,7 +170,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -218,7 +220,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -276,7 +278,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -301,7 +303,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -331,10 +333,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" name: cnrm-viewer rules: - apiGroups: @@ -388,7 +391,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -451,7 +454,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -469,7 +472,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -487,7 +490,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -510,7 +513,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -527,7 +530,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -544,7 +547,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -561,7 +564,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -578,7 +581,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -595,7 +598,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -612,7 +615,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -634,7 +637,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -655,7 +658,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -673,7 +676,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -686,8 +689,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.55.0 - image: gcr.io/cnrm-eap/recorder:bd09e79 + value: 1.56.0 + image: gcr.io/cnrm-eap/recorder:0f00e5f imagePullPolicy: Always name: recorder ports: @@ -719,7 +722,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -734,7 +737,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -749,7 +752,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cnrm-eap/webhook:bd09e79 + image: gcr.io/cnrm-eap/webhook:0f00e5f imagePullPolicy: Always name: webhook ports: @@ -777,7 +780,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -792,7 +795,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -806,7 +809,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/cnrm-eap/controller:bd09e79 + image: gcr.io/cnrm-eap/controller:0f00e5f imagePullPolicy: Always name: manager ports: @@ -841,7 +844,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -856,7 +859,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -866,7 +869,7 @@ spec: - --stderrthreshold=INFO command: - /configconnector/deletiondefender - image: gcr.io/cnrm-eap/deletiondefender:bd09e79 + image: gcr.io/cnrm-eap/deletiondefender:0f00e5f imagePullPolicy: Always name: deletiondefender ports: @@ -894,7 +897,7 @@ apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/install-bundles/install-bundle-gcp-identity/crds.yaml b/install-bundles/install-bundle-gcp-identity/crds.yaml index 34055f1008..2318da0161 100644 --- a/install-bundles/install-bundle-gcp-identity/crds.yaml +++ b/install-bundles/install-bundle-gcp-identity/crds.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -395,7 +395,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -524,7 +524,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1673,7 +1673,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1842,7 +1842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2161,7 +2161,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2974,7 +2974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3408,7 +3408,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3576,7 +3576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3778,7 +3778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3841,6 +3841,38 @@ spec: clusterId: description: The ID of the Cloud Bigtable cluster. type: string + kmsKeyRef: + description: |- + Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable + cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains + this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key. + 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. + 3) All clusters within an instance must use the same CMEK key access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a KMSCryptoKey. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object numNodes: description: The number of nodes in your Cloud Bigtable cluster. For PRODUCTION instances where the numNodes will be managed @@ -3939,7 +3971,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4099,7 +4131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -4364,7 +4396,426 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: binaryauthorizationpolicies.binaryauthorization.cnrm.cloud.google.com +spec: + group: binaryauthorization.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BinaryAuthorizationPolicy + plural: binaryauthorizationpolicies + shortNames: + - gcpbinaryauthorizationpolicy + - gcpbinaryauthorizationpolicies + singular: binaryauthorizationpolicy + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + admissionWhitelistPatterns: + description: Optional. Admission policy allowlisting. A matching admission + request will always be permitted. This feature is typically used + to exclude Google or third-party infrastructure images from Binary + Authorization policies. + items: + properties: + namePattern: + description: An image name pattern to allowlist, in the form + `registry/path/to/image`. This supports a trailing `*` as + a wildcard, but this is allowed only in text after the `registry/` + part. + type: string + type: object + type: array + clusterAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-cluster admission rules. Cluster spec + format: location.clusterId. There can be at most one admission rule + per cluster spec. A location is either a compute zone (e.g. us-central1-a) + or a region (e.g. us-central1). For clusterId syntax restrictions + see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.' + type: object + defaultAdmissionRule: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: + description: Optional. A descriptive comment. + type: string + globalPolicyEvaluationMode: + description: 'Optional. Controls the evaluation of a Google-maintained + global admission policy for common system-level images. Images not + covered by the global policy will be subject to the project admission + policy. This setting has no effect when specified inside a global + admission policy. Possible values: GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, + ENABLE, DISABLE' + type: string + istioServiceIdentityAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-istio-service-identity admission rules. + Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default' + type: object + kubernetesNamespaceAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-namespace admission rules. + K8s namespace spec format: [a-z.-]+, e.g. ''some-namespace''' + type: object + kubernetesServiceAccountAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-service-account admission rules. + Service account spec format: namespace:serviceaccount. e.g. ''test-ns:default''' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - defaultAdmissionRule + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + description: Output only. The resource name, in the format `projects/*/policy`. + There is at most one policy per project. + type: string + updateTime: + description: Output only. Time when the policy was last updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5192,7 +5643,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5286,7 +5737,7 @@ spec: type: object initialGroupConfig: description: |- - The initial configuration options for creating a Group. + Immutable. The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) @@ -5385,7 +5836,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -5881,7 +6332,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6127,7 +6578,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6351,7 +6802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7295,7 +7746,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7900,7 +8351,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8045,7 +8496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8418,7 +8869,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9045,7 +9496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9508,7 +9959,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9668,7 +10119,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9747,7 +10198,7 @@ spec: port: description: |- The TCP port number for the HTTPS health check request. - The default value is 80. + The default value is 443. type: integer requestPath: description: |- @@ -9828,282 +10279,793 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: computeimages.compute.cnrm.cloud.google.com -spec: - group: compute.cnrm.cloud.google.com - names: - categories: - - gcp - kind: ComputeImage - plural: computeimages - shortNames: - - gcpcomputeimage - - gcpcomputeimages - singular: computeimage - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - description: - description: |- - Immutable. An optional description of this resource. Provide this property when - you create the resource. - type: string - diskRef: - description: |- - The source disk to create this image based on. - You must provide either this property or the - rawDisk.source property but not both to create an image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeDisk. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - diskSizeGb: - description: Immutable. Size of the image when restored onto a persistent - disk (in GB). - type: integer - family: - description: |- - Immutable. The name of the image family to which this image belongs. You can - create disks by specifying an image family instead of a specific - image name. The image family always returns its latest image that is - not deprecated. The name of the image family must comply with - RFC1035. - type: string - guestOsFeatures: - description: |- - Immutable. A list of features to enable on the guest operating system. - Applicable only for bootable images. - items: - properties: - type: - description: 'Immutable. The type of supported feature. Read - [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) - to see a list of available options. Possible values: ["MULTI_IP_SUBNET", - "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", - "WINDOWS", "GVNIC"]' - type: string - required: - - type - type: object - type: array - licenses: - description: Immutable. Any applicable license URI. - items: - type: string - type: array - rawDisk: - description: Immutable. The parameters of the raw disk image. - properties: - containerType: - description: |- - Immutable. The format used to encode and transmit the block device, which - should be TAR. This is just a container and transmission format - and not a runtime format. Provided by the client when the disk - image is created. Default value: "TAR" Possible values: ["TAR"] - type: string - sha1: - description: |- - Immutable. An optional SHA1 checksum of the disk image before unpackaging. - This is provided by the client when the disk image is created. - type: string - source: - description: |- - Immutable. The full Google Cloud Storage URL where disk storage is stored - You must provide either this property or the sourceDisk property - but not both. - type: string - required: - - source - type: object - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - sourceImageRef: - description: The source image used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeImage. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - sourceSnapshotRef: - description: The source snapshot used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeSnapshot. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - status: - properties: - archiveSizeBytes: - description: |- - Size of the image tar.gz archive stored in Google Cloud Storage (in - bytes). - type: integer - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - creationTimestamp: - description: Creation timestamp in RFC3339 text format. - type: string - labelFingerprint: - description: |- - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - selfLink: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: computeimages.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeImage + plural: computeimages + shortNames: + - gcpcomputeimage + - gcpcomputeimages + singular: computeimage + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + description: + description: |- + Immutable. An optional description of this resource. Provide this property when + you create the resource. + type: string + diskRef: + description: |- + The source disk to create this image based on. + You must provide either this property or the + rawDisk.source property but not both to create an image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeDisk. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + diskSizeGb: + description: Immutable. Size of the image when restored onto a persistent + disk (in GB). + type: integer + family: + description: |- + Immutable. The name of the image family to which this image belongs. You can + create disks by specifying an image family instead of a specific + image name. The image family always returns its latest image that is + not deprecated. The name of the image family must comply with + RFC1035. + type: string + guestOsFeatures: + description: |- + Immutable. A list of features to enable on the guest operating system. + Applicable only for bootable images. + items: + properties: + type: + description: 'Immutable. The type of supported feature. Read + [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) + to see a list of available options. Possible values: ["MULTI_IP_SUBNET", + "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", + "WINDOWS", "GVNIC"]' + type: string + required: + - type + type: object + type: array + licenses: + description: Immutable. Any applicable license URI. + items: + type: string + type: array + rawDisk: + description: Immutable. The parameters of the raw disk image. + properties: + containerType: + description: |- + Immutable. The format used to encode and transmit the block device, which + should be TAR. This is just a container and transmission format + and not a runtime format. Provided by the client when the disk + image is created. Default value: "TAR" Possible values: ["TAR"] + type: string + sha1: + description: |- + Immutable. An optional SHA1 checksum of the disk image before unpackaging. + This is provided by the client when the disk image is created. + type: string + source: + description: |- + Immutable. The full Google Cloud Storage URL where disk storage is stored + You must provide either this property or the sourceDisk property + but not both. + type: string + required: + - source + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + sourceImageRef: + description: The source image used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeImage. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + sourceSnapshotRef: + description: The source snapshot used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeSnapshot. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + status: + properties: + archiveSizeBytes: + description: |- + Size of the image tar.gz archive stored in Google Cloud Storage (in + bytes). + type: integer + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: Creation timestamp in RFC3339 text format. + type: string + labelFingerprint: + description: |- + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: computeinstancegroupmanagers.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeInstanceGroupManager + plural: computeinstancegroupmanagers + shortNames: + - gcpcomputeinstancegroupmanager + - gcpcomputeinstancegroupmanagers + singular: computeinstancegroupmanager + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + autoHealingPolicies: + description: The autohealing policy for this managed instance group. + items: + properties: + healthCheckRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The healthcheck that signals autohealing + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + initialDelaySec: + description: The number of seconds that the managed instance + group waits before it applies autohealing policies to new + instances or recently recreated instances. + format: int64 + type: integer + type: object + type: array + baseInstanceName: + description: 'The base instance name to use for instances in this + group. The value must be 1-58 characters long. Instances are named + by appending a hyphen and a random four-character string to the + base instance name. The base instance name must comply with RFC1035. ' + type: string + description: + description: 'An optional description of this resource. Provide this + property when you create the resource. ' + type: string + distributionPolicy: + description: Policy specifying intended distribution of instances + in regional managed instance group. + properties: + zones: + description: Zones where the regional managed instance group will + create and manage instances. + items: + properties: + zone: + description: The URL of the zone. The zone must exist in + the region where the managed instance group is located. + type: string + type: object + type: array + type: object + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'The instance template that is specified for this + managed instance group. The group uses this template to create + all new instances in the managed instance group. ' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + location: + description: The location of this resource. + type: string + namedPorts: + description: Named ports configured for the Instance Groups complementary + to this Instance Group Manager. + items: + properties: + name: + description: 'The name for this named port. The name must be + 1-63 characters long, and comply with RFC1035. ' + type: string + port: + description: The port number, which can be a value between 1 + and 65535. + format: int64 + type: integer + type: object + type: array + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project id of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + targetPools: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + targetSize: + description: 'The target number of running instances for this managed + instance group. Deleting or abandoning instances reduces this number. + Resizing the group changes this number. ' + format: int64 + type: integer + updatePolicy: + description: The update policy for this managed instance group. + properties: + instanceRedistributionType: + description: 'The instance redistribution policy for regional + managed instance groups. Possible values: PROACTIVE, NONE' + type: string + maxSurge: + description: The maximum number of instances that can be created + above the specified targetSize during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + maxUnavailable: + description: The maximum number of instances that can be unavailable + during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + minimalAction: + description: 'Minimal action to be taken on an instance. Possible + values: RESTART, REPLACE' + type: string + type: object + versions: + description: Specifies the instance templates used by this managed + instance group to create instances. + items: + properties: + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The group uses this template to create new + instances in the managed instance group until the targetSize + for this version is reached. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + name: + description: Name of the version. Unique among all versions + in the scope of this managed instance group. + type: string + targetSize: + description: Specifies the intended number of instances to be + created from the instanceTemplate. + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between + 0 to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + type: object + type: array + required: + - baseInstanceName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: 'The creation timestamp for this managed instance group + in RFC3339 text format. ' + format: date-time + type: string + currentActions: + description: 'The list of instance actions and the number of instances + in this managed instance group that are scheduled for each of those + actions. ' + properties: + abandoning: + description: 'The total number of instances in the managed instance + group that are scheduled to be abandoned. Abandoning an instance + removes it from the managed instance group without deleting + it. ' + format: int64 + type: integer + creating: + description: 'The number of instances in the managed instance + group that are scheduled to be created or are currently being + created. If the group fails to create any of these instances, + it tries again until it creates the instance successfully. If + you have disabled creation retries, this field will not be populated; + instead, the creatingWithoutRetries field will be populated. ' + format: int64 + type: integer + creatingWithoutRetries: + description: 'The number of instances that the managed instance + group will attempt to create. The group attempts to create each + instance only once. If the group fails to create any of these + instances, it decreases the group''s targetSize value accordingly. ' + format: int64 + type: integer + deleting: + description: 'The number of instances in the managed instance + group that are scheduled to be deleted or are currently being + deleted. ' + format: int64 + type: integer + none: + description: 'The number of instances in the managed instance + group that are running and have no scheduled actions. ' + format: int64 + type: integer + recreating: + description: 'The number of instances in the managed instance + group that are scheduled to be recreated or are currently being + being recreated. Recreating an instance deletes the existing + root persistent disk and creates a new disk from the image that + is defined in the instance template. ' + format: int64 + type: integer + refreshing: + description: 'The number of instances in the managed instance + group that are being reconfigured with properties that do not + require a restart or a recreate action. For example, setting + or removing target pools for the instance. ' + format: int64 + type: integer + restarting: + description: 'The number of instances in the managed instance + group that are scheduled to be restarted or are currently being + restarted. ' + format: int64 + type: integer + type: object + id: + description: A unique identifier for this resource + format: int64 + type: integer + instanceGroup: + description: The instance group being managed + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + region: + description: The region the managed instance group resides in + type: string + status: + description: The status of this managed instance group. + properties: + autoscalar: + description: The autoscalar that targets this instance group manager + type: string + isStable: + description: A bit indicating whether the managed instance group + is in a stable state. + type: boolean + versionTarget: + description: A status of consistency of Instances' versions with + their target version specified by version field on Instance + Group Manager. + properties: + isReached: + description: A bit indicating whether version target has been + reached in this managed instance group, i.e. all instances + are in their target version. Instances' target version are + specified by version field on Instance Group Manager. + type: boolean + type: object + type: object + updatePolicy: + properties: + maxSurge: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + maxUnavailable: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + type: object + zone: + description: The zone the managed instance group resides. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10303,7 +11265,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11118,7 +12080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11796,7 +12758,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12119,7 +13081,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12319,7 +13281,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12511,7 +13473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12660,7 +13622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12867,7 +13829,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13047,7 +14009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13164,7 +14126,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13377,7 +14339,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13674,7 +14636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13880,7 +14842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14206,7 +15168,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14463,7 +15425,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14677,7 +15639,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14951,7 +15913,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15167,7 +16129,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15272,7 +16234,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15410,7 +16372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15786,7 +16748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15999,7 +16961,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16161,7 +17123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16430,7 +17392,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16606,7 +17568,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16773,7 +17735,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17012,7 +17974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17205,7 +18167,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17427,7 +18389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17651,7 +18613,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17816,7 +18778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17975,7 +18937,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20669,7 +21631,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20865,7 +21827,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21231,7 +22193,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21819,7 +22781,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22959,7 +23921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23411,7 +24373,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23536,7 +24498,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23817,7 +24779,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24095,7 +25057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24386,7 +25348,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -25542,7 +26504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27366,7 +28328,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27691,7 +28653,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27885,7 +28847,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28042,7 +29004,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28195,7 +29157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28405,7 +29367,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28542,7 +29504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28776,7 +29738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -29139,7 +30101,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29301,7 +30263,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29440,7 +30402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29674,7 +30636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29904,7 +30866,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30120,7 +31082,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30297,7 +31259,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30429,7 +31391,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30552,7 +31514,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30701,7 +31663,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30883,7 +31845,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31095,7 +32057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31247,7 +32209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31431,7 +32393,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31559,7 +32521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31828,7 +32790,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32192,7 +33154,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32425,7 +33387,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33185,7 +34147,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -39902,7 +40864,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40088,7 +41050,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40380,7 +41342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40634,7 +41596,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40859,7 +41821,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41099,7 +42061,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41424,7 +42386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -42175,7 +43137,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42396,7 +43358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42756,7 +43718,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42921,7 +43883,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43195,7 +44157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43371,7 +44333,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43650,7 +44612,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43705,6 +44667,11 @@ spec: type: object spec: properties: + expireTime: + description: |- + Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string replication: description: |- Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed @@ -43776,6 +44743,59 @@ spec: for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + rotation: + description: The rotation time and period for a Secret. At 'next_rotation_time', + Secret Manager will send a Pub/Sub notification to the topics configured + on the Secret. 'topics' must be set to configure rotation. + properties: + nextRotationTime: + description: |- + Timestamp in UTC at which the Secret is scheduled to rotate. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string + rotationPeriod: + description: |- + Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). + If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + type: string + type: object + topics: + items: + description: |- + A list of up to 10 Pub/Sub topics to which messages are + published when control plane operations are called on the secret + or its versions. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The name of a PubSubTopic. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + ttl: + description: |- + Immutable. The TTL for the Secret. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + type: string required: - replication type: object @@ -43841,7 +44861,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44034,7 +45054,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44209,7 +45229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44322,7 +45342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44518,7 +45538,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44709,7 +45729,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44767,7 +45787,7 @@ spec: config: description: |- Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines defines the geographic placement and + quite the same as a region) which defines the geographic placement and replication of your databases in this instance. It determines where your data is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. In order to obtain a valid list please consult the @@ -44847,7 +45867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45009,7 +46029,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45577,7 +46597,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45751,7 +46771,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45945,7 +46965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46113,7 +47133,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46438,7 +47458,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46622,7 +47642,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46822,7 +47842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/install-bundles/install-bundle-namespaced/0-cnrm-system.yaml b/install-bundles/install-bundle-namespaced/0-cnrm-system.yaml index 72ad69d14b..d63c1db7c4 100644 --- a/install-bundles/install-bundle-namespaced/0-cnrm-system.yaml +++ b/install-bundles/install-bundle-namespaced/0-cnrm-system.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -25,7 +25,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -35,7 +35,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -45,7 +45,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -55,7 +55,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -76,7 +76,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -97,10 +97,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" name: cnrm-admin rules: - apiGroups: @@ -158,7 +160,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -208,7 +210,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -266,7 +268,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -291,7 +293,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -321,10 +323,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" name: cnrm-viewer rules: - apiGroups: @@ -378,7 +381,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -441,7 +444,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -459,7 +462,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -477,7 +480,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -497,7 +500,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -514,7 +517,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -531,7 +534,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -548,7 +551,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -565,7 +568,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -586,7 +589,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -604,7 +607,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -617,8 +620,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.55.0 - image: gcr.io/cnrm-eap/recorder:bd09e79 + value: 1.56.0 + image: gcr.io/cnrm-eap/recorder:0f00e5f imagePullPolicy: Always name: recorder ports: @@ -650,7 +653,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -665,7 +668,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -680,7 +683,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cnrm-eap/webhook:bd09e79 + image: gcr.io/cnrm-eap/webhook:0f00e5f imagePullPolicy: Always name: webhook ports: @@ -708,7 +711,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -723,7 +726,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -733,7 +736,7 @@ spec: - --stderrthreshold=INFO command: - /configconnector/deletiondefender - image: gcr.io/cnrm-eap/deletiondefender:bd09e79 + image: gcr.io/cnrm-eap/deletiondefender:0f00e5f imagePullPolicy: Always name: deletiondefender ports: @@ -761,7 +764,7 @@ apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/install-bundles/install-bundle-namespaced/crds.yaml b/install-bundles/install-bundle-namespaced/crds.yaml index 34055f1008..2318da0161 100644 --- a/install-bundles/install-bundle-namespaced/crds.yaml +++ b/install-bundles/install-bundle-namespaced/crds.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -395,7 +395,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -524,7 +524,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1673,7 +1673,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1842,7 +1842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2161,7 +2161,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2974,7 +2974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3408,7 +3408,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3576,7 +3576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3778,7 +3778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3841,6 +3841,38 @@ spec: clusterId: description: The ID of the Cloud Bigtable cluster. type: string + kmsKeyRef: + description: |- + Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable + cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains + this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key. + 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. + 3) All clusters within an instance must use the same CMEK key access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a KMSCryptoKey. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object numNodes: description: The number of nodes in your Cloud Bigtable cluster. For PRODUCTION instances where the numNodes will be managed @@ -3939,7 +3971,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4099,7 +4131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -4364,7 +4396,426 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: binaryauthorizationpolicies.binaryauthorization.cnrm.cloud.google.com +spec: + group: binaryauthorization.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BinaryAuthorizationPolicy + plural: binaryauthorizationpolicies + shortNames: + - gcpbinaryauthorizationpolicy + - gcpbinaryauthorizationpolicies + singular: binaryauthorizationpolicy + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + admissionWhitelistPatterns: + description: Optional. Admission policy allowlisting. A matching admission + request will always be permitted. This feature is typically used + to exclude Google or third-party infrastructure images from Binary + Authorization policies. + items: + properties: + namePattern: + description: An image name pattern to allowlist, in the form + `registry/path/to/image`. This supports a trailing `*` as + a wildcard, but this is allowed only in text after the `registry/` + part. + type: string + type: object + type: array + clusterAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-cluster admission rules. Cluster spec + format: location.clusterId. There can be at most one admission rule + per cluster spec. A location is either a compute zone (e.g. us-central1-a) + or a region (e.g. us-central1). For clusterId syntax restrictions + see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.' + type: object + defaultAdmissionRule: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: + description: Optional. A descriptive comment. + type: string + globalPolicyEvaluationMode: + description: 'Optional. Controls the evaluation of a Google-maintained + global admission policy for common system-level images. Images not + covered by the global policy will be subject to the project admission + policy. This setting has no effect when specified inside a global + admission policy. Possible values: GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, + ENABLE, DISABLE' + type: string + istioServiceIdentityAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-istio-service-identity admission rules. + Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default' + type: object + kubernetesNamespaceAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-namespace admission rules. + K8s namespace spec format: [a-z.-]+, e.g. ''some-namespace''' + type: object + kubernetesServiceAccountAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-service-account admission rules. + Service account spec format: namespace:serviceaccount. e.g. ''test-ns:default''' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - defaultAdmissionRule + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + description: Output only. The resource name, in the format `projects/*/policy`. + There is at most one policy per project. + type: string + updateTime: + description: Output only. Time when the policy was last updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5192,7 +5643,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5286,7 +5737,7 @@ spec: type: object initialGroupConfig: description: |- - The initial configuration options for creating a Group. + Immutable. The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) @@ -5385,7 +5836,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -5881,7 +6332,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6127,7 +6578,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6351,7 +6802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7295,7 +7746,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7900,7 +8351,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8045,7 +8496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8418,7 +8869,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9045,7 +9496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9508,7 +9959,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9668,7 +10119,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9747,7 +10198,7 @@ spec: port: description: |- The TCP port number for the HTTPS health check request. - The default value is 80. + The default value is 443. type: integer requestPath: description: |- @@ -9828,282 +10279,793 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: computeimages.compute.cnrm.cloud.google.com -spec: - group: compute.cnrm.cloud.google.com - names: - categories: - - gcp - kind: ComputeImage - plural: computeimages - shortNames: - - gcpcomputeimage - - gcpcomputeimages - singular: computeimage - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - description: - description: |- - Immutable. An optional description of this resource. Provide this property when - you create the resource. - type: string - diskRef: - description: |- - The source disk to create this image based on. - You must provide either this property or the - rawDisk.source property but not both to create an image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeDisk. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - diskSizeGb: - description: Immutable. Size of the image when restored onto a persistent - disk (in GB). - type: integer - family: - description: |- - Immutable. The name of the image family to which this image belongs. You can - create disks by specifying an image family instead of a specific - image name. The image family always returns its latest image that is - not deprecated. The name of the image family must comply with - RFC1035. - type: string - guestOsFeatures: - description: |- - Immutable. A list of features to enable on the guest operating system. - Applicable only for bootable images. - items: - properties: - type: - description: 'Immutable. The type of supported feature. Read - [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) - to see a list of available options. Possible values: ["MULTI_IP_SUBNET", - "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", - "WINDOWS", "GVNIC"]' - type: string - required: - - type - type: object - type: array - licenses: - description: Immutable. Any applicable license URI. - items: - type: string - type: array - rawDisk: - description: Immutable. The parameters of the raw disk image. - properties: - containerType: - description: |- - Immutable. The format used to encode and transmit the block device, which - should be TAR. This is just a container and transmission format - and not a runtime format. Provided by the client when the disk - image is created. Default value: "TAR" Possible values: ["TAR"] - type: string - sha1: - description: |- - Immutable. An optional SHA1 checksum of the disk image before unpackaging. - This is provided by the client when the disk image is created. - type: string - source: - description: |- - Immutable. The full Google Cloud Storage URL where disk storage is stored - You must provide either this property or the sourceDisk property - but not both. - type: string - required: - - source - type: object - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - sourceImageRef: - description: The source image used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeImage. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - sourceSnapshotRef: - description: The source snapshot used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeSnapshot. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - status: - properties: - archiveSizeBytes: - description: |- - Size of the image tar.gz archive stored in Google Cloud Storage (in - bytes). - type: integer - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - creationTimestamp: - description: Creation timestamp in RFC3339 text format. - type: string - labelFingerprint: - description: |- - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - selfLink: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: computeimages.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeImage + plural: computeimages + shortNames: + - gcpcomputeimage + - gcpcomputeimages + singular: computeimage + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + description: + description: |- + Immutable. An optional description of this resource. Provide this property when + you create the resource. + type: string + diskRef: + description: |- + The source disk to create this image based on. + You must provide either this property or the + rawDisk.source property but not both to create an image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeDisk. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + diskSizeGb: + description: Immutable. Size of the image when restored onto a persistent + disk (in GB). + type: integer + family: + description: |- + Immutable. The name of the image family to which this image belongs. You can + create disks by specifying an image family instead of a specific + image name. The image family always returns its latest image that is + not deprecated. The name of the image family must comply with + RFC1035. + type: string + guestOsFeatures: + description: |- + Immutable. A list of features to enable on the guest operating system. + Applicable only for bootable images. + items: + properties: + type: + description: 'Immutable. The type of supported feature. Read + [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) + to see a list of available options. Possible values: ["MULTI_IP_SUBNET", + "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", + "WINDOWS", "GVNIC"]' + type: string + required: + - type + type: object + type: array + licenses: + description: Immutable. Any applicable license URI. + items: + type: string + type: array + rawDisk: + description: Immutable. The parameters of the raw disk image. + properties: + containerType: + description: |- + Immutable. The format used to encode and transmit the block device, which + should be TAR. This is just a container and transmission format + and not a runtime format. Provided by the client when the disk + image is created. Default value: "TAR" Possible values: ["TAR"] + type: string + sha1: + description: |- + Immutable. An optional SHA1 checksum of the disk image before unpackaging. + This is provided by the client when the disk image is created. + type: string + source: + description: |- + Immutable. The full Google Cloud Storage URL where disk storage is stored + You must provide either this property or the sourceDisk property + but not both. + type: string + required: + - source + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + sourceImageRef: + description: The source image used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeImage. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + sourceSnapshotRef: + description: The source snapshot used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeSnapshot. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + status: + properties: + archiveSizeBytes: + description: |- + Size of the image tar.gz archive stored in Google Cloud Storage (in + bytes). + type: integer + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: Creation timestamp in RFC3339 text format. + type: string + labelFingerprint: + description: |- + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: computeinstancegroupmanagers.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeInstanceGroupManager + plural: computeinstancegroupmanagers + shortNames: + - gcpcomputeinstancegroupmanager + - gcpcomputeinstancegroupmanagers + singular: computeinstancegroupmanager + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + autoHealingPolicies: + description: The autohealing policy for this managed instance group. + items: + properties: + healthCheckRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The healthcheck that signals autohealing + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + initialDelaySec: + description: The number of seconds that the managed instance + group waits before it applies autohealing policies to new + instances or recently recreated instances. + format: int64 + type: integer + type: object + type: array + baseInstanceName: + description: 'The base instance name to use for instances in this + group. The value must be 1-58 characters long. Instances are named + by appending a hyphen and a random four-character string to the + base instance name. The base instance name must comply with RFC1035. ' + type: string + description: + description: 'An optional description of this resource. Provide this + property when you create the resource. ' + type: string + distributionPolicy: + description: Policy specifying intended distribution of instances + in regional managed instance group. + properties: + zones: + description: Zones where the regional managed instance group will + create and manage instances. + items: + properties: + zone: + description: The URL of the zone. The zone must exist in + the region where the managed instance group is located. + type: string + type: object + type: array + type: object + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'The instance template that is specified for this + managed instance group. The group uses this template to create + all new instances in the managed instance group. ' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + location: + description: The location of this resource. + type: string + namedPorts: + description: Named ports configured for the Instance Groups complementary + to this Instance Group Manager. + items: + properties: + name: + description: 'The name for this named port. The name must be + 1-63 characters long, and comply with RFC1035. ' + type: string + port: + description: The port number, which can be a value between 1 + and 65535. + format: int64 + type: integer + type: object + type: array + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project id of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + targetPools: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + targetSize: + description: 'The target number of running instances for this managed + instance group. Deleting or abandoning instances reduces this number. + Resizing the group changes this number. ' + format: int64 + type: integer + updatePolicy: + description: The update policy for this managed instance group. + properties: + instanceRedistributionType: + description: 'The instance redistribution policy for regional + managed instance groups. Possible values: PROACTIVE, NONE' + type: string + maxSurge: + description: The maximum number of instances that can be created + above the specified targetSize during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + maxUnavailable: + description: The maximum number of instances that can be unavailable + during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + minimalAction: + description: 'Minimal action to be taken on an instance. Possible + values: RESTART, REPLACE' + type: string + type: object + versions: + description: Specifies the instance templates used by this managed + instance group to create instances. + items: + properties: + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The group uses this template to create new + instances in the managed instance group until the targetSize + for this version is reached. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + name: + description: Name of the version. Unique among all versions + in the scope of this managed instance group. + type: string + targetSize: + description: Specifies the intended number of instances to be + created from the instanceTemplate. + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between + 0 to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + type: object + type: array + required: + - baseInstanceName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: 'The creation timestamp for this managed instance group + in RFC3339 text format. ' + format: date-time + type: string + currentActions: + description: 'The list of instance actions and the number of instances + in this managed instance group that are scheduled for each of those + actions. ' + properties: + abandoning: + description: 'The total number of instances in the managed instance + group that are scheduled to be abandoned. Abandoning an instance + removes it from the managed instance group without deleting + it. ' + format: int64 + type: integer + creating: + description: 'The number of instances in the managed instance + group that are scheduled to be created or are currently being + created. If the group fails to create any of these instances, + it tries again until it creates the instance successfully. If + you have disabled creation retries, this field will not be populated; + instead, the creatingWithoutRetries field will be populated. ' + format: int64 + type: integer + creatingWithoutRetries: + description: 'The number of instances that the managed instance + group will attempt to create. The group attempts to create each + instance only once. If the group fails to create any of these + instances, it decreases the group''s targetSize value accordingly. ' + format: int64 + type: integer + deleting: + description: 'The number of instances in the managed instance + group that are scheduled to be deleted or are currently being + deleted. ' + format: int64 + type: integer + none: + description: 'The number of instances in the managed instance + group that are running and have no scheduled actions. ' + format: int64 + type: integer + recreating: + description: 'The number of instances in the managed instance + group that are scheduled to be recreated or are currently being + being recreated. Recreating an instance deletes the existing + root persistent disk and creates a new disk from the image that + is defined in the instance template. ' + format: int64 + type: integer + refreshing: + description: 'The number of instances in the managed instance + group that are being reconfigured with properties that do not + require a restart or a recreate action. For example, setting + or removing target pools for the instance. ' + format: int64 + type: integer + restarting: + description: 'The number of instances in the managed instance + group that are scheduled to be restarted or are currently being + restarted. ' + format: int64 + type: integer + type: object + id: + description: A unique identifier for this resource + format: int64 + type: integer + instanceGroup: + description: The instance group being managed + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + region: + description: The region the managed instance group resides in + type: string + status: + description: The status of this managed instance group. + properties: + autoscalar: + description: The autoscalar that targets this instance group manager + type: string + isStable: + description: A bit indicating whether the managed instance group + is in a stable state. + type: boolean + versionTarget: + description: A status of consistency of Instances' versions with + their target version specified by version field on Instance + Group Manager. + properties: + isReached: + description: A bit indicating whether version target has been + reached in this managed instance group, i.e. all instances + are in their target version. Instances' target version are + specified by version field on Instance Group Manager. + type: boolean + type: object + type: object + updatePolicy: + properties: + maxSurge: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + maxUnavailable: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + type: object + zone: + description: The zone the managed instance group resides. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10303,7 +11265,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11118,7 +12080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11796,7 +12758,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12119,7 +13081,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12319,7 +13281,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12511,7 +13473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12660,7 +13622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12867,7 +13829,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13047,7 +14009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13164,7 +14126,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13377,7 +14339,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13674,7 +14636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13880,7 +14842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14206,7 +15168,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14463,7 +15425,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14677,7 +15639,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14951,7 +15913,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15167,7 +16129,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15272,7 +16234,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15410,7 +16372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15786,7 +16748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15999,7 +16961,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16161,7 +17123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16430,7 +17392,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16606,7 +17568,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16773,7 +17735,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17012,7 +17974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17205,7 +18167,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17427,7 +18389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17651,7 +18613,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17816,7 +18778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17975,7 +18937,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20669,7 +21631,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20865,7 +21827,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21231,7 +22193,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21819,7 +22781,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22959,7 +23921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23411,7 +24373,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23536,7 +24498,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23817,7 +24779,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24095,7 +25057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24386,7 +25348,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -25542,7 +26504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27366,7 +28328,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27691,7 +28653,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27885,7 +28847,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28042,7 +29004,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28195,7 +29157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28405,7 +29367,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28542,7 +29504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28776,7 +29738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -29139,7 +30101,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29301,7 +30263,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29440,7 +30402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29674,7 +30636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29904,7 +30866,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30120,7 +31082,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30297,7 +31259,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30429,7 +31391,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30552,7 +31514,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30701,7 +31663,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30883,7 +31845,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31095,7 +32057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31247,7 +32209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31431,7 +32393,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31559,7 +32521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31828,7 +32790,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32192,7 +33154,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32425,7 +33387,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33185,7 +34147,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -39902,7 +40864,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40088,7 +41050,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40380,7 +41342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40634,7 +41596,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40859,7 +41821,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41099,7 +42061,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41424,7 +42386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -42175,7 +43137,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42396,7 +43358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42756,7 +43718,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42921,7 +43883,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43195,7 +44157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43371,7 +44333,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43650,7 +44612,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43705,6 +44667,11 @@ spec: type: object spec: properties: + expireTime: + description: |- + Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string replication: description: |- Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed @@ -43776,6 +44743,59 @@ spec: for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + rotation: + description: The rotation time and period for a Secret. At 'next_rotation_time', + Secret Manager will send a Pub/Sub notification to the topics configured + on the Secret. 'topics' must be set to configure rotation. + properties: + nextRotationTime: + description: |- + Timestamp in UTC at which the Secret is scheduled to rotate. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string + rotationPeriod: + description: |- + Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). + If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + type: string + type: object + topics: + items: + description: |- + A list of up to 10 Pub/Sub topics to which messages are + published when control plane operations are called on the secret + or its versions. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The name of a PubSubTopic. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + ttl: + description: |- + Immutable. The TTL for the Secret. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + type: string required: - replication type: object @@ -43841,7 +44861,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44034,7 +45054,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44209,7 +45229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44322,7 +45342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44518,7 +45538,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44709,7 +45729,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44767,7 +45787,7 @@ spec: config: description: |- Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines defines the geographic placement and + quite the same as a region) which defines the geographic placement and replication of your databases in this instance. It determines where your data is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. In order to obtain a valid list please consult the @@ -44847,7 +45867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45009,7 +46029,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45577,7 +46597,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45751,7 +46771,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45945,7 +46965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46113,7 +47133,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46438,7 +47458,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46622,7 +47642,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46822,7 +47842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/install-bundles/install-bundle-namespaced/per-namespace-components.yaml b/install-bundles/install-bundle-namespaced/per-namespace-components.yaml index ba3f074b2c..bd5f94fc5e 100644 --- a/install-bundles/install-bundle-namespaced/per-namespace-components.yaml +++ b/install-bundles/install-bundle-namespaced/per-namespace-components.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 iam.gke.io/gcp-service-account: cnrm-system-${NAMESPACE?}@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -28,7 +28,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -47,7 +47,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -66,7 +66,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -85,7 +85,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -103,7 +103,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -127,7 +127,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -144,7 +144,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -157,7 +157,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/cnrm-eap/controller:bd09e79 + image: gcr.io/cnrm-eap/controller:0f00e5f imagePullPolicy: Always name: manager ports: diff --git a/install-bundles/install-bundle-workload-identity/0-cnrm-system.yaml b/install-bundles/install-bundle-workload-identity/0-cnrm-system.yaml index 824c064808..6738cf18a4 100644 --- a/install-bundles/install-bundle-workload-identity/0-cnrm-system.yaml +++ b/install-bundles/install-bundle-workload-identity/0-cnrm-system.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -25,7 +25,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 iam.gke.io/gcp-service-account: cnrm-system@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/system: "true" @@ -36,7 +36,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -46,7 +46,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -56,7 +56,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -66,7 +66,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -87,7 +87,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -108,10 +108,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" name: cnrm-admin rules: - apiGroups: @@ -169,7 +171,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -219,7 +221,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -277,7 +279,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -302,7 +304,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -332,10 +334,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" name: cnrm-viewer rules: - apiGroups: @@ -389,7 +392,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -452,7 +455,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -470,7 +473,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -488,7 +491,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -511,7 +514,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -528,7 +531,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -545,7 +548,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -562,7 +565,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -579,7 +582,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -596,7 +599,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -613,7 +616,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -635,7 +638,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -656,7 +659,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -674,7 +677,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -687,8 +690,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.55.0 - image: gcr.io/cnrm-eap/recorder:bd09e79 + value: 1.56.0 + image: gcr.io/cnrm-eap/recorder:0f00e5f imagePullPolicy: Always name: recorder ports: @@ -720,7 +723,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -735,7 +738,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -750,7 +753,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cnrm-eap/webhook:bd09e79 + image: gcr.io/cnrm-eap/webhook:0f00e5f imagePullPolicy: Always name: webhook ports: @@ -778,7 +781,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -793,7 +796,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -804,7 +807,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/cnrm-eap/controller:bd09e79 + image: gcr.io/cnrm-eap/controller:0f00e5f imagePullPolicy: Always name: manager ports: @@ -832,7 +835,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -847,7 +850,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -857,7 +860,7 @@ spec: - --stderrthreshold=INFO command: - /configconnector/deletiondefender - image: gcr.io/cnrm-eap/deletiondefender:bd09e79 + image: gcr.io/cnrm-eap/deletiondefender:0f00e5f imagePullPolicy: Always name: deletiondefender ports: @@ -885,7 +888,7 @@ apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/install-bundles/install-bundle-workload-identity/crds.yaml b/install-bundles/install-bundle-workload-identity/crds.yaml index 34055f1008..2318da0161 100644 --- a/install-bundles/install-bundle-workload-identity/crds.yaml +++ b/install-bundles/install-bundle-workload-identity/crds.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -395,7 +395,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -524,7 +524,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1673,7 +1673,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1842,7 +1842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2161,7 +2161,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2974,7 +2974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3408,7 +3408,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3576,7 +3576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3778,7 +3778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -3841,6 +3841,38 @@ spec: clusterId: description: The ID of the Cloud Bigtable cluster. type: string + kmsKeyRef: + description: |- + Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable + cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains + this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key. + 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. + 3) All clusters within an instance must use the same CMEK key access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a KMSCryptoKey. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object numNodes: description: The number of nodes in your Cloud Bigtable cluster. For PRODUCTION instances where the numNodes will be managed @@ -3939,7 +3971,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4099,7 +4131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -4364,7 +4396,426 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: binaryauthorizationpolicies.binaryauthorization.cnrm.cloud.google.com +spec: + group: binaryauthorization.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BinaryAuthorizationPolicy + plural: binaryauthorizationpolicies + shortNames: + - gcpbinaryauthorizationpolicy + - gcpbinaryauthorizationpolicies + singular: binaryauthorizationpolicy + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + admissionWhitelistPatterns: + description: Optional. Admission policy allowlisting. A matching admission + request will always be permitted. This feature is typically used + to exclude Google or third-party infrastructure images from Binary + Authorization policies. + items: + properties: + namePattern: + description: An image name pattern to allowlist, in the form + `registry/path/to/image`. This supports a trailing `*` as + a wildcard, but this is allowed only in text after the `registry/` + part. + type: string + type: object + type: array + clusterAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-cluster admission rules. Cluster spec + format: location.clusterId. There can be at most one admission rule + per cluster spec. A location is either a compute zone (e.g. us-central1-a) + or a region (e.g. us-central1). For clusterId syntax restrictions + see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.' + type: object + defaultAdmissionRule: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: + description: Optional. A descriptive comment. + type: string + globalPolicyEvaluationMode: + description: 'Optional. Controls the evaluation of a Google-maintained + global admission policy for common system-level images. Images not + covered by the global policy will be subject to the project admission + policy. This setting has no effect when specified inside a global + admission policy. Possible values: GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, + ENABLE, DISABLE' + type: string + istioServiceIdentityAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-istio-service-identity admission rules. + Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default' + type: object + kubernetesNamespaceAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-namespace admission rules. + K8s namespace spec format: [a-z.-]+, e.g. ''some-namespace''' + type: object + kubernetesServiceAccountAdmissionRules: + additionalProperties: + description: Required. Default admission rule for a cluster without + a per-cluster, per-kubernetes-service-account, or per-istio-service-identity + admission rule. + properties: + enforcementMode: + description: 'Required. The action when a pod creation is denied + by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, + ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY' + type: string + evaluationMode: + description: 'Required. How this admission rule will be evaluated. + Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION' + type: string + requireAttestationsBy: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + required: + - enforcementMode + - evaluationMode + type: object + description: 'Optional. Per-kubernetes-service-account admission rules. + Service account spec format: namespace:serviceaccount. e.g. ''test-ns:default''' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - defaultAdmissionRule + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + description: Output only. The resource name, in the format `projects/*/policy`. + There is at most one policy per project. + type: string + updateTime: + description: Output only. Time when the policy was last updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5192,7 +5643,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5286,7 +5737,7 @@ spec: type: object initialGroupConfig: description: |- - The initial configuration options for creating a Group. + Immutable. The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) @@ -5385,7 +5836,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -5881,7 +6332,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6127,7 +6578,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6351,7 +6802,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7295,7 +7746,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7900,7 +8351,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8045,7 +8496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8418,7 +8869,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9045,7 +9496,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9508,7 +9959,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9668,7 +10119,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9747,7 +10198,7 @@ spec: port: description: |- The TCP port number for the HTTPS health check request. - The default value is 80. + The default value is 443. type: integer requestPath: description: |- @@ -9828,282 +10279,793 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: computeimages.compute.cnrm.cloud.google.com -spec: - group: compute.cnrm.cloud.google.com - names: - categories: - - gcp - kind: ComputeImage - plural: computeimages - shortNames: - - gcpcomputeimage - - gcpcomputeimages - singular: computeimage - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - description: - description: |- - Immutable. An optional description of this resource. Provide this property when - you create the resource. - type: string - diskRef: - description: |- - The source disk to create this image based on. - You must provide either this property or the - rawDisk.source property but not both to create an image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeDisk. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - diskSizeGb: - description: Immutable. Size of the image when restored onto a persistent - disk (in GB). - type: integer - family: - description: |- - Immutable. The name of the image family to which this image belongs. You can - create disks by specifying an image family instead of a specific - image name. The image family always returns its latest image that is - not deprecated. The name of the image family must comply with - RFC1035. - type: string - guestOsFeatures: - description: |- - Immutable. A list of features to enable on the guest operating system. - Applicable only for bootable images. - items: - properties: - type: - description: 'Immutable. The type of supported feature. Read - [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) - to see a list of available options. Possible values: ["MULTI_IP_SUBNET", - "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", - "WINDOWS", "GVNIC"]' - type: string - required: - - type - type: object - type: array - licenses: - description: Immutable. Any applicable license URI. - items: - type: string - type: array - rawDisk: - description: Immutable. The parameters of the raw disk image. - properties: - containerType: - description: |- - Immutable. The format used to encode and transmit the block device, which - should be TAR. This is just a container and transmission format - and not a runtime format. Provided by the client when the disk - image is created. Default value: "TAR" Possible values: ["TAR"] - type: string - sha1: - description: |- - Immutable. An optional SHA1 checksum of the disk image before unpackaging. - This is provided by the client when the disk image is created. - type: string - source: - description: |- - Immutable. The full Google Cloud Storage URL where disk storage is stored - You must provide either this property or the sourceDisk property - but not both. - type: string - required: - - source - type: object - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - sourceImageRef: - description: The source image used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeImage. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - sourceSnapshotRef: - description: The source snapshot used to create this image. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: The selfLink of a ComputeSnapshot. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - status: - properties: - archiveSizeBytes: - description: |- - Size of the image tar.gz archive stored in Google Cloud Storage (in - bytes). - type: integer - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - creationTimestamp: - description: Creation timestamp in RFC3339 text format. - type: string - labelFingerprint: - description: |- - The fingerprint used for optimistic locking of this resource. Used - internally during updates. - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - selfLink: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: computeimages.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeImage + plural: computeimages + shortNames: + - gcpcomputeimage + - gcpcomputeimages + singular: computeimage + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + description: + description: |- + Immutable. An optional description of this resource. Provide this property when + you create the resource. + type: string + diskRef: + description: |- + The source disk to create this image based on. + You must provide either this property or the + rawDisk.source property but not both to create an image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeDisk. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + diskSizeGb: + description: Immutable. Size of the image when restored onto a persistent + disk (in GB). + type: integer + family: + description: |- + Immutable. The name of the image family to which this image belongs. You can + create disks by specifying an image family instead of a specific + image name. The image family always returns its latest image that is + not deprecated. The name of the image family must comply with + RFC1035. + type: string + guestOsFeatures: + description: |- + Immutable. A list of features to enable on the guest operating system. + Applicable only for bootable images. + items: + properties: + type: + description: 'Immutable. The type of supported feature. Read + [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) + to see a list of available options. Possible values: ["MULTI_IP_SUBNET", + "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", + "WINDOWS", "GVNIC"]' + type: string + required: + - type + type: object + type: array + licenses: + description: Immutable. Any applicable license URI. + items: + type: string + type: array + rawDisk: + description: Immutable. The parameters of the raw disk image. + properties: + containerType: + description: |- + Immutable. The format used to encode and transmit the block device, which + should be TAR. This is just a container and transmission format + and not a runtime format. Provided by the client when the disk + image is created. Default value: "TAR" Possible values: ["TAR"] + type: string + sha1: + description: |- + Immutable. An optional SHA1 checksum of the disk image before unpackaging. + This is provided by the client when the disk image is created. + type: string + source: + description: |- + Immutable. The full Google Cloud Storage URL where disk storage is stored + You must provide either this property or the sourceDisk property + but not both. + type: string + required: + - source + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + sourceImageRef: + description: The source image used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeImage. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + sourceSnapshotRef: + description: The source snapshot used to create this image. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The selfLink of a ComputeSnapshot. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: object + status: + properties: + archiveSizeBytes: + description: |- + Size of the image tar.gz archive stored in Google Cloud Storage (in + bytes). + type: integer + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: Creation timestamp in RFC3339 text format. + type: string + labelFingerprint: + description: |- + The fingerprint used for optimistic locking of this resource. Used + internally during updates. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + selfLink: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/dcl2crd: "true" + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: computeinstancegroupmanagers.compute.cnrm.cloud.google.com +spec: + group: compute.cnrm.cloud.google.com + names: + categories: + - gcp + kind: ComputeInstanceGroupManager + plural: computeinstancegroupmanagers + shortNames: + - gcpcomputeinstancegroupmanager + - gcpcomputeinstancegroupmanagers + singular: computeinstancegroupmanager + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + autoHealingPolicies: + description: The autohealing policy for this managed instance group. + items: + properties: + healthCheckRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The healthcheck that signals autohealing + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + initialDelaySec: + description: The number of seconds that the managed instance + group waits before it applies autohealing policies to new + instances or recently recreated instances. + format: int64 + type: integer + type: object + type: array + baseInstanceName: + description: 'The base instance name to use for instances in this + group. The value must be 1-58 characters long. Instances are named + by appending a hyphen and a random four-character string to the + base instance name. The base instance name must comply with RFC1035. ' + type: string + description: + description: 'An optional description of this resource. Provide this + property when you create the resource. ' + type: string + distributionPolicy: + description: Policy specifying intended distribution of instances + in regional managed instance group. + properties: + zones: + description: Zones where the regional managed instance group will + create and manage instances. + items: + properties: + zone: + description: The URL of the zone. The zone must exist in + the region where the managed instance group is located. + type: string + type: object + type: array + type: object + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'The instance template that is specified for this + managed instance group. The group uses this template to create + all new instances in the managed instance group. ' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + location: + description: The location of this resource. + type: string + namedPorts: + description: Named ports configured for the Instance Groups complementary + to this Instance Group Manager. + items: + properties: + name: + description: 'The name for this named port. The name must be + 1-63 characters long, and comply with RFC1035. ' + type: string + port: + description: The port number, which can be a value between 1 + and 65535. + format: int64 + type: integer + type: object + type: array + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The project id of the resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + targetPools: + items: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + targetSize: + description: 'The target number of running instances for this managed + instance group. Deleting or abandoning instances reduces this number. + Resizing the group changes this number. ' + format: int64 + type: integer + updatePolicy: + description: The update policy for this managed instance group. + properties: + instanceRedistributionType: + description: 'The instance redistribution policy for regional + managed instance groups. Possible values: PROACTIVE, NONE' + type: string + maxSurge: + description: The maximum number of instances that can be created + above the specified targetSize during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + maxUnavailable: + description: The maximum number of instances that can be unavailable + during the update process + properties: + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between 0 + to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + minimalAction: + description: 'Minimal action to be taken on an instance. Possible + values: RESTART, REPLACE' + type: string + type: object + versions: + description: Specifies the instance templates used by this managed + instance group to create instances. + items: + properties: + instanceTemplateRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The group uses this template to create new + instances in the managed instance group until the targetSize + for this version is reached. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + name: + description: Name of the version. Unique among all versions + in the scope of this managed instance group. + type: string + targetSize: + description: Specifies the intended number of instances to be + created from the instanceTemplate. + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + fixed: + description: Specifies a fixed number of VM instances. This + must be a positive integer. + format: int64 + type: integer + percent: + description: Specifies a percentage of instances between + 0 to 100%, inclusive. For example, specify 80 for 80%. + format: int64 + type: integer + type: object + type: object + type: array + required: + - baseInstanceName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTimestamp: + description: 'The creation timestamp for this managed instance group + in RFC3339 text format. ' + format: date-time + type: string + currentActions: + description: 'The list of instance actions and the number of instances + in this managed instance group that are scheduled for each of those + actions. ' + properties: + abandoning: + description: 'The total number of instances in the managed instance + group that are scheduled to be abandoned. Abandoning an instance + removes it from the managed instance group without deleting + it. ' + format: int64 + type: integer + creating: + description: 'The number of instances in the managed instance + group that are scheduled to be created or are currently being + created. If the group fails to create any of these instances, + it tries again until it creates the instance successfully. If + you have disabled creation retries, this field will not be populated; + instead, the creatingWithoutRetries field will be populated. ' + format: int64 + type: integer + creatingWithoutRetries: + description: 'The number of instances that the managed instance + group will attempt to create. The group attempts to create each + instance only once. If the group fails to create any of these + instances, it decreases the group''s targetSize value accordingly. ' + format: int64 + type: integer + deleting: + description: 'The number of instances in the managed instance + group that are scheduled to be deleted or are currently being + deleted. ' + format: int64 + type: integer + none: + description: 'The number of instances in the managed instance + group that are running and have no scheduled actions. ' + format: int64 + type: integer + recreating: + description: 'The number of instances in the managed instance + group that are scheduled to be recreated or are currently being + being recreated. Recreating an instance deletes the existing + root persistent disk and creates a new disk from the image that + is defined in the instance template. ' + format: int64 + type: integer + refreshing: + description: 'The number of instances in the managed instance + group that are being reconfigured with properties that do not + require a restart or a recreate action. For example, setting + or removing target pools for the instance. ' + format: int64 + type: integer + restarting: + description: 'The number of instances in the managed instance + group that are scheduled to be restarted or are currently being + restarted. ' + format: int64 + type: integer + type: object + id: + description: A unique identifier for this resource + format: int64 + type: integer + instanceGroup: + description: The instance group being managed + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + region: + description: The region the managed instance group resides in + type: string + status: + description: The status of this managed instance group. + properties: + autoscalar: + description: The autoscalar that targets this instance group manager + type: string + isStable: + description: A bit indicating whether the managed instance group + is in a stable state. + type: boolean + versionTarget: + description: A status of consistency of Instances' versions with + their target version specified by version field on Instance + Group Manager. + properties: + isReached: + description: A bit indicating whether version target has been + reached in this managed instance group, i.e. all instances + are in their target version. Instances' target version are + specified by version field on Instance Group Manager. + type: boolean + type: object + type: object + updatePolicy: + properties: + maxSurge: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + maxUnavailable: + properties: + calculated: + description: Absolute value of VM instances calculated based + on the specific mode. + format: int64 + type: integer + type: object + type: object + zone: + description: The zone the managed instance group resides. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10303,7 +11265,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11118,7 +12080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -11796,7 +12758,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12119,7 +13081,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12319,7 +13281,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12511,7 +13473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12660,7 +13622,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12867,7 +13829,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13047,7 +14009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13164,7 +14126,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13377,7 +14339,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13674,7 +14636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13880,7 +14842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14206,7 +15168,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14463,7 +15425,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14677,7 +15639,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14951,7 +15913,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15167,7 +16129,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15272,7 +16234,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15410,7 +16372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15786,7 +16748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -15999,7 +16961,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16161,7 +17123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16430,7 +17392,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16606,7 +17568,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16773,7 +17735,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17012,7 +17974,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17205,7 +18167,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17427,7 +18389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17651,7 +18613,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17816,7 +18778,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17975,7 +18937,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20669,7 +21631,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20865,7 +21827,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21231,7 +22193,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21819,7 +22781,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22959,7 +23921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23411,7 +24373,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23536,7 +24498,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23817,7 +24779,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24095,7 +25057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -24386,7 +25348,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -25542,7 +26504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27366,7 +28328,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27691,7 +28653,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27885,7 +28847,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28042,7 +29004,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28195,7 +29157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28405,7 +29367,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28542,7 +29504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -28776,7 +29738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -29139,7 +30101,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29301,7 +30263,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29440,7 +30402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29674,7 +30636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29904,7 +30866,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30120,7 +31082,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30297,7 +31259,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30429,7 +31391,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30552,7 +31514,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30701,7 +31663,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -30883,7 +31845,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31095,7 +32057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31247,7 +32209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31431,7 +32393,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31559,7 +32521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31828,7 +32790,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32192,7 +33154,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32425,7 +33387,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33185,7 +34147,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -39902,7 +40864,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40088,7 +41050,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40380,7 +41342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40634,7 +41596,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -40859,7 +41821,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41099,7 +42061,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -41424,7 +42386,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -42175,7 +43137,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42396,7 +43358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42756,7 +43718,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42921,7 +43883,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43195,7 +44157,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43371,7 +44333,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43650,7 +44612,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43705,6 +44667,11 @@ spec: type: object spec: properties: + expireTime: + description: |- + Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string replication: description: |- Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed @@ -43776,6 +44743,59 @@ spec: for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + rotation: + description: The rotation time and period for a Secret. At 'next_rotation_time', + Secret Manager will send a Pub/Sub notification to the topics configured + on the Secret. 'topics' must be set to configure rotation. + properties: + nextRotationTime: + description: |- + Timestamp in UTC at which the Secret is scheduled to rotate. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + type: string + rotationPeriod: + description: |- + Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). + If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + type: string + type: object + topics: + items: + description: |- + A list of up to 10 Pub/Sub topics to which messages are + published when control plane operations are called on the secret + or its versions. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The name of a PubSubTopic. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + type: array + ttl: + description: |- + Immutable. The TTL for the Secret. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + type: string required: - replication type: object @@ -43841,7 +44861,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44034,7 +45054,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44209,7 +45229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44322,7 +45342,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44518,7 +45538,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44709,7 +45729,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44767,7 +45787,7 @@ spec: config: description: |- Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines defines the geographic placement and + quite the same as a region) which defines the geographic placement and replication of your databases in this instance. It determines where your data is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. In order to obtain a valid list please consult the @@ -44847,7 +45867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45009,7 +46029,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45577,7 +46597,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45751,7 +46771,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45945,7 +46965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46113,7 +47133,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46438,7 +47458,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46622,7 +47642,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -46822,7 +47842,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.55.0 + cnrm.cloud.google.com/version: 1.56.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" diff --git a/pkg/apis/bigtable/v1beta1/bigtableinstance_types.go b/pkg/apis/bigtable/v1beta1/bigtableinstance_types.go index 52fb2811ce..2bf96757e7 100644 --- a/pkg/apis/bigtable/v1beta1/bigtableinstance_types.go +++ b/pkg/apis/bigtable/v1beta1/bigtableinstance_types.go @@ -39,6 +39,14 @@ type InstanceCluster struct { /* The ID of the Cloud Bigtable cluster. */ ClusterId string `json:"clusterId"` + /* Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable + cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains + this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key. + 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. + 3) All clusters within an instance must use the same CMEK key access to this encryption key. */ + // +optional + KmsKeyRef *v1alpha1.ResourceRef `json:"kmsKeyRef,omitempty"` + /* The number of nodes in your Cloud Bigtable cluster. For PRODUCTION instances where the numNodes will be managed by Config Connector, this field is required with a minimum of 1. For a DEVELOPMENT instance or for an existing instance where the numNodes is managed outside of Config Connector, this field must be left unset. */ // +optional NumNodes *int `json:"numNodes,omitempty"` diff --git a/pkg/apis/bigtable/v1beta1/zz_generated.deepcopy.go b/pkg/apis/bigtable/v1beta1/zz_generated.deepcopy.go index 03dad4adb6..a66e1d4c7d 100644 --- a/pkg/apis/bigtable/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/bigtable/v1beta1/zz_generated.deepcopy.go @@ -573,6 +573,11 @@ func (in *GcpolicyMaxVersion) DeepCopy() *GcpolicyMaxVersion { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InstanceCluster) DeepCopyInto(out *InstanceCluster) { *out = *in + if in.KmsKeyRef != nil { + in, out := &in.KmsKeyRef, &out.KmsKeyRef + *out = new(v1alpha1.ResourceRef) + **out = **in + } if in.NumNodes != nil { in, out := &in.NumNodes, &out.NumNodes *out = new(int) diff --git a/pkg/apis/binaryauthorization/v1beta1/binaryauthorizationpolicy_types.go b/pkg/apis/binaryauthorization/v1beta1/binaryauthorizationpolicy_types.go new file mode 100644 index 0000000000..8be34038ce --- /dev/null +++ b/pkg/apis/binaryauthorization/v1beta1/binaryauthorizationpolicy_types.go @@ -0,0 +1,176 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Config Connector and manual +// changes will be clobbered when the file is regenerated. +// +// ---------------------------------------------------------------------------- + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +package v1beta1 + +import ( + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type PolicyAdmissionWhitelistPatterns struct { + /* An image name pattern to allowlist, in the form `registry/path/to/image`. This supports a trailing `*` as a wildcard, but this is allowed only in text after the `registry/` part. */ + // +optional + NamePattern *string `json:"namePattern,omitempty"` +} + +type PolicyClusterAdmissionRules struct { + /* Required. The action when a pod creation is denied by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY */ + EnforcementMode string `json:"enforcementMode"` + + /* Required. How this admission rule will be evaluated. Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION */ + EvaluationMode string `json:"evaluationMode"` + + /* */ + // +optional + RequireAttestationsBy []v1alpha1.ResourceRef `json:"requireAttestationsBy,omitempty"` +} + +type PolicyDefaultAdmissionRule struct { + /* Required. The action when a pod creation is denied by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY */ + EnforcementMode string `json:"enforcementMode"` + + /* Required. How this admission rule will be evaluated. Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION */ + EvaluationMode string `json:"evaluationMode"` + + /* */ + // +optional + RequireAttestationsBy []v1alpha1.ResourceRef `json:"requireAttestationsBy,omitempty"` +} + +type PolicyIstioServiceIdentityAdmissionRules struct { + /* Required. The action when a pod creation is denied by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY */ + EnforcementMode string `json:"enforcementMode"` + + /* Required. How this admission rule will be evaluated. Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION */ + EvaluationMode string `json:"evaluationMode"` + + /* */ + // +optional + RequireAttestationsBy []v1alpha1.ResourceRef `json:"requireAttestationsBy,omitempty"` +} + +type PolicyKubernetesNamespaceAdmissionRules struct { + /* Required. The action when a pod creation is denied by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY */ + EnforcementMode string `json:"enforcementMode"` + + /* Required. How this admission rule will be evaluated. Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION */ + EvaluationMode string `json:"evaluationMode"` + + /* */ + // +optional + RequireAttestationsBy []v1alpha1.ResourceRef `json:"requireAttestationsBy,omitempty"` +} + +type PolicyKubernetesServiceAccountAdmissionRules struct { + /* Required. The action when a pod creation is denied by the admission rule. Possible values: ENFORCEMENT_MODE_UNSPECIFIED, ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY */ + EnforcementMode string `json:"enforcementMode"` + + /* Required. How this admission rule will be evaluated. Possible values: ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION */ + EvaluationMode string `json:"evaluationMode"` + + /* */ + // +optional + RequireAttestationsBy []v1alpha1.ResourceRef `json:"requireAttestationsBy,omitempty"` +} + +type BinaryAuthorizationPolicySpec struct { + /* Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies. */ + // +optional + AdmissionWhitelistPatterns []PolicyAdmissionWhitelistPatterns `json:"admissionWhitelistPatterns,omitempty"` + + /* Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. */ + // +optional + ClusterAdmissionRules map[string]PolicyClusterAdmissionRules `json:"clusterAdmissionRules,omitempty"` + + /* Required. Default admission rule for a cluster without a per-cluster, per-kubernetes-service-account, or per-istio-service-identity admission rule. */ + DefaultAdmissionRule PolicyDefaultAdmissionRule `json:"defaultAdmissionRule"` + + /* Optional. A descriptive comment. */ + // +optional + Description *string `json:"description,omitempty"` + + /* Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy. Possible values: GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, ENABLE, DISABLE */ + // +optional + GlobalPolicyEvaluationMode *string `json:"globalPolicyEvaluationMode,omitempty"` + + /* Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ e.g. spiffe://example.com/ns/test-ns/sa/default */ + // +optional + IstioServiceIdentityAdmissionRules map[string]PolicyIstioServiceIdentityAdmissionRules `json:"istioServiceIdentityAdmissionRules,omitempty"` + + /* Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace' */ + // +optional + KubernetesNamespaceAdmissionRules map[string]PolicyKubernetesNamespaceAdmissionRules `json:"kubernetesNamespaceAdmissionRules,omitempty"` + + /* Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default' */ + // +optional + KubernetesServiceAccountAdmissionRules map[string]PolicyKubernetesServiceAccountAdmissionRules `json:"kubernetesServiceAccountAdmissionRules,omitempty"` + + /* The Project that this resource belongs to. */ + ProjectRef v1alpha1.ResourceRef `json:"projectRef"` +} + +type BinaryAuthorizationPolicyStatus struct { + /* Conditions represent the latest available observations of the + BinaryAuthorizationPolicy's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + /* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */ + ObservedGeneration int `json:"observedGeneration,omitempty"` + /* Output only. The resource name, in the format `projects/* /policy`. There is at most one policy per project. */ + SelfLink string `json:"selfLink,omitempty"` + /* Output only. Time when the policy was last updated. */ + UpdateTime string `json:"updateTime,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// BinaryAuthorizationPolicy is the Schema for the binaryauthorization API +// +k8s:openapi-gen=true +type BinaryAuthorizationPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec BinaryAuthorizationPolicySpec `json:"spec,omitempty"` + Status BinaryAuthorizationPolicyStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// BinaryAuthorizationPolicyList contains a list of BinaryAuthorizationPolicy +type BinaryAuthorizationPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []BinaryAuthorizationPolicy `json:"items"` +} + +func init() { + SchemeBuilder.Register(&BinaryAuthorizationPolicy{}, &BinaryAuthorizationPolicyList{}) +} diff --git a/pkg/apis/binaryauthorization/v1beta1/register.go b/pkg/apis/binaryauthorization/v1beta1/register.go index 2d18b32de1..1f21554184 100644 --- a/pkg/apis/binaryauthorization/v1beta1/register.go +++ b/pkg/apis/binaryauthorization/v1beta1/register.go @@ -59,5 +59,11 @@ var ( Kind: reflect.TypeOf(BinaryAuthorizationAttestor{}).Name(), } + BinaryAuthorizationPolicyGVK = schema.GroupVersionKind{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Kind: reflect.TypeOf(BinaryAuthorizationPolicy{}).Name(), + } + binaryauthorizationAPIVersion = SchemeGroupVersion.String() ) diff --git a/pkg/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go b/pkg/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go index 6d580fbcd8..b93340c577 100644 --- a/pkg/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go @@ -244,3 +244,274 @@ func (in *BinaryAuthorizationAttestorStatus) DeepCopy() *BinaryAuthorizationAtte in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BinaryAuthorizationPolicy) DeepCopyInto(out *BinaryAuthorizationPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BinaryAuthorizationPolicy. +func (in *BinaryAuthorizationPolicy) DeepCopy() *BinaryAuthorizationPolicy { + if in == nil { + return nil + } + out := new(BinaryAuthorizationPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *BinaryAuthorizationPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BinaryAuthorizationPolicyList) DeepCopyInto(out *BinaryAuthorizationPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]BinaryAuthorizationPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BinaryAuthorizationPolicyList. +func (in *BinaryAuthorizationPolicyList) DeepCopy() *BinaryAuthorizationPolicyList { + if in == nil { + return nil + } + out := new(BinaryAuthorizationPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *BinaryAuthorizationPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BinaryAuthorizationPolicySpec) DeepCopyInto(out *BinaryAuthorizationPolicySpec) { + *out = *in + if in.AdmissionWhitelistPatterns != nil { + in, out := &in.AdmissionWhitelistPatterns, &out.AdmissionWhitelistPatterns + *out = make([]PolicyAdmissionWhitelistPatterns, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ClusterAdmissionRules != nil { + in, out := &in.ClusterAdmissionRules, &out.ClusterAdmissionRules + *out = make(map[string]PolicyClusterAdmissionRules, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } + in.DefaultAdmissionRule.DeepCopyInto(&out.DefaultAdmissionRule) + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.GlobalPolicyEvaluationMode != nil { + in, out := &in.GlobalPolicyEvaluationMode, &out.GlobalPolicyEvaluationMode + *out = new(string) + **out = **in + } + if in.IstioServiceIdentityAdmissionRules != nil { + in, out := &in.IstioServiceIdentityAdmissionRules, &out.IstioServiceIdentityAdmissionRules + *out = make(map[string]PolicyIstioServiceIdentityAdmissionRules, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } + if in.KubernetesNamespaceAdmissionRules != nil { + in, out := &in.KubernetesNamespaceAdmissionRules, &out.KubernetesNamespaceAdmissionRules + *out = make(map[string]PolicyKubernetesNamespaceAdmissionRules, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } + if in.KubernetesServiceAccountAdmissionRules != nil { + in, out := &in.KubernetesServiceAccountAdmissionRules, &out.KubernetesServiceAccountAdmissionRules + *out = make(map[string]PolicyKubernetesServiceAccountAdmissionRules, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } + out.ProjectRef = in.ProjectRef + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BinaryAuthorizationPolicySpec. +func (in *BinaryAuthorizationPolicySpec) DeepCopy() *BinaryAuthorizationPolicySpec { + if in == nil { + return nil + } + out := new(BinaryAuthorizationPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BinaryAuthorizationPolicyStatus) DeepCopyInto(out *BinaryAuthorizationPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1alpha1.Condition, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BinaryAuthorizationPolicyStatus. +func (in *BinaryAuthorizationPolicyStatus) DeepCopy() *BinaryAuthorizationPolicyStatus { + if in == nil { + return nil + } + out := new(BinaryAuthorizationPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyAdmissionWhitelistPatterns) DeepCopyInto(out *PolicyAdmissionWhitelistPatterns) { + *out = *in + if in.NamePattern != nil { + in, out := &in.NamePattern, &out.NamePattern + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyAdmissionWhitelistPatterns. +func (in *PolicyAdmissionWhitelistPatterns) DeepCopy() *PolicyAdmissionWhitelistPatterns { + if in == nil { + return nil + } + out := new(PolicyAdmissionWhitelistPatterns) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyClusterAdmissionRules) DeepCopyInto(out *PolicyClusterAdmissionRules) { + *out = *in + if in.RequireAttestationsBy != nil { + in, out := &in.RequireAttestationsBy, &out.RequireAttestationsBy + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyClusterAdmissionRules. +func (in *PolicyClusterAdmissionRules) DeepCopy() *PolicyClusterAdmissionRules { + if in == nil { + return nil + } + out := new(PolicyClusterAdmissionRules) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyDefaultAdmissionRule) DeepCopyInto(out *PolicyDefaultAdmissionRule) { + *out = *in + if in.RequireAttestationsBy != nil { + in, out := &in.RequireAttestationsBy, &out.RequireAttestationsBy + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyDefaultAdmissionRule. +func (in *PolicyDefaultAdmissionRule) DeepCopy() *PolicyDefaultAdmissionRule { + if in == nil { + return nil + } + out := new(PolicyDefaultAdmissionRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyIstioServiceIdentityAdmissionRules) DeepCopyInto(out *PolicyIstioServiceIdentityAdmissionRules) { + *out = *in + if in.RequireAttestationsBy != nil { + in, out := &in.RequireAttestationsBy, &out.RequireAttestationsBy + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIstioServiceIdentityAdmissionRules. +func (in *PolicyIstioServiceIdentityAdmissionRules) DeepCopy() *PolicyIstioServiceIdentityAdmissionRules { + if in == nil { + return nil + } + out := new(PolicyIstioServiceIdentityAdmissionRules) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyKubernetesNamespaceAdmissionRules) DeepCopyInto(out *PolicyKubernetesNamespaceAdmissionRules) { + *out = *in + if in.RequireAttestationsBy != nil { + in, out := &in.RequireAttestationsBy, &out.RequireAttestationsBy + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyKubernetesNamespaceAdmissionRules. +func (in *PolicyKubernetesNamespaceAdmissionRules) DeepCopy() *PolicyKubernetesNamespaceAdmissionRules { + if in == nil { + return nil + } + out := new(PolicyKubernetesNamespaceAdmissionRules) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyKubernetesServiceAccountAdmissionRules) DeepCopyInto(out *PolicyKubernetesServiceAccountAdmissionRules) { + *out = *in + if in.RequireAttestationsBy != nil { + in, out := &in.RequireAttestationsBy, &out.RequireAttestationsBy + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyKubernetesServiceAccountAdmissionRules. +func (in *PolicyKubernetesServiceAccountAdmissionRules) DeepCopy() *PolicyKubernetesServiceAccountAdmissionRules { + if in == nil { + return nil + } + out := new(PolicyKubernetesServiceAccountAdmissionRules) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/apis/cloudidentity/v1beta1/cloudidentitygroup_types.go b/pkg/apis/cloudidentity/v1beta1/cloudidentitygroup_types.go index 3fd7343acc..5d7211a4ee 100644 --- a/pkg/apis/cloudidentity/v1beta1/cloudidentitygroup_types.go +++ b/pkg/apis/cloudidentity/v1beta1/cloudidentitygroup_types.go @@ -72,7 +72,7 @@ type CloudIdentityGroupSpec struct { /* Immutable. EntityKey of the Group. */ GroupKey GroupGroupKey `json:"groupKey"` - /* The initial configuration options for creating a Group. + /* Immutable. The initial configuration options for creating a Group. See the [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig) diff --git a/pkg/apis/compute/v1beta1/computehttpshealthcheck_types.go b/pkg/apis/compute/v1beta1/computehttpshealthcheck_types.go index 1496127d19..25e1637d0a 100644 --- a/pkg/apis/compute/v1beta1/computehttpshealthcheck_types.go +++ b/pkg/apis/compute/v1beta1/computehttpshealthcheck_types.go @@ -58,7 +58,7 @@ type ComputeHTTPSHealthCheckSpec struct { Host *string `json:"host,omitempty"` /* The TCP port number for the HTTPS health check request. - The default value is 80. */ + The default value is 443. */ // +optional Port *int `json:"port,omitempty"` diff --git a/pkg/apis/compute/v1beta1/computeinstancegroupmanager_types.go b/pkg/apis/compute/v1beta1/computeinstancegroupmanager_types.go new file mode 100644 index 0000000000..a755272469 --- /dev/null +++ b/pkg/apis/compute/v1beta1/computeinstancegroupmanager_types.go @@ -0,0 +1,296 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Config Connector and manual +// changes will be clobbered when the file is regenerated. +// +// ---------------------------------------------------------------------------- + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +package v1beta1 + +import ( + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type InstancegroupmanagerAutoHealingPolicies struct { + /* */ + // +optional + HealthCheckRef *v1alpha1.ResourceRef `json:"healthCheckRef,omitempty"` + + /* The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. */ + // +optional + InitialDelaySec *int `json:"initialDelaySec,omitempty"` +} + +type InstancegroupmanagerDistributionPolicy struct { + /* Zones where the regional managed instance group will create and manage instances. */ + // +optional + Zones []InstancegroupmanagerZones `json:"zones,omitempty"` +} + +type InstancegroupmanagerMaxSurge struct { + /* Specifies a fixed number of VM instances. This must be a positive integer. */ + // +optional + Fixed *int `json:"fixed,omitempty"` + + /* Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. */ + // +optional + Percent *int `json:"percent,omitempty"` +} + +type InstancegroupmanagerMaxUnavailable struct { + /* Specifies a fixed number of VM instances. This must be a positive integer. */ + // +optional + Fixed *int `json:"fixed,omitempty"` + + /* Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. */ + // +optional + Percent *int `json:"percent,omitempty"` +} + +type InstancegroupmanagerNamedPorts struct { + /* The name for this named port. The name must be 1-63 characters long, and comply with RFC1035. */ + // +optional + Name *string `json:"name,omitempty"` + + /* The port number, which can be a value between 1 and 65535. */ + // +optional + Port *int `json:"port,omitempty"` +} + +type InstancegroupmanagerTargetSize struct { + /* Absolute value of VM instances calculated based on the specific mode. */ + // +optional + Calculated *int `json:"calculated,omitempty"` + + /* Specifies a fixed number of VM instances. This must be a positive integer. */ + // +optional + Fixed *int `json:"fixed,omitempty"` + + /* Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%. */ + // +optional + Percent *int `json:"percent,omitempty"` +} + +type InstancegroupmanagerUpdatePolicy struct { + /* The instance redistribution policy for regional managed instance groups. Possible values: PROACTIVE, NONE */ + // +optional + InstanceRedistributionType *string `json:"instanceRedistributionType,omitempty"` + + /* The maximum number of instances that can be created above the specified targetSize during the update process */ + // +optional + MaxSurge *InstancegroupmanagerMaxSurge `json:"maxSurge,omitempty"` + + /* The maximum number of instances that can be unavailable during the update process */ + // +optional + MaxUnavailable *InstancegroupmanagerMaxUnavailable `json:"maxUnavailable,omitempty"` + + /* Minimal action to be taken on an instance. Possible values: RESTART, REPLACE */ + // +optional + MinimalAction *string `json:"minimalAction,omitempty"` +} + +type InstancegroupmanagerVersions struct { + /* */ + // +optional + InstanceTemplateRef *v1alpha1.ResourceRef `json:"instanceTemplateRef,omitempty"` + + /* Name of the version. Unique among all versions in the scope of this managed instance group. */ + // +optional + Name *string `json:"name,omitempty"` + + /* Specifies the intended number of instances to be created from the instanceTemplate. */ + // +optional + TargetSize *InstancegroupmanagerTargetSize `json:"targetSize,omitempty"` +} + +type InstancegroupmanagerZones struct { + /* The URL of the zone. The zone must exist in the region where the managed instance group is located. */ + // +optional + Zone *string `json:"zone,omitempty"` +} + +type ComputeInstanceGroupManagerSpec struct { + /* The autohealing policy for this managed instance group. */ + // +optional + AutoHealingPolicies []InstancegroupmanagerAutoHealingPolicies `json:"autoHealingPolicies,omitempty"` + + /* The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035. */ + BaseInstanceName string `json:"baseInstanceName"` + + /* An optional description of this resource. Provide this property when you create the resource. */ + // +optional + Description *string `json:"description,omitempty"` + + /* Policy specifying intended distribution of instances in regional managed instance group. */ + // +optional + DistributionPolicy *InstancegroupmanagerDistributionPolicy `json:"distributionPolicy,omitempty"` + + /* */ + // +optional + InstanceTemplateRef *v1alpha1.ResourceRef `json:"instanceTemplateRef,omitempty"` + + /* The location of this resource. */ + // +optional + Location *string `json:"location,omitempty"` + + /* Named ports configured for the Instance Groups complementary to this Instance Group Manager. */ + // +optional + NamedPorts []InstancegroupmanagerNamedPorts `json:"namedPorts,omitempty"` + + /* The Project that this resource belongs to. */ + ProjectRef v1alpha1.ResourceRef `json:"projectRef"` + + /* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */ + // +optional + ResourceID *string `json:"resourceID,omitempty"` + + /* */ + // +optional + TargetPools []v1alpha1.ResourceRef `json:"targetPools,omitempty"` + + /* The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number. */ + // +optional + TargetSize *int `json:"targetSize,omitempty"` + + /* The update policy for this managed instance group. */ + // +optional + UpdatePolicy *InstancegroupmanagerUpdatePolicy `json:"updatePolicy,omitempty"` + + /* Specifies the instance templates used by this managed instance group to create instances. */ + // +optional + Versions []InstancegroupmanagerVersions `json:"versions,omitempty"` +} + +type InstancegroupmanagerCurrentActionsStatus struct { + /* The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it. */ + Abandoning int `json:"abandoning,omitempty"` + + /* The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated. */ + Creating int `json:"creating,omitempty"` + + /* The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly. */ + CreatingWithoutRetries int `json:"creatingWithoutRetries,omitempty"` + + /* The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted. */ + Deleting int `json:"deleting,omitempty"` + + /* The number of instances in the managed instance group that are running and have no scheduled actions. */ + None int `json:"none,omitempty"` + + /* The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template. */ + Recreating int `json:"recreating,omitempty"` + + /* The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance. */ + Refreshing int `json:"refreshing,omitempty"` + + /* The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted. */ + Restarting int `json:"restarting,omitempty"` +} + +type InstancegroupmanagerMaxSurgeStatus struct { + /* Absolute value of VM instances calculated based on the specific mode. */ + Calculated int `json:"calculated,omitempty"` +} + +type InstancegroupmanagerMaxUnavailableStatus struct { + /* Absolute value of VM instances calculated based on the specific mode. */ + Calculated int `json:"calculated,omitempty"` +} + +type InstancegroupmanagerStatusStatus struct { + /* The autoscalar that targets this instance group manager */ + Autoscalar string `json:"autoscalar,omitempty"` + + /* A bit indicating whether the managed instance group is in a stable state. */ + IsStable bool `json:"isStable,omitempty"` + + /* A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager. */ + VersionTarget InstancegroupmanagerVersionTargetStatus `json:"versionTarget,omitempty"` +} + +type InstancegroupmanagerUpdatePolicyStatus struct { + /* */ + MaxSurge InstancegroupmanagerMaxSurgeStatus `json:"maxSurge,omitempty"` + + /* */ + MaxUnavailable InstancegroupmanagerMaxUnavailableStatus `json:"maxUnavailable,omitempty"` +} + +type InstancegroupmanagerVersionTargetStatus struct { + /* A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager. */ + IsReached bool `json:"isReached,omitempty"` +} + +type ComputeInstanceGroupManagerStatus struct { + /* Conditions represent the latest available observations of the + ComputeInstanceGroupManager's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + /* The creation timestamp for this managed instance group in RFC3339 text format. */ + CreationTimestamp string `json:"creationTimestamp,omitempty"` + /* The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions. */ + CurrentActions InstancegroupmanagerCurrentActionsStatus `json:"currentActions,omitempty"` + /* A unique identifier for this resource */ + Id int `json:"id,omitempty"` + /* The instance group being managed */ + InstanceGroup string `json:"instanceGroup,omitempty"` + /* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */ + ObservedGeneration int `json:"observedGeneration,omitempty"` + /* The region the managed instance group resides in */ + Region string `json:"region,omitempty"` + /* The status of this managed instance group. */ + Status InstancegroupmanagerStatusStatus `json:"status,omitempty"` + /* */ + UpdatePolicy InstancegroupmanagerUpdatePolicyStatus `json:"updatePolicy,omitempty"` + /* The zone the managed instance group resides. */ + Zone string `json:"zone,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ComputeInstanceGroupManager is the Schema for the compute API +// +k8s:openapi-gen=true +type ComputeInstanceGroupManager struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec ComputeInstanceGroupManagerSpec `json:"spec,omitempty"` + Status ComputeInstanceGroupManagerStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ComputeInstanceGroupManagerList contains a list of ComputeInstanceGroupManager +type ComputeInstanceGroupManagerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ComputeInstanceGroupManager `json:"items"` +} + +func init() { + SchemeBuilder.Register(&ComputeInstanceGroupManager{}, &ComputeInstanceGroupManagerList{}) +} diff --git a/pkg/apis/compute/v1beta1/register.go b/pkg/apis/compute/v1beta1/register.go index 8e88774b38..26e544ec05 100644 --- a/pkg/apis/compute/v1beta1/register.go +++ b/pkg/apis/compute/v1beta1/register.go @@ -131,6 +131,12 @@ var ( Kind: reflect.TypeOf(ComputeInstanceGroup{}).Name(), } + ComputeInstanceGroupManagerGVK = schema.GroupVersionKind{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Kind: reflect.TypeOf(ComputeInstanceGroupManager{}).Name(), + } + ComputeInstanceTemplateGVK = schema.GroupVersionKind{ Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, diff --git a/pkg/apis/compute/v1beta1/zz_generated.deepcopy.go b/pkg/apis/compute/v1beta1/zz_generated.deepcopy.go index 1e84ba0ae9..9cc45971d9 100644 --- a/pkg/apis/compute/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/compute/v1beta1/zz_generated.deepcopy.go @@ -2615,6 +2615,169 @@ func (in *ComputeInstanceGroupList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeInstanceGroupManager) DeepCopyInto(out *ComputeInstanceGroupManager) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeInstanceGroupManager. +func (in *ComputeInstanceGroupManager) DeepCopy() *ComputeInstanceGroupManager { + if in == nil { + return nil + } + out := new(ComputeInstanceGroupManager) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ComputeInstanceGroupManager) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeInstanceGroupManagerList) DeepCopyInto(out *ComputeInstanceGroupManagerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ComputeInstanceGroupManager, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeInstanceGroupManagerList. +func (in *ComputeInstanceGroupManagerList) DeepCopy() *ComputeInstanceGroupManagerList { + if in == nil { + return nil + } + out := new(ComputeInstanceGroupManagerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ComputeInstanceGroupManagerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeInstanceGroupManagerSpec) DeepCopyInto(out *ComputeInstanceGroupManagerSpec) { + *out = *in + if in.AutoHealingPolicies != nil { + in, out := &in.AutoHealingPolicies, &out.AutoHealingPolicies + *out = make([]InstancegroupmanagerAutoHealingPolicies, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DistributionPolicy != nil { + in, out := &in.DistributionPolicy, &out.DistributionPolicy + *out = new(InstancegroupmanagerDistributionPolicy) + (*in).DeepCopyInto(*out) + } + if in.InstanceTemplateRef != nil { + in, out := &in.InstanceTemplateRef, &out.InstanceTemplateRef + *out = new(v1alpha1.ResourceRef) + **out = **in + } + if in.Location != nil { + in, out := &in.Location, &out.Location + *out = new(string) + **out = **in + } + if in.NamedPorts != nil { + in, out := &in.NamedPorts, &out.NamedPorts + *out = make([]InstancegroupmanagerNamedPorts, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.ProjectRef = in.ProjectRef + if in.ResourceID != nil { + in, out := &in.ResourceID, &out.ResourceID + *out = new(string) + **out = **in + } + if in.TargetPools != nil { + in, out := &in.TargetPools, &out.TargetPools + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + if in.TargetSize != nil { + in, out := &in.TargetSize, &out.TargetSize + *out = new(int) + **out = **in + } + if in.UpdatePolicy != nil { + in, out := &in.UpdatePolicy, &out.UpdatePolicy + *out = new(InstancegroupmanagerUpdatePolicy) + (*in).DeepCopyInto(*out) + } + if in.Versions != nil { + in, out := &in.Versions, &out.Versions + *out = make([]InstancegroupmanagerVersions, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeInstanceGroupManagerSpec. +func (in *ComputeInstanceGroupManagerSpec) DeepCopy() *ComputeInstanceGroupManagerSpec { + if in == nil { + return nil + } + out := new(ComputeInstanceGroupManagerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeInstanceGroupManagerStatus) DeepCopyInto(out *ComputeInstanceGroupManagerStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1alpha1.Condition, len(*in)) + copy(*out, *in) + } + out.CurrentActions = in.CurrentActions + out.Status = in.Status + out.UpdatePolicy = in.UpdatePolicy + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeInstanceGroupManagerStatus. +func (in *ComputeInstanceGroupManagerStatus) DeepCopy() *ComputeInstanceGroupManagerStatus { + if in == nil { + return nil + } + out := new(ComputeInstanceGroupManagerStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ComputeInstanceGroupSpec) DeepCopyInto(out *ComputeInstanceGroupSpec) { *out = *in @@ -8394,6 +8557,351 @@ func (in *InstancegroupNamedPort) DeepCopy() *InstancegroupNamedPort { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerAutoHealingPolicies) DeepCopyInto(out *InstancegroupmanagerAutoHealingPolicies) { + *out = *in + if in.HealthCheckRef != nil { + in, out := &in.HealthCheckRef, &out.HealthCheckRef + *out = new(v1alpha1.ResourceRef) + **out = **in + } + if in.InitialDelaySec != nil { + in, out := &in.InitialDelaySec, &out.InitialDelaySec + *out = new(int) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerAutoHealingPolicies. +func (in *InstancegroupmanagerAutoHealingPolicies) DeepCopy() *InstancegroupmanagerAutoHealingPolicies { + if in == nil { + return nil + } + out := new(InstancegroupmanagerAutoHealingPolicies) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerCurrentActionsStatus) DeepCopyInto(out *InstancegroupmanagerCurrentActionsStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerCurrentActionsStatus. +func (in *InstancegroupmanagerCurrentActionsStatus) DeepCopy() *InstancegroupmanagerCurrentActionsStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerCurrentActionsStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerDistributionPolicy) DeepCopyInto(out *InstancegroupmanagerDistributionPolicy) { + *out = *in + if in.Zones != nil { + in, out := &in.Zones, &out.Zones + *out = make([]InstancegroupmanagerZones, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerDistributionPolicy. +func (in *InstancegroupmanagerDistributionPolicy) DeepCopy() *InstancegroupmanagerDistributionPolicy { + if in == nil { + return nil + } + out := new(InstancegroupmanagerDistributionPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerMaxSurge) DeepCopyInto(out *InstancegroupmanagerMaxSurge) { + *out = *in + if in.Fixed != nil { + in, out := &in.Fixed, &out.Fixed + *out = new(int) + **out = **in + } + if in.Percent != nil { + in, out := &in.Percent, &out.Percent + *out = new(int) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerMaxSurge. +func (in *InstancegroupmanagerMaxSurge) DeepCopy() *InstancegroupmanagerMaxSurge { + if in == nil { + return nil + } + out := new(InstancegroupmanagerMaxSurge) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerMaxSurgeStatus) DeepCopyInto(out *InstancegroupmanagerMaxSurgeStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerMaxSurgeStatus. +func (in *InstancegroupmanagerMaxSurgeStatus) DeepCopy() *InstancegroupmanagerMaxSurgeStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerMaxSurgeStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerMaxUnavailable) DeepCopyInto(out *InstancegroupmanagerMaxUnavailable) { + *out = *in + if in.Fixed != nil { + in, out := &in.Fixed, &out.Fixed + *out = new(int) + **out = **in + } + if in.Percent != nil { + in, out := &in.Percent, &out.Percent + *out = new(int) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerMaxUnavailable. +func (in *InstancegroupmanagerMaxUnavailable) DeepCopy() *InstancegroupmanagerMaxUnavailable { + if in == nil { + return nil + } + out := new(InstancegroupmanagerMaxUnavailable) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerMaxUnavailableStatus) DeepCopyInto(out *InstancegroupmanagerMaxUnavailableStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerMaxUnavailableStatus. +func (in *InstancegroupmanagerMaxUnavailableStatus) DeepCopy() *InstancegroupmanagerMaxUnavailableStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerMaxUnavailableStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerNamedPorts) DeepCopyInto(out *InstancegroupmanagerNamedPorts) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerNamedPorts. +func (in *InstancegroupmanagerNamedPorts) DeepCopy() *InstancegroupmanagerNamedPorts { + if in == nil { + return nil + } + out := new(InstancegroupmanagerNamedPorts) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerStatusStatus) DeepCopyInto(out *InstancegroupmanagerStatusStatus) { + *out = *in + out.VersionTarget = in.VersionTarget + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerStatusStatus. +func (in *InstancegroupmanagerStatusStatus) DeepCopy() *InstancegroupmanagerStatusStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerStatusStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerTargetSize) DeepCopyInto(out *InstancegroupmanagerTargetSize) { + *out = *in + if in.Calculated != nil { + in, out := &in.Calculated, &out.Calculated + *out = new(int) + **out = **in + } + if in.Fixed != nil { + in, out := &in.Fixed, &out.Fixed + *out = new(int) + **out = **in + } + if in.Percent != nil { + in, out := &in.Percent, &out.Percent + *out = new(int) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerTargetSize. +func (in *InstancegroupmanagerTargetSize) DeepCopy() *InstancegroupmanagerTargetSize { + if in == nil { + return nil + } + out := new(InstancegroupmanagerTargetSize) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerUpdatePolicy) DeepCopyInto(out *InstancegroupmanagerUpdatePolicy) { + *out = *in + if in.InstanceRedistributionType != nil { + in, out := &in.InstanceRedistributionType, &out.InstanceRedistributionType + *out = new(string) + **out = **in + } + if in.MaxSurge != nil { + in, out := &in.MaxSurge, &out.MaxSurge + *out = new(InstancegroupmanagerMaxSurge) + (*in).DeepCopyInto(*out) + } + if in.MaxUnavailable != nil { + in, out := &in.MaxUnavailable, &out.MaxUnavailable + *out = new(InstancegroupmanagerMaxUnavailable) + (*in).DeepCopyInto(*out) + } + if in.MinimalAction != nil { + in, out := &in.MinimalAction, &out.MinimalAction + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerUpdatePolicy. +func (in *InstancegroupmanagerUpdatePolicy) DeepCopy() *InstancegroupmanagerUpdatePolicy { + if in == nil { + return nil + } + out := new(InstancegroupmanagerUpdatePolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerUpdatePolicyStatus) DeepCopyInto(out *InstancegroupmanagerUpdatePolicyStatus) { + *out = *in + out.MaxSurge = in.MaxSurge + out.MaxUnavailable = in.MaxUnavailable + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerUpdatePolicyStatus. +func (in *InstancegroupmanagerUpdatePolicyStatus) DeepCopy() *InstancegroupmanagerUpdatePolicyStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerUpdatePolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerVersionTargetStatus) DeepCopyInto(out *InstancegroupmanagerVersionTargetStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerVersionTargetStatus. +func (in *InstancegroupmanagerVersionTargetStatus) DeepCopy() *InstancegroupmanagerVersionTargetStatus { + if in == nil { + return nil + } + out := new(InstancegroupmanagerVersionTargetStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerVersions) DeepCopyInto(out *InstancegroupmanagerVersions) { + *out = *in + if in.InstanceTemplateRef != nil { + in, out := &in.InstanceTemplateRef, &out.InstanceTemplateRef + *out = new(v1alpha1.ResourceRef) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.TargetSize != nil { + in, out := &in.TargetSize, &out.TargetSize + *out = new(InstancegroupmanagerTargetSize) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerVersions. +func (in *InstancegroupmanagerVersions) DeepCopy() *InstancegroupmanagerVersions { + if in == nil { + return nil + } + out := new(InstancegroupmanagerVersions) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstancegroupmanagerZones) DeepCopyInto(out *InstancegroupmanagerZones) { + *out = *in + if in.Zone != nil { + in, out := &in.Zone, &out.Zone + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstancegroupmanagerZones. +func (in *InstancegroupmanagerZones) DeepCopy() *InstancegroupmanagerZones { + if in == nil { + return nil + } + out := new(InstancegroupmanagerZones) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InstancetemplateAccessConfig) DeepCopyInto(out *InstancetemplateAccessConfig) { *out = *in diff --git a/pkg/apis/secretmanager/v1beta1/secretmanagersecret_types.go b/pkg/apis/secretmanager/v1beta1/secretmanagersecret_types.go index 196e04cd17..42c8354910 100644 --- a/pkg/apis/secretmanager/v1beta1/secretmanagersecret_types.go +++ b/pkg/apis/secretmanager/v1beta1/secretmanagersecret_types.go @@ -59,12 +59,29 @@ type SecretReplication struct { UserManaged *SecretUserManaged `json:"userManaged,omitempty"` } +type SecretRotation struct { + /* Timestamp in UTC at which the Secret is scheduled to rotate. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ + // +optional + NextRotationTime *string `json:"nextRotationTime,omitempty"` + + /* Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). + If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. */ + // +optional + RotationPeriod *string `json:"rotationPeriod,omitempty"` +} + type SecretUserManaged struct { /* The list of Replicas for this Secret. Cannot be empty. */ Replicas []SecretReplicas `json:"replicas"` } type SecretManagerSecretSpec struct { + /* Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ + // +optional + ExpireTime *string `json:"expireTime,omitempty"` + /* Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. */ Replication SecretReplication `json:"replication"` @@ -72,6 +89,19 @@ type SecretManagerSecretSpec struct { /* Immutable. Optional. The secretId of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */ // +optional ResourceID *string `json:"resourceID,omitempty"` + + /* The rotation time and period for a Secret. At 'next_rotation_time', Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. 'topics' must be set to configure rotation. */ + // +optional + Rotation *SecretRotation `json:"rotation,omitempty"` + + /* */ + // +optional + Topics []v1alpha1.ResourceRef `json:"topics,omitempty"` + + /* Immutable. The TTL for the Secret. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". */ + // +optional + Ttl *string `json:"ttl,omitempty"` } type SecretManagerSecretStatus struct { diff --git a/pkg/apis/secretmanager/v1beta1/zz_generated.deepcopy.go b/pkg/apis/secretmanager/v1beta1/zz_generated.deepcopy.go index ed0ced5fa6..61cbe5ce00 100644 --- a/pkg/apis/secretmanager/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/secretmanager/v1beta1/zz_generated.deepcopy.go @@ -109,12 +109,32 @@ func (in *SecretManagerSecretList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretManagerSecretSpec) DeepCopyInto(out *SecretManagerSecretSpec) { *out = *in + if in.ExpireTime != nil { + in, out := &in.ExpireTime, &out.ExpireTime + *out = new(string) + **out = **in + } in.Replication.DeepCopyInto(&out.Replication) if in.ResourceID != nil { in, out := &in.ResourceID, &out.ResourceID *out = new(string) **out = **in } + if in.Rotation != nil { + in, out := &in.Rotation, &out.Rotation + *out = new(SecretRotation) + (*in).DeepCopyInto(*out) + } + if in.Topics != nil { + in, out := &in.Topics, &out.Topics + *out = make([]v1alpha1.ResourceRef, len(*in)) + copy(*out, *in) + } + if in.Ttl != nil { + in, out := &in.Ttl, &out.Ttl + *out = new(string) + **out = **in + } return } @@ -301,6 +321,32 @@ func (in *SecretReplication) DeepCopy() *SecretReplication { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretRotation) DeepCopyInto(out *SecretRotation) { + *out = *in + if in.NextRotationTime != nil { + in, out := &in.NextRotationTime, &out.NextRotationTime + *out = new(string) + **out = **in + } + if in.RotationPeriod != nil { + in, out := &in.RotationPeriod, &out.RotationPeriod + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretRotation. +func (in *SecretRotation) DeepCopy() *SecretRotation { + if in == nil { + return nil + } + out := new(SecretRotation) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretUserManaged) DeepCopyInto(out *SecretUserManaged) { *out = *in diff --git a/pkg/apis/spanner/v1beta1/spannerinstance_types.go b/pkg/apis/spanner/v1beta1/spannerinstance_types.go index 14b8f02344..e6ab1fc95a 100644 --- a/pkg/apis/spanner/v1beta1/spannerinstance_types.go +++ b/pkg/apis/spanner/v1beta1/spannerinstance_types.go @@ -37,7 +37,7 @@ import ( type SpannerInstanceSpec struct { /* Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines defines the geographic placement and + quite the same as a region) which defines the geographic placement and replication of your databases in this instance. It determines where your data is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. In order to obtain a valid list please consult the diff --git a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorization_client.go b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorization_client.go index fcaf8a2557..890c14d7da 100644 --- a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorization_client.go +++ b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorization_client.go @@ -30,6 +30,7 @@ import ( type BinaryauthorizationV1beta1Interface interface { RESTClient() rest.Interface BinaryAuthorizationAttestorsGetter + BinaryAuthorizationPoliciesGetter } // BinaryauthorizationV1beta1Client is used to interact with features provided by the binaryauthorization.cnrm.cloud.google.com group. @@ -41,6 +42,10 @@ func (c *BinaryauthorizationV1beta1Client) BinaryAuthorizationAttestors(namespac return newBinaryAuthorizationAttestors(c, namespace) } +func (c *BinaryauthorizationV1beta1Client) BinaryAuthorizationPolicies(namespace string) BinaryAuthorizationPolicyInterface { + return newBinaryAuthorizationPolicies(c, namespace) +} + // NewForConfig creates a new BinaryauthorizationV1beta1Client for the given config. func NewForConfig(c *rest.Config) (*BinaryauthorizationV1beta1Client, error) { config := *c diff --git a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorizationpolicy.go b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorizationpolicy.go new file mode 100644 index 0000000000..d4a9057726 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/binaryauthorizationpolicy.go @@ -0,0 +1,198 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by main. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/binaryauthorization/v1beta1" + scheme "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// BinaryAuthorizationPoliciesGetter has a method to return a BinaryAuthorizationPolicyInterface. +// A group's client should implement this interface. +type BinaryAuthorizationPoliciesGetter interface { + BinaryAuthorizationPolicies(namespace string) BinaryAuthorizationPolicyInterface +} + +// BinaryAuthorizationPolicyInterface has methods to work with BinaryAuthorizationPolicy resources. +type BinaryAuthorizationPolicyInterface interface { + Create(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.CreateOptions) (*v1beta1.BinaryAuthorizationPolicy, error) + Update(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (*v1beta1.BinaryAuthorizationPolicy, error) + UpdateStatus(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (*v1beta1.BinaryAuthorizationPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.BinaryAuthorizationPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.BinaryAuthorizationPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.BinaryAuthorizationPolicy, err error) + BinaryAuthorizationPolicyExpansion +} + +// binaryAuthorizationPolicies implements BinaryAuthorizationPolicyInterface +type binaryAuthorizationPolicies struct { + client rest.Interface + ns string +} + +// newBinaryAuthorizationPolicies returns a BinaryAuthorizationPolicies +func newBinaryAuthorizationPolicies(c *BinaryauthorizationV1beta1Client, namespace string) *binaryAuthorizationPolicies { + return &binaryAuthorizationPolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the binaryAuthorizationPolicy, and returns the corresponding binaryAuthorizationPolicy object, and an error if there is any. +func (c *binaryAuthorizationPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + result = &v1beta1.BinaryAuthorizationPolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of BinaryAuthorizationPolicies that match those selectors. +func (c *binaryAuthorizationPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.BinaryAuthorizationPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.BinaryAuthorizationPolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested binaryAuthorizationPolicies. +func (c *binaryAuthorizationPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a binaryAuthorizationPolicy and creates it. Returns the server's representation of the binaryAuthorizationPolicy, and an error, if there is any. +func (c *binaryAuthorizationPolicies) Create(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.CreateOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + result = &v1beta1.BinaryAuthorizationPolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(binaryAuthorizationPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a binaryAuthorizationPolicy and updates it. Returns the server's representation of the binaryAuthorizationPolicy, and an error, if there is any. +func (c *binaryAuthorizationPolicies) Update(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + result = &v1beta1.BinaryAuthorizationPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + Name(binaryAuthorizationPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(binaryAuthorizationPolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *binaryAuthorizationPolicies) UpdateStatus(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + result = &v1beta1.BinaryAuthorizationPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + Name(binaryAuthorizationPolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(binaryAuthorizationPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the binaryAuthorizationPolicy and deletes it. Returns an error if one occurs. +func (c *binaryAuthorizationPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *binaryAuthorizationPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched binaryAuthorizationPolicy. +func (c *binaryAuthorizationPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + result = &v1beta1.BinaryAuthorizationPolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("binaryauthorizationpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorization_client.go b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorization_client.go index b6f5b217cf..90559eefa5 100644 --- a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorization_client.go +++ b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorization_client.go @@ -35,6 +35,10 @@ func (c *FakeBinaryauthorizationV1beta1) BinaryAuthorizationAttestors(namespace return &FakeBinaryAuthorizationAttestors{c, namespace} } +func (c *FakeBinaryauthorizationV1beta1) BinaryAuthorizationPolicies(namespace string) v1beta1.BinaryAuthorizationPolicyInterface { + return &FakeBinaryAuthorizationPolicies{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeBinaryauthorizationV1beta1) RESTClient() rest.Interface { diff --git a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorizationpolicy.go b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorizationpolicy.go new file mode 100644 index 0000000000..b62d7d3e82 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/fake/fake_binaryauthorizationpolicy.go @@ -0,0 +1,145 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by main. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/binaryauthorization/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeBinaryAuthorizationPolicies implements BinaryAuthorizationPolicyInterface +type FakeBinaryAuthorizationPolicies struct { + Fake *FakeBinaryauthorizationV1beta1 + ns string +} + +var binaryauthorizationpoliciesResource = schema.GroupVersionResource{Group: "binaryauthorization.cnrm.cloud.google.com", Version: "v1beta1", Resource: "binaryauthorizationpolicies"} + +var binaryauthorizationpoliciesKind = schema.GroupVersionKind{Group: "binaryauthorization.cnrm.cloud.google.com", Version: "v1beta1", Kind: "BinaryAuthorizationPolicy"} + +// Get takes name of the binaryAuthorizationPolicy, and returns the corresponding binaryAuthorizationPolicy object, and an error if there is any. +func (c *FakeBinaryAuthorizationPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(binaryauthorizationpoliciesResource, c.ns, name), &v1beta1.BinaryAuthorizationPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.BinaryAuthorizationPolicy), err +} + +// List takes label and field selectors, and returns the list of BinaryAuthorizationPolicies that match those selectors. +func (c *FakeBinaryAuthorizationPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.BinaryAuthorizationPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(binaryauthorizationpoliciesResource, binaryauthorizationpoliciesKind, c.ns, opts), &v1beta1.BinaryAuthorizationPolicyList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.BinaryAuthorizationPolicyList{ListMeta: obj.(*v1beta1.BinaryAuthorizationPolicyList).ListMeta} + for _, item := range obj.(*v1beta1.BinaryAuthorizationPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested binaryAuthorizationPolicies. +func (c *FakeBinaryAuthorizationPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(binaryauthorizationpoliciesResource, c.ns, opts)) + +} + +// Create takes the representation of a binaryAuthorizationPolicy and creates it. Returns the server's representation of the binaryAuthorizationPolicy, and an error, if there is any. +func (c *FakeBinaryAuthorizationPolicies) Create(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.CreateOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(binaryauthorizationpoliciesResource, c.ns, binaryAuthorizationPolicy), &v1beta1.BinaryAuthorizationPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.BinaryAuthorizationPolicy), err +} + +// Update takes the representation of a binaryAuthorizationPolicy and updates it. Returns the server's representation of the binaryAuthorizationPolicy, and an error, if there is any. +func (c *FakeBinaryAuthorizationPolicies) Update(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(binaryauthorizationpoliciesResource, c.ns, binaryAuthorizationPolicy), &v1beta1.BinaryAuthorizationPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.BinaryAuthorizationPolicy), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeBinaryAuthorizationPolicies) UpdateStatus(ctx context.Context, binaryAuthorizationPolicy *v1beta1.BinaryAuthorizationPolicy, opts v1.UpdateOptions) (*v1beta1.BinaryAuthorizationPolicy, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(binaryauthorizationpoliciesResource, "status", c.ns, binaryAuthorizationPolicy), &v1beta1.BinaryAuthorizationPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.BinaryAuthorizationPolicy), err +} + +// Delete takes name of the binaryAuthorizationPolicy and deletes it. Returns an error if one occurs. +func (c *FakeBinaryAuthorizationPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(binaryauthorizationpoliciesResource, c.ns, name), &v1beta1.BinaryAuthorizationPolicy{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeBinaryAuthorizationPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(binaryauthorizationpoliciesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.BinaryAuthorizationPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched binaryAuthorizationPolicy. +func (c *FakeBinaryAuthorizationPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.BinaryAuthorizationPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(binaryauthorizationpoliciesResource, c.ns, name, pt, data, subresources...), &v1beta1.BinaryAuthorizationPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.BinaryAuthorizationPolicy), err +} diff --git a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/generated_expansion.go index 72df3f8f2d..8682ca255e 100644 --- a/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/binaryauthorization/v1beta1/generated_expansion.go @@ -22,3 +22,5 @@ package v1beta1 type BinaryAuthorizationAttestorExpansion interface{} + +type BinaryAuthorizationPolicyExpansion interface{} diff --git a/pkg/client/clientset/versioned/typed/compute/v1beta1/compute_client.go b/pkg/client/clientset/versioned/typed/compute/v1beta1/compute_client.go index faae9a8743..34a978e974 100644 --- a/pkg/client/clientset/versioned/typed/compute/v1beta1/compute_client.go +++ b/pkg/client/clientset/versioned/typed/compute/v1beta1/compute_client.go @@ -42,6 +42,7 @@ type ComputeV1beta1Interface interface { ComputeImagesGetter ComputeInstancesGetter ComputeInstanceGroupsGetter + ComputeInstanceGroupManagersGetter ComputeInstanceTemplatesGetter ComputeInterconnectAttachmentsGetter ComputeNetworksGetter @@ -134,6 +135,10 @@ func (c *ComputeV1beta1Client) ComputeInstanceGroups(namespace string) ComputeIn return newComputeInstanceGroups(c, namespace) } +func (c *ComputeV1beta1Client) ComputeInstanceGroupManagers(namespace string) ComputeInstanceGroupManagerInterface { + return newComputeInstanceGroupManagers(c, namespace) +} + func (c *ComputeV1beta1Client) ComputeInstanceTemplates(namespace string) ComputeInstanceTemplateInterface { return newComputeInstanceTemplates(c, namespace) } diff --git a/pkg/client/clientset/versioned/typed/compute/v1beta1/computeinstancegroupmanager.go b/pkg/client/clientset/versioned/typed/compute/v1beta1/computeinstancegroupmanager.go new file mode 100644 index 0000000000..3cf29179d8 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/compute/v1beta1/computeinstancegroupmanager.go @@ -0,0 +1,198 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by main. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/compute/v1beta1" + scheme "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ComputeInstanceGroupManagersGetter has a method to return a ComputeInstanceGroupManagerInterface. +// A group's client should implement this interface. +type ComputeInstanceGroupManagersGetter interface { + ComputeInstanceGroupManagers(namespace string) ComputeInstanceGroupManagerInterface +} + +// ComputeInstanceGroupManagerInterface has methods to work with ComputeInstanceGroupManager resources. +type ComputeInstanceGroupManagerInterface interface { + Create(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.CreateOptions) (*v1beta1.ComputeInstanceGroupManager, error) + Update(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (*v1beta1.ComputeInstanceGroupManager, error) + UpdateStatus(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (*v1beta1.ComputeInstanceGroupManager, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.ComputeInstanceGroupManager, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.ComputeInstanceGroupManagerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ComputeInstanceGroupManager, err error) + ComputeInstanceGroupManagerExpansion +} + +// computeInstanceGroupManagers implements ComputeInstanceGroupManagerInterface +type computeInstanceGroupManagers struct { + client rest.Interface + ns string +} + +// newComputeInstanceGroupManagers returns a ComputeInstanceGroupManagers +func newComputeInstanceGroupManagers(c *ComputeV1beta1Client, namespace string) *computeInstanceGroupManagers { + return &computeInstanceGroupManagers{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the computeInstanceGroupManager, and returns the corresponding computeInstanceGroupManager object, and an error if there is any. +func (c *computeInstanceGroupManagers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + result = &v1beta1.ComputeInstanceGroupManager{} + err = c.client.Get(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ComputeInstanceGroupManagers that match those selectors. +func (c *computeInstanceGroupManagers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ComputeInstanceGroupManagerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.ComputeInstanceGroupManagerList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested computeInstanceGroupManagers. +func (c *computeInstanceGroupManagers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a computeInstanceGroupManager and creates it. Returns the server's representation of the computeInstanceGroupManager, and an error, if there is any. +func (c *computeInstanceGroupManagers) Create(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.CreateOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + result = &v1beta1.ComputeInstanceGroupManager{} + err = c.client.Post(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(computeInstanceGroupManager). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a computeInstanceGroupManager and updates it. Returns the server's representation of the computeInstanceGroupManager, and an error, if there is any. +func (c *computeInstanceGroupManagers) Update(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + result = &v1beta1.ComputeInstanceGroupManager{} + err = c.client.Put(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + Name(computeInstanceGroupManager.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(computeInstanceGroupManager). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *computeInstanceGroupManagers) UpdateStatus(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + result = &v1beta1.ComputeInstanceGroupManager{} + err = c.client.Put(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + Name(computeInstanceGroupManager.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(computeInstanceGroupManager). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the computeInstanceGroupManager and deletes it. Returns an error if one occurs. +func (c *computeInstanceGroupManagers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *computeInstanceGroupManagers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched computeInstanceGroupManager. +func (c *computeInstanceGroupManagers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ComputeInstanceGroupManager, err error) { + result = &v1beta1.ComputeInstanceGroupManager{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("computeinstancegroupmanagers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_compute_client.go b/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_compute_client.go index 5842e0738e..56e2125fa4 100644 --- a/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_compute_client.go +++ b/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_compute_client.go @@ -83,6 +83,10 @@ func (c *FakeComputeV1beta1) ComputeInstanceGroups(namespace string) v1beta1.Com return &FakeComputeInstanceGroups{c, namespace} } +func (c *FakeComputeV1beta1) ComputeInstanceGroupManagers(namespace string) v1beta1.ComputeInstanceGroupManagerInterface { + return &FakeComputeInstanceGroupManagers{c, namespace} +} + func (c *FakeComputeV1beta1) ComputeInstanceTemplates(namespace string) v1beta1.ComputeInstanceTemplateInterface { return &FakeComputeInstanceTemplates{c, namespace} } diff --git a/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_computeinstancegroupmanager.go b/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_computeinstancegroupmanager.go new file mode 100644 index 0000000000..5531d2b3bf --- /dev/null +++ b/pkg/client/clientset/versioned/typed/compute/v1beta1/fake/fake_computeinstancegroupmanager.go @@ -0,0 +1,145 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// *** DISCLAIMER *** +// Config Connector's go-client for CRDs is currently in ALPHA, which means +// that future versions of the go-client may include breaking changes. +// Please try it out and give us feedback! + +// Code generated by main. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/compute/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeComputeInstanceGroupManagers implements ComputeInstanceGroupManagerInterface +type FakeComputeInstanceGroupManagers struct { + Fake *FakeComputeV1beta1 + ns string +} + +var computeinstancegroupmanagersResource = schema.GroupVersionResource{Group: "compute.cnrm.cloud.google.com", Version: "v1beta1", Resource: "computeinstancegroupmanagers"} + +var computeinstancegroupmanagersKind = schema.GroupVersionKind{Group: "compute.cnrm.cloud.google.com", Version: "v1beta1", Kind: "ComputeInstanceGroupManager"} + +// Get takes name of the computeInstanceGroupManager, and returns the corresponding computeInstanceGroupManager object, and an error if there is any. +func (c *FakeComputeInstanceGroupManagers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(computeinstancegroupmanagersResource, c.ns, name), &v1beta1.ComputeInstanceGroupManager{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ComputeInstanceGroupManager), err +} + +// List takes label and field selectors, and returns the list of ComputeInstanceGroupManagers that match those selectors. +func (c *FakeComputeInstanceGroupManagers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ComputeInstanceGroupManagerList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(computeinstancegroupmanagersResource, computeinstancegroupmanagersKind, c.ns, opts), &v1beta1.ComputeInstanceGroupManagerList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.ComputeInstanceGroupManagerList{ListMeta: obj.(*v1beta1.ComputeInstanceGroupManagerList).ListMeta} + for _, item := range obj.(*v1beta1.ComputeInstanceGroupManagerList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested computeInstanceGroupManagers. +func (c *FakeComputeInstanceGroupManagers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(computeinstancegroupmanagersResource, c.ns, opts)) + +} + +// Create takes the representation of a computeInstanceGroupManager and creates it. Returns the server's representation of the computeInstanceGroupManager, and an error, if there is any. +func (c *FakeComputeInstanceGroupManagers) Create(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.CreateOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(computeinstancegroupmanagersResource, c.ns, computeInstanceGroupManager), &v1beta1.ComputeInstanceGroupManager{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ComputeInstanceGroupManager), err +} + +// Update takes the representation of a computeInstanceGroupManager and updates it. Returns the server's representation of the computeInstanceGroupManager, and an error, if there is any. +func (c *FakeComputeInstanceGroupManagers) Update(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (result *v1beta1.ComputeInstanceGroupManager, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(computeinstancegroupmanagersResource, c.ns, computeInstanceGroupManager), &v1beta1.ComputeInstanceGroupManager{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ComputeInstanceGroupManager), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeComputeInstanceGroupManagers) UpdateStatus(ctx context.Context, computeInstanceGroupManager *v1beta1.ComputeInstanceGroupManager, opts v1.UpdateOptions) (*v1beta1.ComputeInstanceGroupManager, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(computeinstancegroupmanagersResource, "status", c.ns, computeInstanceGroupManager), &v1beta1.ComputeInstanceGroupManager{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ComputeInstanceGroupManager), err +} + +// Delete takes name of the computeInstanceGroupManager and deletes it. Returns an error if one occurs. +func (c *FakeComputeInstanceGroupManagers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(computeinstancegroupmanagersResource, c.ns, name), &v1beta1.ComputeInstanceGroupManager{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeComputeInstanceGroupManagers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(computeinstancegroupmanagersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.ComputeInstanceGroupManagerList{}) + return err +} + +// Patch applies the patch and returns the patched computeInstanceGroupManager. +func (c *FakeComputeInstanceGroupManagers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ComputeInstanceGroupManager, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(computeinstancegroupmanagersResource, c.ns, name, pt, data, subresources...), &v1beta1.ComputeInstanceGroupManager{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ComputeInstanceGroupManager), err +} diff --git a/pkg/client/clientset/versioned/typed/compute/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/compute/v1beta1/generated_expansion.go index ad310726aa..d805d4a907 100644 --- a/pkg/client/clientset/versioned/typed/compute/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/compute/v1beta1/generated_expansion.go @@ -47,6 +47,8 @@ type ComputeInstanceExpansion interface{} type ComputeInstanceGroupExpansion interface{} +type ComputeInstanceGroupManagerExpansion interface{} + type ComputeInstanceTemplateExpansion interface{} type ComputeInterconnectAttachmentExpansion interface{} diff --git a/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml b/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml new file mode 100644 index 0000000000..d1843048f5 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml @@ -0,0 +1,23 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationAttestor +metadata: + name: binaryauthorizationpolicy-dep-cluster +spec: + description: A sample binary authorization attestor. + userOwnedDrydockNote: + noteRef: + name: binaryauthorizationpolicy-dep-cluster diff --git a/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..a1d2585e06 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/cluster-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,34 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationPolicy +metadata: + name: binaryauthorizationpolicy-sample-cluster +spec: + admissionWhitelistPatterns: + - namePattern: "gcr.io/*" + clusterAdmissionRules: + us-west1-a.test-cluster: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-cluster + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + defaultAdmissionRule: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-cluster + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + description: A sample Binary Authorization policy with a cluster admission rule + globalPolicyEvaluationMode: DISABLE diff --git a/samples/resources/binaryauthorizationpolicy/cluster-policy/containeranalysis_v1beta1_containeranalysisnote.yaml b/samples/resources/binaryauthorizationpolicy/cluster-policy/containeranalysis_v1beta1_containeranalysisnote.yaml new file mode 100644 index 0000000000..b3ec9d9290 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/cluster-policy/containeranalysis_v1beta1_containeranalysisnote.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: containeranalysis.cnrm.cloud.google.com/v1beta1 +kind: ContainerAnalysisNote +metadata: + name: binaryauthorizationpolicy-dep-cluster +spec: + package: + name: test-package diff --git a/samples/resources/binaryauthorizationpolicy/default-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/samples/resources/binaryauthorizationpolicy/default-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..bc7fa15794 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/default-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,31 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationPolicy +metadata: + name: binaryauthorizationpolicy-sample-default +spec: + projectRef: + name: binauthpolicy-dep-default + admissionWhitelistPatterns: + - namePattern: "gcr.io/google_containers/*" + - namePattern: "gcr.io/google-containers/*" + - namePattern: "k8s.gcr.io/*" + - namePattern: "gke.gcr.io/*" + - namePattern: "gcr.io/stackdriver-agents/*" + defaultAdmissionRule: + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + evaluationMode: "ALWAYS_ALLOW" + globalPolicyEvaluationMode: ENABLE diff --git a/samples/resources/binaryauthorizationpolicy/default-policy/resourcemanager_v1beta1_project.yaml b/samples/resources/binaryauthorizationpolicy/default-policy/resourcemanager_v1beta1_project.yaml new file mode 100644 index 0000000000..3eac8de701 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/default-policy/resourcemanager_v1beta1_project.yaml @@ -0,0 +1,28 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: resourcemanager.cnrm.cloud.google.com/v1beta1 +kind: Project +metadata: + annotations: + cnrm.cloud.google.com/auto-create-network: "false" + name: binauthpolicy-dep-default +spec: + name: Config Connector Sample + folderRef: + # Replace "${FOLDER_ID?}" with the numeric ID of the parent folder + external: "${FOLDER_ID?}" + billingAccountRef: + # Replace "${BILLING_ACCOUNT_ID?}" with the numeric ID for your billing account + external: "${BILLING_ACCOUNT_ID?}" diff --git a/samples/resources/binaryauthorizationpolicy/default-policy/serviceusage_v1beta1_service.yaml b/samples/resources/binaryauthorizationpolicy/default-policy/serviceusage_v1beta1_service.yaml new file mode 100644 index 0000000000..4db87b714f --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/default-policy/serviceusage_v1beta1_service.yaml @@ -0,0 +1,22 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1 +kind: Service +metadata: + annotations: + cnrm.cloud.google.com/project-id: binauthpolicy-dep-default + name: binaryauthorizationpolicy-dep-default +spec: + resourceID: binaryauthorization.googleapis.com diff --git a/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml b/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml new file mode 100644 index 0000000000..45574adb04 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml @@ -0,0 +1,23 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationAttestor +metadata: + name: binaryauthorizationpolicy-dep-namespace +spec: + description: A sample binary authorization attestor. + userOwnedDrydockNote: + noteRef: + name: binaryauthorizationpolicy-dep-namespace diff --git a/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..b265493b5e --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/namespace-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,34 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationPolicy +metadata: + name: binaryauthorizationpolicy-sample-namespace +spec: + admissionWhitelistPatterns: + - namePattern: "gcr.io/*" + kubernetesNamespaceAdmissionRules: + test-namespace: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-namespace + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + defaultAdmissionRule: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-namespace + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + description: A sample Binary Authorization policy + globalPolicyEvaluationMode: DISABLE diff --git a/samples/resources/binaryauthorizationpolicy/namespace-policy/containeranalysis_v1beta1_containeranalysisnote.yaml b/samples/resources/binaryauthorizationpolicy/namespace-policy/containeranalysis_v1beta1_containeranalysisnote.yaml new file mode 100644 index 0000000000..de5e0421d4 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/namespace-policy/containeranalysis_v1beta1_containeranalysisnote.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: containeranalysis.cnrm.cloud.google.com/v1beta1 +kind: ContainerAnalysisNote +metadata: + name: binaryauthorizationpolicy-dep-namespace +spec: + package: + name: test-package diff --git a/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml b/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml new file mode 100644 index 0000000000..f87b45297d --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml @@ -0,0 +1,23 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationAttestor +metadata: + name: binaryauthorizationpolicy-dep-serviceaccount +spec: + description: A sample binary authorization attestor. + userOwnedDrydockNote: + noteRef: + name: binaryauthorizationpolicy-dep-serviceaccount diff --git a/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..7dde45f7fe --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-account-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,34 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationPolicy +metadata: + name: binaryauthorizationpolicy-sample-serviceaccount +spec: + admissionWhitelistPatterns: + - namePattern: "gcr.io/*" + kubernetesServiceAccountAdmissionRules: + test-namespace:default: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-serviceaccount + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + defaultAdmissionRule: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-serviceaccount + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + description: A sample Binary Authorization policy + globalPolicyEvaluationMode: DISABLE diff --git a/samples/resources/binaryauthorizationpolicy/service-account-policy/containeranalysis_v1beta1_containeranalysisnote.yaml b/samples/resources/binaryauthorizationpolicy/service-account-policy/containeranalysis_v1beta1_containeranalysisnote.yaml new file mode 100644 index 0000000000..1bf2ebc238 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-account-policy/containeranalysis_v1beta1_containeranalysisnote.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: containeranalysis.cnrm.cloud.google.com/v1beta1 +kind: ContainerAnalysisNote +metadata: + name: binaryauthorizationpolicy-dep-serviceaccount +spec: + package: + name: test-package diff --git a/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml b/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml new file mode 100644 index 0000000000..ae07f17b85 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationattestor.yaml @@ -0,0 +1,23 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationAttestor +metadata: + name: binaryauthorizationpolicy-dep-serviceidentity +spec: + description: A sample binary authorization attestor. + userOwnedDrydockNote: + noteRef: + name: binaryauthorizationpolicy-dep-serviceidentity diff --git a/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml b/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml new file mode 100644 index 0000000000..01165e882e --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-identity-policy/binaryauthorization_v1beta1_binaryauthorizationpolicy.yaml @@ -0,0 +1,34 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1 +kind: BinaryAuthorizationPolicy +metadata: + name: binaryauthorizationpolicy-sample-serviceidentity +spec: + admissionWhitelistPatterns: + - namePattern: "gcr.io/*" + istioServiceIdentityAdmissionRules: + spiffe://example.com/ns/test-ns/sa/default: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-serviceidentity + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + defaultAdmissionRule: + evaluationMode: "REQUIRE_ATTESTATION" + requireAttestationsBy: + - name: binaryauthorizationpolicy-dep-serviceidentity + enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG" + description: A sample Binary Authorization policy + globalPolicyEvaluationMode: DISABLE diff --git a/samples/resources/binaryauthorizationpolicy/service-identity-policy/containeranalysis_v1beta1_containeranalysisnote.yaml b/samples/resources/binaryauthorizationpolicy/service-identity-policy/containeranalysis_v1beta1_containeranalysisnote.yaml new file mode 100644 index 0000000000..dc4cfdbe22 --- /dev/null +++ b/samples/resources/binaryauthorizationpolicy/service-identity-policy/containeranalysis_v1beta1_containeranalysisnote.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: containeranalysis.cnrm.cloud.google.com/v1beta1 +kind: ContainerAnalysisNote +metadata: + name: binaryauthorizationpolicy-dep-serviceidentity +spec: + package: + name: test-package diff --git a/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml new file mode 100644 index 0000000000..acb034ff76 --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml @@ -0,0 +1,22 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeHealthCheck +metadata: + name: computeinstancegroupmanager-dep-regional +spec: + httpHealthCheck: + port: 80 + location: global diff --git a/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml new file mode 100644 index 0000000000..2f0c5d3da5 --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml @@ -0,0 +1,35 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeInstanceGroupManager +metadata: + name: computeinstancegroupmanager-sample-regional +spec: + location: us-central1 + baseInstanceName: app + autoHealingPolicies: + - healthCheckRef: + name: computeinstancegroupmanager-dep-regional + initialDelaySec: 300 + targetSize: 3 + instanceTemplateRef: + name: computeinstancegroupmanager-dep-regional + updatePolicy: + instanceRedistributionType: PROACTIVE + minimalAction: RESTART + maxSurge: + fixed: 3 + maxUnavailable: + fixed: 3 diff --git a/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml new file mode 100644 index 0000000000..86de43600d --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml @@ -0,0 +1,29 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeInstanceTemplate +metadata: + name: computeinstancegroupmanager-dep-regional +spec: + machineType: n1-standard-1 + disk: + - sourceImageRef: + external: debian-cloud/debian-9 + boot: true + networkInterface: + - networkRef: + name: computeinstancegroupmanager-dep-regional + subnetworkRef: + name: computeinstancegroupmanager-dep-regional diff --git a/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml new file mode 100644 index 0000000000..45536134dc --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeNetwork +metadata: + name: computeinstancegroupmanager-dep-regional +spec: + routingMode: REGIONAL + autoCreateSubnetworks: false diff --git a/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml new file mode 100644 index 0000000000..a1bf42e573 --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/regional-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml @@ -0,0 +1,24 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeSubnetwork +metadata: + name: computeinstancegroupmanager-dep-regional +spec: + ipCidrRange: 10.2.0.0/16 + region: us-central1 + privateIpGoogleAccess: false + networkRef: + name: computeinstancegroupmanager-dep-regional diff --git a/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml new file mode 100644 index 0000000000..0477551030 --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computehealthcheck.yaml @@ -0,0 +1,22 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeHealthCheck +metadata: + name: computeinstancegroupmanager-dep-zonal +spec: + httpHealthCheck: + port: 80 + location: global diff --git a/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml new file mode 100644 index 0000000000..5eadffb5df --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancegroupmanager.yaml @@ -0,0 +1,34 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeInstanceGroupManager +metadata: + name: computeinstancegroupmanager-sample-zonal +spec: + location: us-central1-a + baseInstanceName: app + autoHealingPolicies: + - healthCheckRef: + name: computeinstancegroupmanager-dep-zonal + initialDelaySec: 300 + targetSize: 3 + instanceTemplateRef: + name: computeinstancegroupmanager-dep-zonal + updatePolicy: + minimalAction: RESTART + maxSurge: + fixed: 3 + maxUnavailable: + fixed: 3 diff --git a/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml new file mode 100644 index 0000000000..07d7d8eec2 --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computeinstancetemplate.yaml @@ -0,0 +1,29 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeInstanceTemplate +metadata: + name: computeinstancegroupmanager-dep-zonal +spec: + machineType: n1-standard-1 + disk: + - sourceImageRef: + external: debian-cloud/debian-9 + boot: true + networkInterface: + - networkRef: + name: computeinstancegroupmanager-dep-zonal + subnetworkRef: + name: computeinstancegroupmanager-dep-zonal diff --git a/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml new file mode 100644 index 0000000000..bc733405de --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computenetwork.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeNetwork +metadata: + name: computeinstancegroupmanager-dep-zonal +spec: + routingMode: REGIONAL + autoCreateSubnetworks: false diff --git a/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml new file mode 100644 index 0000000000..250cf7111b --- /dev/null +++ b/samples/resources/computeinstancegroupmanager/zonal-compute-instance-group-manager/compute_v1beta1_computesubnetwork.yaml @@ -0,0 +1,24 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeSubnetwork +metadata: + name: computeinstancegroupmanager-dep-zonal +spec: + ipCidrRange: 10.2.0.0/16 + region: us-central1 + privateIpGoogleAccess: false + networkRef: + name: computeinstancegroupmanager-dep-zonal