diff --git a/python/proto/assuredworkloads/alpha/workload.proto b/python/proto/assuredworkloads/alpha/workload.proto index 96b449803..a29606995 100755 --- a/python/proto/assuredworkloads/alpha/workload.proto +++ b/python/proto/assuredworkloads/alpha/workload.proto @@ -54,6 +54,8 @@ enum AssuredworkloadsAlphaWorkloadComplianceRegimeEnum { AssuredworkloadsAlphaWorkloadComplianceRegimeEnumJP_REGIONS_AND_SUPPORT = 19; AssuredworkloadsAlphaWorkloadComplianceRegimeEnumKSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS = 20; AssuredworkloadsAlphaWorkloadComplianceRegimeEnumREGIONAL_CONTROLS = 21; + AssuredworkloadsAlphaWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS = 22; + AssuredworkloadsAlphaWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT = 23; } enum AssuredworkloadsAlphaWorkloadResourceSettingsResourceTypeEnum { diff --git a/python/proto/assuredworkloads/beta/workload.proto b/python/proto/assuredworkloads/beta/workload.proto index 9171c574d..5a7970896 100755 --- a/python/proto/assuredworkloads/beta/workload.proto +++ b/python/proto/assuredworkloads/beta/workload.proto @@ -54,6 +54,8 @@ enum AssuredworkloadsBetaWorkloadComplianceRegimeEnum { AssuredworkloadsBetaWorkloadComplianceRegimeEnumJP_REGIONS_AND_SUPPORT = 19; AssuredworkloadsBetaWorkloadComplianceRegimeEnumKSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS = 20; AssuredworkloadsBetaWorkloadComplianceRegimeEnumREGIONAL_CONTROLS = 21; + AssuredworkloadsBetaWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS = 22; + AssuredworkloadsBetaWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT = 23; } enum AssuredworkloadsBetaWorkloadResourceSettingsResourceTypeEnum { diff --git a/python/proto/assuredworkloads/workload.proto b/python/proto/assuredworkloads/workload.proto index 89c782ec6..e8e735c73 100755 --- a/python/proto/assuredworkloads/workload.proto +++ b/python/proto/assuredworkloads/workload.proto @@ -54,6 +54,8 @@ enum AssuredworkloadsWorkloadComplianceRegimeEnum { AssuredworkloadsWorkloadComplianceRegimeEnumJP_REGIONS_AND_SUPPORT = 19; AssuredworkloadsWorkloadComplianceRegimeEnumKSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS = 20; AssuredworkloadsWorkloadComplianceRegimeEnumREGIONAL_CONTROLS = 21; + AssuredworkloadsWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS = 22; + AssuredworkloadsWorkloadComplianceRegimeEnumHEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT = 23; } enum AssuredworkloadsWorkloadResourceSettingsResourceTypeEnum { diff --git a/python/proto/containeraws/alpha/node_pool.proto b/python/proto/containeraws/alpha/node_pool.proto index 7893b4b09..ebce7e950 100755 --- a/python/proto/containeraws/alpha/node_pool.proto +++ b/python/proto/containeraws/alpha/node_pool.proto @@ -56,6 +56,12 @@ enum ContainerawsAlphaNodePoolStateEnum { ContainerawsAlphaNodePoolStateEnumDEGRADED = 7; } +enum ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum { + ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnumNO_VALUE_DO_NOT_USE = 0; + ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnumnone = 1; + ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnumstatic = 2; +} + message ContainerawsAlphaNodePool { string name = 1; string version = 2; @@ -71,10 +77,11 @@ message ContainerawsAlphaNodePool { map annotations = 12; ContainerawsAlphaNodePoolMaxPodsConstraint max_pods_constraint = 13; ContainerawsAlphaNodePoolManagement management = 14; - ContainerawsAlphaNodePoolUpdateSettings update_settings = 15; - string project = 16; - string location = 17; - string cluster = 18; + ContainerawsAlphaNodePoolKubeletConfig kubelet_config = 15; + ContainerawsAlphaNodePoolUpdateSettings update_settings = 16; + string project = 17; + string location = 18; + string cluster = 19; } message ContainerawsAlphaNodePoolConfig { @@ -147,6 +154,13 @@ message ContainerawsAlphaNodePoolManagement { bool auto_repair = 1; } +message ContainerawsAlphaNodePoolKubeletConfig { + ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum cpu_manager_policy = 1; + bool cpu_cfs_quota = 2; + string cpu_cfs_quota_period = 3; + int64 pod_pids_limit = 4; +} + message ContainerawsAlphaNodePoolUpdateSettings { ContainerawsAlphaNodePoolUpdateSettingsSurgeSettings surge_settings = 1; } diff --git a/python/proto/containeraws/beta/node_pool.proto b/python/proto/containeraws/beta/node_pool.proto index 22a45aa5f..960eb0308 100755 --- a/python/proto/containeraws/beta/node_pool.proto +++ b/python/proto/containeraws/beta/node_pool.proto @@ -56,6 +56,12 @@ enum ContainerawsBetaNodePoolStateEnum { ContainerawsBetaNodePoolStateEnumDEGRADED = 7; } +enum ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum { + ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnumNO_VALUE_DO_NOT_USE = 0; + ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnumnone = 1; + ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnumstatic = 2; +} + message ContainerawsBetaNodePool { string name = 1; string version = 2; @@ -71,10 +77,11 @@ message ContainerawsBetaNodePool { map annotations = 12; ContainerawsBetaNodePoolMaxPodsConstraint max_pods_constraint = 13; ContainerawsBetaNodePoolManagement management = 14; - ContainerawsBetaNodePoolUpdateSettings update_settings = 15; - string project = 16; - string location = 17; - string cluster = 18; + ContainerawsBetaNodePoolKubeletConfig kubelet_config = 15; + ContainerawsBetaNodePoolUpdateSettings update_settings = 16; + string project = 17; + string location = 18; + string cluster = 19; } message ContainerawsBetaNodePoolConfig { @@ -147,6 +154,13 @@ message ContainerawsBetaNodePoolManagement { bool auto_repair = 1; } +message ContainerawsBetaNodePoolKubeletConfig { + ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum cpu_manager_policy = 1; + bool cpu_cfs_quota = 2; + string cpu_cfs_quota_period = 3; + int64 pod_pids_limit = 4; +} + message ContainerawsBetaNodePoolUpdateSettings { ContainerawsBetaNodePoolUpdateSettingsSurgeSettings surge_settings = 1; } diff --git a/python/proto/containeraws/node_pool.proto b/python/proto/containeraws/node_pool.proto index 93a309e27..24adc8cbe 100755 --- a/python/proto/containeraws/node_pool.proto +++ b/python/proto/containeraws/node_pool.proto @@ -48,6 +48,12 @@ enum ContainerawsNodePoolStateEnum { ContainerawsNodePoolStateEnumDEGRADED = 7; } +enum ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum { + ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnumNO_VALUE_DO_NOT_USE = 0; + ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnumnone = 1; + ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnumstatic = 2; +} + message ContainerawsNodePool { string name = 1; string version = 2; @@ -63,10 +69,11 @@ message ContainerawsNodePool { map annotations = 12; ContainerawsNodePoolMaxPodsConstraint max_pods_constraint = 13; ContainerawsNodePoolManagement management = 14; - ContainerawsNodePoolUpdateSettings update_settings = 15; - string project = 16; - string location = 17; - string cluster = 18; + ContainerawsNodePoolKubeletConfig kubelet_config = 15; + ContainerawsNodePoolUpdateSettings update_settings = 16; + string project = 17; + string location = 18; + string cluster = 19; } message ContainerawsNodePoolConfig { @@ -128,6 +135,13 @@ message ContainerawsNodePoolManagement { bool auto_repair = 1; } +message ContainerawsNodePoolKubeletConfig { + ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum cpu_manager_policy = 1; + bool cpu_cfs_quota = 2; + string cpu_cfs_quota_period = 3; + int64 pod_pids_limit = 4; +} + message ContainerawsNodePoolUpdateSettings { ContainerawsNodePoolUpdateSettingsSurgeSettings surge_settings = 1; } diff --git a/python/services/containeraws/alpha/node_pool.py b/python/services/containeraws/alpha/node_pool.py index 2068e0cca..0aa1ef575 100755 --- a/python/services/containeraws/alpha/node_pool.py +++ b/python/services/containeraws/alpha/node_pool.py @@ -35,6 +35,7 @@ def __init__( annotations: dict = None, max_pods_constraint: dict = None, management: dict = None, + kubelet_config: dict = None, update_settings: dict = None, project: str = None, location: str = None, @@ -51,6 +52,7 @@ def __init__( self.annotations = annotations self.max_pods_constraint = max_pods_constraint self.management = management + self.kubelet_config = kubelet_config self.update_settings = update_settings self.project = project self.location = location @@ -96,6 +98,12 @@ def apply(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -130,6 +138,7 @@ def apply(self): response.max_pods_constraint ) self.management = NodePoolManagement.from_proto(response.management) + self.kubelet_config = NodePoolKubeletConfig.from_proto(response.kubelet_config) self.update_settings = NodePoolUpdateSettings.from_proto( response.update_settings ) @@ -177,6 +186,12 @@ def delete(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -239,6 +254,12 @@ def to_proto(self): resource.management.CopyFrom(NodePoolManagement.to_proto(self.management)) else: resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -863,6 +884,67 @@ def from_proto(self, resources): return [NodePoolManagement.from_proto(i) for i in resources] +class NodePoolKubeletConfig(object): + + def __init__( + self, + cpu_manager_policy: str = None, + cpu_cfs_quota: bool = None, + cpu_cfs_quota_period: str = None, + pod_pids_limit: int = None, + ): + self.cpu_manager_policy = cpu_manager_policy + self.cpu_cfs_quota = cpu_cfs_quota + self.cpu_cfs_quota_period = cpu_cfs_quota_period + self.pod_pids_limit = pod_pids_limit + + @classmethod + def to_proto(self, resource): + if not resource: + return None + + res = node_pool_pb2.ContainerawsAlphaNodePoolKubeletConfig() + if NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ): + res.cpu_manager_policy = NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ) + if Primitive.to_proto(resource.cpu_cfs_quota): + res.cpu_cfs_quota = Primitive.to_proto(resource.cpu_cfs_quota) + if Primitive.to_proto(resource.cpu_cfs_quota_period): + res.cpu_cfs_quota_period = Primitive.to_proto(resource.cpu_cfs_quota_period) + if Primitive.to_proto(resource.pod_pids_limit): + res.pod_pids_limit = Primitive.to_proto(resource.pod_pids_limit) + return res + + @classmethod + def from_proto(self, resource): + if not resource: + return None + + return NodePoolKubeletConfig( + cpu_manager_policy=NodePoolKubeletConfigCpuManagerPolicyEnum.from_proto( + resource.cpu_manager_policy + ), + cpu_cfs_quota=Primitive.from_proto(resource.cpu_cfs_quota), + cpu_cfs_quota_period=Primitive.from_proto(resource.cpu_cfs_quota_period), + pod_pids_limit=Primitive.from_proto(resource.pod_pids_limit), + ) + + +class NodePoolKubeletConfigArray(object): + @classmethod + def to_proto(self, resources): + if not resources: + return resources + return [NodePoolKubeletConfig.to_proto(i) for i in resources] + + @classmethod + def from_proto(self, resources): + return [NodePoolKubeletConfig.from_proto(i) for i in resources] + + class NodePoolUpdateSettings(object): def __init__(self, surge_settings: dict = None): @@ -1025,6 +1107,26 @@ def from_proto(self, resource): ] +class NodePoolKubeletConfigCpuManagerPolicyEnum(object): + @classmethod + def to_proto(self, resource): + if not resource: + return resource + return node_pool_pb2.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum.Value( + "ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum%s" % resource + ) + + @classmethod + def from_proto(self, resource): + if not resource: + return resource + return node_pool_pb2.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum.Name( + resource + )[ + len("ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum") : + ] + + class Primitive(object): @classmethod def to_proto(self, s): diff --git a/python/services/containeraws/alpha/node_pool_server.go b/python/services/containeraws/alpha/node_pool_server.go index 024bd843e..eb2cdbe53 100755 --- a/python/services/containeraws/alpha/node_pool_server.go +++ b/python/services/containeraws/alpha/node_pool_server.go @@ -72,6 +72,18 @@ func ProtoToContainerawsAlphaNodePoolStateEnum(e alphapb.ContainerawsAlphaNodePo return nil } +// ProtoToNodePoolKubeletConfigCpuManagerPolicyEnum converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum from its proto representation. +func ProtoToContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum(e alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum) *alpha.NodePoolKubeletConfigCpuManagerPolicyEnum { + if e == 0 { + return nil + } + if n, ok := alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum_name[int32(e)]; ok { + e := alpha.NodePoolKubeletConfigCpuManagerPolicyEnum(n[len("ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum"):]) + return &e + } + return nil +} + // ProtoToNodePoolConfig converts a NodePoolConfig object from its proto representation. func ProtoToContainerawsAlphaNodePoolConfig(p *alphapb.ContainerawsAlphaNodePoolConfig) *alpha.NodePoolConfig { if p == nil { @@ -231,6 +243,20 @@ func ProtoToContainerawsAlphaNodePoolManagement(p *alphapb.ContainerawsAlphaNode return obj } +// ProtoToNodePoolKubeletConfig converts a NodePoolKubeletConfig object from its proto representation. +func ProtoToContainerawsAlphaNodePoolKubeletConfig(p *alphapb.ContainerawsAlphaNodePoolKubeletConfig) *alpha.NodePoolKubeletConfig { + if p == nil { + return nil + } + obj := &alpha.NodePoolKubeletConfig{ + CpuManagerPolicy: ProtoToContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum(p.GetCpuManagerPolicy()), + CpuCfsQuota: dcl.Bool(p.GetCpuCfsQuota()), + CpuCfsQuotaPeriod: dcl.StringOrNil(p.GetCpuCfsQuotaPeriod()), + PodPidsLimit: dcl.Int64OrNil(p.GetPodPidsLimit()), + } + return obj +} + // ProtoToNodePoolUpdateSettings converts a NodePoolUpdateSettings object from its proto representation. func ProtoToContainerawsAlphaNodePoolUpdateSettings(p *alphapb.ContainerawsAlphaNodePoolUpdateSettings) *alpha.NodePoolUpdateSettings { if p == nil { @@ -270,6 +296,7 @@ func ProtoToNodePool(p *alphapb.ContainerawsAlphaNodePool) *alpha.NodePool { Etag: dcl.StringOrNil(p.GetEtag()), MaxPodsConstraint: ProtoToContainerawsAlphaNodePoolMaxPodsConstraint(p.GetMaxPodsConstraint()), Management: ProtoToContainerawsAlphaNodePoolManagement(p.GetManagement()), + KubeletConfig: ProtoToContainerawsAlphaNodePoolKubeletConfig(p.GetKubeletConfig()), UpdateSettings: ProtoToContainerawsAlphaNodePoolUpdateSettings(p.GetUpdateSettings()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), @@ -322,6 +349,17 @@ func ContainerawsAlphaNodePoolStateEnumToProto(e *alpha.NodePoolStateEnum) alpha return alphapb.ContainerawsAlphaNodePoolStateEnum(0) } +// NodePoolKubeletConfigCpuManagerPolicyEnumToProto converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum to its proto representation. +func ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnumToProto(e *alpha.NodePoolKubeletConfigCpuManagerPolicyEnum) alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum { + if e == nil { + return alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum(0) + } + if v, ok := alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum_value["NodePoolKubeletConfigCpuManagerPolicyEnum"+string(*e)]; ok { + return alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum(v) + } + return alphapb.ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnum(0) +} + // NodePoolConfigToProto converts a NodePoolConfig object to its proto representation. func ContainerawsAlphaNodePoolConfigToProto(o *alpha.NodePoolConfig) *alphapb.ContainerawsAlphaNodePoolConfig { if o == nil { @@ -488,6 +526,19 @@ func ContainerawsAlphaNodePoolManagementToProto(o *alpha.NodePoolManagement) *al return p } +// NodePoolKubeletConfigToProto converts a NodePoolKubeletConfig object to its proto representation. +func ContainerawsAlphaNodePoolKubeletConfigToProto(o *alpha.NodePoolKubeletConfig) *alphapb.ContainerawsAlphaNodePoolKubeletConfig { + if o == nil { + return nil + } + p := &alphapb.ContainerawsAlphaNodePoolKubeletConfig{} + p.SetCpuManagerPolicy(ContainerawsAlphaNodePoolKubeletConfigCpuManagerPolicyEnumToProto(o.CpuManagerPolicy)) + p.SetCpuCfsQuota(dcl.ValueOrEmptyBool(o.CpuCfsQuota)) + p.SetCpuCfsQuotaPeriod(dcl.ValueOrEmptyString(o.CpuCfsQuotaPeriod)) + p.SetPodPidsLimit(dcl.ValueOrEmptyInt64(o.PodPidsLimit)) + return p +} + // NodePoolUpdateSettingsToProto converts a NodePoolUpdateSettings object to its proto representation. func ContainerawsAlphaNodePoolUpdateSettingsToProto(o *alpha.NodePoolUpdateSettings) *alphapb.ContainerawsAlphaNodePoolUpdateSettings { if o == nil { @@ -525,6 +576,7 @@ func NodePoolToProto(resource *alpha.NodePool) *alphapb.ContainerawsAlphaNodePoo p.SetEtag(dcl.ValueOrEmptyString(resource.Etag)) p.SetMaxPodsConstraint(ContainerawsAlphaNodePoolMaxPodsConstraintToProto(resource.MaxPodsConstraint)) p.SetManagement(ContainerawsAlphaNodePoolManagementToProto(resource.Management)) + p.SetKubeletConfig(ContainerawsAlphaNodePoolKubeletConfigToProto(resource.KubeletConfig)) p.SetUpdateSettings(ContainerawsAlphaNodePoolUpdateSettingsToProto(resource.UpdateSettings)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) diff --git a/python/services/containeraws/beta/node_pool.py b/python/services/containeraws/beta/node_pool.py index 5756411ed..ed20f6894 100755 --- a/python/services/containeraws/beta/node_pool.py +++ b/python/services/containeraws/beta/node_pool.py @@ -35,6 +35,7 @@ def __init__( annotations: dict = None, max_pods_constraint: dict = None, management: dict = None, + kubelet_config: dict = None, update_settings: dict = None, project: str = None, location: str = None, @@ -51,6 +52,7 @@ def __init__( self.annotations = annotations self.max_pods_constraint = max_pods_constraint self.management = management + self.kubelet_config = kubelet_config self.update_settings = update_settings self.project = project self.location = location @@ -94,6 +96,12 @@ def apply(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -128,6 +136,7 @@ def apply(self): response.max_pods_constraint ) self.management = NodePoolManagement.from_proto(response.management) + self.kubelet_config = NodePoolKubeletConfig.from_proto(response.kubelet_config) self.update_settings = NodePoolUpdateSettings.from_proto( response.update_settings ) @@ -173,6 +182,12 @@ def delete(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -233,6 +248,12 @@ def to_proto(self): resource.management.CopyFrom(NodePoolManagement.to_proto(self.management)) else: resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -855,6 +876,67 @@ def from_proto(self, resources): return [NodePoolManagement.from_proto(i) for i in resources] +class NodePoolKubeletConfig(object): + + def __init__( + self, + cpu_manager_policy: str = None, + cpu_cfs_quota: bool = None, + cpu_cfs_quota_period: str = None, + pod_pids_limit: int = None, + ): + self.cpu_manager_policy = cpu_manager_policy + self.cpu_cfs_quota = cpu_cfs_quota + self.cpu_cfs_quota_period = cpu_cfs_quota_period + self.pod_pids_limit = pod_pids_limit + + @classmethod + def to_proto(self, resource): + if not resource: + return None + + res = node_pool_pb2.ContainerawsBetaNodePoolKubeletConfig() + if NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ): + res.cpu_manager_policy = NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ) + if Primitive.to_proto(resource.cpu_cfs_quota): + res.cpu_cfs_quota = Primitive.to_proto(resource.cpu_cfs_quota) + if Primitive.to_proto(resource.cpu_cfs_quota_period): + res.cpu_cfs_quota_period = Primitive.to_proto(resource.cpu_cfs_quota_period) + if Primitive.to_proto(resource.pod_pids_limit): + res.pod_pids_limit = Primitive.to_proto(resource.pod_pids_limit) + return res + + @classmethod + def from_proto(self, resource): + if not resource: + return None + + return NodePoolKubeletConfig( + cpu_manager_policy=NodePoolKubeletConfigCpuManagerPolicyEnum.from_proto( + resource.cpu_manager_policy + ), + cpu_cfs_quota=Primitive.from_proto(resource.cpu_cfs_quota), + cpu_cfs_quota_period=Primitive.from_proto(resource.cpu_cfs_quota_period), + pod_pids_limit=Primitive.from_proto(resource.pod_pids_limit), + ) + + +class NodePoolKubeletConfigArray(object): + @classmethod + def to_proto(self, resources): + if not resources: + return resources + return [NodePoolKubeletConfig.to_proto(i) for i in resources] + + @classmethod + def from_proto(self, resources): + return [NodePoolKubeletConfig.from_proto(i) for i in resources] + + class NodePoolUpdateSettings(object): def __init__(self, surge_settings: dict = None): @@ -1017,6 +1099,26 @@ def from_proto(self, resource): ] +class NodePoolKubeletConfigCpuManagerPolicyEnum(object): + @classmethod + def to_proto(self, resource): + if not resource: + return resource + return node_pool_pb2.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum.Value( + "ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum%s" % resource + ) + + @classmethod + def from_proto(self, resource): + if not resource: + return resource + return node_pool_pb2.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum.Name( + resource + )[ + len("ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum") : + ] + + class Primitive(object): @classmethod def to_proto(self, s): diff --git a/python/services/containeraws/beta/node_pool_server.go b/python/services/containeraws/beta/node_pool_server.go index 55de517ef..02192c4a9 100755 --- a/python/services/containeraws/beta/node_pool_server.go +++ b/python/services/containeraws/beta/node_pool_server.go @@ -72,6 +72,18 @@ func ProtoToContainerawsBetaNodePoolStateEnum(e betapb.ContainerawsBetaNodePoolS return nil } +// ProtoToNodePoolKubeletConfigCpuManagerPolicyEnum converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum from its proto representation. +func ProtoToContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum(e betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum) *beta.NodePoolKubeletConfigCpuManagerPolicyEnum { + if e == 0 { + return nil + } + if n, ok := betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum_name[int32(e)]; ok { + e := beta.NodePoolKubeletConfigCpuManagerPolicyEnum(n[len("ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum"):]) + return &e + } + return nil +} + // ProtoToNodePoolConfig converts a NodePoolConfig object from its proto representation. func ProtoToContainerawsBetaNodePoolConfig(p *betapb.ContainerawsBetaNodePoolConfig) *beta.NodePoolConfig { if p == nil { @@ -231,6 +243,20 @@ func ProtoToContainerawsBetaNodePoolManagement(p *betapb.ContainerawsBetaNodePoo return obj } +// ProtoToNodePoolKubeletConfig converts a NodePoolKubeletConfig object from its proto representation. +func ProtoToContainerawsBetaNodePoolKubeletConfig(p *betapb.ContainerawsBetaNodePoolKubeletConfig) *beta.NodePoolKubeletConfig { + if p == nil { + return nil + } + obj := &beta.NodePoolKubeletConfig{ + CpuManagerPolicy: ProtoToContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum(p.GetCpuManagerPolicy()), + CpuCfsQuota: dcl.Bool(p.GetCpuCfsQuota()), + CpuCfsQuotaPeriod: dcl.StringOrNil(p.GetCpuCfsQuotaPeriod()), + PodPidsLimit: dcl.Int64OrNil(p.GetPodPidsLimit()), + } + return obj +} + // ProtoToNodePoolUpdateSettings converts a NodePoolUpdateSettings object from its proto representation. func ProtoToContainerawsBetaNodePoolUpdateSettings(p *betapb.ContainerawsBetaNodePoolUpdateSettings) *beta.NodePoolUpdateSettings { if p == nil { @@ -270,6 +296,7 @@ func ProtoToNodePool(p *betapb.ContainerawsBetaNodePool) *beta.NodePool { Etag: dcl.StringOrNil(p.GetEtag()), MaxPodsConstraint: ProtoToContainerawsBetaNodePoolMaxPodsConstraint(p.GetMaxPodsConstraint()), Management: ProtoToContainerawsBetaNodePoolManagement(p.GetManagement()), + KubeletConfig: ProtoToContainerawsBetaNodePoolKubeletConfig(p.GetKubeletConfig()), UpdateSettings: ProtoToContainerawsBetaNodePoolUpdateSettings(p.GetUpdateSettings()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), @@ -322,6 +349,17 @@ func ContainerawsBetaNodePoolStateEnumToProto(e *beta.NodePoolStateEnum) betapb. return betapb.ContainerawsBetaNodePoolStateEnum(0) } +// NodePoolKubeletConfigCpuManagerPolicyEnumToProto converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum to its proto representation. +func ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnumToProto(e *beta.NodePoolKubeletConfigCpuManagerPolicyEnum) betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum { + if e == nil { + return betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum(0) + } + if v, ok := betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum_value["NodePoolKubeletConfigCpuManagerPolicyEnum"+string(*e)]; ok { + return betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum(v) + } + return betapb.ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnum(0) +} + // NodePoolConfigToProto converts a NodePoolConfig object to its proto representation. func ContainerawsBetaNodePoolConfigToProto(o *beta.NodePoolConfig) *betapb.ContainerawsBetaNodePoolConfig { if o == nil { @@ -488,6 +526,19 @@ func ContainerawsBetaNodePoolManagementToProto(o *beta.NodePoolManagement) *beta return p } +// NodePoolKubeletConfigToProto converts a NodePoolKubeletConfig object to its proto representation. +func ContainerawsBetaNodePoolKubeletConfigToProto(o *beta.NodePoolKubeletConfig) *betapb.ContainerawsBetaNodePoolKubeletConfig { + if o == nil { + return nil + } + p := &betapb.ContainerawsBetaNodePoolKubeletConfig{} + p.SetCpuManagerPolicy(ContainerawsBetaNodePoolKubeletConfigCpuManagerPolicyEnumToProto(o.CpuManagerPolicy)) + p.SetCpuCfsQuota(dcl.ValueOrEmptyBool(o.CpuCfsQuota)) + p.SetCpuCfsQuotaPeriod(dcl.ValueOrEmptyString(o.CpuCfsQuotaPeriod)) + p.SetPodPidsLimit(dcl.ValueOrEmptyInt64(o.PodPidsLimit)) + return p +} + // NodePoolUpdateSettingsToProto converts a NodePoolUpdateSettings object to its proto representation. func ContainerawsBetaNodePoolUpdateSettingsToProto(o *beta.NodePoolUpdateSettings) *betapb.ContainerawsBetaNodePoolUpdateSettings { if o == nil { @@ -525,6 +576,7 @@ func NodePoolToProto(resource *beta.NodePool) *betapb.ContainerawsBetaNodePool { p.SetEtag(dcl.ValueOrEmptyString(resource.Etag)) p.SetMaxPodsConstraint(ContainerawsBetaNodePoolMaxPodsConstraintToProto(resource.MaxPodsConstraint)) p.SetManagement(ContainerawsBetaNodePoolManagementToProto(resource.Management)) + p.SetKubeletConfig(ContainerawsBetaNodePoolKubeletConfigToProto(resource.KubeletConfig)) p.SetUpdateSettings(ContainerawsBetaNodePoolUpdateSettingsToProto(resource.UpdateSettings)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) diff --git a/python/services/containeraws/node_pool.py b/python/services/containeraws/node_pool.py index bdf06bfd0..9d2c0a509 100755 --- a/python/services/containeraws/node_pool.py +++ b/python/services/containeraws/node_pool.py @@ -35,6 +35,7 @@ def __init__( annotations: dict = None, max_pods_constraint: dict = None, management: dict = None, + kubelet_config: dict = None, update_settings: dict = None, project: str = None, location: str = None, @@ -51,6 +52,7 @@ def __init__( self.annotations = annotations self.max_pods_constraint = max_pods_constraint self.management = management + self.kubelet_config = kubelet_config self.update_settings = update_settings self.project = project self.location = location @@ -94,6 +96,12 @@ def apply(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -128,6 +136,7 @@ def apply(self): response.max_pods_constraint ) self.management = NodePoolManagement.from_proto(response.management) + self.kubelet_config = NodePoolKubeletConfig.from_proto(response.kubelet_config) self.update_settings = NodePoolUpdateSettings.from_proto( response.update_settings ) @@ -173,6 +182,12 @@ def delete(self): ) else: request.resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + request.resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + request.resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): request.resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -233,6 +248,12 @@ def to_proto(self): resource.management.CopyFrom(NodePoolManagement.to_proto(self.management)) else: resource.ClearField("management") + if NodePoolKubeletConfig.to_proto(self.kubelet_config): + resource.kubelet_config.CopyFrom( + NodePoolKubeletConfig.to_proto(self.kubelet_config) + ) + else: + resource.ClearField("kubelet_config") if NodePoolUpdateSettings.to_proto(self.update_settings): resource.update_settings.CopyFrom( NodePoolUpdateSettings.to_proto(self.update_settings) @@ -752,6 +773,67 @@ def from_proto(self, resources): return [NodePoolManagement.from_proto(i) for i in resources] +class NodePoolKubeletConfig(object): + + def __init__( + self, + cpu_manager_policy: str = None, + cpu_cfs_quota: bool = None, + cpu_cfs_quota_period: str = None, + pod_pids_limit: int = None, + ): + self.cpu_manager_policy = cpu_manager_policy + self.cpu_cfs_quota = cpu_cfs_quota + self.cpu_cfs_quota_period = cpu_cfs_quota_period + self.pod_pids_limit = pod_pids_limit + + @classmethod + def to_proto(self, resource): + if not resource: + return None + + res = node_pool_pb2.ContainerawsNodePoolKubeletConfig() + if NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ): + res.cpu_manager_policy = NodePoolKubeletConfigCpuManagerPolicyEnum.to_proto( + resource.cpu_manager_policy + ) + if Primitive.to_proto(resource.cpu_cfs_quota): + res.cpu_cfs_quota = Primitive.to_proto(resource.cpu_cfs_quota) + if Primitive.to_proto(resource.cpu_cfs_quota_period): + res.cpu_cfs_quota_period = Primitive.to_proto(resource.cpu_cfs_quota_period) + if Primitive.to_proto(resource.pod_pids_limit): + res.pod_pids_limit = Primitive.to_proto(resource.pod_pids_limit) + return res + + @classmethod + def from_proto(self, resource): + if not resource: + return None + + return NodePoolKubeletConfig( + cpu_manager_policy=NodePoolKubeletConfigCpuManagerPolicyEnum.from_proto( + resource.cpu_manager_policy + ), + cpu_cfs_quota=Primitive.from_proto(resource.cpu_cfs_quota), + cpu_cfs_quota_period=Primitive.from_proto(resource.cpu_cfs_quota_period), + pod_pids_limit=Primitive.from_proto(resource.pod_pids_limit), + ) + + +class NodePoolKubeletConfigArray(object): + @classmethod + def to_proto(self, resources): + if not resources: + return resources + return [NodePoolKubeletConfig.to_proto(i) for i in resources] + + @classmethod + def from_proto(self, resources): + return [NodePoolKubeletConfig.from_proto(i) for i in resources] + + class NodePoolUpdateSettings(object): def __init__(self, surge_settings: dict = None): @@ -890,6 +972,26 @@ def from_proto(self, resource): ] +class NodePoolKubeletConfigCpuManagerPolicyEnum(object): + @classmethod + def to_proto(self, resource): + if not resource: + return resource + return ( + node_pool_pb2.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum.Value( + "ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum%s" % resource + ) + ) + + @classmethod + def from_proto(self, resource): + if not resource: + return resource + return node_pool_pb2.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum.Name( + resource + )[len("ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum") :] + + class Primitive(object): @classmethod def to_proto(self, s): diff --git a/python/services/containeraws/node_pool_server.go b/python/services/containeraws/node_pool_server.go index c140301ca..9da252df3 100755 --- a/python/services/containeraws/node_pool_server.go +++ b/python/services/containeraws/node_pool_server.go @@ -60,6 +60,18 @@ func ProtoToContainerawsNodePoolStateEnum(e containerawspb.ContainerawsNodePoolS return nil } +// ProtoToNodePoolKubeletConfigCpuManagerPolicyEnum converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum from its proto representation. +func ProtoToContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum(e containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum) *containeraws.NodePoolKubeletConfigCpuManagerPolicyEnum { + if e == 0 { + return nil + } + if n, ok := containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum_name[int32(e)]; ok { + e := containeraws.NodePoolKubeletConfigCpuManagerPolicyEnum(n[len("ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum"):]) + return &e + } + return nil +} + // ProtoToNodePoolConfig converts a NodePoolConfig object from its proto representation. func ProtoToContainerawsNodePoolConfig(p *containerawspb.ContainerawsNodePoolConfig) *containeraws.NodePoolConfig { if p == nil { @@ -193,6 +205,20 @@ func ProtoToContainerawsNodePoolManagement(p *containerawspb.ContainerawsNodePoo return obj } +// ProtoToNodePoolKubeletConfig converts a NodePoolKubeletConfig object from its proto representation. +func ProtoToContainerawsNodePoolKubeletConfig(p *containerawspb.ContainerawsNodePoolKubeletConfig) *containeraws.NodePoolKubeletConfig { + if p == nil { + return nil + } + obj := &containeraws.NodePoolKubeletConfig{ + CpuManagerPolicy: ProtoToContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum(p.GetCpuManagerPolicy()), + CpuCfsQuota: dcl.Bool(p.GetCpuCfsQuota()), + CpuCfsQuotaPeriod: dcl.StringOrNil(p.GetCpuCfsQuotaPeriod()), + PodPidsLimit: dcl.Int64OrNil(p.GetPodPidsLimit()), + } + return obj +} + // ProtoToNodePoolUpdateSettings converts a NodePoolUpdateSettings object from its proto representation. func ProtoToContainerawsNodePoolUpdateSettings(p *containerawspb.ContainerawsNodePoolUpdateSettings) *containeraws.NodePoolUpdateSettings { if p == nil { @@ -232,6 +258,7 @@ func ProtoToNodePool(p *containerawspb.ContainerawsNodePool) *containeraws.NodeP Etag: dcl.StringOrNil(p.GetEtag()), MaxPodsConstraint: ProtoToContainerawsNodePoolMaxPodsConstraint(p.GetMaxPodsConstraint()), Management: ProtoToContainerawsNodePoolManagement(p.GetManagement()), + KubeletConfig: ProtoToContainerawsNodePoolKubeletConfig(p.GetKubeletConfig()), UpdateSettings: ProtoToContainerawsNodePoolUpdateSettings(p.GetUpdateSettings()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), @@ -273,6 +300,17 @@ func ContainerawsNodePoolStateEnumToProto(e *containeraws.NodePoolStateEnum) con return containerawspb.ContainerawsNodePoolStateEnum(0) } +// NodePoolKubeletConfigCpuManagerPolicyEnumToProto converts a NodePoolKubeletConfigCpuManagerPolicyEnum enum to its proto representation. +func ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnumToProto(e *containeraws.NodePoolKubeletConfigCpuManagerPolicyEnum) containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum { + if e == nil { + return containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum(0) + } + if v, ok := containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum_value["NodePoolKubeletConfigCpuManagerPolicyEnum"+string(*e)]; ok { + return containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum(v) + } + return containerawspb.ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnum(0) +} + // NodePoolConfigToProto converts a NodePoolConfig object to its proto representation. func ContainerawsNodePoolConfigToProto(o *containeraws.NodePoolConfig) *containerawspb.ContainerawsNodePoolConfig { if o == nil { @@ -412,6 +450,19 @@ func ContainerawsNodePoolManagementToProto(o *containeraws.NodePoolManagement) * return p } +// NodePoolKubeletConfigToProto converts a NodePoolKubeletConfig object to its proto representation. +func ContainerawsNodePoolKubeletConfigToProto(o *containeraws.NodePoolKubeletConfig) *containerawspb.ContainerawsNodePoolKubeletConfig { + if o == nil { + return nil + } + p := &containerawspb.ContainerawsNodePoolKubeletConfig{} + p.SetCpuManagerPolicy(ContainerawsNodePoolKubeletConfigCpuManagerPolicyEnumToProto(o.CpuManagerPolicy)) + p.SetCpuCfsQuota(dcl.ValueOrEmptyBool(o.CpuCfsQuota)) + p.SetCpuCfsQuotaPeriod(dcl.ValueOrEmptyString(o.CpuCfsQuotaPeriod)) + p.SetPodPidsLimit(dcl.ValueOrEmptyInt64(o.PodPidsLimit)) + return p +} + // NodePoolUpdateSettingsToProto converts a NodePoolUpdateSettings object to its proto representation. func ContainerawsNodePoolUpdateSettingsToProto(o *containeraws.NodePoolUpdateSettings) *containerawspb.ContainerawsNodePoolUpdateSettings { if o == nil { @@ -449,6 +500,7 @@ func NodePoolToProto(resource *containeraws.NodePool) *containerawspb.Containera p.SetEtag(dcl.ValueOrEmptyString(resource.Etag)) p.SetMaxPodsConstraint(ContainerawsNodePoolMaxPodsConstraintToProto(resource.MaxPodsConstraint)) p.SetManagement(ContainerawsNodePoolManagementToProto(resource.Management)) + p.SetKubeletConfig(ContainerawsNodePoolKubeletConfigToProto(resource.KubeletConfig)) p.SetUpdateSettings(ContainerawsNodePoolUpdateSettingsToProto(resource.UpdateSettings)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) diff --git a/services/google/assuredworkloads/alpha/workload.go b/services/google/assuredworkloads/alpha/workload.go index 6aa2135e4..d4c17e908 100755 --- a/services/google/assuredworkloads/alpha/workload.go +++ b/services/google/assuredworkloads/alpha/workload.go @@ -95,7 +95,7 @@ func (v WorkloadComplianceRegimeEnum) Validate() error { // Empty enum is okay. return nil } - for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS"} { + for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT"} { if string(v) == s { return nil } diff --git a/services/google/assuredworkloads/alpha/workload.yaml b/services/google/assuredworkloads/alpha/workload.yaml index 1a474d949..ecf47c21e 100755 --- a/services/google/assuredworkloads/alpha/workload.yaml +++ b/services/google/assuredworkloads/alpha/workload.yaml @@ -100,7 +100,8 @@ components: FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS' + KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, + HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT' x-kubernetes-immutable: true enum: - COMPLIANCE_REGIME_UNSPECIFIED @@ -124,6 +125,8 @@ components: - JP_REGIONS_AND_SUPPORT - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS - REGIONAL_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT complianceStatus: type: object x-dcl-go-name: ComplianceStatus diff --git a/services/google/assuredworkloads/alpha/workload_alpha_yaml_embed.go b/services/google/assuredworkloads/alpha/workload_alpha_yaml_embed.go index cdceb53ec..8cbbb333e 100755 --- a/services/google/assuredworkloads/alpha/workload_alpha_yaml_embed.go +++ b/services/google/assuredworkloads/alpha/workload_alpha_yaml_embed.go @@ -17,7 +17,7 @@ package alpha // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/assuredworkloads/alpha/workload.yaml -var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") +var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS,\n HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") -// 21101 bytes -// MD5: a82bd6570a15f297a2623bb1bed4ca3c +// 21323 bytes +// MD5: 9a7dba1cbf2b9b0f9447a1f64b58a4e3 diff --git a/services/google/assuredworkloads/alpha/workload_schema.go b/services/google/assuredworkloads/alpha/workload_schema.go index 2b4b70979..abd465f4f 100755 --- a/services/google/assuredworkloads/alpha/workload_schema.go +++ b/services/google/assuredworkloads/alpha/workload_schema.go @@ -129,7 +129,7 @@ func DCLWorkloadSchema() *dcl.Schema { Type: "string", GoName: "ComplianceRegime", GoType: "WorkloadComplianceRegimeEnum", - Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS", + Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", Immutable: true, Enum: []string{ "COMPLIANCE_REGIME_UNSPECIFIED", @@ -153,6 +153,8 @@ func DCLWorkloadSchema() *dcl.Schema { "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", }, }, "complianceStatus": &dcl.Property{ diff --git a/services/google/assuredworkloads/beta/workload.go b/services/google/assuredworkloads/beta/workload.go index fb0f945d7..7d61b5265 100755 --- a/services/google/assuredworkloads/beta/workload.go +++ b/services/google/assuredworkloads/beta/workload.go @@ -95,7 +95,7 @@ func (v WorkloadComplianceRegimeEnum) Validate() error { // Empty enum is okay. return nil } - for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS"} { + for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT"} { if string(v) == s { return nil } diff --git a/services/google/assuredworkloads/beta/workload.yaml b/services/google/assuredworkloads/beta/workload.yaml index 1a474d949..ecf47c21e 100755 --- a/services/google/assuredworkloads/beta/workload.yaml +++ b/services/google/assuredworkloads/beta/workload.yaml @@ -100,7 +100,8 @@ components: FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS' + KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, + HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT' x-kubernetes-immutable: true enum: - COMPLIANCE_REGIME_UNSPECIFIED @@ -124,6 +125,8 @@ components: - JP_REGIONS_AND_SUPPORT - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS - REGIONAL_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT complianceStatus: type: object x-dcl-go-name: ComplianceStatus diff --git a/services/google/assuredworkloads/beta/workload_beta_yaml_embed.go b/services/google/assuredworkloads/beta/workload_beta_yaml_embed.go index 50983c72c..527b171b8 100755 --- a/services/google/assuredworkloads/beta/workload_beta_yaml_embed.go +++ b/services/google/assuredworkloads/beta/workload_beta_yaml_embed.go @@ -17,7 +17,7 @@ package beta // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/assuredworkloads/beta/workload.yaml -var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") +var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS,\n HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") -// 21101 bytes -// MD5: a82bd6570a15f297a2623bb1bed4ca3c +// 21323 bytes +// MD5: 9a7dba1cbf2b9b0f9447a1f64b58a4e3 diff --git a/services/google/assuredworkloads/beta/workload_schema.go b/services/google/assuredworkloads/beta/workload_schema.go index 9fbf6dd47..5c0edf516 100755 --- a/services/google/assuredworkloads/beta/workload_schema.go +++ b/services/google/assuredworkloads/beta/workload_schema.go @@ -129,7 +129,7 @@ func DCLWorkloadSchema() *dcl.Schema { Type: "string", GoName: "ComplianceRegime", GoType: "WorkloadComplianceRegimeEnum", - Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS", + Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", Immutable: true, Enum: []string{ "COMPLIANCE_REGIME_UNSPECIFIED", @@ -153,6 +153,8 @@ func DCLWorkloadSchema() *dcl.Schema { "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", }, }, "complianceStatus": &dcl.Property{ diff --git a/services/google/assuredworkloads/workload.go b/services/google/assuredworkloads/workload.go index 2546a749c..ccb87a59c 100755 --- a/services/google/assuredworkloads/workload.go +++ b/services/google/assuredworkloads/workload.go @@ -95,7 +95,7 @@ func (v WorkloadComplianceRegimeEnum) Validate() error { // Empty enum is okay. return nil } - for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS"} { + for _, s := range []string{"COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT"} { if string(v) == s { return nil } diff --git a/services/google/assuredworkloads/workload.yaml b/services/google/assuredworkloads/workload.yaml index 1a474d949..ecf47c21e 100755 --- a/services/google/assuredworkloads/workload.yaml +++ b/services/google/assuredworkloads/workload.yaml @@ -100,7 +100,8 @@ components: FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS' + KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, + HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT' x-kubernetes-immutable: true enum: - COMPLIANCE_REGIME_UNSPECIFIED @@ -124,6 +125,8 @@ components: - JP_REGIONS_AND_SUPPORT - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS - REGIONAL_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT complianceStatus: type: object x-dcl-go-name: ComplianceStatus diff --git a/services/google/assuredworkloads/workload_schema.go b/services/google/assuredworkloads/workload_schema.go index cf7c6c1a9..a2d8c474e 100755 --- a/services/google/assuredworkloads/workload_schema.go +++ b/services/google/assuredworkloads/workload_schema.go @@ -129,7 +129,7 @@ func DCLWorkloadSchema() *dcl.Schema { Type: "string", GoName: "ComplianceRegime", GoType: "WorkloadComplianceRegimeEnum", - Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS", + Description: "Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT, KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", Immutable: true, Enum: []string{ "COMPLIANCE_REGIME_UNSPECIFIED", @@ -153,6 +153,8 @@ func DCLWorkloadSchema() *dcl.Schema { "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", + "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT", }, }, "complianceStatus": &dcl.Property{ diff --git a/services/google/assuredworkloads/workload_yaml_embed.go b/services/google/assuredworkloads/workload_yaml_embed.go index 0ed30a991..071af69b5 100755 --- a/services/google/assuredworkloads/workload_yaml_embed.go +++ b/services/google/assuredworkloads/workload_yaml_embed.go @@ -17,7 +17,7 @@ package assuredworkloads // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/assuredworkloads/workload.yaml -var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") +var YAML_workload = []byte("info:\n title: AssuredWorkloads/Workload\n description: The AssuredWorkloads Workload resource\n x-dcl-struct-name: Workload\n x-dcl-has-iam: false\npaths:\n get:\n description: The function used to get information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n apply:\n description: The function used to apply information about a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n delete:\n description: The function used to delete a Workload\n parameters:\n - name: workload\n required: true\n description: A full instance of a Workload\n deleteAll:\n description: The function used to delete all Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many Workload\n parameters:\n - name: organization\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n Workload:\n title: Workload\n x-dcl-id: organizations/{{organization}}/locations/{{location}}/workloads/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: organization\n x-dcl-labels: labels\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - displayName\n - complianceRegime\n - organization\n - location\n properties:\n billingAccount:\n type: string\n x-dcl-go-name: BillingAccount\n description: Optional. Input only. The billing account used for the resources\n which are direct children of workload. This billing account is initially\n associated with the resources created as part of Workload creation. After\n the initial creation of these resources, the customer can change the assigned\n billing account. The resource name has the form `billingAccounts/{billing_account_id}`.\n For example, `billingAccounts/012345-567890-ABCDEF`.\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/BillingAccount\n field: name\n x-dcl-mutable-unreadable: true\n complianceRegime:\n type: string\n x-dcl-go-name: ComplianceRegime\n x-dcl-go-type: WorkloadComplianceRegimeEnum\n description: 'Required. Immutable. Compliance Regime associated with this\n workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH,\n FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT,\n CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS,\n ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT,\n KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS, REGIONAL_CONTROLS,\n HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS, HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT'\n x-kubernetes-immutable: true\n enum:\n - COMPLIANCE_REGIME_UNSPECIFIED\n - IL4\n - CJIS\n - FEDRAMP_HIGH\n - FEDRAMP_MODERATE\n - US_REGIONAL_ACCESS\n - HIPAA\n - HITRUST\n - EU_REGIONS_AND_SUPPORT\n - CA_REGIONS_AND_SUPPORT\n - ITAR\n - AU_REGIONS_AND_US_SUPPORT\n - ASSURED_WORKLOADS_FOR_PARTNERS\n - ISR_REGIONS\n - ISR_REGIONS_AND_SUPPORT\n - CA_PROTECTED_B\n - IL5\n - IL2\n - JP_REGIONS_AND_SUPPORT\n - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS\n - REGIONAL_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS\n - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_WITH_US_SUPPORT\n complianceStatus:\n type: object\n x-dcl-go-name: ComplianceStatus\n x-dcl-go-type: WorkloadComplianceStatus\n readOnly: true\n description: Output only. Count of active Violations in the Workload.\n x-kubernetes-immutable: true\n properties:\n acknowledgedViolationCount:\n type: array\n x-dcl-go-name: AcknowledgedViolationCount\n description: Number of current orgPolicy violations which are acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n activeViolationCount:\n type: array\n x-dcl-go-name: ActiveViolationCount\n description: Number of current orgPolicy violations which are not acknowledged.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: integer\n format: int64\n x-dcl-go-type: int64\n compliantButDisallowedServices:\n type: array\n x-dcl-go-name: CompliantButDisallowedServices\n readOnly: true\n description: Output only. Urls for services which are compliant for this\n Assured Workload, but which are currently disallowed by the ResourceUsageRestriction\n org policy. Invoke workloads.restrictAllowedResources endpoint to allow\n your project developers to use these services in their environment.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. Immutable. The Workload creation timestamp.\n x-kubernetes-immutable: true\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: 'Required. The user-assigned display name of the Workload.\n When present it must be between 4 to 30 characters. Allowed characters\n are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example:\n My Workload'\n ekmProvisioningResponse:\n type: object\n x-dcl-go-name: EkmProvisioningResponse\n x-dcl-go-type: WorkloadEkmProvisioningResponse\n readOnly: true\n description: Optional. Represents the Ekm Provisioning State of the given\n workload.\n x-kubernetes-immutable: true\n properties:\n ekmProvisioningErrorDomain:\n type: string\n x-dcl-go-name: EkmProvisioningErrorDomain\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorDomainEnum\n description: 'Indicates Ekm provisioning error if any. Possible values:\n EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED, UNSPECIFIED_ERROR, GOOGLE_SERVER_ERROR,\n EXTERNAL_USER_ERROR, EXTERNAL_PARTNER_ERROR, TIMEOUT_ERROR'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED\n - UNSPECIFIED_ERROR\n - GOOGLE_SERVER_ERROR\n - EXTERNAL_USER_ERROR\n - EXTERNAL_PARTNER_ERROR\n - TIMEOUT_ERROR\n ekmProvisioningErrorMapping:\n type: string\n x-dcl-go-name: EkmProvisioningErrorMapping\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningErrorMappingEnum\n description: 'Detailed error message if Ekm provisioning fails Possible\n values: EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED, INVALID_SERVICE_ACCOUNT,\n MISSING_METRICS_SCOPE_ADMIN_PERMISSION, MISSING_EKM_CONNECTION_ADMIN_PERMISSION'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED\n - INVALID_SERVICE_ACCOUNT\n - MISSING_METRICS_SCOPE_ADMIN_PERMISSION\n - MISSING_EKM_CONNECTION_ADMIN_PERMISSION\n ekmProvisioningState:\n type: string\n x-dcl-go-name: EkmProvisioningState\n x-dcl-go-type: WorkloadEkmProvisioningResponseEkmProvisioningStateEnum\n description: 'Indicates Ekm enrollment Provisioning of a given workload.\n Possible values: EKM_PROVISIONING_STATE_UNSPECIFIED, EKM_PROVISIONING_STATE_PENDING,\n EKM_PROVISIONING_STATE_FAILED, EKM_PROVISIONING_STATE_COMPLETED'\n x-kubernetes-immutable: true\n enum:\n - EKM_PROVISIONING_STATE_UNSPECIFIED\n - EKM_PROVISIONING_STATE_PENDING\n - EKM_PROVISIONING_STATE_FAILED\n - EKM_PROVISIONING_STATE_COMPLETED\n enableSovereignControls:\n type: boolean\n x-dcl-go-name: EnableSovereignControls\n description: Optional. Indicates the sovereignty status of the given workload.\n Currently meant to be used by Europe/Canada customers.\n x-kubernetes-immutable: true\n kajEnrollmentState:\n type: string\n x-dcl-go-name: KajEnrollmentState\n x-dcl-go-type: WorkloadKajEnrollmentStateEnum\n readOnly: true\n description: 'Output only. Represents the KAJ enrollment state of the given\n workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING,\n KAJ_ENROLLMENT_STATE_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - KAJ_ENROLLMENT_STATE_UNSPECIFIED\n - KAJ_ENROLLMENT_STATE_PENDING\n - KAJ_ENROLLMENT_STATE_COMPLETE\n kmsSettings:\n type: object\n x-dcl-go-name: KmsSettings\n x-dcl-go-type: WorkloadKmsSettings\n description: '**DEPRECATED** Input only. Settings used to create a CMEK\n crypto key. When set, a project with a KMS CMEK key is provisioned. This\n field is deprecated as of Feb 28, 2022. In order to create a Keyring,\n callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type\n field.'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n required:\n - nextRotationTime\n - rotationPeriod\n properties:\n nextRotationTime:\n type: string\n format: date-time\n x-dcl-go-name: NextRotationTime\n description: Required. Input only. Immutable. The time at which the\n Key Management Service will automatically create a new version of\n the crypto key and mark it as the primary.\n x-kubernetes-immutable: true\n rotationPeriod:\n type: string\n x-dcl-go-name: RotationPeriod\n description: Required. Input only. Immutable. will be advanced by this\n period when the Key Management Service automatically rotates a key.\n Must be at least 24 hours and at most 876,000 hours.\n x-kubernetes-immutable: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Optional. Labels applied to the workload.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Output only. The resource name of the workload.\n x-kubernetes-immutable: true\n x-dcl-server-generated-parameter: true\n x-dcl-has-long-form: true\n organization:\n type: string\n x-dcl-go-name: Organization\n description: The organization for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Organization\n field: name\n parent: true\n x-dcl-parameter: true\n partner:\n type: string\n x-dcl-go-name: Partner\n x-dcl-go-type: WorkloadPartnerEnum\n description: 'Optional. Partner regime associated with this workload. Possible\n values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS,\n SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN, SOVEREIGN_CONTROLS_BY_CNTXT,\n SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM'\n x-kubernetes-immutable: true\n enum:\n - PARTNER_UNSPECIFIED\n - LOCAL_CONTROLS_BY_S3NS\n - SOVEREIGN_CONTROLS_BY_T_SYSTEMS\n - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT\n - SOVEREIGN_CONTROLS_BY_PSN\n - SOVEREIGN_CONTROLS_BY_CNTXT\n - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM\n partnerPermissions:\n type: object\n x-dcl-go-name: PartnerPermissions\n x-dcl-go-type: WorkloadPartnerPermissions\n description: Optional. Permissions granted to the AW Partner SA account\n for the customer workload\n x-kubernetes-immutable: true\n properties:\n assuredWorkloadsMonitoring:\n type: boolean\n x-dcl-go-name: AssuredWorkloadsMonitoring\n description: Optional. Allow partner to view violation alerts.\n x-kubernetes-immutable: true\n dataLogsViewer:\n type: boolean\n x-dcl-go-name: DataLogsViewer\n description: Allow the partner to view inspectability logs and monitoring\n violations.\n x-kubernetes-immutable: true\n serviceAccessApprover:\n type: boolean\n x-dcl-go-name: ServiceAccessApprover\n description: Optional. Allow partner to view access approval logs.\n x-kubernetes-immutable: true\n partnerServicesBillingAccount:\n type: string\n x-dcl-go-name: PartnerServicesBillingAccount\n description: Optional. Input only. Billing account necessary for purchasing\n services from Sovereign Partners. This field is required for creating\n SIA/PSN/CNTXT partner workloads. The caller should have 'billing.resourceAssociations.create'\n IAM permission on this billing-account. The format of this string is billingAccounts/AAAAAA-BBBBBB-CCCCCC.\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n provisionedResourcesParent:\n type: string\n x-dcl-go-name: ProvisionedResourcesParent\n description: 'Input only. The parent resource for the resources managed\n by this Assured Workload. May be either empty or a folder resource which\n is a child of the Workload parent. If not specified all resources are\n created under the parent organization. Format: folders/{folder_id}'\n x-kubernetes-immutable: true\n x-dcl-mutable-unreadable: true\n resourceSettings:\n type: array\n x-dcl-go-name: ResourceSettings\n description: Input only. Resource properties that are used to customize\n workload resources. These properties (such as custom project id) will\n be used to create workload resources if possible. This field is optional.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResourceSettings\n properties:\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: User-assigned resource display name. If not empty it\n will be used to create a resource with the specified name.\n x-kubernetes-immutable: true\n resourceId:\n type: string\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents projectId.\n If the project is already taken, the workload creation will fail.\n For KeyRing, this represents the keyring_id. For a folder, don't\n set this value as folder_id is assigned by Google.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourceSettingsResourceTypeEnum\n description: 'Indicates the type of resource. This field should be\n specified to correspond the id to the right project type (CONSUMER_PROJECT\n or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n x-dcl-mutable-unreadable: true\n resources:\n type: array\n x-dcl-go-name: Resources\n readOnly: true\n description: Output only. The resources associated with this workload. These\n resources will be created when creating the workload. If any of the projects\n already exist, the workload creation will fail. Always read only.\n x-kubernetes-immutable: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: WorkloadResources\n properties:\n resourceId:\n type: integer\n format: int64\n x-dcl-go-name: ResourceId\n description: Resource identifier. For a project this represents project_number.\n x-kubernetes-immutable: true\n resourceType:\n type: string\n x-dcl-go-name: ResourceType\n x-dcl-go-type: WorkloadResourcesResourceTypeEnum\n description: 'Indicates the type of resource. Possible values: RESOURCE_TYPE_UNSPECIFIED,\n CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER'\n x-kubernetes-immutable: true\n enum:\n - RESOURCE_TYPE_UNSPECIFIED\n - CONSUMER_PROJECT\n - ENCRYPTION_KEYS_PROJECT\n - KEYRING\n - CONSUMER_FOLDER\n saaEnrollmentResponse:\n type: object\n x-dcl-go-name: SaaEnrollmentResponse\n x-dcl-go-type: WorkloadSaaEnrollmentResponse\n readOnly: true\n description: Output only. Represents the SAA enrollment response of the\n given workload. SAA enrollment response is queried during workloads.get\n call. In failure cases, user friendly error message is shown in SAA details\n page.\n x-kubernetes-immutable: true\n properties:\n setupErrors:\n type: array\n x-dcl-go-name: SetupErrors\n description: Indicates SAA enrollment setup error if any.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupErrorsEnum\n enum:\n - SETUP_ERROR_UNSPECIFIED\n - ERROR_INVALID_BASE_SETUP\n - ERROR_MISSING_EXTERNAL_SIGNING_KEY\n - ERROR_NOT_ALL_SERVICES_ENROLLED\n - ERROR_SETUP_CHECK_FAILED\n setupStatus:\n type: string\n x-dcl-go-name: SetupStatus\n x-dcl-go-type: WorkloadSaaEnrollmentResponseSetupStatusEnum\n description: 'Indicates SAA enrollment status of a given workload. Possible\n values: SETUP_STATE_UNSPECIFIED, STATUS_PENDING, STATUS_COMPLETE'\n x-kubernetes-immutable: true\n enum:\n - SETUP_STATE_UNSPECIFIED\n - STATUS_PENDING\n - STATUS_COMPLETE\n violationNotificationsEnabled:\n type: boolean\n x-dcl-go-name: ViolationNotificationsEnabled\n description: Optional. Indicates whether the e-mail notification for a violation\n is enabled for a workload. This value will be by default True, and if\n not present will be considered as true. This should only be updated via\n updateWorkload call. Any Changes to this field during the createWorkload\n call will not be honored. This will always be true while creating the\n workload.\n x-kubernetes-immutable: true\n") -// 21101 bytes -// MD5: a82bd6570a15f297a2623bb1bed4ca3c +// 21323 bytes +// MD5: 9a7dba1cbf2b9b0f9447a1f64b58a4e3 diff --git a/services/google/containeraws/alpha/node_pool.go b/services/google/containeraws/alpha/node_pool.go index ae2e6dead..3170f39d1 100755 --- a/services/google/containeraws/alpha/node_pool.go +++ b/services/google/containeraws/alpha/node_pool.go @@ -39,6 +39,7 @@ type NodePool struct { Annotations map[string]string `json:"annotations"` MaxPodsConstraint *NodePoolMaxPodsConstraint `json:"maxPodsConstraint"` Management *NodePoolManagement `json:"management"` + KubeletConfig *NodePoolKubeletConfig `json:"kubeletConfig"` UpdateSettings *NodePoolUpdateSettings `json:"updateSettings"` Project *string `json:"project"` Location *string `json:"location"` @@ -157,6 +158,33 @@ func (v NodePoolStateEnum) Validate() error { } } +// The enum NodePoolKubeletConfigCpuManagerPolicyEnum. +type NodePoolKubeletConfigCpuManagerPolicyEnum string + +// NodePoolKubeletConfigCpuManagerPolicyEnumRef returns a *NodePoolKubeletConfigCpuManagerPolicyEnum with the value of string s +// If the empty string is provided, nil is returned. +func NodePoolKubeletConfigCpuManagerPolicyEnumRef(s string) *NodePoolKubeletConfigCpuManagerPolicyEnum { + v := NodePoolKubeletConfigCpuManagerPolicyEnum(s) + return &v +} + +func (v NodePoolKubeletConfigCpuManagerPolicyEnum) Validate() error { + if string(v) == "" { + // Empty enum is okay. + return nil + } + for _, s := range []string{"none", "static"} { + if string(v) == s { + return nil + } + } + return &dcl.EnumInvalidError{ + Enum: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Value: string(v), + Valid: []string{}, + } +} + type NodePoolConfig struct { empty bool `json:"-"` InstanceType *string `json:"instanceType"` @@ -775,6 +803,61 @@ func (r *NodePoolManagement) HashCode() string { return fmt.Sprintf("%x", hash) } +type NodePoolKubeletConfig struct { + empty bool `json:"-"` + CpuManagerPolicy *NodePoolKubeletConfigCpuManagerPolicyEnum `json:"cpuManagerPolicy"` + CpuCfsQuota *bool `json:"cpuCfsQuota"` + CpuCfsQuotaPeriod *string `json:"cpuCfsQuotaPeriod"` + PodPidsLimit *int64 `json:"podPidsLimit"` +} + +type jsonNodePoolKubeletConfig NodePoolKubeletConfig + +func (r *NodePoolKubeletConfig) UnmarshalJSON(data []byte) error { + var res jsonNodePoolKubeletConfig + if err := json.Unmarshal(data, &res); err != nil { + return err + } + + var m map[string]interface{} + json.Unmarshal(data, &m) + + if len(m) == 0 { + *r = *EmptyNodePoolKubeletConfig + } else { + + r.CpuManagerPolicy = res.CpuManagerPolicy + + r.CpuCfsQuota = res.CpuCfsQuota + + r.CpuCfsQuotaPeriod = res.CpuCfsQuotaPeriod + + r.PodPidsLimit = res.PodPidsLimit + + } + return nil +} + +// This object is used to assert a desired state where this NodePoolKubeletConfig is +// empty. Go lacks global const objects, but this object should be treated +// as one. Modifying this object will have undesirable results. +var EmptyNodePoolKubeletConfig *NodePoolKubeletConfig = &NodePoolKubeletConfig{empty: true} + +func (r *NodePoolKubeletConfig) Empty() bool { + return r.empty +} + +func (r *NodePoolKubeletConfig) String() string { + return dcl.SprintResource(r) +} + +func (r *NodePoolKubeletConfig) HashCode() string { + // Placeholder for a more complex hash method that handles ordering, etc + // Hash resource body for easy comparison later + hash := sha256.Sum256([]byte(r.String())) + return fmt.Sprintf("%x", hash) +} + type NodePoolUpdateSettings struct { empty bool `json:"-"` SurgeSettings *NodePoolUpdateSettingsSurgeSettings `json:"surgeSettings"` @@ -900,6 +983,7 @@ func (r *NodePool) ID() (string, error) { "annotations": dcl.ValueOrEmptyString(nr.Annotations), "max_pods_constraint": dcl.ValueOrEmptyString(nr.MaxPodsConstraint), "management": dcl.ValueOrEmptyString(nr.Management), + "kubelet_config": dcl.ValueOrEmptyString(nr.KubeletConfig), "update_settings": dcl.ValueOrEmptyString(nr.UpdateSettings), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), diff --git a/services/google/containeraws/alpha/node_pool.yaml b/services/google/containeraws/alpha/node_pool.yaml index 705d87310..23a6631ac 100755 --- a/services/google/containeraws/alpha/node_pool.yaml +++ b/services/google/containeraws/alpha/node_pool.yaml @@ -413,6 +413,43 @@ components: optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. x-kubernetes-immutable: true + kubeletConfig: + type: object + x-dcl-go-name: KubeletConfig + x-dcl-go-type: NodePoolKubeletConfig + description: The kubelet configuration for the node pool. + x-kubernetes-immutable: true + properties: + cpuCfsQuota: + type: boolean + x-dcl-go-name: CpuCfsQuota + description: Whether or not to enable CPU CFS quota. Defaults to true. + x-kubernetes-immutable: true + x-dcl-server-default: true + cpuCfsQuotaPeriod: + type: string + x-dcl-go-name: CpuCfsQuotaPeriod + description: Optional. The CPU CFS quota period to use for the node. + Defaults to "100ms". + x-kubernetes-immutable: true + cpuManagerPolicy: + type: string + x-dcl-go-name: CpuManagerPolicy + x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum + description: The CpuManagerPolicy to use for the node. Defaults to "none". + x-kubernetes-immutable: true + x-dcl-server-default: true + enum: + - none + - static + podPidsLimit: + type: integer + format: int64 + x-dcl-go-name: PodPidsLimit + description: Optional. The maximum number of PIDs in each pod running + on the node. The limit scales automatically based on underlying machine + size if left unset. + x-kubernetes-immutable: true location: type: string x-dcl-go-name: Location diff --git a/services/google/containeraws/alpha/node_pool_alpha_yaml_embed.go b/services/google/containeraws/alpha/node_pool_alpha_yaml_embed.go index fe6dbd452..fbe80ac8a 100755 --- a/services/google/containeraws/alpha/node_pool_alpha_yaml_embed.go +++ b/services/google/containeraws/alpha/node_pool_alpha_yaml_embed.go @@ -17,7 +17,7 @@ package alpha // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/containeraws/alpha/node_pool.yaml -var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n imageType:\n type: string\n x-dcl-go-name: ImageType\n description: The OS image type to use on node pool instances.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n instancePlacement:\n type: object\n x-dcl-go-name: InstancePlacement\n x-dcl-go-type: NodePoolConfigInstancePlacement\n description: Details of placement information for an instance.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n properties:\n tenancy:\n type: string\n x-dcl-go-name: Tenancy\n x-dcl-go-type: NodePoolConfigInstancePlacementTenancyEnum\n description: 'The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED,\n DEFAULT, DEDICATED, HOST'\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - TENANCY_UNSPECIFIED\n - DEFAULT\n - DEDICATED\n - HOST\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n spotConfig:\n type: object\n x-dcl-go-name: SpotConfig\n x-dcl-go-type: NodePoolConfigSpotConfig\n description: Optional. When specified, the node pool will provision\n Spot instances from the set of spot_config.instance_types. This field\n is mutually exclusive with `instance_type`\n x-kubernetes-immutable: true\n required:\n - instanceTypes\n properties:\n instanceTypes:\n type: array\n x-dcl-go-name: InstanceTypes\n description: List of AWS EC2 instance types for creating a spot\n node pool's nodes. The specified instance types must have the\n same number of CPUs and memory. You can use the Amazon EC2 Instance\n Selector tool (https://github.com/aws/amazon-ec2-instance-selector)\n to choose instance types with matching CPU and memory\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") +var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n imageType:\n type: string\n x-dcl-go-name: ImageType\n description: The OS image type to use on node pool instances.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n instancePlacement:\n type: object\n x-dcl-go-name: InstancePlacement\n x-dcl-go-type: NodePoolConfigInstancePlacement\n description: Details of placement information for an instance.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n properties:\n tenancy:\n type: string\n x-dcl-go-name: Tenancy\n x-dcl-go-type: NodePoolConfigInstancePlacementTenancyEnum\n description: 'The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED,\n DEFAULT, DEDICATED, HOST'\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - TENANCY_UNSPECIFIED\n - DEFAULT\n - DEDICATED\n - HOST\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n spotConfig:\n type: object\n x-dcl-go-name: SpotConfig\n x-dcl-go-type: NodePoolConfigSpotConfig\n description: Optional. When specified, the node pool will provision\n Spot instances from the set of spot_config.instance_types. This field\n is mutually exclusive with `instance_type`\n x-kubernetes-immutable: true\n required:\n - instanceTypes\n properties:\n instanceTypes:\n type: array\n x-dcl-go-name: InstanceTypes\n description: List of AWS EC2 instance types for creating a spot\n node pool's nodes. The specified instance types must have the\n same number of CPUs and memory. You can use the Amazon EC2 Instance\n Selector tool (https://github.com/aws/amazon-ec2-instance-selector)\n to choose instance types with matching CPU and memory\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n kubeletConfig:\n type: object\n x-dcl-go-name: KubeletConfig\n x-dcl-go-type: NodePoolKubeletConfig\n description: The kubelet configuration for the node pool.\n x-kubernetes-immutable: true\n properties:\n cpuCfsQuota:\n type: boolean\n x-dcl-go-name: CpuCfsQuota\n description: Whether or not to enable CPU CFS quota. Defaults to true.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n cpuCfsQuotaPeriod:\n type: string\n x-dcl-go-name: CpuCfsQuotaPeriod\n description: Optional. The CPU CFS quota period to use for the node.\n Defaults to \"100ms\".\n x-kubernetes-immutable: true\n cpuManagerPolicy:\n type: string\n x-dcl-go-name: CpuManagerPolicy\n x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum\n description: The CpuManagerPolicy to use for the node. Defaults to \"none\".\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - none\n - static\n podPidsLimit:\n type: integer\n format: int64\n x-dcl-go-name: PodPidsLimit\n description: Optional. The maximum number of PIDs in each pod running\n on the node. The limit scales automatically based on underlying machine\n size if left unset.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") -// 21298 bytes -// MD5: 14da05cf46ed4aa2432ffd68a37ff64d +// 22876 bytes +// MD5: 035791092b3dab7a0e371152decfccb1 diff --git a/services/google/containeraws/alpha/node_pool_internal.go b/services/google/containeraws/alpha/node_pool_internal.go index c513aa5e4..381f7964a 100755 --- a/services/google/containeraws/alpha/node_pool_internal.go +++ b/services/google/containeraws/alpha/node_pool_internal.go @@ -74,6 +74,11 @@ func (r *NodePool) validate() error { return err } } + if !dcl.IsEmptyValueIndirect(r.KubeletConfig) { + if err := r.KubeletConfig.validate(); err != nil { + return err + } + } if !dcl.IsEmptyValueIndirect(r.UpdateSettings) { if err := r.UpdateSettings.validate(); err != nil { return err @@ -194,6 +199,9 @@ func (r *NodePoolMaxPodsConstraint) validate() error { func (r *NodePoolManagement) validate() error { return nil } +func (r *NodePoolKubeletConfig) validate() error { + return nil +} func (r *NodePoolUpdateSettings) validate() error { if !dcl.IsEmptyValueIndirect(r.SurgeSettings) { if err := r.SurgeSettings.validate(); err != nil { @@ -647,6 +655,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... rawDesired.Autoscaling = canonicalizeNodePoolAutoscaling(rawDesired.Autoscaling, nil, opts...) rawDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, nil, opts...) rawDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, nil, opts...) + rawDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, nil, opts...) rawDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, nil, opts...) return rawDesired, nil @@ -677,6 +686,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... } canonicalDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, rawInitial.MaxPodsConstraint, opts...) canonicalDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, rawInitial.Management, opts...) + canonicalDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, rawInitial.KubeletConfig, opts...) canonicalDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, rawInitial.UpdateSettings, opts...) if dcl.NameToSelfLink(rawDesired.Project, rawInitial.Project) { canonicalDesired.Project = rawInitial.Project @@ -790,6 +800,12 @@ func canonicalizeNodePoolNewState(c *Client, rawNew, rawDesired *NodePool) (*Nod rawNew.Management = canonicalizeNewNodePoolManagement(c, rawDesired.Management, rawNew.Management) } + if dcl.IsEmptyValueIndirect(rawNew.KubeletConfig) && dcl.IsEmptyValueIndirect(rawDesired.KubeletConfig) { + rawNew.KubeletConfig = rawDesired.KubeletConfig + } else { + rawNew.KubeletConfig = canonicalizeNewNodePoolKubeletConfig(c, rawDesired.KubeletConfig, rawNew.KubeletConfig) + } + if dcl.IsEmptyValueIndirect(rawNew.UpdateSettings) && dcl.IsEmptyValueIndirect(rawDesired.UpdateSettings) { rawNew.UpdateSettings = rawDesired.UpdateSettings } else { @@ -2324,6 +2340,144 @@ func canonicalizeNewNodePoolManagementSlice(c *Client, des, nw []NodePoolManagem return items } +func canonicalizeNodePoolKubeletConfig(des, initial *NodePoolKubeletConfig, opts ...dcl.ApplyOption) *NodePoolKubeletConfig { + if des == nil { + return initial + } + if des.empty { + return des + } + + if initial == nil { + return des + } + + cDes := &NodePoolKubeletConfig{} + + if dcl.IsZeroValue(des.CpuManagerPolicy) || (dcl.IsEmptyValueIndirect(des.CpuManagerPolicy) && dcl.IsEmptyValueIndirect(initial.CpuManagerPolicy)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.CpuManagerPolicy = initial.CpuManagerPolicy + } else { + cDes.CpuManagerPolicy = des.CpuManagerPolicy + } + if dcl.BoolCanonicalize(des.CpuCfsQuota, initial.CpuCfsQuota) || dcl.IsZeroValue(des.CpuCfsQuota) { + cDes.CpuCfsQuota = initial.CpuCfsQuota + } else { + cDes.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, initial.CpuCfsQuotaPeriod) || dcl.IsZeroValue(des.CpuCfsQuotaPeriod) { + cDes.CpuCfsQuotaPeriod = initial.CpuCfsQuotaPeriod + } else { + cDes.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + if dcl.IsZeroValue(des.PodPidsLimit) || (dcl.IsEmptyValueIndirect(des.PodPidsLimit) && dcl.IsEmptyValueIndirect(initial.PodPidsLimit)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.PodPidsLimit = initial.PodPidsLimit + } else { + cDes.PodPidsLimit = des.PodPidsLimit + } + + return cDes +} + +func canonicalizeNodePoolKubeletConfigSlice(des, initial []NodePoolKubeletConfig, opts ...dcl.ApplyOption) []NodePoolKubeletConfig { + if dcl.IsEmptyValueIndirect(des) { + return initial + } + + if len(des) != len(initial) { + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for _, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, nil, opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + } + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for i, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, &initial[i], opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + +} + +func canonicalizeNewNodePoolKubeletConfig(c *Client, des, nw *NodePoolKubeletConfig) *NodePoolKubeletConfig { + + if des == nil { + return nw + } + + if nw == nil { + if dcl.IsEmptyValueIndirect(des) { + c.Config.Logger.Info("Found explicitly empty value for NodePoolKubeletConfig while comparing non-nil desired to nil actual. Returning desired object.") + return des + } + return nil + } + + if dcl.BoolCanonicalize(des.CpuCfsQuota, nw.CpuCfsQuota) { + nw.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, nw.CpuCfsQuotaPeriod) { + nw.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + + return nw +} + +func canonicalizeNewNodePoolKubeletConfigSet(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Find the elements in des that are also in nw and canonicalize them. Remove matched elements from nw. + var items []NodePoolKubeletConfig + for _, d := range des { + matchedIndex := -1 + for i, n := range nw { + if diffs, _ := compareNodePoolKubeletConfigNewStyle(&d, &n, dcl.FieldName{}); len(diffs) == 0 { + matchedIndex = i + break + } + } + if matchedIndex != -1 { + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &nw[matchedIndex])) + nw = append(nw[:matchedIndex], nw[matchedIndex+1:]...) + } + } + // Also include elements in nw that are not matched in des. + items = append(items, nw...) + + return items +} + +func canonicalizeNewNodePoolKubeletConfigSlice(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Lengths are unequal. A diff will occur later, so we shouldn't canonicalize. + // Return the original array. + if len(des) != len(nw) { + return nw + } + + var items []NodePoolKubeletConfig + for i, d := range des { + n := nw[i] + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &n)) + } + + return items +} + func canonicalizeNodePoolUpdateSettings(des, initial *NodePoolUpdateSettings, opts ...dcl.ApplyOption) *NodePoolUpdateSettings { if des == nil { return initial @@ -2673,6 +2827,13 @@ func diffNodePool(c *Client, desired, actual *NodePool, opts ...dcl.ApplyOption) newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.KubeletConfig, actual.KubeletConfig, dcl.DiffInfo{ObjectFunction: compareNodePoolKubeletConfigNewStyle, EmptyObject: EmptyNodePoolKubeletConfig, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("KubeletConfig")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + if ds, err := dcl.Diff(desired.UpdateSettings, actual.UpdateSettings, dcl.DiffInfo{ServerDefault: true, ObjectFunction: compareNodePoolUpdateSettingsNewStyle, EmptyObject: EmptyNodePoolUpdateSettings, OperationSelector: dcl.TriggersOperation("updateNodePoolUpdateAwsNodePoolOperation")}, fn.AddNest("UpdateSettings")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -3208,6 +3369,56 @@ func compareNodePoolManagementNewStyle(d, a interface{}, fn dcl.FieldName) ([]*d return diffs, nil } +func compareNodePoolKubeletConfigNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { + var diffs []*dcl.FieldDiff + + desired, ok := d.(*NodePoolKubeletConfig) + if !ok { + desiredNotPointer, ok := d.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig or *NodePoolKubeletConfig", d) + } + desired = &desiredNotPointer + } + actual, ok := a.(*NodePoolKubeletConfig) + if !ok { + actualNotPointer, ok := a.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig", a) + } + actual = &actualNotPointer + } + + if ds, err := dcl.Diff(desired.CpuManagerPolicy, actual.CpuManagerPolicy, dcl.DiffInfo{ServerDefault: true, Type: "EnumType", OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuManagerPolicy")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuota, actual.CpuCfsQuota, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuota")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuotaPeriod, actual.CpuCfsQuotaPeriod, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuotaPeriod")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.PodPidsLimit, actual.PodPidsLimit, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PodPidsLimit")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + return diffs, nil +} + func compareNodePoolUpdateSettingsNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { var diffs []*dcl.FieldDiff @@ -3374,6 +3585,11 @@ func expandNodePool(c *Client, f *NodePool) (map[string]interface{}, error) { } else if !dcl.IsEmptyValueIndirect(v) { m["management"] = v } + if v, err := expandNodePoolKubeletConfig(c, f.KubeletConfig, res); err != nil { + return nil, fmt.Errorf("error expanding KubeletConfig into kubeletConfig: %w", err) + } else if !dcl.IsEmptyValueIndirect(v) { + m["kubeletConfig"] = v + } if v, err := expandNodePoolUpdateSettings(c, f.UpdateSettings, res); err != nil { return nil, fmt.Errorf("error expanding UpdateSettings into updateSettings: %w", err) } else if !dcl.IsEmptyValueIndirect(v) { @@ -3424,6 +3640,7 @@ func flattenNodePool(c *Client, i interface{}, res *NodePool) *NodePool { resultRes.Annotations = dcl.FlattenKeyValuePairs(m["annotations"]) resultRes.MaxPodsConstraint = flattenNodePoolMaxPodsConstraint(c, m["maxPodsConstraint"], res) resultRes.Management = flattenNodePoolManagement(c, m["management"], res) + resultRes.KubeletConfig = flattenNodePoolKubeletConfig(c, m["kubeletConfig"], res) resultRes.UpdateSettings = flattenNodePoolUpdateSettings(c, m["updateSettings"], res) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) @@ -4904,6 +5121,132 @@ func flattenNodePoolManagement(c *Client, i interface{}, res *NodePool) *NodePoo return r } +// expandNodePoolKubeletConfigMap expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigMap(c *Client, f map[string]NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := make(map[string]interface{}) + for k, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + if i != nil { + items[k] = i + } + } + + return items, nil +} + +// expandNodePoolKubeletConfigSlice expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigSlice(c *Client, f []NodePoolKubeletConfig, res *NodePool) ([]map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := []map[string]interface{}{} + for _, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + + items = append(items, i) + } + + return items, nil +} + +// flattenNodePoolKubeletConfigMap flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfig { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfig{} + } + + items := make(map[string]NodePoolKubeletConfig) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res) + } + + return items +} + +// flattenNodePoolKubeletConfigSlice flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfig { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfig{} + } + + items := make([]NodePoolKubeletConfig, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res)) + } + + return items +} + +// expandNodePoolKubeletConfig expands an instance of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfig(c *Client, f *NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if dcl.IsEmptyValueIndirect(f) { + return nil, nil + } + + m := make(map[string]interface{}) + if v := f.CpuManagerPolicy; !dcl.IsEmptyValueIndirect(v) { + m["cpuManagerPolicy"] = v + } + if v := f.CpuCfsQuota; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuota"] = v + } + if v := f.CpuCfsQuotaPeriod; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuotaPeriod"] = v + } + if v := f.PodPidsLimit; !dcl.IsEmptyValueIndirect(v) { + m["podPidsLimit"] = v + } + + return m, nil +} + +// flattenNodePoolKubeletConfig flattens an instance of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfig(c *Client, i interface{}, res *NodePool) *NodePoolKubeletConfig { + m, ok := i.(map[string]interface{}) + if !ok { + return nil + } + + r := &NodePoolKubeletConfig{} + + if dcl.IsEmptyValueIndirect(i) { + return EmptyNodePoolKubeletConfig + } + r.CpuManagerPolicy = flattenNodePoolKubeletConfigCpuManagerPolicyEnum(m["cpuManagerPolicy"]) + r.CpuCfsQuota = dcl.FlattenBool(m["cpuCfsQuota"]) + r.CpuCfsQuotaPeriod = dcl.FlattenString(m["cpuCfsQuotaPeriod"]) + r.PodPidsLimit = dcl.FlattenInteger(m["podPidsLimit"]) + + return r +} + // expandNodePoolUpdateSettingsMap expands the contents of NodePoolUpdateSettings into a JSON // request object. func expandNodePoolUpdateSettingsMap(c *Client, f map[string]NodePoolUpdateSettings, res *NodePool) (map[string]interface{}, error) { @@ -5342,6 +5685,57 @@ func flattenNodePoolStateEnum(i interface{}) *NodePoolStateEnum { return NodePoolStateEnumRef(s) } +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make(map[string]NodePoolKubeletConfigCpuManagerPolicyEnum) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{})) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make([]NodePoolKubeletConfigCpuManagerPolicyEnum, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{}))) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnum asserts that an interface is a string, and returns a +// pointer to a *NodePoolKubeletConfigCpuManagerPolicyEnum with the same value as that string. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnum(i interface{}) *NodePoolKubeletConfigCpuManagerPolicyEnum { + s, ok := i.(string) + if !ok { + return nil + } + + return NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) +} + // This function returns a matcher that checks whether a serialized resource matches this resource // in its parameters (as defined by the fields in a Get, which definitionally define resource // identity). This is useful in extracting the element from a List call. @@ -5488,6 +5882,17 @@ func extractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := extractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -5614,6 +6019,9 @@ func extractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxPodsConst func extractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func extractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func extractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { @@ -5677,6 +6085,17 @@ func postReadExtractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := postReadExtractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -5803,6 +6222,9 @@ func postReadExtractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxP func postReadExtractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func postReadExtractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func postReadExtractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { diff --git a/services/google/containeraws/alpha/node_pool_schema.go b/services/google/containeraws/alpha/node_pool_schema.go index 7835b250c..d88ad1552 100755 --- a/services/google/containeraws/alpha/node_pool_schema.go +++ b/services/google/containeraws/alpha/node_pool_schema.go @@ -477,6 +477,47 @@ func DCLNodePoolSchema() *dcl.Schema { Description: "Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", Immutable: true, }, + "kubeletConfig": &dcl.Property{ + Type: "object", + GoName: "KubeletConfig", + GoType: "NodePoolKubeletConfig", + Description: "The kubelet configuration for the node pool.", + Immutable: true, + Properties: map[string]*dcl.Property{ + "cpuCfsQuota": &dcl.Property{ + Type: "boolean", + GoName: "CpuCfsQuota", + Description: "Whether or not to enable CPU CFS quota. Defaults to true.", + Immutable: true, + ServerDefault: true, + }, + "cpuCfsQuotaPeriod": &dcl.Property{ + Type: "string", + GoName: "CpuCfsQuotaPeriod", + Description: "Optional. The CPU CFS quota period to use for the node. Defaults to \"100ms\".", + Immutable: true, + }, + "cpuManagerPolicy": &dcl.Property{ + Type: "string", + GoName: "CpuManagerPolicy", + GoType: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Description: "The CpuManagerPolicy to use for the node. Defaults to \"none\".", + Immutable: true, + ServerDefault: true, + Enum: []string{ + "none", + "static", + }, + }, + "podPidsLimit": &dcl.Property{ + Type: "integer", + Format: "int64", + GoName: "PodPidsLimit", + Description: "Optional. The maximum number of PIDs in each pod running on the node. The limit scales automatically based on underlying machine size if left unset.", + Immutable: true, + }, + }, + }, "location": &dcl.Property{ Type: "string", GoName: "Location", diff --git a/services/google/containeraws/beta/node_pool.go b/services/google/containeraws/beta/node_pool.go index 345a0e551..e67b5545d 100755 --- a/services/google/containeraws/beta/node_pool.go +++ b/services/google/containeraws/beta/node_pool.go @@ -39,6 +39,7 @@ type NodePool struct { Annotations map[string]string `json:"annotations"` MaxPodsConstraint *NodePoolMaxPodsConstraint `json:"maxPodsConstraint"` Management *NodePoolManagement `json:"management"` + KubeletConfig *NodePoolKubeletConfig `json:"kubeletConfig"` UpdateSettings *NodePoolUpdateSettings `json:"updateSettings"` Project *string `json:"project"` Location *string `json:"location"` @@ -157,6 +158,33 @@ func (v NodePoolStateEnum) Validate() error { } } +// The enum NodePoolKubeletConfigCpuManagerPolicyEnum. +type NodePoolKubeletConfigCpuManagerPolicyEnum string + +// NodePoolKubeletConfigCpuManagerPolicyEnumRef returns a *NodePoolKubeletConfigCpuManagerPolicyEnum with the value of string s +// If the empty string is provided, nil is returned. +func NodePoolKubeletConfigCpuManagerPolicyEnumRef(s string) *NodePoolKubeletConfigCpuManagerPolicyEnum { + v := NodePoolKubeletConfigCpuManagerPolicyEnum(s) + return &v +} + +func (v NodePoolKubeletConfigCpuManagerPolicyEnum) Validate() error { + if string(v) == "" { + // Empty enum is okay. + return nil + } + for _, s := range []string{"none", "static"} { + if string(v) == s { + return nil + } + } + return &dcl.EnumInvalidError{ + Enum: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Value: string(v), + Valid: []string{}, + } +} + type NodePoolConfig struct { empty bool `json:"-"` InstanceType *string `json:"instanceType"` @@ -775,6 +803,61 @@ func (r *NodePoolManagement) HashCode() string { return fmt.Sprintf("%x", hash) } +type NodePoolKubeletConfig struct { + empty bool `json:"-"` + CpuManagerPolicy *NodePoolKubeletConfigCpuManagerPolicyEnum `json:"cpuManagerPolicy"` + CpuCfsQuota *bool `json:"cpuCfsQuota"` + CpuCfsQuotaPeriod *string `json:"cpuCfsQuotaPeriod"` + PodPidsLimit *int64 `json:"podPidsLimit"` +} + +type jsonNodePoolKubeletConfig NodePoolKubeletConfig + +func (r *NodePoolKubeletConfig) UnmarshalJSON(data []byte) error { + var res jsonNodePoolKubeletConfig + if err := json.Unmarshal(data, &res); err != nil { + return err + } + + var m map[string]interface{} + json.Unmarshal(data, &m) + + if len(m) == 0 { + *r = *EmptyNodePoolKubeletConfig + } else { + + r.CpuManagerPolicy = res.CpuManagerPolicy + + r.CpuCfsQuota = res.CpuCfsQuota + + r.CpuCfsQuotaPeriod = res.CpuCfsQuotaPeriod + + r.PodPidsLimit = res.PodPidsLimit + + } + return nil +} + +// This object is used to assert a desired state where this NodePoolKubeletConfig is +// empty. Go lacks global const objects, but this object should be treated +// as one. Modifying this object will have undesirable results. +var EmptyNodePoolKubeletConfig *NodePoolKubeletConfig = &NodePoolKubeletConfig{empty: true} + +func (r *NodePoolKubeletConfig) Empty() bool { + return r.empty +} + +func (r *NodePoolKubeletConfig) String() string { + return dcl.SprintResource(r) +} + +func (r *NodePoolKubeletConfig) HashCode() string { + // Placeholder for a more complex hash method that handles ordering, etc + // Hash resource body for easy comparison later + hash := sha256.Sum256([]byte(r.String())) + return fmt.Sprintf("%x", hash) +} + type NodePoolUpdateSettings struct { empty bool `json:"-"` SurgeSettings *NodePoolUpdateSettingsSurgeSettings `json:"surgeSettings"` @@ -900,6 +983,7 @@ func (r *NodePool) ID() (string, error) { "annotations": dcl.ValueOrEmptyString(nr.Annotations), "max_pods_constraint": dcl.ValueOrEmptyString(nr.MaxPodsConstraint), "management": dcl.ValueOrEmptyString(nr.Management), + "kubelet_config": dcl.ValueOrEmptyString(nr.KubeletConfig), "update_settings": dcl.ValueOrEmptyString(nr.UpdateSettings), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), diff --git a/services/google/containeraws/beta/node_pool.yaml b/services/google/containeraws/beta/node_pool.yaml index 705d87310..23a6631ac 100755 --- a/services/google/containeraws/beta/node_pool.yaml +++ b/services/google/containeraws/beta/node_pool.yaml @@ -413,6 +413,43 @@ components: optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. x-kubernetes-immutable: true + kubeletConfig: + type: object + x-dcl-go-name: KubeletConfig + x-dcl-go-type: NodePoolKubeletConfig + description: The kubelet configuration for the node pool. + x-kubernetes-immutable: true + properties: + cpuCfsQuota: + type: boolean + x-dcl-go-name: CpuCfsQuota + description: Whether or not to enable CPU CFS quota. Defaults to true. + x-kubernetes-immutable: true + x-dcl-server-default: true + cpuCfsQuotaPeriod: + type: string + x-dcl-go-name: CpuCfsQuotaPeriod + description: Optional. The CPU CFS quota period to use for the node. + Defaults to "100ms". + x-kubernetes-immutable: true + cpuManagerPolicy: + type: string + x-dcl-go-name: CpuManagerPolicy + x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum + description: The CpuManagerPolicy to use for the node. Defaults to "none". + x-kubernetes-immutable: true + x-dcl-server-default: true + enum: + - none + - static + podPidsLimit: + type: integer + format: int64 + x-dcl-go-name: PodPidsLimit + description: Optional. The maximum number of PIDs in each pod running + on the node. The limit scales automatically based on underlying machine + size if left unset. + x-kubernetes-immutable: true location: type: string x-dcl-go-name: Location diff --git a/services/google/containeraws/beta/node_pool_beta_yaml_embed.go b/services/google/containeraws/beta/node_pool_beta_yaml_embed.go index 8612c2fea..097206b67 100755 --- a/services/google/containeraws/beta/node_pool_beta_yaml_embed.go +++ b/services/google/containeraws/beta/node_pool_beta_yaml_embed.go @@ -17,7 +17,7 @@ package beta // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/containeraws/beta/node_pool.yaml -var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n imageType:\n type: string\n x-dcl-go-name: ImageType\n description: The OS image type to use on node pool instances.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n instancePlacement:\n type: object\n x-dcl-go-name: InstancePlacement\n x-dcl-go-type: NodePoolConfigInstancePlacement\n description: Details of placement information for an instance.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n properties:\n tenancy:\n type: string\n x-dcl-go-name: Tenancy\n x-dcl-go-type: NodePoolConfigInstancePlacementTenancyEnum\n description: 'The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED,\n DEFAULT, DEDICATED, HOST'\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - TENANCY_UNSPECIFIED\n - DEFAULT\n - DEDICATED\n - HOST\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n spotConfig:\n type: object\n x-dcl-go-name: SpotConfig\n x-dcl-go-type: NodePoolConfigSpotConfig\n description: Optional. When specified, the node pool will provision\n Spot instances from the set of spot_config.instance_types. This field\n is mutually exclusive with `instance_type`\n x-kubernetes-immutable: true\n required:\n - instanceTypes\n properties:\n instanceTypes:\n type: array\n x-dcl-go-name: InstanceTypes\n description: List of AWS EC2 instance types for creating a spot\n node pool's nodes. The specified instance types must have the\n same number of CPUs and memory. You can use the Amazon EC2 Instance\n Selector tool (https://github.com/aws/amazon-ec2-instance-selector)\n to choose instance types with matching CPU and memory\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") +var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n imageType:\n type: string\n x-dcl-go-name: ImageType\n description: The OS image type to use on node pool instances.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n instancePlacement:\n type: object\n x-dcl-go-name: InstancePlacement\n x-dcl-go-type: NodePoolConfigInstancePlacement\n description: Details of placement information for an instance.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n properties:\n tenancy:\n type: string\n x-dcl-go-name: Tenancy\n x-dcl-go-type: NodePoolConfigInstancePlacementTenancyEnum\n description: 'The tenancy for the instance. Possible values: TENANCY_UNSPECIFIED,\n DEFAULT, DEDICATED, HOST'\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - TENANCY_UNSPECIFIED\n - DEFAULT\n - DEDICATED\n - HOST\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n spotConfig:\n type: object\n x-dcl-go-name: SpotConfig\n x-dcl-go-type: NodePoolConfigSpotConfig\n description: Optional. When specified, the node pool will provision\n Spot instances from the set of spot_config.instance_types. This field\n is mutually exclusive with `instance_type`\n x-kubernetes-immutable: true\n required:\n - instanceTypes\n properties:\n instanceTypes:\n type: array\n x-dcl-go-name: InstanceTypes\n description: List of AWS EC2 instance types for creating a spot\n node pool's nodes. The specified instance types must have the\n same number of CPUs and memory. You can use the Amazon EC2 Instance\n Selector tool (https://github.com/aws/amazon-ec2-instance-selector)\n to choose instance types with matching CPU and memory\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n kubeletConfig:\n type: object\n x-dcl-go-name: KubeletConfig\n x-dcl-go-type: NodePoolKubeletConfig\n description: The kubelet configuration for the node pool.\n x-kubernetes-immutable: true\n properties:\n cpuCfsQuota:\n type: boolean\n x-dcl-go-name: CpuCfsQuota\n description: Whether or not to enable CPU CFS quota. Defaults to true.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n cpuCfsQuotaPeriod:\n type: string\n x-dcl-go-name: CpuCfsQuotaPeriod\n description: Optional. The CPU CFS quota period to use for the node.\n Defaults to \"100ms\".\n x-kubernetes-immutable: true\n cpuManagerPolicy:\n type: string\n x-dcl-go-name: CpuManagerPolicy\n x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum\n description: The CpuManagerPolicy to use for the node. Defaults to \"none\".\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - none\n - static\n podPidsLimit:\n type: integer\n format: int64\n x-dcl-go-name: PodPidsLimit\n description: Optional. The maximum number of PIDs in each pod running\n on the node. The limit scales automatically based on underlying machine\n size if left unset.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") -// 21298 bytes -// MD5: 14da05cf46ed4aa2432ffd68a37ff64d +// 22876 bytes +// MD5: 035791092b3dab7a0e371152decfccb1 diff --git a/services/google/containeraws/beta/node_pool_internal.go b/services/google/containeraws/beta/node_pool_internal.go index 983675281..86e59a70d 100755 --- a/services/google/containeraws/beta/node_pool_internal.go +++ b/services/google/containeraws/beta/node_pool_internal.go @@ -74,6 +74,11 @@ func (r *NodePool) validate() error { return err } } + if !dcl.IsEmptyValueIndirect(r.KubeletConfig) { + if err := r.KubeletConfig.validate(); err != nil { + return err + } + } if !dcl.IsEmptyValueIndirect(r.UpdateSettings) { if err := r.UpdateSettings.validate(); err != nil { return err @@ -194,6 +199,9 @@ func (r *NodePoolMaxPodsConstraint) validate() error { func (r *NodePoolManagement) validate() error { return nil } +func (r *NodePoolKubeletConfig) validate() error { + return nil +} func (r *NodePoolUpdateSettings) validate() error { if !dcl.IsEmptyValueIndirect(r.SurgeSettings) { if err := r.SurgeSettings.validate(); err != nil { @@ -647,6 +655,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... rawDesired.Autoscaling = canonicalizeNodePoolAutoscaling(rawDesired.Autoscaling, nil, opts...) rawDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, nil, opts...) rawDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, nil, opts...) + rawDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, nil, opts...) rawDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, nil, opts...) return rawDesired, nil @@ -677,6 +686,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... } canonicalDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, rawInitial.MaxPodsConstraint, opts...) canonicalDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, rawInitial.Management, opts...) + canonicalDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, rawInitial.KubeletConfig, opts...) canonicalDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, rawInitial.UpdateSettings, opts...) if dcl.NameToSelfLink(rawDesired.Project, rawInitial.Project) { canonicalDesired.Project = rawInitial.Project @@ -790,6 +800,12 @@ func canonicalizeNodePoolNewState(c *Client, rawNew, rawDesired *NodePool) (*Nod rawNew.Management = canonicalizeNewNodePoolManagement(c, rawDesired.Management, rawNew.Management) } + if dcl.IsEmptyValueIndirect(rawNew.KubeletConfig) && dcl.IsEmptyValueIndirect(rawDesired.KubeletConfig) { + rawNew.KubeletConfig = rawDesired.KubeletConfig + } else { + rawNew.KubeletConfig = canonicalizeNewNodePoolKubeletConfig(c, rawDesired.KubeletConfig, rawNew.KubeletConfig) + } + if dcl.IsEmptyValueIndirect(rawNew.UpdateSettings) && dcl.IsEmptyValueIndirect(rawDesired.UpdateSettings) { rawNew.UpdateSettings = rawDesired.UpdateSettings } else { @@ -2324,6 +2340,144 @@ func canonicalizeNewNodePoolManagementSlice(c *Client, des, nw []NodePoolManagem return items } +func canonicalizeNodePoolKubeletConfig(des, initial *NodePoolKubeletConfig, opts ...dcl.ApplyOption) *NodePoolKubeletConfig { + if des == nil { + return initial + } + if des.empty { + return des + } + + if initial == nil { + return des + } + + cDes := &NodePoolKubeletConfig{} + + if dcl.IsZeroValue(des.CpuManagerPolicy) || (dcl.IsEmptyValueIndirect(des.CpuManagerPolicy) && dcl.IsEmptyValueIndirect(initial.CpuManagerPolicy)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.CpuManagerPolicy = initial.CpuManagerPolicy + } else { + cDes.CpuManagerPolicy = des.CpuManagerPolicy + } + if dcl.BoolCanonicalize(des.CpuCfsQuota, initial.CpuCfsQuota) || dcl.IsZeroValue(des.CpuCfsQuota) { + cDes.CpuCfsQuota = initial.CpuCfsQuota + } else { + cDes.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, initial.CpuCfsQuotaPeriod) || dcl.IsZeroValue(des.CpuCfsQuotaPeriod) { + cDes.CpuCfsQuotaPeriod = initial.CpuCfsQuotaPeriod + } else { + cDes.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + if dcl.IsZeroValue(des.PodPidsLimit) || (dcl.IsEmptyValueIndirect(des.PodPidsLimit) && dcl.IsEmptyValueIndirect(initial.PodPidsLimit)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.PodPidsLimit = initial.PodPidsLimit + } else { + cDes.PodPidsLimit = des.PodPidsLimit + } + + return cDes +} + +func canonicalizeNodePoolKubeletConfigSlice(des, initial []NodePoolKubeletConfig, opts ...dcl.ApplyOption) []NodePoolKubeletConfig { + if dcl.IsEmptyValueIndirect(des) { + return initial + } + + if len(des) != len(initial) { + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for _, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, nil, opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + } + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for i, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, &initial[i], opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + +} + +func canonicalizeNewNodePoolKubeletConfig(c *Client, des, nw *NodePoolKubeletConfig) *NodePoolKubeletConfig { + + if des == nil { + return nw + } + + if nw == nil { + if dcl.IsEmptyValueIndirect(des) { + c.Config.Logger.Info("Found explicitly empty value for NodePoolKubeletConfig while comparing non-nil desired to nil actual. Returning desired object.") + return des + } + return nil + } + + if dcl.BoolCanonicalize(des.CpuCfsQuota, nw.CpuCfsQuota) { + nw.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, nw.CpuCfsQuotaPeriod) { + nw.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + + return nw +} + +func canonicalizeNewNodePoolKubeletConfigSet(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Find the elements in des that are also in nw and canonicalize them. Remove matched elements from nw. + var items []NodePoolKubeletConfig + for _, d := range des { + matchedIndex := -1 + for i, n := range nw { + if diffs, _ := compareNodePoolKubeletConfigNewStyle(&d, &n, dcl.FieldName{}); len(diffs) == 0 { + matchedIndex = i + break + } + } + if matchedIndex != -1 { + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &nw[matchedIndex])) + nw = append(nw[:matchedIndex], nw[matchedIndex+1:]...) + } + } + // Also include elements in nw that are not matched in des. + items = append(items, nw...) + + return items +} + +func canonicalizeNewNodePoolKubeletConfigSlice(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Lengths are unequal. A diff will occur later, so we shouldn't canonicalize. + // Return the original array. + if len(des) != len(nw) { + return nw + } + + var items []NodePoolKubeletConfig + for i, d := range des { + n := nw[i] + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &n)) + } + + return items +} + func canonicalizeNodePoolUpdateSettings(des, initial *NodePoolUpdateSettings, opts ...dcl.ApplyOption) *NodePoolUpdateSettings { if des == nil { return initial @@ -2673,6 +2827,13 @@ func diffNodePool(c *Client, desired, actual *NodePool, opts ...dcl.ApplyOption) newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.KubeletConfig, actual.KubeletConfig, dcl.DiffInfo{ObjectFunction: compareNodePoolKubeletConfigNewStyle, EmptyObject: EmptyNodePoolKubeletConfig, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("KubeletConfig")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + if ds, err := dcl.Diff(desired.UpdateSettings, actual.UpdateSettings, dcl.DiffInfo{ServerDefault: true, ObjectFunction: compareNodePoolUpdateSettingsNewStyle, EmptyObject: EmptyNodePoolUpdateSettings, OperationSelector: dcl.TriggersOperation("updateNodePoolUpdateAwsNodePoolOperation")}, fn.AddNest("UpdateSettings")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -3208,6 +3369,56 @@ func compareNodePoolManagementNewStyle(d, a interface{}, fn dcl.FieldName) ([]*d return diffs, nil } +func compareNodePoolKubeletConfigNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { + var diffs []*dcl.FieldDiff + + desired, ok := d.(*NodePoolKubeletConfig) + if !ok { + desiredNotPointer, ok := d.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig or *NodePoolKubeletConfig", d) + } + desired = &desiredNotPointer + } + actual, ok := a.(*NodePoolKubeletConfig) + if !ok { + actualNotPointer, ok := a.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig", a) + } + actual = &actualNotPointer + } + + if ds, err := dcl.Diff(desired.CpuManagerPolicy, actual.CpuManagerPolicy, dcl.DiffInfo{ServerDefault: true, Type: "EnumType", OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuManagerPolicy")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuota, actual.CpuCfsQuota, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuota")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuotaPeriod, actual.CpuCfsQuotaPeriod, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuotaPeriod")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.PodPidsLimit, actual.PodPidsLimit, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PodPidsLimit")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + return diffs, nil +} + func compareNodePoolUpdateSettingsNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { var diffs []*dcl.FieldDiff @@ -3374,6 +3585,11 @@ func expandNodePool(c *Client, f *NodePool) (map[string]interface{}, error) { } else if !dcl.IsEmptyValueIndirect(v) { m["management"] = v } + if v, err := expandNodePoolKubeletConfig(c, f.KubeletConfig, res); err != nil { + return nil, fmt.Errorf("error expanding KubeletConfig into kubeletConfig: %w", err) + } else if !dcl.IsEmptyValueIndirect(v) { + m["kubeletConfig"] = v + } if v, err := expandNodePoolUpdateSettings(c, f.UpdateSettings, res); err != nil { return nil, fmt.Errorf("error expanding UpdateSettings into updateSettings: %w", err) } else if !dcl.IsEmptyValueIndirect(v) { @@ -3424,6 +3640,7 @@ func flattenNodePool(c *Client, i interface{}, res *NodePool) *NodePool { resultRes.Annotations = dcl.FlattenKeyValuePairs(m["annotations"]) resultRes.MaxPodsConstraint = flattenNodePoolMaxPodsConstraint(c, m["maxPodsConstraint"], res) resultRes.Management = flattenNodePoolManagement(c, m["management"], res) + resultRes.KubeletConfig = flattenNodePoolKubeletConfig(c, m["kubeletConfig"], res) resultRes.UpdateSettings = flattenNodePoolUpdateSettings(c, m["updateSettings"], res) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) @@ -4904,6 +5121,132 @@ func flattenNodePoolManagement(c *Client, i interface{}, res *NodePool) *NodePoo return r } +// expandNodePoolKubeletConfigMap expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigMap(c *Client, f map[string]NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := make(map[string]interface{}) + for k, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + if i != nil { + items[k] = i + } + } + + return items, nil +} + +// expandNodePoolKubeletConfigSlice expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigSlice(c *Client, f []NodePoolKubeletConfig, res *NodePool) ([]map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := []map[string]interface{}{} + for _, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + + items = append(items, i) + } + + return items, nil +} + +// flattenNodePoolKubeletConfigMap flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfig { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfig{} + } + + items := make(map[string]NodePoolKubeletConfig) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res) + } + + return items +} + +// flattenNodePoolKubeletConfigSlice flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfig { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfig{} + } + + items := make([]NodePoolKubeletConfig, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res)) + } + + return items +} + +// expandNodePoolKubeletConfig expands an instance of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfig(c *Client, f *NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if dcl.IsEmptyValueIndirect(f) { + return nil, nil + } + + m := make(map[string]interface{}) + if v := f.CpuManagerPolicy; !dcl.IsEmptyValueIndirect(v) { + m["cpuManagerPolicy"] = v + } + if v := f.CpuCfsQuota; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuota"] = v + } + if v := f.CpuCfsQuotaPeriod; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuotaPeriod"] = v + } + if v := f.PodPidsLimit; !dcl.IsEmptyValueIndirect(v) { + m["podPidsLimit"] = v + } + + return m, nil +} + +// flattenNodePoolKubeletConfig flattens an instance of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfig(c *Client, i interface{}, res *NodePool) *NodePoolKubeletConfig { + m, ok := i.(map[string]interface{}) + if !ok { + return nil + } + + r := &NodePoolKubeletConfig{} + + if dcl.IsEmptyValueIndirect(i) { + return EmptyNodePoolKubeletConfig + } + r.CpuManagerPolicy = flattenNodePoolKubeletConfigCpuManagerPolicyEnum(m["cpuManagerPolicy"]) + r.CpuCfsQuota = dcl.FlattenBool(m["cpuCfsQuota"]) + r.CpuCfsQuotaPeriod = dcl.FlattenString(m["cpuCfsQuotaPeriod"]) + r.PodPidsLimit = dcl.FlattenInteger(m["podPidsLimit"]) + + return r +} + // expandNodePoolUpdateSettingsMap expands the contents of NodePoolUpdateSettings into a JSON // request object. func expandNodePoolUpdateSettingsMap(c *Client, f map[string]NodePoolUpdateSettings, res *NodePool) (map[string]interface{}, error) { @@ -5342,6 +5685,57 @@ func flattenNodePoolStateEnum(i interface{}) *NodePoolStateEnum { return NodePoolStateEnumRef(s) } +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make(map[string]NodePoolKubeletConfigCpuManagerPolicyEnum) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{})) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make([]NodePoolKubeletConfigCpuManagerPolicyEnum, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{}))) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnum asserts that an interface is a string, and returns a +// pointer to a *NodePoolKubeletConfigCpuManagerPolicyEnum with the same value as that string. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnum(i interface{}) *NodePoolKubeletConfigCpuManagerPolicyEnum { + s, ok := i.(string) + if !ok { + return nil + } + + return NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) +} + // This function returns a matcher that checks whether a serialized resource matches this resource // in its parameters (as defined by the fields in a Get, which definitionally define resource // identity). This is useful in extracting the element from a List call. @@ -5488,6 +5882,17 @@ func extractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := extractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -5614,6 +6019,9 @@ func extractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxPodsConst func extractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func extractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func extractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { @@ -5677,6 +6085,17 @@ func postReadExtractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := postReadExtractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -5803,6 +6222,9 @@ func postReadExtractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxP func postReadExtractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func postReadExtractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func postReadExtractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { diff --git a/services/google/containeraws/beta/node_pool_schema.go b/services/google/containeraws/beta/node_pool_schema.go index eb09dc627..e6f4a785a 100755 --- a/services/google/containeraws/beta/node_pool_schema.go +++ b/services/google/containeraws/beta/node_pool_schema.go @@ -477,6 +477,47 @@ func DCLNodePoolSchema() *dcl.Schema { Description: "Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", Immutable: true, }, + "kubeletConfig": &dcl.Property{ + Type: "object", + GoName: "KubeletConfig", + GoType: "NodePoolKubeletConfig", + Description: "The kubelet configuration for the node pool.", + Immutable: true, + Properties: map[string]*dcl.Property{ + "cpuCfsQuota": &dcl.Property{ + Type: "boolean", + GoName: "CpuCfsQuota", + Description: "Whether or not to enable CPU CFS quota. Defaults to true.", + Immutable: true, + ServerDefault: true, + }, + "cpuCfsQuotaPeriod": &dcl.Property{ + Type: "string", + GoName: "CpuCfsQuotaPeriod", + Description: "Optional. The CPU CFS quota period to use for the node. Defaults to \"100ms\".", + Immutable: true, + }, + "cpuManagerPolicy": &dcl.Property{ + Type: "string", + GoName: "CpuManagerPolicy", + GoType: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Description: "The CpuManagerPolicy to use for the node. Defaults to \"none\".", + Immutable: true, + ServerDefault: true, + Enum: []string{ + "none", + "static", + }, + }, + "podPidsLimit": &dcl.Property{ + Type: "integer", + Format: "int64", + GoName: "PodPidsLimit", + Description: "Optional. The maximum number of PIDs in each pod running on the node. The limit scales automatically based on underlying machine size if left unset.", + Immutable: true, + }, + }, + }, "location": &dcl.Property{ Type: "string", GoName: "Location", diff --git a/services/google/containeraws/node_pool.go b/services/google/containeraws/node_pool.go index e51aa93c8..7eca229e0 100755 --- a/services/google/containeraws/node_pool.go +++ b/services/google/containeraws/node_pool.go @@ -39,6 +39,7 @@ type NodePool struct { Annotations map[string]string `json:"annotations"` MaxPodsConstraint *NodePoolMaxPodsConstraint `json:"maxPodsConstraint"` Management *NodePoolManagement `json:"management"` + KubeletConfig *NodePoolKubeletConfig `json:"kubeletConfig"` UpdateSettings *NodePoolUpdateSettings `json:"updateSettings"` Project *string `json:"project"` Location *string `json:"location"` @@ -130,6 +131,33 @@ func (v NodePoolStateEnum) Validate() error { } } +// The enum NodePoolKubeletConfigCpuManagerPolicyEnum. +type NodePoolKubeletConfigCpuManagerPolicyEnum string + +// NodePoolKubeletConfigCpuManagerPolicyEnumRef returns a *NodePoolKubeletConfigCpuManagerPolicyEnum with the value of string s +// If the empty string is provided, nil is returned. +func NodePoolKubeletConfigCpuManagerPolicyEnumRef(s string) *NodePoolKubeletConfigCpuManagerPolicyEnum { + v := NodePoolKubeletConfigCpuManagerPolicyEnum(s) + return &v +} + +func (v NodePoolKubeletConfigCpuManagerPolicyEnum) Validate() error { + if string(v) == "" { + // Empty enum is okay. + return nil + } + for _, s := range []string{"none", "static"} { + if string(v) == s { + return nil + } + } + return &dcl.EnumInvalidError{ + Enum: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Value: string(v), + Valid: []string{}, + } +} + type NodePoolConfig struct { empty bool `json:"-"` InstanceType *string `json:"instanceType"` @@ -647,6 +675,61 @@ func (r *NodePoolManagement) HashCode() string { return fmt.Sprintf("%x", hash) } +type NodePoolKubeletConfig struct { + empty bool `json:"-"` + CpuManagerPolicy *NodePoolKubeletConfigCpuManagerPolicyEnum `json:"cpuManagerPolicy"` + CpuCfsQuota *bool `json:"cpuCfsQuota"` + CpuCfsQuotaPeriod *string `json:"cpuCfsQuotaPeriod"` + PodPidsLimit *int64 `json:"podPidsLimit"` +} + +type jsonNodePoolKubeletConfig NodePoolKubeletConfig + +func (r *NodePoolKubeletConfig) UnmarshalJSON(data []byte) error { + var res jsonNodePoolKubeletConfig + if err := json.Unmarshal(data, &res); err != nil { + return err + } + + var m map[string]interface{} + json.Unmarshal(data, &m) + + if len(m) == 0 { + *r = *EmptyNodePoolKubeletConfig + } else { + + r.CpuManagerPolicy = res.CpuManagerPolicy + + r.CpuCfsQuota = res.CpuCfsQuota + + r.CpuCfsQuotaPeriod = res.CpuCfsQuotaPeriod + + r.PodPidsLimit = res.PodPidsLimit + + } + return nil +} + +// This object is used to assert a desired state where this NodePoolKubeletConfig is +// empty. Go lacks global const objects, but this object should be treated +// as one. Modifying this object will have undesirable results. +var EmptyNodePoolKubeletConfig *NodePoolKubeletConfig = &NodePoolKubeletConfig{empty: true} + +func (r *NodePoolKubeletConfig) Empty() bool { + return r.empty +} + +func (r *NodePoolKubeletConfig) String() string { + return dcl.SprintResource(r) +} + +func (r *NodePoolKubeletConfig) HashCode() string { + // Placeholder for a more complex hash method that handles ordering, etc + // Hash resource body for easy comparison later + hash := sha256.Sum256([]byte(r.String())) + return fmt.Sprintf("%x", hash) +} + type NodePoolUpdateSettings struct { empty bool `json:"-"` SurgeSettings *NodePoolUpdateSettingsSurgeSettings `json:"surgeSettings"` @@ -772,6 +855,7 @@ func (r *NodePool) ID() (string, error) { "annotations": dcl.ValueOrEmptyString(nr.Annotations), "max_pods_constraint": dcl.ValueOrEmptyString(nr.MaxPodsConstraint), "management": dcl.ValueOrEmptyString(nr.Management), + "kubelet_config": dcl.ValueOrEmptyString(nr.KubeletConfig), "update_settings": dcl.ValueOrEmptyString(nr.UpdateSettings), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), diff --git a/services/google/containeraws/node_pool.yaml b/services/google/containeraws/node_pool.yaml index 7d797960d..4e284bed7 100755 --- a/services/google/containeraws/node_pool.yaml +++ b/services/google/containeraws/node_pool.yaml @@ -361,6 +361,43 @@ components: optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. x-kubernetes-immutable: true + kubeletConfig: + type: object + x-dcl-go-name: KubeletConfig + x-dcl-go-type: NodePoolKubeletConfig + description: The kubelet configuration for the node pool. + x-kubernetes-immutable: true + properties: + cpuCfsQuota: + type: boolean + x-dcl-go-name: CpuCfsQuota + description: Whether or not to enable CPU CFS quota. Defaults to true. + x-kubernetes-immutable: true + x-dcl-server-default: true + cpuCfsQuotaPeriod: + type: string + x-dcl-go-name: CpuCfsQuotaPeriod + description: Optional. The CPU CFS quota period to use for the node. + Defaults to "100ms". + x-kubernetes-immutable: true + cpuManagerPolicy: + type: string + x-dcl-go-name: CpuManagerPolicy + x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum + description: The CpuManagerPolicy to use for the node. Defaults to "none". + x-kubernetes-immutable: true + x-dcl-server-default: true + enum: + - none + - static + podPidsLimit: + type: integer + format: int64 + x-dcl-go-name: PodPidsLimit + description: Optional. The maximum number of PIDs in each pod running + on the node. The limit scales automatically based on underlying machine + size if left unset. + x-kubernetes-immutable: true location: type: string x-dcl-go-name: Location diff --git a/services/google/containeraws/node_pool_internal.go b/services/google/containeraws/node_pool_internal.go index 3e31a8798..917a1c514 100755 --- a/services/google/containeraws/node_pool_internal.go +++ b/services/google/containeraws/node_pool_internal.go @@ -74,6 +74,11 @@ func (r *NodePool) validate() error { return err } } + if !dcl.IsEmptyValueIndirect(r.KubeletConfig) { + if err := r.KubeletConfig.validate(); err != nil { + return err + } + } if !dcl.IsEmptyValueIndirect(r.UpdateSettings) { if err := r.UpdateSettings.validate(); err != nil { return err @@ -175,6 +180,9 @@ func (r *NodePoolMaxPodsConstraint) validate() error { func (r *NodePoolManagement) validate() error { return nil } +func (r *NodePoolKubeletConfig) validate() error { + return nil +} func (r *NodePoolUpdateSettings) validate() error { if !dcl.IsEmptyValueIndirect(r.SurgeSettings) { if err := r.SurgeSettings.validate(); err != nil { @@ -628,6 +636,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... rawDesired.Autoscaling = canonicalizeNodePoolAutoscaling(rawDesired.Autoscaling, nil, opts...) rawDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, nil, opts...) rawDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, nil, opts...) + rawDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, nil, opts...) rawDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, nil, opts...) return rawDesired, nil @@ -658,6 +667,7 @@ func canonicalizeNodePoolDesiredState(rawDesired, rawInitial *NodePool, opts ... } canonicalDesired.MaxPodsConstraint = canonicalizeNodePoolMaxPodsConstraint(rawDesired.MaxPodsConstraint, rawInitial.MaxPodsConstraint, opts...) canonicalDesired.Management = canonicalizeNodePoolManagement(rawDesired.Management, rawInitial.Management, opts...) + canonicalDesired.KubeletConfig = canonicalizeNodePoolKubeletConfig(rawDesired.KubeletConfig, rawInitial.KubeletConfig, opts...) canonicalDesired.UpdateSettings = canonicalizeNodePoolUpdateSettings(rawDesired.UpdateSettings, rawInitial.UpdateSettings, opts...) if dcl.NameToSelfLink(rawDesired.Project, rawInitial.Project) { canonicalDesired.Project = rawInitial.Project @@ -771,6 +781,12 @@ func canonicalizeNodePoolNewState(c *Client, rawNew, rawDesired *NodePool) (*Nod rawNew.Management = canonicalizeNewNodePoolManagement(c, rawDesired.Management, rawNew.Management) } + if dcl.IsEmptyValueIndirect(rawNew.KubeletConfig) && dcl.IsEmptyValueIndirect(rawDesired.KubeletConfig) { + rawNew.KubeletConfig = rawDesired.KubeletConfig + } else { + rawNew.KubeletConfig = canonicalizeNewNodePoolKubeletConfig(c, rawDesired.KubeletConfig, rawNew.KubeletConfig) + } + if dcl.IsEmptyValueIndirect(rawNew.UpdateSettings) && dcl.IsEmptyValueIndirect(rawDesired.UpdateSettings) { rawNew.UpdateSettings = rawDesired.UpdateSettings } else { @@ -2060,6 +2076,144 @@ func canonicalizeNewNodePoolManagementSlice(c *Client, des, nw []NodePoolManagem return items } +func canonicalizeNodePoolKubeletConfig(des, initial *NodePoolKubeletConfig, opts ...dcl.ApplyOption) *NodePoolKubeletConfig { + if des == nil { + return initial + } + if des.empty { + return des + } + + if initial == nil { + return des + } + + cDes := &NodePoolKubeletConfig{} + + if dcl.IsZeroValue(des.CpuManagerPolicy) || (dcl.IsEmptyValueIndirect(des.CpuManagerPolicy) && dcl.IsEmptyValueIndirect(initial.CpuManagerPolicy)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.CpuManagerPolicy = initial.CpuManagerPolicy + } else { + cDes.CpuManagerPolicy = des.CpuManagerPolicy + } + if dcl.BoolCanonicalize(des.CpuCfsQuota, initial.CpuCfsQuota) || dcl.IsZeroValue(des.CpuCfsQuota) { + cDes.CpuCfsQuota = initial.CpuCfsQuota + } else { + cDes.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, initial.CpuCfsQuotaPeriod) || dcl.IsZeroValue(des.CpuCfsQuotaPeriod) { + cDes.CpuCfsQuotaPeriod = initial.CpuCfsQuotaPeriod + } else { + cDes.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + if dcl.IsZeroValue(des.PodPidsLimit) || (dcl.IsEmptyValueIndirect(des.PodPidsLimit) && dcl.IsEmptyValueIndirect(initial.PodPidsLimit)) { + // Desired and initial values are equivalent, so set canonical desired value to initial value. + cDes.PodPidsLimit = initial.PodPidsLimit + } else { + cDes.PodPidsLimit = des.PodPidsLimit + } + + return cDes +} + +func canonicalizeNodePoolKubeletConfigSlice(des, initial []NodePoolKubeletConfig, opts ...dcl.ApplyOption) []NodePoolKubeletConfig { + if dcl.IsEmptyValueIndirect(des) { + return initial + } + + if len(des) != len(initial) { + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for _, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, nil, opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + } + + items := make([]NodePoolKubeletConfig, 0, len(des)) + for i, d := range des { + cd := canonicalizeNodePoolKubeletConfig(&d, &initial[i], opts...) + if cd != nil { + items = append(items, *cd) + } + } + return items + +} + +func canonicalizeNewNodePoolKubeletConfig(c *Client, des, nw *NodePoolKubeletConfig) *NodePoolKubeletConfig { + + if des == nil { + return nw + } + + if nw == nil { + if dcl.IsEmptyValueIndirect(des) { + c.Config.Logger.Info("Found explicitly empty value for NodePoolKubeletConfig while comparing non-nil desired to nil actual. Returning desired object.") + return des + } + return nil + } + + if dcl.BoolCanonicalize(des.CpuCfsQuota, nw.CpuCfsQuota) { + nw.CpuCfsQuota = des.CpuCfsQuota + } + if dcl.StringCanonicalize(des.CpuCfsQuotaPeriod, nw.CpuCfsQuotaPeriod) { + nw.CpuCfsQuotaPeriod = des.CpuCfsQuotaPeriod + } + + return nw +} + +func canonicalizeNewNodePoolKubeletConfigSet(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Find the elements in des that are also in nw and canonicalize them. Remove matched elements from nw. + var items []NodePoolKubeletConfig + for _, d := range des { + matchedIndex := -1 + for i, n := range nw { + if diffs, _ := compareNodePoolKubeletConfigNewStyle(&d, &n, dcl.FieldName{}); len(diffs) == 0 { + matchedIndex = i + break + } + } + if matchedIndex != -1 { + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &nw[matchedIndex])) + nw = append(nw[:matchedIndex], nw[matchedIndex+1:]...) + } + } + // Also include elements in nw that are not matched in des. + items = append(items, nw...) + + return items +} + +func canonicalizeNewNodePoolKubeletConfigSlice(c *Client, des, nw []NodePoolKubeletConfig) []NodePoolKubeletConfig { + if des == nil { + return nw + } + + // Lengths are unequal. A diff will occur later, so we shouldn't canonicalize. + // Return the original array. + if len(des) != len(nw) { + return nw + } + + var items []NodePoolKubeletConfig + for i, d := range des { + n := nw[i] + items = append(items, *canonicalizeNewNodePoolKubeletConfig(c, &d, &n)) + } + + return items +} + func canonicalizeNodePoolUpdateSettings(des, initial *NodePoolUpdateSettings, opts ...dcl.ApplyOption) *NodePoolUpdateSettings { if des == nil { return initial @@ -2409,6 +2563,13 @@ func diffNodePool(c *Client, desired, actual *NodePool, opts ...dcl.ApplyOption) newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.KubeletConfig, actual.KubeletConfig, dcl.DiffInfo{ObjectFunction: compareNodePoolKubeletConfigNewStyle, EmptyObject: EmptyNodePoolKubeletConfig, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("KubeletConfig")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + if ds, err := dcl.Diff(desired.UpdateSettings, actual.UpdateSettings, dcl.DiffInfo{ServerDefault: true, ObjectFunction: compareNodePoolUpdateSettingsNewStyle, EmptyObject: EmptyNodePoolUpdateSettings, OperationSelector: dcl.TriggersOperation("updateNodePoolUpdateAwsNodePoolOperation")}, fn.AddNest("UpdateSettings")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -2865,6 +3026,56 @@ func compareNodePoolManagementNewStyle(d, a interface{}, fn dcl.FieldName) ([]*d return diffs, nil } +func compareNodePoolKubeletConfigNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { + var diffs []*dcl.FieldDiff + + desired, ok := d.(*NodePoolKubeletConfig) + if !ok { + desiredNotPointer, ok := d.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig or *NodePoolKubeletConfig", d) + } + desired = &desiredNotPointer + } + actual, ok := a.(*NodePoolKubeletConfig) + if !ok { + actualNotPointer, ok := a.(NodePoolKubeletConfig) + if !ok { + return nil, fmt.Errorf("obj %v is not a NodePoolKubeletConfig", a) + } + actual = &actualNotPointer + } + + if ds, err := dcl.Diff(desired.CpuManagerPolicy, actual.CpuManagerPolicy, dcl.DiffInfo{ServerDefault: true, Type: "EnumType", OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuManagerPolicy")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuota, actual.CpuCfsQuota, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuota")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.CpuCfsQuotaPeriod, actual.CpuCfsQuotaPeriod, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("CpuCfsQuotaPeriod")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + + if ds, err := dcl.Diff(desired.PodPidsLimit, actual.PodPidsLimit, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PodPidsLimit")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + return diffs, nil +} + func compareNodePoolUpdateSettingsNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { var diffs []*dcl.FieldDiff @@ -3031,6 +3242,11 @@ func expandNodePool(c *Client, f *NodePool) (map[string]interface{}, error) { } else if !dcl.IsEmptyValueIndirect(v) { m["management"] = v } + if v, err := expandNodePoolKubeletConfig(c, f.KubeletConfig, res); err != nil { + return nil, fmt.Errorf("error expanding KubeletConfig into kubeletConfig: %w", err) + } else if !dcl.IsEmptyValueIndirect(v) { + m["kubeletConfig"] = v + } if v, err := expandNodePoolUpdateSettings(c, f.UpdateSettings, res); err != nil { return nil, fmt.Errorf("error expanding UpdateSettings into updateSettings: %w", err) } else if !dcl.IsEmptyValueIndirect(v) { @@ -3081,6 +3297,7 @@ func flattenNodePool(c *Client, i interface{}, res *NodePool) *NodePool { resultRes.Annotations = dcl.FlattenKeyValuePairs(m["annotations"]) resultRes.MaxPodsConstraint = flattenNodePoolMaxPodsConstraint(c, m["maxPodsConstraint"], res) resultRes.Management = flattenNodePoolManagement(c, m["management"], res) + resultRes.KubeletConfig = flattenNodePoolKubeletConfig(c, m["kubeletConfig"], res) resultRes.UpdateSettings = flattenNodePoolUpdateSettings(c, m["updateSettings"], res) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) @@ -4317,6 +4534,132 @@ func flattenNodePoolManagement(c *Client, i interface{}, res *NodePool) *NodePoo return r } +// expandNodePoolKubeletConfigMap expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigMap(c *Client, f map[string]NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := make(map[string]interface{}) + for k, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + if i != nil { + items[k] = i + } + } + + return items, nil +} + +// expandNodePoolKubeletConfigSlice expands the contents of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfigSlice(c *Client, f []NodePoolKubeletConfig, res *NodePool) ([]map[string]interface{}, error) { + if f == nil { + return nil, nil + } + + items := []map[string]interface{}{} + for _, item := range f { + i, err := expandNodePoolKubeletConfig(c, &item, res) + if err != nil { + return nil, err + } + + items = append(items, i) + } + + return items, nil +} + +// flattenNodePoolKubeletConfigMap flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfig { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfig{} + } + + items := make(map[string]NodePoolKubeletConfig) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res) + } + + return items +} + +// flattenNodePoolKubeletConfigSlice flattens the contents of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfigSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfig { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfig{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfig{} + } + + items := make([]NodePoolKubeletConfig, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfig(c, item.(map[string]interface{}), res)) + } + + return items +} + +// expandNodePoolKubeletConfig expands an instance of NodePoolKubeletConfig into a JSON +// request object. +func expandNodePoolKubeletConfig(c *Client, f *NodePoolKubeletConfig, res *NodePool) (map[string]interface{}, error) { + if dcl.IsEmptyValueIndirect(f) { + return nil, nil + } + + m := make(map[string]interface{}) + if v := f.CpuManagerPolicy; !dcl.IsEmptyValueIndirect(v) { + m["cpuManagerPolicy"] = v + } + if v := f.CpuCfsQuota; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuota"] = v + } + if v := f.CpuCfsQuotaPeriod; !dcl.IsEmptyValueIndirect(v) { + m["cpuCfsQuotaPeriod"] = v + } + if v := f.PodPidsLimit; !dcl.IsEmptyValueIndirect(v) { + m["podPidsLimit"] = v + } + + return m, nil +} + +// flattenNodePoolKubeletConfig flattens an instance of NodePoolKubeletConfig from a JSON +// response object. +func flattenNodePoolKubeletConfig(c *Client, i interface{}, res *NodePool) *NodePoolKubeletConfig { + m, ok := i.(map[string]interface{}) + if !ok { + return nil + } + + r := &NodePoolKubeletConfig{} + + if dcl.IsEmptyValueIndirect(i) { + return EmptyNodePoolKubeletConfig + } + r.CpuManagerPolicy = flattenNodePoolKubeletConfigCpuManagerPolicyEnum(m["cpuManagerPolicy"]) + r.CpuCfsQuota = dcl.FlattenBool(m["cpuCfsQuota"]) + r.CpuCfsQuotaPeriod = dcl.FlattenString(m["cpuCfsQuotaPeriod"]) + r.PodPidsLimit = dcl.FlattenInteger(m["podPidsLimit"]) + + return r +} + // expandNodePoolUpdateSettingsMap expands the contents of NodePoolUpdateSettings into a JSON // request object. func expandNodePoolUpdateSettingsMap(c *Client, f map[string]NodePoolUpdateSettings, res *NodePool) (map[string]interface{}, error) { @@ -4704,6 +5047,57 @@ func flattenNodePoolStateEnum(i interface{}) *NodePoolStateEnum { return NodePoolStateEnumRef(s) } +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumMap(c *Client, i interface{}, res *NodePool) map[string]NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.(map[string]interface{}) + if !ok { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return map[string]NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make(map[string]NodePoolKubeletConfigCpuManagerPolicyEnum) + for k, item := range a { + items[k] = *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{})) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice flattens the contents of NodePoolKubeletConfigCpuManagerPolicyEnum from a JSON +// response object. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnumSlice(c *Client, i interface{}, res *NodePool) []NodePoolKubeletConfigCpuManagerPolicyEnum { + a, ok := i.([]interface{}) + if !ok { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + if len(a) == 0 { + return []NodePoolKubeletConfigCpuManagerPolicyEnum{} + } + + items := make([]NodePoolKubeletConfigCpuManagerPolicyEnum, 0, len(a)) + for _, item := range a { + items = append(items, *flattenNodePoolKubeletConfigCpuManagerPolicyEnum(item.(interface{}))) + } + + return items +} + +// flattenNodePoolKubeletConfigCpuManagerPolicyEnum asserts that an interface is a string, and returns a +// pointer to a *NodePoolKubeletConfigCpuManagerPolicyEnum with the same value as that string. +func flattenNodePoolKubeletConfigCpuManagerPolicyEnum(i interface{}) *NodePoolKubeletConfigCpuManagerPolicyEnum { + s, ok := i.(string) + if !ok { + return nil + } + + return NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) +} + // This function returns a matcher that checks whether a serialized resource matches this resource // in its parameters (as defined by the fields in a Get, which definitionally define resource // identity). This is useful in extracting the element from a List call. @@ -4850,6 +5244,17 @@ func extractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := extractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -4948,6 +5353,9 @@ func extractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxPodsConst func extractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func extractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func extractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { @@ -5011,6 +5419,17 @@ func postReadExtractNodePoolFields(r *NodePool) error { if !dcl.IsEmptyValueIndirect(vManagement) { r.Management = vManagement } + vKubeletConfig := r.KubeletConfig + if vKubeletConfig == nil { + // note: explicitly not the empty object. + vKubeletConfig = &NodePoolKubeletConfig{} + } + if err := postReadExtractNodePoolKubeletConfigFields(r, vKubeletConfig); err != nil { + return err + } + if !dcl.IsEmptyValueIndirect(vKubeletConfig) { + r.KubeletConfig = vKubeletConfig + } vUpdateSettings := r.UpdateSettings if vUpdateSettings == nil { // note: explicitly not the empty object. @@ -5109,6 +5528,9 @@ func postReadExtractNodePoolMaxPodsConstraintFields(r *NodePool, o *NodePoolMaxP func postReadExtractNodePoolManagementFields(r *NodePool, o *NodePoolManagement) error { return nil } +func postReadExtractNodePoolKubeletConfigFields(r *NodePool, o *NodePoolKubeletConfig) error { + return nil +} func postReadExtractNodePoolUpdateSettingsFields(r *NodePool, o *NodePoolUpdateSettings) error { vSurgeSettings := o.SurgeSettings if vSurgeSettings == nil { diff --git a/services/google/containeraws/node_pool_schema.go b/services/google/containeraws/node_pool_schema.go index d844c24c8..484bef75c 100755 --- a/services/google/containeraws/node_pool_schema.go +++ b/services/google/containeraws/node_pool_schema.go @@ -422,6 +422,47 @@ func DCLNodePoolSchema() *dcl.Schema { Description: "Allows clients to perform consistent read-modify-writes through optimistic concurrency control. May be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", Immutable: true, }, + "kubeletConfig": &dcl.Property{ + Type: "object", + GoName: "KubeletConfig", + GoType: "NodePoolKubeletConfig", + Description: "The kubelet configuration for the node pool.", + Immutable: true, + Properties: map[string]*dcl.Property{ + "cpuCfsQuota": &dcl.Property{ + Type: "boolean", + GoName: "CpuCfsQuota", + Description: "Whether or not to enable CPU CFS quota. Defaults to true.", + Immutable: true, + ServerDefault: true, + }, + "cpuCfsQuotaPeriod": &dcl.Property{ + Type: "string", + GoName: "CpuCfsQuotaPeriod", + Description: "Optional. The CPU CFS quota period to use for the node. Defaults to \"100ms\".", + Immutable: true, + }, + "cpuManagerPolicy": &dcl.Property{ + Type: "string", + GoName: "CpuManagerPolicy", + GoType: "NodePoolKubeletConfigCpuManagerPolicyEnum", + Description: "The CpuManagerPolicy to use for the node. Defaults to \"none\".", + Immutable: true, + ServerDefault: true, + Enum: []string{ + "none", + "static", + }, + }, + "podPidsLimit": &dcl.Property{ + Type: "integer", + Format: "int64", + GoName: "PodPidsLimit", + Description: "Optional. The maximum number of PIDs in each pod running on the node. The limit scales automatically based on underlying machine size if left unset.", + Immutable: true, + }, + }, + }, "location": &dcl.Property{ Type: "string", GoName: "Location", diff --git a/services/google/containeraws/node_pool_yaml_embed.go b/services/google/containeraws/node_pool_yaml_embed.go index 51e204f78..ca099041b 100755 --- a/services/google/containeraws/node_pool_yaml_embed.go +++ b/services/google/containeraws/node_pool_yaml_embed.go @@ -17,7 +17,7 @@ package containeraws // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/containeraws/node_pool.yaml -var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") +var YAML_node_pool = []byte("info:\n title: ContainerAws/NodePool\n description: An Anthos node pool running on AWS.\n x-dcl-struct-name: NodePool\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API reference\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs/reference/rest/v1/projects.locations.awsClusters.awsNodePools\n x-dcl-guides:\n - text: Multicloud overview\n url: https://cloud.google.com/kubernetes-engine/multi-cloud/docs\npaths:\n get:\n description: The function used to get information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n apply:\n description: The function used to apply information about a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n delete:\n description: The function used to delete a NodePool\n parameters:\n - name: nodePool\n required: true\n description: A full instance of a NodePool\n deleteAll:\n description: The function used to delete all NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many NodePool\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: cluster\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n NodePool:\n title: NodePool\n x-dcl-id: projects/{{project}}/locations/{{location}}/awsClusters/{{cluster}}/awsNodePools/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - version\n - config\n - autoscaling\n - subnetId\n - maxPodsConstraint\n - project\n - location\n - cluster\n properties:\n annotations:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Annotations\n description: 'Optional. Annotations on the node pool. This field has the\n same restrictions as Kubernetes annotations. The total size of all keys\n and values combined is limited to 256k. Key can have 2 segments: prefix\n (optional) and name (required), separated by a slash (/). Prefix must\n be a DNS subdomain. Name must be 63 characters or less, begin and end\n with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics\n between.'\n autoscaling:\n type: object\n x-dcl-go-name: Autoscaling\n x-dcl-go-type: NodePoolAutoscaling\n description: Autoscaler configuration for this node pool.\n required:\n - minNodeCount\n - maxNodeCount\n properties:\n maxNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MaxNodeCount\n description: Maximum number of nodes in the NodePool. Must be >= min_node_count.\n minNodeCount:\n type: integer\n format: int64\n x-dcl-go-name: MinNodeCount\n description: Minimum number of nodes in the NodePool. Must be >= 1 and\n <= max_node_count.\n cluster:\n type: string\n x-dcl-go-name: Cluster\n description: The awsCluster for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkemulticloud/Cluster\n field: name\n parent: true\n x-dcl-parameter: true\n config:\n type: object\n x-dcl-go-name: Config\n x-dcl-go-type: NodePoolConfig\n description: The configuration of the node pool.\n required:\n - iamInstanceProfile\n - configEncryption\n properties:\n autoscalingMetricsCollection:\n type: object\n x-dcl-go-name: AutoscalingMetricsCollection\n x-dcl-go-type: NodePoolConfigAutoscalingMetricsCollection\n description: Optional. Configuration related to CloudWatch metrics collection\n on the Auto Scaling group of the node pool. When unspecified, metrics\n collection is disabled.\n required:\n - granularity\n properties:\n granularity:\n type: string\n x-dcl-go-name: Granularity\n description: The frequency at which EC2 Auto Scaling sends aggregated\n data to AWS CloudWatch. The only valid value is \"1Minute\".\n metrics:\n type: array\n x-dcl-go-name: Metrics\n description: The metrics to enable. For a list of valid metrics,\n see https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_EnableMetricsCollection.html.\n If you specify granularity and don't specify any metrics, all\n metrics are enabled.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n configEncryption:\n type: object\n x-dcl-go-name: ConfigEncryption\n x-dcl-go-type: NodePoolConfigConfigEncryption\n description: The ARN of the AWS KMS key used to encrypt node pool configuration.\n required:\n - kmsKeyArn\n properties:\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: The ARN of the AWS KMS key used to encrypt node pool\n configuration.\n iamInstanceProfile:\n type: string\n x-dcl-go-name: IamInstanceProfile\n description: The name of the AWS IAM role assigned to nodes in the pool.\n instanceType:\n type: string\n x-dcl-go-name: InstanceType\n description: Optional. The AWS instance type. When unspecified, it defaults\n to `m5.large`.\n x-dcl-server-default: true\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: 'Optional. The initial labels assigned to nodes of this\n node pool. An object containing a list of \"key\": value pairs. Example:\n { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }.'\n proxyConfig:\n type: object\n x-dcl-go-name: ProxyConfig\n x-dcl-go-type: NodePoolConfigProxyConfig\n description: Proxy configuration for outbound HTTP(S) traffic.\n required:\n - secretArn\n - secretVersion\n properties:\n secretArn:\n type: string\n x-dcl-go-name: SecretArn\n description: The ARN of the AWS Secret Manager secret that contains\n the HTTP(S) proxy configuration.\n secretVersion:\n type: string\n x-dcl-go-name: SecretVersion\n description: The version string of the AWS Secret Manager secret\n that contains the HTTP(S) proxy configuration.\n rootVolume:\n type: object\n x-dcl-go-name: RootVolume\n x-dcl-go-type: NodePoolConfigRootVolume\n description: Optional. Template for the root volume provisioned for\n node pool nodes. Volumes will be provisioned in the availability zone\n assigned to the node pool subnet. When unspecified, it defaults to\n 32 GiB with the GP2 volume type.\n x-dcl-server-default: true\n properties:\n iops:\n type: integer\n format: int64\n x-dcl-go-name: Iops\n description: Optional. The number of I/O operations per second (IOPS)\n to provision for GP3 volume.\n x-dcl-server-default: true\n kmsKeyArn:\n type: string\n x-dcl-go-name: KmsKeyArn\n description: Optional. The Amazon Resource Name (ARN) of the Customer\n Managed Key (CMK) used to encrypt AWS EBS volumes. If not specified,\n the default Amazon managed key associated to the AWS region where\n this cluster runs will be used.\n sizeGib:\n type: integer\n format: int64\n x-dcl-go-name: SizeGib\n description: Optional. The size of the volume, in GiBs. When unspecified,\n a default value is provided. See the specific reference in the\n parent resource.\n x-dcl-server-default: true\n throughput:\n type: integer\n format: int64\n x-dcl-go-name: Throughput\n description: Optional. The throughput to provision for the volume,\n in MiB/s. Only valid if the volume type is GP3. If volume type\n is gp3 and throughput is not specified, the throughput will defaults\n to 125.\n x-dcl-server-default: true\n volumeType:\n type: string\n x-dcl-go-name: VolumeType\n x-dcl-go-type: NodePoolConfigRootVolumeVolumeTypeEnum\n description: 'Optional. Type of the EBS volume. When unspecified,\n it defaults to GP2 volume. Possible values: VOLUME_TYPE_UNSPECIFIED,\n GP2, GP3'\n x-dcl-server-default: true\n enum:\n - VOLUME_TYPE_UNSPECIFIED\n - GP2\n - GP3\n securityGroupIds:\n type: array\n x-dcl-go-name: SecurityGroupIds\n description: Optional. The IDs of additional security groups to add\n to nodes in this pool. The manager will automatically create security\n groups with minimum rules needed for a functioning cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n sshConfig:\n type: object\n x-dcl-go-name: SshConfig\n x-dcl-go-type: NodePoolConfigSshConfig\n description: Optional. The SSH configuration.\n required:\n - ec2KeyPair\n properties:\n ec2KeyPair:\n type: string\n x-dcl-go-name: Ec2KeyPair\n description: The name of the EC2 key pair used to login into cluster\n machines.\n tags:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Tags\n description: Optional. Key/value metadata to assign to each underlying\n AWS resource. Specify at most 50 pairs containing alphanumerics, spaces,\n and symbols (.+-=_:@/). Keys can be up to 127 Unicode characters.\n Values can be up to 255 Unicode characters.\n taints:\n type: array\n x-dcl-go-name: Taints\n description: Optional. The initial taints assigned to nodes of this\n node pool.\n x-kubernetes-immutable: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: NodePoolConfigTaints\n required:\n - key\n - value\n - effect\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n x-dcl-go-type: NodePoolConfigTaintsEffectEnum\n description: 'The taint effect. Possible values: EFFECT_UNSPECIFIED,\n NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE'\n x-kubernetes-immutable: true\n enum:\n - EFFECT_UNSPECIFIED\n - NO_SCHEDULE\n - PREFER_NO_SCHEDULE\n - NO_EXECUTE\n key:\n type: string\n x-dcl-go-name: Key\n description: Key for the taint.\n x-kubernetes-immutable: true\n value:\n type: string\n x-dcl-go-name: Value\n description: Value for the taint.\n x-kubernetes-immutable: true\n createTime:\n type: string\n format: date-time\n x-dcl-go-name: CreateTime\n readOnly: true\n description: Output only. The time at which this node pool was created.\n x-kubernetes-immutable: true\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: Allows clients to perform consistent read-modify-writes through\n optimistic concurrency control. May be sent on update and delete requests\n to ensure the client has an up-to-date value before proceeding.\n x-kubernetes-immutable: true\n kubeletConfig:\n type: object\n x-dcl-go-name: KubeletConfig\n x-dcl-go-type: NodePoolKubeletConfig\n description: The kubelet configuration for the node pool.\n x-kubernetes-immutable: true\n properties:\n cpuCfsQuota:\n type: boolean\n x-dcl-go-name: CpuCfsQuota\n description: Whether or not to enable CPU CFS quota. Defaults to true.\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n cpuCfsQuotaPeriod:\n type: string\n x-dcl-go-name: CpuCfsQuotaPeriod\n description: Optional. The CPU CFS quota period to use for the node.\n Defaults to \"100ms\".\n x-kubernetes-immutable: true\n cpuManagerPolicy:\n type: string\n x-dcl-go-name: CpuManagerPolicy\n x-dcl-go-type: NodePoolKubeletConfigCpuManagerPolicyEnum\n description: The CpuManagerPolicy to use for the node. Defaults to \"none\".\n x-kubernetes-immutable: true\n x-dcl-server-default: true\n enum:\n - none\n - static\n podPidsLimit:\n type: integer\n format: int64\n x-dcl-go-name: PodPidsLimit\n description: Optional. The maximum number of PIDs in each pod running\n on the node. The limit scales automatically based on underlying machine\n size if left unset.\n x-kubernetes-immutable: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n management:\n type: object\n x-dcl-go-name: Management\n x-dcl-go-type: NodePoolManagement\n description: The Management configuration for this node pool.\n properties:\n autoRepair:\n type: boolean\n x-dcl-go-name: AutoRepair\n description: Optional. Whether or not the nodes will be automatically\n repaired.\n maxPodsConstraint:\n type: object\n x-dcl-go-name: MaxPodsConstraint\n x-dcl-go-type: NodePoolMaxPodsConstraint\n description: The constraint on the maximum number of pods that can be run\n simultaneously on a node in the node pool.\n x-kubernetes-immutable: true\n required:\n - maxPodsPerNode\n properties:\n maxPodsPerNode:\n type: integer\n format: int64\n x-dcl-go-name: MaxPodsPerNode\n description: The maximum number of pods to schedule on a single node.\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: The name of this resource.\n x-kubernetes-immutable: true\n x-dcl-has-long-form: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: Output only. If set, there are currently changes in flight\n to the node pool.\n x-kubernetes-immutable: true\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: NodePoolStateEnum\n readOnly: true\n description: 'Output only. The lifecycle state of the node pool. Possible\n values: STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING,\n ERROR, DEGRADED'\n x-kubernetes-immutable: true\n enum:\n - STATE_UNSPECIFIED\n - PROVISIONING\n - RUNNING\n - RECONCILING\n - STOPPING\n - ERROR\n - DEGRADED\n subnetId:\n type: string\n x-dcl-go-name: SubnetId\n description: The subnet where the node pool node run.\n x-kubernetes-immutable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. A globally unique identifier for the node pool.\n x-kubernetes-immutable: true\n updateSettings:\n type: object\n x-dcl-go-name: UpdateSettings\n x-dcl-go-type: NodePoolUpdateSettings\n description: Optional. Update settings control the speed and disruption\n of the node pool update.\n x-dcl-server-default: true\n properties:\n surgeSettings:\n type: object\n x-dcl-go-name: SurgeSettings\n x-dcl-go-type: NodePoolUpdateSettingsSurgeSettings\n description: Optional. Settings for surge update.\n x-dcl-server-default: true\n properties:\n maxSurge:\n type: integer\n format: int64\n x-dcl-go-name: MaxSurge\n description: Optional. The maximum number of nodes that can be created\n beyond the current size of the node pool during the update process.\n x-dcl-server-default: true\n maxUnavailable:\n type: integer\n format: int64\n x-dcl-go-name: MaxUnavailable\n description: Optional. The maximum number of nodes that can be simultaneously\n unavailable during the update process. A node is considered unavailable\n if its status is not Ready.\n x-dcl-server-default: true\n updateTime:\n type: string\n format: date-time\n x-dcl-go-name: UpdateTime\n readOnly: true\n description: Output only. The time at which this node pool was last updated.\n x-kubernetes-immutable: true\n version:\n type: string\n x-dcl-go-name: Version\n description: The Kubernetes version to run on this node pool (e.g. `1.19.10-gke.1000`).\n You can list all supported versions on a given Google Cloud region by\n calling GetAwsServerConfig.\n") -// 18893 bytes -// MD5: b441d7a9fd8765145b38ac3c1e28b42d +// 20471 bytes +// MD5: d948a0634e222145c35301d2e3fca0b5 diff --git a/services/google/containeraws/samples/basic.cluster.json b/services/google/containeraws/samples/basic.cluster.json index 1569eb21d..d20b276aa 100755 --- a/services/google/containeraws/samples/basic.cluster.json +++ b/services/google/containeraws/samples/basic.cluster.json @@ -11,7 +11,7 @@ }, "awsRegion": "{{aws_region}}", "controlPlane": { - "version": "1.28.3-gke.700", + "version": "1.30.3-gke.100", "instanceType": "m5.large", "sshConfig": { "ec2KeyPair": "{{byo_multicloud_prefix}}-1p-dev-ssh" @@ -25,9 +25,7 @@ "rootVolume": { "sizeGib": 10, "kmsKeyArn": "arn:aws:kms:{{aws_region}}:{{aws_account_id}}:key/{{aws_volume_encryption_key}}", - "volumeType": "GP3", - "iops": 3000, - "throughput": 500 + "volumeType": "GP2" }, "mainVolume": { "sizeGib": 10, diff --git a/services/google/containeraws/samples/basic.node_pool.json b/services/google/containeraws/samples/basic.node_pool.json index 735eef44a..644be90f5 100755 --- a/services/google/containeraws/samples/basic.node_pool.json +++ b/services/google/containeraws/samples/basic.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 1, "maxNodeCount": 5 @@ -54,6 +54,12 @@ "management": { "autoRepair": true }, + "kubeletConfig": { + "cpuManagerPolicy": "none", + "cpuCfsQuota": true, + "cpuCfsQuotaPeriod": "100ms", + "podPidsLimit": 1024 + }, "updateSettings": { "surgeSettings": { "maxSurge": 1, diff --git a/services/google/containeraws/samples/beta.cluster.json b/services/google/containeraws/samples/beta.cluster.json index 8a61a39f8..fbb574187 100755 --- a/services/google/containeraws/samples/beta.cluster.json +++ b/services/google/containeraws/samples/beta.cluster.json @@ -10,7 +10,7 @@ }, "awsRegion": "{{aws_region}}", "controlPlane": { - "version": "1.28.3-gke.700", + "version": "1.30.3-gke.100", "instanceType": "m5.large", "sshConfig": { "ec2KeyPair": "{{byo_multicloud_prefix}}-1p-dev-ssh" diff --git a/services/google/containeraws/samples/beta.node_pool.json b/services/google/containeraws/samples/beta.node_pool.json index 3aa11eeeb..71a0f7557 100755 --- a/services/google/containeraws/samples/beta.node_pool.json +++ b/services/google/containeraws/samples/beta.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 1, "maxNodeCount": 5 @@ -54,5 +54,11 @@ }, "annotations": { "label-one": "value-one" + }, + "kubeletConfig": { + "cpuManagerPolicy": "none", + "cpuCfsQuota": true, + "cpuCfsQuotaPeriod": "100ms", + "podPidsLimit": 1024 } } diff --git a/services/google/containeraws/samples/beta_spot.node_pool.json b/services/google/containeraws/samples/beta_spot.node_pool.json index f86a45930..43ba55a2b 100755 --- a/services/google/containeraws/samples/beta_spot.node_pool.json +++ b/services/google/containeraws/samples/beta_spot.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 1, "maxNodeCount": 5 diff --git a/services/google/containeraws/samples/gp3_cluster.yaml b/services/google/containeraws/samples/gp3_cluster.yaml new file mode 100755 index 000000000..aefd89943 --- /dev/null +++ b/services/google/containeraws/samples/gp3_cluster.yaml @@ -0,0 +1,42 @@ +# Copyright 2024 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: gp3_cluster +description: A basic example of a containeraws cluster with a GP3 root volume +type: cluster +versions: +- ga +resource: samples/update.cluster.json +variables: +- name: aws_account_id + type: aws_account_id +- name: aws_database_encryption_key + type: aws_database_encryption_key +- name: aws_region + type: aws_region +- name: aws_subnet + type: aws_subnet +- name: aws_volume_encryption_key + type: aws_volume_encryption_key +- name: aws_vpc + type: aws_vpc +- name: byo_multicloud_prefix + type: byo_multicloud_prefix +- name: cluster + type: resource_name +- name: project + type: project +- name: project_number + type: project_number +- name: test_service_account + type: test_service_account diff --git a/services/google/containeraws/samples/minimal.cluster.json b/services/google/containeraws/samples/minimal.cluster.json index 359e60390..6aa85ca99 100755 --- a/services/google/containeraws/samples/minimal.cluster.json +++ b/services/google/containeraws/samples/minimal.cluster.json @@ -9,7 +9,7 @@ }, "awsRegion": "{{aws_region}}", "controlPlane": { - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "subnetIds": ["{{aws_subnet}}"], "iamInstanceProfile": "{{byo_multicloud_prefix}}-1p-dev-controlplane", "databaseEncryption": { diff --git a/services/google/containeraws/samples/minimal.node_pool.json b/services/google/containeraws/samples/minimal.node_pool.json index 05d8f12bf..9eabfa413 100755 --- a/services/google/containeraws/samples/minimal.node_pool.json +++ b/services/google/containeraws/samples/minimal.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 1, "maxNodeCount": 5 diff --git a/services/google/containeraws/samples/update.cluster.json b/services/google/containeraws/samples/update.cluster.json index f6d9be069..091a253b2 100755 --- a/services/google/containeraws/samples/update.cluster.json +++ b/services/google/containeraws/samples/update.cluster.json @@ -11,7 +11,7 @@ }, "awsRegion": "{{aws_region}}", "controlPlane": { - "version": "1.28.3-gke.700", + "version": "1.30.3-gke.100", "instanceType": "t3.large", "sshConfig": { "ec2KeyPair": "updated-ec2-key-pair" @@ -22,9 +22,9 @@ "rootVolume": { "sizeGib": 12, "kmsKeyArn": "arn:aws:kms:{{aws_region}}:{{aws_account_id}}:key/updated-volume-encryption-kms-key-arn", - "volumeType": "GP2", - "iops": 0, - "throughput": 0 + "volumeType": "GP3", + "iops": 3000, + "throughput": 500 }, "mainVolume": { "sizeGib": 10, diff --git a/services/google/containeraws/samples/update.node_pool.json b/services/google/containeraws/samples/update.node_pool.json index 7e7c6b19b..310da1f3b 100755 --- a/services/google/containeraws/samples/update.node_pool.json +++ b/services/google/containeraws/samples/update.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 3, "maxNodeCount": 8 @@ -54,6 +54,12 @@ "management": { "autoRepair": false }, + "kubeletConfig": { + "cpuManagerPolicy": "none", + "cpuCfsQuota": true, + "cpuCfsQuotaPeriod": "100ms", + "podPidsLimit": 1024 + }, "updateSettings": { "surgeSettings": { "maxSurge": 2, diff --git a/services/google/containeraws/samples/update_beta.cluster.json b/services/google/containeraws/samples/update_beta.cluster.json index b52289ad2..131fcbe73 100755 --- a/services/google/containeraws/samples/update_beta.cluster.json +++ b/services/google/containeraws/samples/update_beta.cluster.json @@ -10,7 +10,7 @@ }, "awsRegion": "{{aws_region}}", "controlPlane": { - "version": "1.28.3-gke.700", + "version": "1.30.3-gke.100", "instanceType": "t3.large", "sshConfig": { "ec2KeyPair": "updated-ec2-key-pair" @@ -21,8 +21,9 @@ "rootVolume": { "sizeGib": 12, "kmsKeyArn": "arn:aws:kms:{{aws_region}}:{{aws_account_id}}:key/updated-volume-encryption-kms-key-arn", - "volumeType": "GP2", - "iops": 0 + "volumeType": "GP3", + "iops": 3000, + "throughput": 500 }, "mainVolume": { "sizeGib": 10, diff --git a/services/google/containeraws/samples/update_beta.node_pool.json b/services/google/containeraws/samples/update_beta.node_pool.json index 65e681e0b..0da490717 100755 --- a/services/google/containeraws/samples/update_beta.node_pool.json +++ b/services/google/containeraws/samples/update_beta.node_pool.json @@ -3,7 +3,7 @@ "project": "{{project}}", "location": "us-west1", "cluster": "{{ref:minimal.cluster.json:name}}", - "version": "1.27.4-gke.1600", + "version": "1.30.3-gke.100", "autoscaling": { "minNodeCount": 3, "maxNodeCount": 8 @@ -57,6 +57,12 @@ "management": { "autoRepair": false }, + "kubeletConfig": { + "cpuManagerPolicy": "none", + "cpuCfsQuota": true, + "cpuCfsQuotaPeriod": "100ms", + "podPidsLimit": 1024 + }, "updateSettings": { "surgeSettings": { "maxSurge": 2, diff --git a/unstructured/google/containeraws/alpha/node_pool.go b/unstructured/google/containeraws/alpha/node_pool.go index 7e4b929a7..89a1498aa 100755 --- a/unstructured/google/containeraws/alpha/node_pool.go +++ b/unstructured/google/containeraws/alpha/node_pool.go @@ -176,6 +176,22 @@ func NodePoolToUnstructured(r *dclService.NodePool) *unstructured.Resource { if r.Etag != nil { u.Object["etag"] = *r.Etag } + if r.KubeletConfig != nil && r.KubeletConfig != dclService.EmptyNodePoolKubeletConfig { + rKubeletConfig := make(map[string]interface{}) + if r.KubeletConfig.CpuCfsQuota != nil { + rKubeletConfig["cpuCfsQuota"] = *r.KubeletConfig.CpuCfsQuota + } + if r.KubeletConfig.CpuCfsQuotaPeriod != nil { + rKubeletConfig["cpuCfsQuotaPeriod"] = *r.KubeletConfig.CpuCfsQuotaPeriod + } + if r.KubeletConfig.CpuManagerPolicy != nil { + rKubeletConfig["cpuManagerPolicy"] = string(*r.KubeletConfig.CpuManagerPolicy) + } + if r.KubeletConfig.PodPidsLimit != nil { + rKubeletConfig["podPidsLimit"] = *r.KubeletConfig.PodPidsLimit + } + u.Object["kubeletConfig"] = rKubeletConfig + } if r.Location != nil { u.Object["location"] = *r.Location } @@ -537,6 +553,41 @@ func UnstructuredToNodePool(u *unstructured.Resource) (*dclService.NodePool, err return nil, fmt.Errorf("r.Etag: expected string") } } + if _, ok := u.Object["kubeletConfig"]; ok { + if rKubeletConfig, ok := u.Object["kubeletConfig"].(map[string]interface{}); ok { + r.KubeletConfig = &dclService.NodePoolKubeletConfig{} + if _, ok := rKubeletConfig["cpuCfsQuota"]; ok { + if b, ok := rKubeletConfig["cpuCfsQuota"].(bool); ok { + r.KubeletConfig.CpuCfsQuota = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuota: expected bool") + } + } + if _, ok := rKubeletConfig["cpuCfsQuotaPeriod"]; ok { + if s, ok := rKubeletConfig["cpuCfsQuotaPeriod"].(string); ok { + r.KubeletConfig.CpuCfsQuotaPeriod = dcl.String(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuotaPeriod: expected string") + } + } + if _, ok := rKubeletConfig["cpuManagerPolicy"]; ok { + if s, ok := rKubeletConfig["cpuManagerPolicy"].(string); ok { + r.KubeletConfig.CpuManagerPolicy = dclService.NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuManagerPolicy: expected string") + } + } + if _, ok := rKubeletConfig["podPidsLimit"]; ok { + if i, ok := rKubeletConfig["podPidsLimit"].(int64); ok { + r.KubeletConfig.PodPidsLimit = dcl.Int64(i) + } else { + return nil, fmt.Errorf("r.KubeletConfig.PodPidsLimit: expected int64") + } + } + } else { + return nil, fmt.Errorf("r.KubeletConfig: expected map[string]interface{}") + } + } if _, ok := u.Object["location"]; ok { if s, ok := u.Object["location"].(string); ok { r.Location = dcl.String(s) diff --git a/unstructured/google/containeraws/beta/node_pool.go b/unstructured/google/containeraws/beta/node_pool.go index 509d93aa0..c25a2bdd7 100755 --- a/unstructured/google/containeraws/beta/node_pool.go +++ b/unstructured/google/containeraws/beta/node_pool.go @@ -176,6 +176,22 @@ func NodePoolToUnstructured(r *dclService.NodePool) *unstructured.Resource { if r.Etag != nil { u.Object["etag"] = *r.Etag } + if r.KubeletConfig != nil && r.KubeletConfig != dclService.EmptyNodePoolKubeletConfig { + rKubeletConfig := make(map[string]interface{}) + if r.KubeletConfig.CpuCfsQuota != nil { + rKubeletConfig["cpuCfsQuota"] = *r.KubeletConfig.CpuCfsQuota + } + if r.KubeletConfig.CpuCfsQuotaPeriod != nil { + rKubeletConfig["cpuCfsQuotaPeriod"] = *r.KubeletConfig.CpuCfsQuotaPeriod + } + if r.KubeletConfig.CpuManagerPolicy != nil { + rKubeletConfig["cpuManagerPolicy"] = string(*r.KubeletConfig.CpuManagerPolicy) + } + if r.KubeletConfig.PodPidsLimit != nil { + rKubeletConfig["podPidsLimit"] = *r.KubeletConfig.PodPidsLimit + } + u.Object["kubeletConfig"] = rKubeletConfig + } if r.Location != nil { u.Object["location"] = *r.Location } @@ -537,6 +553,41 @@ func UnstructuredToNodePool(u *unstructured.Resource) (*dclService.NodePool, err return nil, fmt.Errorf("r.Etag: expected string") } } + if _, ok := u.Object["kubeletConfig"]; ok { + if rKubeletConfig, ok := u.Object["kubeletConfig"].(map[string]interface{}); ok { + r.KubeletConfig = &dclService.NodePoolKubeletConfig{} + if _, ok := rKubeletConfig["cpuCfsQuota"]; ok { + if b, ok := rKubeletConfig["cpuCfsQuota"].(bool); ok { + r.KubeletConfig.CpuCfsQuota = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuota: expected bool") + } + } + if _, ok := rKubeletConfig["cpuCfsQuotaPeriod"]; ok { + if s, ok := rKubeletConfig["cpuCfsQuotaPeriod"].(string); ok { + r.KubeletConfig.CpuCfsQuotaPeriod = dcl.String(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuotaPeriod: expected string") + } + } + if _, ok := rKubeletConfig["cpuManagerPolicy"]; ok { + if s, ok := rKubeletConfig["cpuManagerPolicy"].(string); ok { + r.KubeletConfig.CpuManagerPolicy = dclService.NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuManagerPolicy: expected string") + } + } + if _, ok := rKubeletConfig["podPidsLimit"]; ok { + if i, ok := rKubeletConfig["podPidsLimit"].(int64); ok { + r.KubeletConfig.PodPidsLimit = dcl.Int64(i) + } else { + return nil, fmt.Errorf("r.KubeletConfig.PodPidsLimit: expected int64") + } + } + } else { + return nil, fmt.Errorf("r.KubeletConfig: expected map[string]interface{}") + } + } if _, ok := u.Object["location"]; ok { if s, ok := u.Object["location"].(string); ok { r.Location = dcl.String(s) diff --git a/unstructured/google/containeraws/node_pool.go b/unstructured/google/containeraws/node_pool.go index 81467e60f..52a6f5c93 100755 --- a/unstructured/google/containeraws/node_pool.go +++ b/unstructured/google/containeraws/node_pool.go @@ -157,6 +157,22 @@ func NodePoolToUnstructured(r *dclService.NodePool) *unstructured.Resource { if r.Etag != nil { u.Object["etag"] = *r.Etag } + if r.KubeletConfig != nil && r.KubeletConfig != dclService.EmptyNodePoolKubeletConfig { + rKubeletConfig := make(map[string]interface{}) + if r.KubeletConfig.CpuCfsQuota != nil { + rKubeletConfig["cpuCfsQuota"] = *r.KubeletConfig.CpuCfsQuota + } + if r.KubeletConfig.CpuCfsQuotaPeriod != nil { + rKubeletConfig["cpuCfsQuotaPeriod"] = *r.KubeletConfig.CpuCfsQuotaPeriod + } + if r.KubeletConfig.CpuManagerPolicy != nil { + rKubeletConfig["cpuManagerPolicy"] = string(*r.KubeletConfig.CpuManagerPolicy) + } + if r.KubeletConfig.PodPidsLimit != nil { + rKubeletConfig["podPidsLimit"] = *r.KubeletConfig.PodPidsLimit + } + u.Object["kubeletConfig"] = rKubeletConfig + } if r.Location != nil { u.Object["location"] = *r.Location } @@ -479,6 +495,41 @@ func UnstructuredToNodePool(u *unstructured.Resource) (*dclService.NodePool, err return nil, fmt.Errorf("r.Etag: expected string") } } + if _, ok := u.Object["kubeletConfig"]; ok { + if rKubeletConfig, ok := u.Object["kubeletConfig"].(map[string]interface{}); ok { + r.KubeletConfig = &dclService.NodePoolKubeletConfig{} + if _, ok := rKubeletConfig["cpuCfsQuota"]; ok { + if b, ok := rKubeletConfig["cpuCfsQuota"].(bool); ok { + r.KubeletConfig.CpuCfsQuota = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuota: expected bool") + } + } + if _, ok := rKubeletConfig["cpuCfsQuotaPeriod"]; ok { + if s, ok := rKubeletConfig["cpuCfsQuotaPeriod"].(string); ok { + r.KubeletConfig.CpuCfsQuotaPeriod = dcl.String(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuCfsQuotaPeriod: expected string") + } + } + if _, ok := rKubeletConfig["cpuManagerPolicy"]; ok { + if s, ok := rKubeletConfig["cpuManagerPolicy"].(string); ok { + r.KubeletConfig.CpuManagerPolicy = dclService.NodePoolKubeletConfigCpuManagerPolicyEnumRef(s) + } else { + return nil, fmt.Errorf("r.KubeletConfig.CpuManagerPolicy: expected string") + } + } + if _, ok := rKubeletConfig["podPidsLimit"]; ok { + if i, ok := rKubeletConfig["podPidsLimit"].(int64); ok { + r.KubeletConfig.PodPidsLimit = dcl.Int64(i) + } else { + return nil, fmt.Errorf("r.KubeletConfig.PodPidsLimit: expected int64") + } + } + } else { + return nil, fmt.Errorf("r.KubeletConfig: expected map[string]interface{}") + } + } if _, ok := u.Object["location"]; ok { if s, ok := u.Object["location"].(string); ok { r.Location = dcl.String(s)