From 295914cae9d5f087ec130df19ed4bdfc5b648e7b Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Wed, 13 Nov 2024 02:41:11 +0000 Subject: [PATCH 1/2] Update operator to 1.125.0 --- .../cluster/gcp-identity/0-cnrm-system.yaml | 138 +- .../workload-identity/0-cnrm-system.yaml | 138 +- .../configconnector/1.125.0}/crds.yaml | 9559 +++++++++++++---- .../namespaced/0-cnrm-system.yaml | 136 +- .../namespaced/per-namespace-components.yaml | 18 +- operator/autopilot-channels/stable | 2 +- .../cluster/gcp-identity/0-cnrm-system.yaml | 138 +- .../workload-identity/0-cnrm-system.yaml | 138 +- .../configconnector/1.125.0}/crds.yaml | 9559 +++++++++++++---- .../namespaced/0-cnrm-system.yaml | 136 +- .../namespaced/per-namespace-components.yaml | 18 +- operator/channels/stable | 2 +- operator/config/autopilot/kustomization.yaml | 2 +- operator/config/default/kustomization.yaml | 2 +- .../config/gke-addon/image_configmap.yaml | 10 +- operator/config/rbac/cnrm_viewer_role.yaml | 18 +- 16 files changed, 15100 insertions(+), 4914 deletions(-) rename operator/autopilot-channels/packages/configconnector/{1.122.0 => 1.125.0}/cluster/gcp-identity/0-cnrm-system.yaml (94%) rename operator/autopilot-channels/packages/configconnector/{1.122.0 => 1.125.0}/cluster/workload-identity/0-cnrm-system.yaml (94%) rename operator/{channels/packages/configconnector/1.122.0 => autopilot-channels/packages/configconnector/1.125.0}/crds.yaml (95%) rename operator/autopilot-channels/packages/configconnector/{1.122.0 => 1.125.0}/namespaced/0-cnrm-system.yaml (94%) rename operator/autopilot-channels/packages/configconnector/{1.122.0 => 1.125.0}/namespaced/per-namespace-components.yaml (91%) rename operator/channels/packages/configconnector/{1.122.0 => 1.125.0}/cluster/gcp-identity/0-cnrm-system.yaml (94%) rename operator/channels/packages/configconnector/{1.122.0 => 1.125.0}/cluster/workload-identity/0-cnrm-system.yaml (94%) rename operator/{autopilot-channels/packages/configconnector/1.122.0 => channels/packages/configconnector/1.125.0}/crds.yaml (95%) rename operator/channels/packages/configconnector/{1.122.0 => 1.125.0}/namespaced/0-cnrm-system.yaml (94%) rename operator/channels/packages/configconnector/{1.122.0 => 1.125.0}/namespaced/per-namespace-components.yaml (93%) diff --git a/operator/autopilot-channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml index 67d631c5a0..d41408eba6 100644 --- a/operator/autopilot-channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-controller-manager @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1001,6 +1013,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1085,6 +1109,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1270,7 +1306,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1320,7 +1356,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1378,7 +1414,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1403,7 +1439,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1433,7 +1469,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1776,6 +1812,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2040,6 +2084,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2096,6 +2148,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2221,7 +2281,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2284,7 +2344,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2302,7 +2362,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2320,7 +2380,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2343,7 +2403,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2360,7 +2420,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2377,7 +2437,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2394,7 +2454,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2411,7 +2471,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2428,7 +2488,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2445,7 +2505,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2467,7 +2527,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2488,7 +2548,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2506,7 +2566,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2519,8 +2579,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2553,7 +2613,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2568,7 +2628,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2583,7 +2643,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2613,7 +2673,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2628,7 +2688,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2641,7 +2701,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2678,7 +2738,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2693,7 +2753,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2701,7 +2761,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2732,7 +2792,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml index 86737e15c0..55e69b06a3 100644 --- a/operator/autopilot-channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 iam.gke.io/gcp-service-account: cnrm-system@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/system: "true" @@ -22,7 +22,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -32,7 +32,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -42,7 +42,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -52,7 +52,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -73,7 +73,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -94,7 +94,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -606,6 +606,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1002,6 +1014,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1086,6 +1110,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1271,7 +1307,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1321,7 +1357,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1379,7 +1415,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1404,7 +1440,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1434,7 +1470,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1777,6 +1813,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2041,6 +2085,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2097,6 +2149,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2222,7 +2282,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2285,7 +2345,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2303,7 +2363,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2321,7 +2381,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2344,7 +2404,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2361,7 +2421,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2378,7 +2438,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2395,7 +2455,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2412,7 +2472,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2429,7 +2489,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2446,7 +2506,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2468,7 +2528,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2489,7 +2549,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2507,7 +2567,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2520,8 +2580,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2554,7 +2614,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2569,7 +2629,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2584,7 +2644,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2614,7 +2674,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2629,7 +2689,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2639,7 +2699,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2669,7 +2729,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2684,7 +2744,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2692,7 +2752,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2723,7 +2783,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.122.0/crds.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/crds.yaml similarity index 95% rename from operator/channels/packages/configconnector/1.122.0/crds.yaml rename to operator/autopilot-channels/packages/configconnector/1.125.0/crds.yaml index 13f5a24abc..33ed979158 100644 --- a/operator/channels/packages/configconnector/1.122.0/crds.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/crds.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -264,7 +264,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -650,7 +650,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -780,7 +780,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -949,7 +949,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1262,7 +1262,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2456,7 +2456,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2895,7 +2895,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4366,7 +4366,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4559,6 +4559,9 @@ spec: type: string type: object type: array + enableOutboundPublicIp: + description: Enabling outbound public ip for the instance. + type: boolean enablePublicIp: description: Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized @@ -4627,6 +4630,14 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + outboundPublicIpAddresses: + description: |- + The outbound public IP addresses for the instance. This is available ONLY when + networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used + for outbound connections. + items: + type: string + type: array publicIpAddress: description: The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the @@ -4826,6 +4837,9 @@ spec: type: string type: object type: array + enableOutboundPublicIp: + description: Enabling outbound public ip for the instance. + type: boolean enablePublicIp: description: Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized @@ -4894,6 +4908,14 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + outboundPublicIpAddresses: + description: |- + The outbound public IP addresses for the instance. This is available ONLY when + networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used + for outbound connections. + items: + type: string + type: array publicIpAddress: description: The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the @@ -4933,7 +4955,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5129,7 +5151,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5403,7 +5425,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5562,7 +5584,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5726,7 +5748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5899,7 +5921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6043,7 +6065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6173,7 +6195,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6301,7 +6323,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -6476,7 +6498,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6606,7 +6628,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6782,7 +6804,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6911,7 +6933,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -7205,7 +7227,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7340,7 +7362,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7421,7 +7443,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -7592,7 +7614,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7767,7 +7789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7900,7 +7922,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8601,7 +8623,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8751,7 +8773,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9202,7 +9224,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9569,7 +9591,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9771,7 +9793,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9942,7 +9964,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10122,13 +10144,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: bigqueryanalyticshubdataexchanges.bigqueryanalyticshub.cnrm.cloud.google.com spec: group: bigqueryanalyticshub.cnrm.cloud.google.com @@ -10136,10 +10157,8 @@ spec: categories: - gcp kind: BigQueryAnalyticsHubDataExchange + listKind: BigQueryAnalyticsHubDataExchangeList plural: bigqueryanalyticshubdataexchanges - shortNames: - - gcpbigqueryanalyticshubdataexchange - - gcpbigqueryanalyticshubdataexchanges singular: bigqueryanalyticshubdataexchange preserveUnknownFields: false scope: Namespaced @@ -10163,41 +10182,54 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange properties: description: - description: Description of the data exchange. + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. type: string displayName: - description: Human-readable display name of the data exchange. The - display name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), and must not start or end with spaces. + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' type: string documentation: - description: Documentation describing the data exchange. - type: string - icon: - description: Base64 encoded image representing the data exchange. + description: Optional. Documentation describing the data exchange. type: string location: description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the data - exchange. + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' type: string projectRef: description: The project that this resource belongs to. @@ -10217,30 +10249,38 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The dataExchangeId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - - displayName - location - projectRef type: object status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10264,13 +10304,9 @@ spec: type: string type: object type: array - listingCount: - description: Number of listings contained in the data exchange. - type: integer - name: - description: |- - The resource name of the data exchange, for example: - "projects/myproject/locations/US/dataExchanges/123". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10278,48 +10314,25 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer + type: object type: object required: - spec type: object served: true - storage: true + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com -spec: - group: bigqueryanalyticshub.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryAnalyticsHubListing - plural: bigqueryanalyticshublistings - shortNames: - - gcpbigqueryanalyticshublisting - - gcpbigqueryanalyticshublistings - singular: bigqueryanalyticshublisting - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -10336,81 +10349,57 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1alpha1 + name: v1beta1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange properties: - bigqueryDataset: - description: Shared dataset i.e. BigQuery dataset source. - properties: - dataset: - description: Resource name of the dataset source for this listing. - e.g. projects/myproject/datasets/123. - type: string - required: - - dataset - type: object - categories: - description: Categories of the listing. Up to two categories are allowed. - items: - type: string - type: array - dataExchangeId: - description: Immutable. The ID of the data exchange. Must contain - only Unicode letters, numbers (0-9), underscores (_). Should not - use characters that require URL-escaping, or characters outside - of ASCII, spaces. - type: string - dataProvider: - description: Details of the data provider who owns the source data. - properties: - name: - description: Name of the data provider. - type: string - primaryContact: - description: Email or URL of the data provider. - type: string - required: - - name - type: object description: - description: Short description of the listing. The description must - not contain Unicode non-characters and C0 and C1 control codes except - tabs (HT), new lines (LF), carriage returns (CR), and page breaks - (FF). + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. type: string displayName: - description: Human-readable display name of the listing. The display - name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), ampersands (&) and can't start or end - with spaces. + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' type: string documentation: - description: Documentation describing the listing. - type: string - icon: - description: Base64 encoded image representing the listing. + description: Optional. Documentation describing the data exchange. type: string location: - description: Immutable. The name of the location this data exchange - listing. + description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the listing. + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' type: string projectRef: description: The project that this resource belongs to. @@ -10430,223 +10419,38 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - publisher: - description: Details of the publisher who owns the listing and who - can share the source data. - properties: - name: - description: Name of the listing publisher. - type: string - primaryContact: - description: Email or URL of the listing publisher. - type: string - required: - - name - type: object - requestAccess: - description: Email or URL of the request access of the listing. Subscribers - can use this reference to request access. - type: string - resourceID: - description: Immutable. Optional. The listingId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - required: - - bigqueryDataset - - dataExchangeId - - displayName - - location - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - name: - description: The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456". - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigqueryconnectionconnections.bigqueryconnection.cnrm.cloud.google.com -spec: - group: bigqueryconnection.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryConnectionConnection - plural: bigqueryconnectionconnections - shortNames: - - gcpbigqueryconnectionconnection - - gcpbigqueryconnectionconnections - singular: bigqueryconnectionconnection - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - cloudResource: - description: Container for connection properties for delegation of - access to GCP resources. - properties: - serviceAccountId: - description: The account ID of the service created for the purpose - of this connection. + description: The `projectID` field of a project, when not managed + by Config Connector. type: string - type: object - description: - description: A descriptive description for the connection. - type: string - friendlyName: - description: A descriptive name for the connection. - type: string - location: - description: |- - Immutable. The geographic location where the connection should reside. - Cloud SQL instance must be in the same location as the connection - with following exceptions: Cloud SQL us-central1 maps to BigQuery US, Cloud SQL europe-west1 maps to BigQuery EU. - Examples: US, EU, asia-northeast1, us-central1, europe-west1. - Spanner Connections same as spanner region - AWS allowed regions are aws-us-east-1 - Azure allowed regions are azure-eastus2. - type: string - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The connectionId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - location - projectRef type: object status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10670,13 +10474,9 @@ spec: type: string type: object type: array - hasCredential: - description: True if the connection has credential assigned. - type: boolean - name: - description: |- - The resource name of the connection in the form of: - "projects/{project_id}/locations/{location_id}/connections/{connectionId}". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10684,19 +10484,16 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer observedState: - description: The observed state of the underlying GCP resource. + description: ObservedState is the state of the resource as most recently + observed in GCP. properties: - cloudResource: - description: Container for connection properties for delegation - of access to GCP resources. - properties: - serviceAccountId: - description: The account ID of the service created for the - purpose of this connection. - type: string - type: object + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer type: object type: object required: @@ -10706,36 +10503,26 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatapolicydatapolicies.bigquerydatapolicy.cnrm.cloud.google.com + name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com spec: - group: bigquerydatapolicy.cnrm.cloud.google.com + group: bigqueryanalyticshub.cnrm.cloud.google.com names: categories: - gcp - kind: BigQueryDataPolicyDataPolicy - plural: bigquerydatapolicydatapolicies - shortNames: - - gcpbigquerydatapolicydatapolicy - - gcpbigquerydatapolicydatapolicies - singular: bigquerydatapolicydatapolicy + kind: BigQueryAnalyticsHubListing + listKind: BigQueryAnalyticsHubListingList + plural: bigqueryanalyticshublistings + singular: bigqueryanalyticshublisting preserveUnknownFields: false scope: Namespaced versions: @@ -10758,46 +10545,99 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing properties: - dataMaskingPolicy: - description: The data masking policy that specifies the data masking - rule to use. + categories: + description: Optional. Categories of the listing. Up to two categories + are allowed. + items: + type: string + type: array + dataExchangeRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external properties: - predefinedExpression: - description: 'The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. - Possible values: ["SHA256", "ALWAYS_NULL", "DEFAULT_MASKING_VALUE", - "LAST_FOUR_CHARACTERS", "FIRST_FOUR_CHARACTERS", "EMAIL_MASK", - "DATE_YEAR_MASK"].' + external: + description: The DataExchange selfLink, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `DataExchange` resource. + type: string + namespace: + description: The `namespace` field of a `DataExchange` resource. type: string - required: - - predefinedExpression type: object - dataPolicyType: - description: 'The enrollment level of the service. Possible values: - ["COLUMN_LEVEL_SECURITY_POLICY", "DATA_MASKING_POLICY"].' + dataProvider: + description: Optional. Details of the data provider who owns the source + data. + properties: + name: + description: Optional. Name of the data provider. + type: string + primaryContact: + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' + type: string + type: object + description: + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. + type: string + displayName: + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the listing. type: string location: - description: Immutable. The name of the location of the data policy. + description: Immutable. The name of the location this data exchange. type: string - policyTag: - description: Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' type: string projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -10814,31 +10654,138 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object + publisher: + description: Optional. Details of the publisher who owns the listing + and who can share the source data. + properties: + name: + description: Optional. Name of the listing publisher. + type: string + primaryContact: + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' + type: string + type: object + requestAccess: + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' + type: string resourceID: - description: Immutable. Optional. The dataPolicyId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + properties: + value: + description: The bool value. + type: boolean + type: object + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + properties: + value: + description: The bool value. + type: boolean + type: object + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + properties: + value: + description: The bool value. + type: boolean + type: object + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + table: + description: 'Optional. Format: For table: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + type: string + type: object + type: array + required: + - datasetRef + type: object + type: object required: - - dataPolicyType + - dataExchangeRef + - displayName - location - - policyTag - projectRef + - source type: object status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10862,8 +10809,9 @@ spec: type: string type: object type: array - name: - description: Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10871,45 +10819,45 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatasetaccesses.bigquery.cnrm.cloud.google.com + name: bigqueryconnectionconnections.bigqueryconnection.cnrm.cloud.google.com spec: - group: bigquery.cnrm.cloud.google.com + group: bigqueryconnection.cnrm.cloud.google.com names: categories: - gcp - kind: BigQueryDatasetAccess - plural: bigquerydatasetaccesses + kind: BigQueryConnectionConnection + listKind: BigQueryConnectionConnectionList + plural: bigqueryconnectionconnections shortNames: - - gcpbigquerydatasetaccess - - gcpbigquerydatasetaccesses - singular: bigquerydatasetaccess + - gcpbigqueryconnectionconnection + - gcpbigqueryconnectionconnections + singular: bigqueryconnectionconnection preserveUnknownFields: false scope: Namespaced versions: @@ -10932,73 +10880,238 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources properties: - dataset: - description: Immutable. Grants all resources of particular types in - a particular dataset read access to the current dataset. + aws: + description: Amazon Web Services (AWS) properties. properties: - dataset: - description: Immutable. The dataset this entry applies to. + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. properties: - datasetId: - description: Immutable. The ID of the dataset containing this - table. - type: string - projectId: - description: Immutable. The ID of the project containing this - table. + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. type: string required: - - datasetId - - projectId + - iamRoleID type: object - targetTypes: + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQLInstance selfLink, when not managed by + Config Connector. + type: string + name: + description: The `name` field of a `SQLInstance` resource. + type: string + namespace: + description: The `namespace` field of a `SQLInstance` resource. + type: string + type: object + type: + description: Type of the Cloud SQL database. + type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: description: |- - Immutable. Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS. - items: - type: string - type: array + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). + + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. + + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean required: - - dataset - - targetTypes + - databaseRef type: object - datasetId: - description: |- - Immutable. A unique ID for this dataset, without the project name. The ID - must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - type: string - domain: - description: |- - Immutable. A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access. + description: + description: User provided description. type: string - groupByEmail: - description: Immutable. An email address of a Google Group to grant - access to. + friendlyName: + description: User provided display name for the connection. type: string - iamMember: - description: |- - Immutable. Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: 'allUsers'. + location: + description: Immutable. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -11015,91 +11128,103 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The routine of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - role: - description: |- - Immutable. Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles are - supported. Predefined roles that have equivalent basic roles are - swapped by the API to their basic counterparts, and will show a diff - post-create. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string - specialGroup: - description: |- - Immutable. A special group to grant access to. Possible values include: - - - * 'projectOwners': Owners of the enclosing project. - - - * 'projectReaders': Readers of the enclosing project. + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. + Example: - * 'projectWriters': Writers of the enclosing project. + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + Example: - * 'allAuthenticatedUsers': All authenticated BigQuery users. - type: string - userByEmail: - description: |- - Immutable. An email address of a user to grant access to. For example: - fred@example.com. - type: string - view: - description: |- - Immutable. A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - properties: - datasetId: - description: Immutable. The ID of the dataset containing this - table. - type: string - projectId: - description: Immutable. The ID of the project containing this - table. - type: string - tableId: - description: |- - Immutable. The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - type: string - required: - - datasetId - - projectId - - tableId + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object type: object required: - - datasetId + - location - projectRef type: object status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection properties: - apiUpdatedMember: - description: If true, represents that that the iam_member in the config - was translated to a different member type by the API, and is stored - in state as a different member type. - type: boolean conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -11123,54 +11248,116 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatasets.bigquery.cnrm.cloud.google.com -spec: - group: bigquery.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryDataset - plural: bigquerydatasets - shortNames: - - gcpbigquerydataset - - gcpbigquerydatasets - singular: bigquerydataset - preserveUnknownFields: false - scope: Namespaced - versions: + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -11190,173 +11377,111 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources properties: - access: - description: An array of objects that define dataset access for one - or more entities. - items: - properties: - dataset: - description: Grants all resources of particular types in a particular - dataset read access to the current dataset. - properties: - dataset: - description: The dataset this entry applies to. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - required: - - datasetId - - projectId - type: object - targetTypes: - description: |- - Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS. - items: + aws: + description: Amazon Web Services (AWS) properties. + properties: + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. + properties: + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. + type: string + required: + - iamRoleID + type: object + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` type: string - type: array - required: - - dataset - - targetTypes - type: object - domain: - description: |- - A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access. - type: string - groupByEmail: - description: An email address of a Google Group to grant access - to. - type: string - iamMember: - description: |- - Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: 'allUsers'. - type: string - role: - description: |- - Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles - are supported. Predefined roles that have equivalent basic roles - are swapped by the API to their basic counterparts. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). - type: string - routine: - description: |- - A routine from a different dataset to grant access to. Queries - executed against that routine will have read access to tables in - this dataset. The role field is not required when this field is - set. If that routine is updated by any user, access to the routine - needs to be granted again via an update operation. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - routineId: - description: |- - The ID of the routine. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 256 characters. - type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external required: - - datasetId - - projectId - - routineId - type: object - specialGroup: - description: |- - A special group to grant access to. Possible values include: - - - * 'projectOwners': Owners of the enclosing project. - - - * 'projectReaders': Readers of the enclosing project. - - - * 'projectWriters': Writers of the enclosing project. - - - * 'allAuthenticatedUsers': All authenticated BigQuery users. - type: string - userByEmail: - description: |- - An email address of a user to grant access to. For example: - fred@example.com. - type: string - view: - description: |- - A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - tableId: - description: |- - The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - type: string + - name + - not: + anyOf: + - required: + - name + - required: + - namespace required: - - datasetId - - projectId - - tableId - type: object - type: object - type: array - defaultCollation: - description: |- - Defines the default collation specification of future tables created - in the dataset. If a table is created in this dataset without table-level - default collation, then the table inherits the dataset default collation, - which is applied to the string fields that do not have explicit collation - specified. A change to this field affects only tables created afterwards, - and does not alter the existing tables. - - The following values are supported: - - 'und:ci': undetermined locale, case insensitive. - - '': empty string. Default to case-sensitive behavior. - type: string - defaultEncryptionConfiguration: - description: |- - The default encryption key for all tables in the dataset. Once this property is set, - all newly-created partitioned tables in the dataset will have encryption key set to - this value, unless table creation request (or query) overrides the key. - properties: - kmsKeyRef: - description: |- - Describes the Cloud KMS encryption key that will be used to protect destination - BigQuery table. The BigQuery Service Account associated with your project requires - access to this encryption key. + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. oneOf: - not: required: @@ -11373,86 +11498,117 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey` - resource.' + description: The SQLInstance selfLink, when not managed by + Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `SQLInstance` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `SQLInstance` resource. type: string type: object + type: + description: Type of the Cloud SQL database. + type: string required: - - kmsKeyRef + - credential + - databaseRef + - instanceRef + - type type: object - defaultPartitionExpirationMs: - description: |- - The default partition expiration for all partitioned tables in - the dataset, in milliseconds. + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: + description: |- + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). - Once this property is set, all newly-created partitioned tables in - the dataset will have an 'expirationMs' property in the 'timePartitioning' - settings set to this value, and changing the value will only - affect new tables, not existing ones. The storage in a partition will - have an expiration time of its partition time plus this value. - Setting this property overrides the use of 'defaultTableExpirationMs' - for partitioned tables: only one of 'defaultTableExpirationMs' and - 'defaultPartitionExpirationMs' will be used for any new partitioned - table. If you provide an explicit 'timePartitioning.expirationMs' when - creating or updating a partitioned table, that value takes precedence - over the default partition expiration time indicated by this property. - type: integer - defaultTableExpirationMs: - description: |- - The default lifetime of all tables in the dataset, in milliseconds. - The minimum value is 3600000 milliseconds (one hour). + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. - Once this property is set, all newly-created tables in the dataset - will have an 'expirationTime' property set to the creation time plus - the value in this property, and changing the value will only affect - new tables, not existing ones. When the 'expirationTime' for a given - table is reached, that table will be deleted automatically. - If a table's 'expirationTime' is modified or removed before the - table expires, or if you provide an explicit 'expirationTime' when - creating a table, that value takes precedence over the default - expiration time indicated by this property. - type: integer + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean + required: + - databaseRef + type: object description: - description: A user-friendly description of the dataset. + description: User provided description. type: string friendlyName: - description: A descriptive name for the dataset. + description: User provided display name for the connection. type: string - isCaseInsensitive: - description: |- - TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. - By default, this is FALSE, which means the dataset and its table names are - case-sensitive. This field does not affect routine references. - type: boolean location: - description: |- - Immutable. The geographic location where the dataset should reside. - See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). - - - There are two types of locations, regional or multi-regional. A regional - location is a specific geographic place, such as Tokyo, and a multi-regional - location is a large geographic area, such as the United States, that - contains at least two geographic places. - - - The default value is multi-regional location 'US'. - Changing this forces a new resource to be created. - type: string - maxTimeTravelHours: - description: Defines the time travel window in hours. The value can - be from 48 to 168 hours (2 to 7 days). + description: Immutable. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -11469,34 +11625,1805 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The datasetId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string - storageBillingModel: - description: |- - Specifies the storage billing model for the dataset. - Set this flag value to LOGICAL to use logical bytes for storage billing, - or to PHYSICAL to use physical bytes instead. + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. - LOGICAL is the default if this flag isn't specified. - type: string + Example: + + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + + Example: + + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object + type: object + required: + - location + - projectRef type: object status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatapolicydatapolicies.bigquerydatapolicy.cnrm.cloud.google.com +spec: + group: bigquerydatapolicy.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataPolicyDataPolicy + plural: bigquerydatapolicydatapolicies + shortNames: + - gcpbigquerydatapolicydatapolicy + - gcpbigquerydatapolicydatapolicies + singular: bigquerydatapolicydatapolicy + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + dataMaskingPolicy: + description: The data masking policy that specifies the data masking + rule to use. + properties: + predefinedExpression: + description: 'The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. + Possible values: ["SHA256", "ALWAYS_NULL", "DEFAULT_MASKING_VALUE", + "LAST_FOUR_CHARACTERS", "FIRST_FOUR_CHARACTERS", "EMAIL_MASK", + "DATE_YEAR_MASK"].' + type: string + required: + - predefinedExpression + type: object + dataPolicyType: + description: 'The enrollment level of the service. Possible values: + ["COLUMN_LEVEL_SECURITY_POLICY", "DATA_MASKING_POLICY"].' + type: string + location: + description: Immutable. The name of the location of the data policy. + type: string + policyTag: + description: Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The dataPolicyId of the resource. + Used for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - dataPolicyType + - location + - policyTag + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + name: + description: Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatasetaccesses.bigquery.cnrm.cloud.google.com +spec: + group: bigquery.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDatasetAccess + plural: bigquerydatasetaccesses + shortNames: + - gcpbigquerydatasetaccess + - gcpbigquerydatasetaccesses + singular: bigquerydatasetaccess + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + dataset: + description: Immutable. Grants all resources of particular types in + a particular dataset read access to the current dataset. + properties: + dataset: + description: Immutable. The dataset this entry applies to. + properties: + datasetId: + description: Immutable. The ID of the dataset containing this + table. + type: string + projectId: + description: Immutable. The ID of the project containing this + table. + type: string + required: + - datasetId + - projectId + type: object + targetTypes: + description: |- + Immutable. Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS. + items: + type: string + type: array + required: + - dataset + - targetTypes + type: object + datasetId: + description: |- + Immutable. A unique ID for this dataset, without the project name. The ID + must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. + type: string + domain: + description: |- + Immutable. A domain to grant access to. Any users signed in with the + domain specified will be granted the specified access. + type: string + groupByEmail: + description: Immutable. An email address of a Google Group to grant + access to. + type: string + iamMember: + description: |- + Immutable. Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: 'allUsers'. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The routine of the resource. Used + for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + role: + description: |- + Immutable. Describes the rights granted to the user specified by the other + member of the access object. Basic, predefined, and custom roles are + supported. Predefined roles that have equivalent basic roles are + swapped by the API to their basic counterparts, and will show a diff + post-create. See + [official docs](https://cloud.google.com/bigquery/docs/access-control). + type: string + specialGroup: + description: |- + Immutable. A special group to grant access to. Possible values include: + + + * 'projectOwners': Owners of the enclosing project. + + + * 'projectReaders': Readers of the enclosing project. + + + * 'projectWriters': Writers of the enclosing project. + + + * 'allAuthenticatedUsers': All authenticated BigQuery users. + type: string + userByEmail: + description: |- + Immutable. An email address of a user to grant access to. For example: + fred@example.com. + type: string + view: + description: |- + Immutable. A view from a different dataset to grant access to. Queries + executed against that view will have read access to tables in + this dataset. The role field is not required when this field is + set. If that view is updated by any user, access to the view + needs to be granted again via an update operation. + properties: + datasetId: + description: Immutable. The ID of the dataset containing this + table. + type: string + projectId: + description: Immutable. The ID of the project containing this + table. + type: string + tableId: + description: |- + Immutable. The ID of the table. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 1,024 characters. + type: string + required: + - datasetId + - projectId + - tableId + type: object + required: + - datasetId + - projectRef + type: object + status: + properties: + apiUpdatedMember: + description: If true, represents that that the iam_member in the config + was translated to a different member type by the API, and is stored + in state as a different member type. + type: boolean + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatasets.bigquery.cnrm.cloud.google.com +spec: + group: bigquery.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataset + listKind: BigQueryDatasetList + plural: bigquerydatasets + shortNames: + - gcpbigquerydataset + - gcpbigquerydatasets + singular: bigquerydataset + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataset is the Schema for the BigQueryDataset API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDatasetSpec defines the desired state of BigQueryDataset + properties: + access: + description: An array of objects that define dataset access for one + or more entities. + items: + properties: + dataset: + description: '[Pick one] A grant authorizing all resources of + a particular type in a particular dataset access to this dataset. + Only views are supported for now. The role field is not required + when this field is set. If that dataset is deleted and re-created, + its access needs to be granted again via an update operation.' + properties: + dataset: + description: The dataset this entry applies to. + properties: + datasetId: + description: A unique Id for this dataset, without the + project name. The Id must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum + length is 1,024 characters. + type: string + projectId: + description: The ID of the project containing this dataset. + type: string + required: + - datasetId + - projectId + type: object + targetTypes: + description: Which resources in the dataset this entry applies + to. Currently, only views are supported, but additional + target types may be added in the future. + items: + type: string + type: array + required: + - dataset + - targetTypes + type: object + domain: + description: '[Pick one] A domain to grant access to. Any users + signed in with the domain specified will be granted the specified + access. Example: "example.com". Maps to IAM policy member + "domain:DOMAIN".' + type: string + groupByEmail: + description: '[Pick one] An email address of a Google Group + to grant access to. Maps to IAM policy member "group:GROUP".' + type: string + iamMember: + description: '[Pick one] Some other type of member that appears + in the IAM Policy but isn''t a user, group, domain, or special + group.' + type: string + role: + description: |- + An IAM role ID that should be granted to the user, group, + or domain specified in this access entry. + The following legacy mappings will be applied: + + * `OWNER`: `roles/bigquery.dataOwner` + * `WRITER`: `roles/bigquery.dataEditor` + * `READER`: `roles/bigquery.dataViewer` + + This field will accept any of the above formats, but will return only + the legacy format. For example, if you set this field to + "roles/bigquery.dataOwner", it will be returned back as "OWNER". + type: string + routine: + description: '[Pick one] A routine from a different dataset + to grant access to. Queries executed against that routine + will have read access to views/tables/routines in this dataset. + Only UDF is supported for now. The role field is not required + when this field is set. If that routine is updated by any + user, access to the routine needs to be granted again via + an update operation.' + properties: + datasetId: + description: The ID of the dataset containing this routine. + type: string + projectId: + description: The ID of the project containing this routine. + type: string + routineId: + description: The Id of the routine. The Id must contain + only letters (a-z, A-Z), numbers (0-9), or underscores + (_). The maximum length is 256 characters. + type: string + required: + - datasetId + - projectId + - routineId + type: object + specialGroup: + description: |- + [Pick one] A special group to grant access to. Possible values include: + + * projectOwners: Owners of the enclosing project. + * projectReaders: Readers of the enclosing project. + * projectWriters: Writers of the enclosing project. + * allAuthenticatedUsers: All authenticated BigQuery users. + + Maps to similarly-named IAM members. + type: string + userByEmail: + description: '[Pick one] An email address of a user to grant + access to. For example: fred@example.com. Maps to IAM policy + member "user:EMAIL" or "serviceAccount:EMAIL".' + type: string + view: + description: '[Pick one] A view from a different dataset to + grant access to. Queries executed against that view will have + read access to views/tables/routines in this dataset. The + role field is not required when this field is set. If that + view is updated by any user, access to the view needs to be + granted again via an update operation.' + properties: + datasetId: + description: The ID of the dataset containing this table. + type: string + projectId: + description: The ID of the project containing this table. + type: string + tableId: + description: The Id of the table. The Id can contain Unicode + characters in category L (letter), M (mark), N (number), + Pc (connector, including underscore), Pd (dash), and Zs + (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). + The maximum length is 1,024 characters. Certain operations + allow suffixing of the table Id with a partition decorator, + such as `sample_table$20190123`. + type: string + required: + - datasetId + - projectId + - tableId + type: object + type: object + type: array + defaultCollation: + description: |- + Optional. Defines the default collation specification of future tables + created in the dataset. If a table is created in this dataset without + table-level default collation, then the table inherits the dataset default + collation, which is applied to the string fields that do not have explicit + collation specified. A change to this field affects only tables created + afterwards, and does not alter the existing tables. + The following values are supported: + + * 'und:ci': undetermined locale, case insensitive. + * '': empty string. Default to case-sensitive behavior. + type: string + defaultEncryptionConfiguration: + description: The default encryption key for all tables in the dataset. + After this property is set, the encryption key of all newly-created + tables in the dataset is set to this value unless the table creation + request or query explicitly overrides the key. + properties: + kmsKeyRef: + description: Optional. Describes the Cloud KMS encryption key + that will be used to protect destination BigQuery table. The + BigQuery Service Account associated with your project requires + access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + defaultPartitionExpirationMs: + description: |- + This default partition expiration, expressed in milliseconds. + + When new time-partitioned tables are created in a dataset where this + property is set, the table will inherit this value, propagated as the + `TimePartitioning.expirationMs` property on the new table. If you set + `TimePartitioning.expirationMs` explicitly when creating a table, + the `defaultPartitionExpirationMs` of the containing dataset is ignored. + + When creating a partitioned table, if `defaultPartitionExpirationMs` + is set, the `defaultTableExpirationMs` value is ignored and the table + will not be inherit a table expiration deadline. + format: int64 + type: integer + defaultTableExpirationMs: + description: Optional. The default lifetime of all tables in the dataset, + in milliseconds. The minimum lifetime value is 3600000 milliseconds + (one hour). To clear an existing default expiration with a PATCH + request, set to 0. Once this property is set, all newly-created + tables in the dataset will have an expirationTime property set to + the creation time plus the value in this property, and changing + the value will only affect new tables, not existing ones. When the + expirationTime for a given table is reached, that table will be + deleted automatically. If a table's expirationTime is modified or + removed before the table expires, or if you provide an explicit + expirationTime when creating a table, that value takes precedence + over the default expiration time indicated by this property. + format: int64 + type: integer + description: + description: Optional. A user-friendly description of the dataset. + type: string + friendlyName: + description: Optional. A descriptive name for the dataset. + type: string + isCaseInsensitive: + description: Optional. TRUE if the dataset and its table names are + case-insensitive, otherwise FALSE. By default, this is FALSE, which + means the dataset and its table names are case-sensitive. This field + does not affect routine references. + type: boolean + location: + description: Optional. The geographic location where the dataset should + reside. See https://cloud.google.com/bigquery/docs/locations for + supported locations. + type: string + maxTimeTravelHours: + description: Optional. Defines the time travel window in hours. The + value can be from 48 to 168 hours (2 to 7 days). The default value + is 168 hours if this is not set. + type: string + projectRef: + description: ' Optional. The project that this resource belongs to.' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: The BigQueryDataset name. If not given, the metadata.name + will be used. + type: string + storageBillingModel: + description: Optional. Updates storage_billing_model for the dataset. + type: string + type: object + status: + description: BigQueryDatasetStatus defines the config connector machine + state of BigQueryDataset + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTime: + description: Output only. The time when this dataset was created, + in milliseconds since the epoch. + format: int64 + type: integer + etag: + description: Output only. A hash of the resource. + type: string + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string + lastModifiedTime: + description: Output only. The date when this dataset was last modified, + in milliseconds since the epoch. + format: int64 + type: integer + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + location: + description: Optional. If the location is not specified in the + spec, the GCP server defaults to a location and will be captured + here. + type: string + type: object + selfLink: + description: Output only. A URL that can be used to access the resource + again. You can use this URL in Get or Update requests to the resource. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com +spec: + group: bigquerydatatransfer.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataTransferConfig + listKind: BigQueryDataTransferConfigList + plural: bigquerydatatransferconfigs + singular: bigquerydatatransferconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. + type: string + name: + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. + type: string + nextRunTime: + description: Output only. Next time when data transfer will run. + type: string + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. + properties: + email: + description: E-mail address of the user. + type: string + type: object + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -11520,326 +13447,60 @@ spec: type: string type: object type: array - creationTime: - description: |- - The time when this dataset was created, in milliseconds since the - epoch. - type: integer - etag: - description: A hash of the resource. + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. type: string - lastModifiedTime: - description: |- - The date when this dataset or any of its tables was last modified, in - milliseconds since the epoch. - type: integer observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - selfLink: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com -spec: - group: bigquerydatatransfer.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryDataTransferConfig - plural: bigquerydatatransferconfigs - shortNames: - - gcpbigquerydatatransferconfig - - gcpbigquerydatatransferconfigs - singular: bigquerydatatransferconfig - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - dataRefreshWindowDays: - description: |- - The number of days to look back to automatically refresh the data. - For example, if dataRefreshWindowDays = 10, then every day BigQuery - reingests data for [today-10, today-1], rather than ingesting data for - just [today-1]. Only valid if the data source supports the feature. - Set the value to 0 to use the default value. - type: integer - dataSourceId: - description: Immutable. The data source id. Cannot be changed once - the transfer config is created. - type: string - destinationDatasetId: - description: The BigQuery target dataset id. - type: string - disabled: - description: When set to true, no runs are scheduled for a given transfer. - type: boolean - displayName: - description: The user specified display name for the transfer config. - type: string - emailPreferences: - description: |- - Email notifications will be sent according to these preferences to the - email address of the user who owns this transfer config. - properties: - enableFailureEmail: - description: If true, email notifications will be sent on transfer - run failures. - type: boolean - required: - - enableFailureEmail - type: object - location: - description: |- - Immutable. The geographic location where the transfer config should reside. - Examples: US, EU, asia-northeast1. The default value is US. - type: string - notificationPubsubTopic: - description: |- - Pub/Sub topic where notifications will be sent after transfer runs - associated with this transfer config finish. - type: string - params: - additionalProperties: - type: string - type: object - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. - type: string - schedule: - description: |- - Data transfer schedule. If the data source does not support a custom - schedule, this should be empty. If it is empty, the default value for - the data source will be used. The specified times are in UTC. Examples - of valid format: 1st,3rd monday of month 15:30, every wed,fri of jan, - jun 13:15, and first sunday of quarter 00:00. See more explanation - about the format here: - https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format - NOTE: the granularity should be at least 8 hours, or less frequent. - type: string - scheduleOptions: - description: Options customizing the data transfer schedule. - properties: - disableAutoScheduling: - description: |- - If true, automatic scheduling of data transfer runs for this - configuration will be disabled. The runs can be started on ad-hoc - basis using transferConfigs.startManualRuns API. When automatic - scheduling is disabled, the TransferConfig.schedule field will - be ignored. - type: boolean - endTime: - description: |- - Defines time to stop scheduling transfer runs. A transfer run cannot be - scheduled at or after the end time. The end time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. + nextRunTime: + description: Output only. Next time when data transfer will run. type: string - startTime: - description: |- - Specifies time to start scheduling transfer runs. The first run will be - scheduled at or after the start time according to a recurrence pattern - defined in the schedule string. The start time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. - type: string - type: object - sensitiveParams: - description: |- - Different parameters are configured primarily using the the 'params' field on this - resource. This block contains the parameters which contain secrets or passwords so that they can be marked - sensitive and hidden from plan output. The name of the field, eg: secret_access_key, will be the key - in the 'params' map in the api request. - - Credentials may not be specified in both locations and will cause an error. Changing from one location - to a different credential configuration in the config will require an apply to update state. - properties: - secretAccessKey: - description: The Secret Access Key of the AWS account transferring - data from. - oneOf: - - not: - required: - - valueFrom - required: - - value - - not: - required: - - value - required: - - valueFrom + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. properties: - value: - description: Value of the field. Cannot be used if 'valueFrom' - is specified. + email: + description: E-mail address of the user. type: string - valueFrom: - description: Source for the field's value. Cannot be used - if 'value' is specified. - properties: - secretKeyRef: - description: Reference to a value with the given key in - the given Secret in the resource's namespace. - properties: - key: - description: Key that identifies the value to be extracted. - type: string - name: - description: Name of the Secret to extract a value - from. - type: string - required: - - name - - key - type: object - type: object type: object - required: - - secretAccessKey + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer type: object - serviceAccountName: - description: |- - Service account email. If this field is set, transfer config will - be created with this service account credentials. It requires that - requesting user calling this API has permissions to act as this service account. - type: string - required: - - dataSourceId - - displayName - - params - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - name: - description: |- - The resource name of the transfer config. Transfer config names have the - form projects/{projectId}/locations/{location}/transferConfigs/{configId} - or projects/{projectId}/transferConfigs/{configId}, - where configId is usually a uuid, but this is not required. - The name is ignored when creating a transfer config. - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer type: object required: - spec @@ -11848,18 +13509,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12715,7 +14370,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12902,7 +14557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13092,7 +14747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13354,7 +15009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13939,7 +15594,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14127,7 +15782,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14348,7 +16003,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14580,7 +16235,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14753,7 +16408,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15212,7 +16867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15480,7 +17135,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15905,7 +17560,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16346,7 +18001,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16699,7 +18354,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17520,13 +19175,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com spec: group: certificatemanager.cnrm.cloud.google.com @@ -17534,6 +19188,7 @@ spec: categories: - gcp kind: CertificateManagerDNSAuthorization + listKind: CertificateManagerDNSAuthorizationList plural: certificatemanagerdnsauthorizations shortNames: - gcpcertificatemanagerdnsauthorization @@ -17542,148 +19197,6 @@ spec: preserveUnknownFields: false scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - description: - description: A human-readable description of the resource. - type: string - domain: - description: |- - Immutable. A domain which is being authorized. A DnsAuthorization resource covers a - single domain and its wildcard, e.g. authorization for "example.com" can - be used to issue certificates for "example.com" and "*.example.com". - type: string - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - required: - - domain - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - dnsResourceRecord: - description: |- - The structure describing the DNS Resource Record that needs to be added - to DNS configuration for the authorization to be usable by - certificate. - items: - properties: - data: - description: Data of the DNS Resource Record. - type: string - name: - description: |- - Fully qualified name of the DNS Resource Record. - E.g. '_acme-challenge.example.com'. - type: string - type: - description: Type of the DNS Resource Record. - type: string - type: object - type: array - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -17703,30 +19216,37 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: CertificateManagerDNSAuthorization is the Schema for the CertificateManagerDNSAuthorization + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: CertificateManagerDNSAuthorizationSpec defines the desired + state of CertificateManagerDNSAuthorization properties: description: description: A human-readable description of the resource. type: string domain: - description: |- - Immutable. A domain which is being authorized. A DnsAuthorization resource covers a - single domain and its wildcard, e.g. authorization for "example.com" can - be used to issue certificates for "example.com" and "*.example.com". - type: string + description: Immutable. A domain which is being authorized. A DnsAuthorization + resource covers a single domain and its wildcard, e.g. authorization + for "example.com" can be used to issue certificates for "example.com" + and "*.example.com". + type: string + x-kubernetes-validations: + - message: Domain field is immutable + rule: self == oldSelf projectRef: description: The project that this resource belongs to. oneOf: @@ -17745,13 +19265,18 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: @@ -17759,15 +19284,20 @@ spec: creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - domain - projectRef type: object status: + description: CertificateManagerDNSAuthorizationStatus defines the config + connector machine state of CertificateManagerDNSAuthorization properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the CertificateManagerDNSAuthorization's current state. items: properties: lastTransitionTime: @@ -17792,18 +19322,16 @@ spec: type: object type: array dnsResourceRecord: - description: |- - The structure describing the DNS Resource Record that needs to be added - to DNS configuration for the authorization to be usable by - certificate. + description: The structure describing the DNS Resource Record that + needs to be added to DNS configuration for the authorization to + be usable by certificate. items: properties: data: description: Data of the DNS Resource Record. type: string name: - description: |- - Fully qualified name of the DNS Resource Record. + description: Fully qualified name of the DNS Resource Record. E.g. '_acme-challenge.example.com'. type: string type: @@ -17817,6 +19345,175 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: CertificateManagerDNSAuthorization is the Schema for the CertificateManagerDNSAuthorization + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CertificateManagerDNSAuthorizationSpec defines the desired + state of CertificateManagerDNSAuthorization + properties: + description: + description: A human-readable description of the resource. + type: string + domain: + description: Immutable. A domain which is being authorized. A DnsAuthorization + resource covers a single domain and its wildcard, e.g. authorization + for "example.com" can be used to issue certificates for "example.com" + and "*.example.com". + type: string + x-kubernetes-validations: + - message: Domain field is immutable + rule: self == oldSelf + location: + description: Immutable. Optional. Location represents the geographical + location of the DnsAuthorization. If not specified, "global" is + used. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - domain + - projectRef + type: object + status: + description: CertificateManagerDNSAuthorizationStatus defines the config + connector machine state of CertificateManagerDNSAuthorization + properties: + conditions: + description: Conditions represent the latest available observations + of the CertificateManagerDNSAuthorization's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + dnsResourceRecord: + description: The structure describing the DNS Resource Record that + needs to be added to DNS configuration for the authorization to + be usable by certificate. + items: + properties: + data: + description: Output only. Data of the DNS Resource Record. + type: string + name: + description: Output only. Fully qualified name of the DNS Resource + Record. e.g. `_acme-challenge.example.com` + type: string + type: + description: Output only. Type of the DNS Resource Record. Currently + always set to "CNAME". + type: string + type: object + type: array + externalRef: + description: A unique specifier for the CertificateManagerDNSAuthorization + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 type: integer type: object required: @@ -17826,18 +19523,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18076,7 +19767,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18307,7 +19998,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18537,7 +20228,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20045,7 +21736,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20113,8 +21804,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20157,7 +21848,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -20321,8 +22012,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20374,7 +22065,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -20506,7 +22197,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20980,7 +22671,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21412,7 +23103,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21610,7 +23301,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21877,7 +23568,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22272,7 +23963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22451,7 +24142,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22713,7 +24404,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -23251,7 +24942,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23522,7 +25213,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23793,7 +25484,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24248,7 +25939,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24518,7 +26209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24732,7 +26423,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -25896,7 +27587,8 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `NetworkSecurityClientTLSPolicy` + description: 'Allowed value: string of the format `//networksecurity.googleapis.com/projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{value}}`, + where {{value}} is the `name` field of a `NetworkSecurityClientTLSPolicy` resource.' type: string name: @@ -26011,7 +27703,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26225,7 +27917,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26402,7 +28094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27166,7 +28858,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27317,7 +29009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27537,7 +29229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27729,7 +29421,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27743,6 +29435,7 @@ spec: categories: - gcp kind: ComputeFirewallPolicyRule + listKind: ComputeFirewallPolicyRuleList plural: computefirewallpolicyrules shortNames: - gcpcomputefirewallpolicyrule @@ -27770,16 +29463,17 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeFirewallPolicyRule is the Schema for the compute API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -27826,16 +29520,15 @@ spec: - external properties: external: - description: |- - The firewall policy of the resource. - - Allowed value: The Google Cloud resource name of a `ComputeFirewallPolicy` resource (format: `locations/global/firewallPolicies/{{name}}`). + description: A reference to an externally managed ComputeFirewallPolicy + resource. Should be in the format `locations/global/firewallPolicies/`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeFirewall olicy ` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeFirewallPolicy + ` resource. type: string type: object match: @@ -27961,14 +29654,14 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeNetwork` - resource.' + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeNetwork` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeNetwork` resource. type: string type: object type: array @@ -27990,8 +29683,7 @@ spec: - external properties: external: - description: 'Allowed value: The Google Cloud resource name - of an `IAMServiceAccount` resource (format: `projects/{{project}}/serviceAccounts/{{name}}@{{project}}.iam.gserviceaccount.com`).' + description: The `email` field of an `IAMServiceAccount` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' @@ -28011,8 +29703,8 @@ spec: status: properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -28036,6 +29728,10 @@ spec: type: string type: object type: array + externalRef: + description: A unique Config Connector specifier for the resource + in GCP. + type: string kind: description: Type of the resource. Always `compute#firewallPolicyRule` for firewall policy rules @@ -28046,6 +29742,7 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer ruleTupleCount: description: Calculation of the complexity of a single firewall policy @@ -28053,25 +29750,17 @@ spec: format: int64 type: integer type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28449,7 +30138,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28562,7 +30251,7 @@ spec: external: description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeBackendService` resource. @@ -28616,7 +30305,7 @@ spec: properties: external: description: The ComputeAddress selflink in the form "projects/{{project}}/regions/{{region}}/addresses/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeAddress` resource. @@ -28752,8 +30441,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -28905,7 +30594,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -28920,6 +30609,8 @@ spec: For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid. properties: + googleAPIsBundle: + type: string serviceAttachmentRef: oneOf: - not: @@ -28939,7 +30630,7 @@ spec: external: description: The ComputeServiceAttachment selflink in the form "projects/{{project}}/regions/{{region}}/serviceAttachments/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeServiceAttachment` @@ -28969,7 +30660,7 @@ spec: external: description: The ComputeTargetGrpcProxy selflink in the form "projects/{{project}}/global/targetGrpcProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetGrpcProxy` @@ -29000,7 +30691,7 @@ spec: description: The ComputeTargetHTTPProxy selflink in the form "projects/{{project}}/global/targetHttpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetHTTPProxy` @@ -29031,7 +30722,7 @@ spec: description: The ComputeTargetHTTPSProxy selflink in the form "projects/{{project}}/global/targetHttpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetHTTPSProxy` @@ -29061,7 +30752,7 @@ spec: external: description: The ComputeTargetSSLProxy selflink in the form "projects/{{project}}/global/targetSslProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetSSLProxy` @@ -29092,7 +30783,7 @@ spec: description: The ComputeTargetTCPProxy selflink in the form "projects/{{project}}/global/targetTcpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetTcpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetTCPProxy` @@ -29122,7 +30813,7 @@ spec: external: description: The ComputeTargetVPNGateway selflink in the form "projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetVPNGateway` @@ -29218,7 +30909,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29380,7 +31071,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29538,7 +31229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30002,7 +31693,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30163,7 +31854,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30324,7 +32015,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30682,7 +32373,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31461,7 +33152,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31643,7 +33334,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31846,7 +33537,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32879,7 +34570,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33911,7 +35602,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34236,7 +35927,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34453,7 +36144,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34798,7 +36489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35008,7 +36699,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35220,7 +36911,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35391,7 +37082,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35597,7 +37288,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35985,7 +37676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36166,7 +37857,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36366,7 +38057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36540,7 +38231,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36830,7 +38521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37011,7 +38702,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37156,7 +38847,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37285,7 +38976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37511,7 +39202,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -37911,7 +39602,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38208,7 +39899,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38326,7 +40017,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38759,7 +40450,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38936,7 +40627,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39238,7 +40929,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39535,7 +41226,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39731,7 +41422,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39945,7 +41636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40269,7 +41960,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40561,7 +42252,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41018,7 +42709,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41374,7 +43065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41601,7 +43292,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41880,7 +43571,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42501,7 +44192,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -42848,7 +44539,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42954,7 +44645,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43098,7 +44789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43497,7 +45188,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43715,7 +45406,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43878,7 +45569,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44172,7 +45863,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44350,7 +46041,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44529,7 +46220,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44887,7 +46578,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45112,7 +46803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45367,7 +47058,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45626,7 +47317,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45640,6 +47331,7 @@ spec: categories: - gcp kind: ComputeTargetTCPProxy + listKind: ComputeTargetTCPProxyList plural: computetargettcpproxies shortNames: - gcpcomputetargettcpproxy @@ -45667,20 +47359,23 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeTargetTCPProxy is the Schema for the ComputeTargetTCPProxy + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ComputeTargetTCPProxySpec defines the desired state of ComputeTargetTCPProxy properties: backendServiceRef: description: A reference to the ComputeBackendService resource. @@ -45700,42 +47395,58 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendService` - resource.' + description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" + or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" + when not managed by Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeBackendService` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeBackendService` + resource. type: string type: object description: description: Immutable. An optional description of this resource. type: string + x-kubernetes-validations: + - message: Description is immutable + rule: self == oldSelf + location: + description: 'The geographical location of the ComputeTargetTCPProxy. + Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)' + type: string proxyBind: - description: |- - Immutable. This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + description: Immutable. This field only applies when the forwarding + rule that references this target proxy has a loadBalancingScheme + set to INTERNAL_SELF_MANAGED. type: boolean + x-kubernetes-validations: + - message: ProxyBind is immutable + rule: self == oldSelf proxyHeader: - description: |- - Specifies the type of proxy header to append before sending data to - the backend. Default value: "NONE" Possible values: ["NONE", "PROXY_V1"]. + description: 'Specifies the type of proxy header to append before + sending data to the backend. Default value: "NONE" Possible values: + ["NONE", "PROXY_V1"].' type: string resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The ComputeTargetTCPProxy name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID is immutable + rule: self == oldSelf required: - backendServiceRef type: object status: + description: ComputeTargetTCPProxyStatus defines the config connector + machine state of ComputeTargetTCPProxy properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -45762,17 +47473,24 @@ spec: creationTimestamp: description: Creation timestamp in RFC3339 text format. type: string + externalRef: + description: A unique specifier for the ComputeTargetTCPProxy resource + in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer proxyId: description: The unique identifier for the resource. + format: int64 type: integer selfLink: + description: The SelfLink for the resource. type: string type: object required: @@ -45782,18 +47500,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45954,7 +47666,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -48677,7 +50389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -48881,7 +50593,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49253,7 +50965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -49569,7 +51281,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50158,7 +51870,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50394,7 +52106,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50408,6 +52120,7 @@ spec: categories: - gcp kind: ContainerAttachedCluster + listKind: ContainerAttachedClusterList plural: containerattachedclusters shortNames: - gcpcontainerattachedcluster @@ -50435,79 +52148,93 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ContainerAttachedCluster is the Schema for the ContainerAttachedCluster + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ContainerAttachedClusterSpec defines the desired state of + ContainerAttachedCluster properties: annotations: additionalProperties: type: string description: |- - Optional. Annotations on the cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys and - values combined is limited to 256k. Key can have 2 segments: prefix (optional) - and name (required), separated by a slash (/). Prefix must be a DNS subdomain. - Name must be 63 characters or less, begin and end with alphanumerics, - with dashes (-), underscores (_), dots (.), and alphanumerics between. + Optional. Annotations on the cluster. + + This field has the same restrictions as Kubernetes annotations. + The total size of all keys and values combined is limited to 256k. + Key can have 2 segments: prefix (optional) and name (required), + separated by a slash (/). + Prefix must be a DNS subdomain. + Name must be 63 characters or less, begin and end with alphanumerics, + with dashes (-), underscores (_), dots (.), and alphanumerics between. type: object authorization: - description: Configuration related to the cluster RBAC settings. + description: Optional. Configuration related to the cluster RBAC settings. properties: adminUsers: description: |- - Users that can perform operations as a cluster admin. A managed - ClusterRoleBinding will be created to grant the 'cluster-admin' ClusterRole - to the users. Up to ten admin users can be provided. + Optional. Users that can perform operations as a cluster admin. A managed + ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole + to the users. Up to ten admin users can be provided. - For more info on RBAC, see - https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles. + For more info on RBAC, see + https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles items: type: string type: array type: object binaryAuthorization: - description: Binary Authorization configuration. + description: Optional. Binary Authorization configuration for this + cluster. properties: evaluationMode: - description: 'Configure Binary Authorization evaluation mode. - Possible values: ["DISABLED", "PROJECT_SINGLETON_POLICY_ENFORCE"].' + description: 'Mode of operation for binauthz policy evaluation. + If unspecified, defaults to DISABLED. Possible values: ["DISABLED", + "PROJECT_SINGLETON_POLICY_ENFORCE"].' type: string type: object deletionPolicy: - description: Policy to determine what flags to send on delete. + description: Optional. Policy to determine what flags to send on delete. type: string description: - description: |- - A human readable description of this attached cluster. Cannot be longer - than 255 UTF-8 encoded bytes. + description: Optional. A human readable description of this Attached + cluster. Cannot be longer than 255 UTF-8 encoded bytes. type: string distribution: description: |- - Immutable. The Kubernetes distribution of the underlying attached cluster. Supported values: - "eks", "aks". + Immutable. The Kubernetes distribution of the underlying attached cluster. + + Supported values: ["eks", "aks", "generic"]. type: string + x-kubernetes-validations: + - message: Distribution field is immutable + rule: self == oldSelf fleet: - description: Fleet configuration. + description: Required. Fleet configuration. properties: membership: description: |- - The name of the managed Hub Membership resource associated to this - cluster. Membership names are formatted as - projects//locations/global/membership/. + Output only. The name of the managed Hub Membership resource associated to + this cluster. + + Membership names are formatted as + `projects//locations/global/membership/`. type: string projectRef: - description: The number of the Fleet host project where this cluster + description: The id of the Fleet host project where this cluster will be registered. oneOf: - not: @@ -50525,14 +52252,16 @@ spec: - external properties: external: - description: 'Allowed value: string of the format `projects/{{value}}`, - where {{value}} is the `number` field of a `Project` resource.' + description: 'The project of the fleet. Allowed value: The + Google Cloud resource name of a `Project` resource (format: + `projects/{{name}}`).' type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'Name of the project resource. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: 'Namespace of the project resource. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: @@ -50541,11 +52270,14 @@ spec: location: description: Immutable. The location for the resource. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf loggingConfig: - description: Logging configuration. + description: Optional. Logging configuration for this cluster. properties: componentConfig: - description: The configuration of the logging components. + description: The configuration of the logging components; properties: enableComponents: description: 'The components to be enabled. Possible values: @@ -50556,7 +52288,7 @@ spec: type: object type: object monitoringConfig: - description: Monitoring configuration. + description: Optional. Monitoring configuration for this cluster. properties: managedPrometheusConfig: description: Enable Google Cloud Managed Service for Prometheus @@ -50568,36 +52300,49 @@ spec: type: object type: object oidcConfig: - description: |- - OIDC discovery information of the target cluster. - - Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster - API server. This fields indicates how GCP services - validate KSA tokens in order to allow system workloads (such as GKE Connect - and telemetry agents) to authenticate back to GCP. - - Both clusters with public and private issuer URLs are supported. - Clusters with public issuers only need to specify the 'issuer_url' field - while clusters with private issuers need to provide both - 'issuer_url' and 'jwks'. + description: "Required. OpenID Connect (OIDC) discovery information + of the target cluster.\n\nKubernetes Service Account (KSA) tokens + are JWT tokens signed by the cluster\nAPI server. This field indicates + how GCP services\tvalidate KSA tokens in order\nto allow system + workloads (such as GKE Connect and telemetry agents) to\nauthenticate + back to GCP.\n\nBoth clusters with public and private issuer URLs + are supported.\nClusters with public issuers only need to specify + the 'issuerUrl' field\nwhile clusters with private issuers need + to provide both 'issuerUrl' and 'jwks'." properties: issuerUrl: - description: Immutable. A JSON Web Token (JWT) issuer URI. 'issuer' - must start with 'https://'. + description: Immutable. A JSON Web Token (JWT) issuer URI. `issuer` + must start with `https://`. type: string + x-kubernetes-validations: + - message: IssuerURL field is immutable + rule: self == oldSelf jwks: - description: Immutable. OIDC verification keys in JWKS format - (RFC 7517). + description: |- + Immutable, Optional. OIDC verification keys in JWKS format (RFC 7517). + It contains a list of OIDC verification keys that can be used to verify + OIDC JWTs. + + This field is required for cluster that doesn't have a publicly available + discovery endpoint. When provided, it will be directly used + to verify the OIDC JWT asserted by the IDP. + format: byte type: string + x-kubernetes-validations: + - message: Jwks field is immutable + rule: self == oldSelf required: - issuerUrl type: object + x-kubernetes-validations: + - message: OidcConfig field is immutable + rule: self == oldSelf platformVersion: - description: The platform version for the cluster (e.g. '1.23.0-gke.1'). + description: Required. The platform version for the cluster (e.g. + `1.30.0-gke.1`). type: string projectRef: description: The ID of the project in which the resource belongs. - If it is not provided, the provider project is used. oneOf: - not: required: @@ -50614,20 +52359,27 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable, Optional. The ContainerAttachedCluster name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - distribution - fleet @@ -50637,17 +52389,19 @@ spec: - projectRef type: object status: + description: ContainerAttachedClusterStatus defines the config connector + machine state of ContainerAttachedCluster properties: clusterRegion: description: |- - Output only. The region where this cluster runs. + The region where this cluster runs. - For EKS clusters, this is an AWS region. For AKS clusters, - this is an Azure region. + For EKS clusters, this is an AWS region. For AKS clusters, + this is an Azure region. type: string conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -50672,7 +52426,7 @@ spec: type: object type: array createTime: - description: Output only. The time at which this cluster was created. + description: The time at which this cluster was registered. type: string errors: description: A set of errors found in the cluster. @@ -50692,16 +52446,29 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + fleetMembership: + description: |- + Output only. The name of the managed Hub Membership resource associated to + this cluster. + + Membership names are formatted as + `projects//locations/global/membership/`. + This field mirrors the Spec.Fleet.Membership field. + type: string + type: object reconciling: description: If set, there are currently changes in flight to the cluster. type: boolean state: - description: |- - The current state of the cluster. Possible values: - STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, - DEGRADED. + description: "The current state of the cluster. Possible values:\tSTATE_UNSPECIFIED, + PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR,\tDEGRADED." type: string uid: description: A globally unique identifier for the cluster. @@ -50714,9 +52481,8 @@ spec: items: properties: identityProvider: - description: |- - The ID of the OIDC Identity Provider (IdP) associated to - the Workload Identity Pool. + description: The ID of the OIDC Identity Provider (IdP) associated + to the Workload Identity Pool. type: string issuerUri: description: The OIDC issuer URL for this cluster. @@ -50734,18 +52500,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -52620,7 +54380,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53544,7 +55304,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53816,7 +55576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53982,7 +55742,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54178,7 +55938,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54363,7 +56123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54595,7 +56355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54769,7 +56529,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54909,8 +56669,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -54992,7 +56752,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -55084,7 +56844,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55334,8 +57094,346 @@ spec: type: string type: object type: array - jobId: - description: The unique ID of this job. + jobId: + description: The unique ID of this job. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + state: + description: The current state of the resource, selected from the + JobState enum. + type: string + type: + description: The type of this job, selected from the JobType enum. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + name: dataformrepositories.dataform.cnrm.cloud.google.com +spec: + group: dataform.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DataformRepository + listKind: DataformRepositoryList + plural: dataformrepositories + shortNames: + - gcpdataformrepository + - gcpdataformrepositories + singular: dataformrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DataformRepository is the Schema for the dataform API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + displayName: + description: Optional. The repository's user-friendly name. + type: string + gitRemoteSettings: + description: Optional. If set, configures this repository to be linked + to a Git remote. + properties: + authenticationTokenSecretVersionRef: + description: The name of the Secret Manager secret version to + use as an authentication token for Git operations. Must be in + the format projects/* /secrets/* /versions/*. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + defaultBranch: + description: The Git remote's default branch name. + type: string + sshAuthenticationConfig: + description: Authentication fields for remote uris using SSH protocol. + properties: + hostPublicKey: + description: Content of a public SSH key to verify an identity + of a remote Git host. + type: string + userPrivateKeySecretVersionRef: + description: The name of the Secret Manager secret version + to use as a ssh private key for Git operations. Must be + in the format projects/*/secrets/*/versions/* . + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + required: + - hostPublicKey + - userPrivateKeySecretVersionRef + type: object + url: + description: The Git remote's URL. + type: string + required: + - defaultBranch + - url + type: object + npmrcEnvironmentVariablesSecretVersionRef: + description: Optional. The name of the Secret Manager secret version + to be used to interpolate variables into the .npmrc file for package + installation operations. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + region: + description: Immutable. A reference to the region. + type: string + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + serviceAccountRef: + description: Optional. The service account reference to run workflow + invocations under. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + setAuthenticatedUserAdmin: + description: Optional. Input only. If set to true, the authenticated + user will be granted the roles/dataform.admin role on the created + repository. + type: boolean + workspaceCompilationOverrides: + description: Optional. If set, fields of workspaceCompilationOverrides + override the default compilation settings that are specified in + dataform.json when creating workspace-scoped compilation results. + properties: + defaultDatabase: + description: Optional. The default database (Google Cloud project + ID). + type: string + schemaSuffix: + description: Optional. The suffix that should be appended to all + schema (BigQuery dataset ID) names. + type: string + tablePrefix: + description: Optional. The prefix that should be prepended to + all table names. + type: string + type: object + required: + - projectRef + - region + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observations + of the DataformRepository's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DataformReposity resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -55343,55 +57441,20 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - state: - description: The current state of the resource, selected from the - JobState enum. - type: string - type: - description: The type of this job, selected from the JobType enum. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object type: object required: - spec type: object served: true - storage: true + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - name: dataformrepositories.dataform.cnrm.cloud.google.com -spec: - group: dataform.cnrm.cloud.google.com - names: - categories: - - gcp - kind: DataformRepository - listKind: DataformRepositoryList - plural: dataformrepositories - shortNames: - - gcpdataformrepository - - gcpdataformrepositories - singular: dataformrepository - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -55408,7 +57471,7 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1alpha1 + name: v1beta1 schema: openAPIV3Schema: description: DataformRepository is the Schema for the dataform API @@ -55567,7 +57630,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -55700,7 +57763,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -55979,7 +58042,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -56274,7 +58337,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -58089,7 +60152,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -60031,7 +62094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60203,7 +62266,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60804,7 +62867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60997,7 +63060,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61931,7 +63994,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62146,7 +64209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62331,7 +64394,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62545,7 +64608,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62740,7 +64803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63290,7 +65353,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63510,7 +65573,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64608,7 +66671,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64817,7 +66880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65011,7 +67074,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65208,7 +67271,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65251,72 +67314,288 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + action: + description: |- + The name of the action associated with the intent. + Note: The action name must not contain whitespaces. + type: string + defaultResponsePlatforms: + description: |- + The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED + (i.e. default platform). Possible values: ["FACEBOOK", "SLACK", "TELEGRAM", "KIK", "SKYPE", "LINE", "VIBER", "ACTIONS_ON_GOOGLE", "GOOGLE_HANGOUTS"]. + items: + type: string + type: array + displayName: + description: The name of this intent to be displayed on the console. + type: string + events: + description: |- + The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of + the contexts must be present in the active user session for an event to trigger this intent. See the + [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. + items: + type: string + type: array + inputContextNames: + description: |- + The list of context names required for this intent to be triggered. + Format: projects//agent/sessions/-/contexts/. + items: + type: string + type: array + isFallback: + description: Indicates whether this is a fallback intent. + type: boolean + mlDisabled: + description: |- + Indicates whether Machine Learning is disabled for the intent. + Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML + ONLY match mode. Also, auto-markup in the UI is turned off. + type: boolean + parentFollowupIntentName: + description: |- + Immutable. The unique identifier of the parent intent in the chain of followup intents. + Format: projects//agent/intents/. + type: string + priority: + description: |- + The priority of this intent. Higher numbers represent higher priorities. + - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds + to the Normal priority in the console. + - If the supplied value is negative, the intent is ignored in runtime detect intent requests. + type: integer + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resetContexts: + description: Indicates whether to delete all contexts in the current + session when this intent is matched. + type: boolean + resourceID: + description: Immutable. Optional. The service-generated name of the + resource. Used for acquisition only. Leave unset to create a new + resource. + type: string + webhookState: + description: |- + Indicates whether webhooks are enabled for the intent. + * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. + * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot + filling prompt is forwarded to the webhook. Possible values: ["WEBHOOK_STATE_ENABLED", "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING"]. + type: string + required: + - displayName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + followupIntentInfo: + description: |- + Information about all followup intents that have this intent as a direct or indirect parent. We populate this field + only in the output. + items: + properties: + followupIntentName: + description: |- + The unique identifier of the followup intent. + Format: projects//agent/intents/. + type: string + parentFollowupIntentName: + description: |- + The unique identifier of the followup intent's parent. + Format: projects//agent/intents/. + type: string + type: object + type: array + name: + description: |- + The unique identifier of this intent. + Format: projects//agent/intents/. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + rootFollowupIntentName: + description: |- + The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup + intents chain for this intent. + Format: projects//agent/intents/. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineDataStore + listKind: DiscoveryEngineDataStoreList + plural: discoveryenginedatastores + shortNames: + - gcpdiscoveryenginedatastore + - gcpdiscoveryenginedatastores + singular: discoveryenginedatastore + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineDataStore is the Schema for the DiscoveryEngineDataStore + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: DiscoveryEngineDataStoreSpec defines the desired state of + DiscoveryEngineDataStore properties: - action: - description: |- - The name of the action associated with the intent. - Note: The action name must not contain whitespaces. + collection: + description: Immutable. The collection for the DataStore. type: string - defaultResponsePlatforms: - description: |- - The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED - (i.e. default platform). Possible values: ["FACEBOOK", "SLACK", "TELEGRAM", "KIK", "SKYPE", "LINE", "VIBER", "ACTIONS_ON_GOOGLE", "GOOGLE_HANGOUTS"]. - items: - type: string - type: array - displayName: - description: The name of this intent to be displayed on the console. + x-kubernetes-validations: + - message: Collection field is immutable + rule: self == oldSelf + contentConfig: + description: Immutable. The content config of the data store. If this + field is unset, the server behavior defaults to [ContentConfig.NO_CONTENT][google.cloud.discoveryengine.v1.DataStore.ContentConfig.NO_CONTENT]. type: string - events: - description: |- - The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of - the contexts must be present in the active user session for an event to trigger this intent. See the - [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. - items: - type: string - type: array - inputContextNames: - description: |- - The list of context names required for this intent to be triggered. - Format: projects//agent/sessions/-/contexts/. - items: - type: string - type: array - isFallback: - description: Indicates whether this is a fallback intent. - type: boolean - mlDisabled: - description: |- - Indicates whether Machine Learning is disabled for the intent. - Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML - ONLY match mode. Also, auto-markup in the UI is turned off. - type: boolean - parentFollowupIntentName: + displayName: description: |- - Immutable. The unique identifier of the parent intent in the chain of followup intents. - Format: projects//agent/intents/. + Required. The data store display name. + + This field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. type: string - priority: - description: |- - The priority of this intent. Higher numbers represent higher priorities. - - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds - to the Normal priority in the console. - - If the supplied value is negative, the intent is ignored in runtime detect intent requests. - type: integer + industryVertical: + description: Immutable. The industry vertical that the data store + registers. + type: string + location: + description: Immutable. The location for the resource. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The ID of the project in which the resource belongs. oneOf: - not: required: @@ -65333,40 +67612,72 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object - resetContexts: - description: Indicates whether to delete all contexts in the current - session when this intent is matched. - type: boolean resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: Immutable. The DiscoveryEngineDataStore name. If not + given, the metadata.name will be used. type: string - webhookState: + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + solutionTypes: description: |- - Indicates whether webhooks are enabled for the intent. - * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. - * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot - filling prompt is forwarded to the webhook. Possible values: ["WEBHOOK_STATE_ENABLED", "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING"]. - type: string + The solutions that the data store enrolls. Available solutions for each + [industry_vertical][google.cloud.discoveryengine.v1.DataStore.industry_vertical]: + + * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` and `SOLUTION_TYPE_SEARCH`. + * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` is automatically enrolled. Other + solutions cannot be enrolled. + items: + type: string + type: array + workspaceConfig: + description: Config to store data store type configuration for workspace + data. This must be set when [DataStore.content_config][google.cloud.discoveryengine.v1.DataStore.content_config] + is set as [DataStore.ContentConfig.GOOGLE_WORKSPACE][google.cloud.discoveryengine.v1.DataStore.ContentConfig.GOOGLE_WORKSPACE]. + properties: + dasherCustomerID: + description: Obfuscated Dasher customer ID. + type: string + superAdminEmailAddress: + description: Optional. The super admin email address for the workspace + that will be used for access token generation. For now we only + use it for Native Google Drive connector data ingestion. + type: string + superAdminServiceAccount: + description: Optional. The super admin service account for the + workspace that will be used for access token generation. For + now we only use it for Native Google Drive connector data ingestion. + type: string + type: + description: The Google Workspace data source. + type: string + type: object required: - - displayName + - collection + - location - projectRef type: object status: + description: DiscoveryEngineDataStoreStatus defines the config connector + machine state of DiscoveryEngineDataStore properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -65390,28 +67701,9 @@ spec: type: string type: object type: array - followupIntentInfo: - description: |- - Information about all followup intents that have this intent as a direct or indirect parent. We populate this field - only in the output. - items: - properties: - followupIntentName: - description: |- - The unique identifier of the followup intent. - Format: projects//agent/intents/. - type: string - parentFollowupIntentName: - description: |- - The unique identifier of the followup intent's parent. - Format: projects//agent/intents/. - type: string - type: object - type: array - name: - description: |- - The unique identifier of this intent. - Format: projects//agent/intents/. + externalRef: + description: A unique specifier for the DiscoveryEngineDataStore resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -65419,13 +67711,46 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - rootFollowupIntentName: - description: |- - The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup - intents chain for this intent. - Format: projects//agent/intents/. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + billingEstimation: + description: Output only. Data size estimation for billing. + properties: + structuredDataSize: + description: Data size for structured data in terms of bytes. + format: int64 + type: integer + structuredDataUpdateTime: + description: Last updated timestamp for structured data. + type: string + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: integer + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + type: string + websiteDataSize: + description: Data size for websites in terms of bytes. + format: int64 + type: integer + websiteDataUpdateTime: + description: Last updated timestamp for websites. + type: string + type: object + createTime: + description: Output only. Timestamp the [DataStore][google.cloud.discoveryengine.v1.DataStore] + was created at. + type: string + defaultSchemaID: + description: Output only. The id of the default [Schema][google.cloud.discoveryengine.v1.Schema] + asscociated to this data store. + type: string + type: object type: object required: - spec @@ -65434,18 +67759,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -69621,7 +71940,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -70233,7 +72552,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -71709,7 +74028,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72080,7 +74399,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -72465,7 +74784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -72661,7 +74980,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73633,7 +75952,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73812,7 +76131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74008,7 +76327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74131,7 +76450,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74296,7 +76615,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74832,7 +77151,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75083,7 +77402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75322,7 +77641,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75502,7 +77821,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75726,7 +78045,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75868,7 +78187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76414,7 +78733,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76636,7 +78955,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76965,7 +79284,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77134,7 +79453,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77321,7 +79640,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77498,7 +79817,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77642,25 +79961,188 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: firebasehostingsites.firebasehosting.cnrm.cloud.google.com +spec: + group: firebasehosting.cnrm.cloud.google.com + names: + categories: + - gcp + kind: FirebaseHostingSite + plural: firebasehostingsites + shortNames: + - gcpfirebasehostingsite + - gcpfirebasehostingsites + singular: firebasehostingsite + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + appId: + description: |- + Optional. The [ID of a Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id) + associated with the Hosting site. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The siteId of the resource. Used + for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + defaultUrl: + description: The default URL for the site in the form of https://{name}.web.app. + type: string + name: + description: |- + Output only. The fully-qualified resource name of the Hosting site, in the + format: projects/PROJECT_IDENTIFIER/sites/SITE_ID PROJECT_IDENTIFIER: the + Firebase project's + ['ProjectNumber'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its + ['ProjectId'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_id). + Learn more about using project identifiers in Google's + [AIP 2510 standard](https://google.aip.dev/cloud/2510). + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebasehostingsites.firebasehosting.cnrm.cloud.google.com + name: firebaseprojects.firebase.cnrm.cloud.google.com spec: - group: firebasehosting.cnrm.cloud.google.com + group: firebase.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseHostingSite - plural: firebasehostingsites + kind: FirebaseProject + plural: firebaseprojects shortNames: - - gcpfirebasehostingsite - - gcpfirebasehostingsites - singular: firebasehostingsite + - gcpfirebaseproject + - gcpfirebaseprojects + singular: firebaseproject preserveUnknownFields: false scope: Namespaced versions: @@ -77698,11 +80180,6 @@ spec: type: object spec: properties: - appId: - description: |- - Optional. The [ID of a Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id) - associated with the Hosting site. - type: string projectRef: description: The project that this resource belongs to. oneOf: @@ -77731,7 +80208,7 @@ spec: type: string type: object resourceID: - description: Immutable. Optional. The siteId of the resource. Used + description: Immutable. Optional. The project of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string @@ -77766,18 +80243,8 @@ spec: type: string type: object type: array - defaultUrl: - description: The default URL for the site in the form of https://{name}.web.app. - type: string - name: - description: |- - Output only. The fully-qualified resource name of the Hosting site, in the - format: projects/PROJECT_IDENTIFIER/sites/SITE_ID PROJECT_IDENTIFIER: the - Firebase project's - ['ProjectNumber'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its - ['ProjectId'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_id). - Learn more about using project identifiers in Google's - [AIP 2510 standard](https://google.aip.dev/cloud/2510). + displayName: + description: The GCP project display name. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -77786,6 +80253,10 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + projectNumber: + description: The number of the google project that firebase is enabled + on. + type: string type: object required: - spec @@ -77805,25 +80276,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebaseprojects.firebase.cnrm.cloud.google.com + name: firebasestoragebuckets.firebasestorage.cnrm.cloud.google.com spec: - group: firebase.cnrm.cloud.google.com + group: firebasestorage.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseProject - plural: firebaseprojects + kind: FirebaseStorageBucket + plural: firebasestoragebuckets shortNames: - - gcpfirebaseproject - - gcpfirebaseprojects - singular: firebaseproject + - gcpfirebasestoragebucket + - gcpfirebasestoragebuckets + singular: firebasestoragebucket preserveUnknownFields: false scope: Namespaced versions: @@ -77889,7 +80360,7 @@ spec: type: string type: object resourceID: - description: Immutable. Optional. The project of the resource. Used + description: Immutable. Optional. The bucketId of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string @@ -77924,8 +80395,8 @@ spec: type: string type: object type: array - displayName: - description: The GCP project display name. + name: + description: Resource name of the bucket in the format projects/PROJECT_IDENTIFIER/buckets/BUCKET_ID. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -77934,10 +80405,6 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer - projectNumber: - description: The number of the google project that firebase is enabled - on. - type: string type: object required: - spec @@ -77957,25 +80424,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebasestoragebuckets.firebasestorage.cnrm.cloud.google.com + name: firebasewebapps.firebase.cnrm.cloud.google.com spec: - group: firebasestorage.cnrm.cloud.google.com + group: firebase.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseStorageBucket - plural: firebasestoragebuckets + kind: FirebaseWebApp + plural: firebasewebapps shortNames: - - gcpfirebasestoragebucket - - gcpfirebasestoragebuckets - singular: firebasestoragebucket + - gcpfirebasewebapp + - gcpfirebasewebapps + singular: firebasewebapp preserveUnknownFields: false scope: Namespaced versions: @@ -78013,43 +80480,40 @@ spec: type: object spec: properties: - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + apiKeyId: + description: |- + The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the WebApp. + If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the WebApp. + This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned. + type: string + deletionPolicy: + type: string + displayName: + description: The user-assigned display name of the App. + type: string + project: + description: Immutable. + type: string resourceID: - description: Immutable. Optional. The bucketId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. Optional. The service-generated name of the + resource. Used for acquisition only. Leave unset to create a new + resource. type: string required: - - projectRef + - displayName type: object status: properties: + appId: + description: |- + The globally unique, Firebase-assigned identifier of the App. + This identifier should be treated as an opaque token, as the data format is not specified. + type: string + appUrls: + description: The URLs where the 'WebApp' is hosted. + items: + type: string + type: array conditions: description: Conditions represent the latest available observation of the resource's current state. @@ -78077,7 +80541,9 @@ spec: type: object type: array name: - description: Resource name of the bucket in the format projects/PROJECT_IDENTIFIER/buckets/BUCKET_ID. + description: |- + The fully qualified resource name of the App, for example: + projects/projectId/webApps/appId. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -78105,25 +80571,21 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: firebasewebapps.firebase.cnrm.cloud.google.com + name: firestoredatabases.firestore.cnrm.cloud.google.com spec: - group: firebase.cnrm.cloud.google.com + group: firestore.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseWebApp - plural: firebasewebapps - shortNames: - - gcpfirebasewebapp - - gcpfirebasewebapps - singular: firebasewebapp + kind: FirestoreDatabase + listKind: FirestoreDatabaseList + plural: firestoredatabases + singular: firestoredatabase preserveUnknownFields: false scope: Namespaced versions: @@ -78146,58 +80608,83 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: FirestoreDatabase is the Schema for the FirestoreDatabase API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: FirestoreDatabaseSpec defines the desired state of FirestoreDatabase properties: - apiKeyId: - description: |- - The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the WebApp. - If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the WebApp. - This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned. - type: string - deletionPolicy: + concurrencyMode: + description: The concurrency control mode to use for this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#concurrencymode + for more info. type: string - displayName: - description: The user-assigned display name of the App. + locationID: + description: The location of the database. Available locations are + listed at https://cloud.google.com/firestore/docs/locations. type: string - project: - description: Immutable. + pointInTimeRecoveryEnablement: + description: Whether to enable the PITR feature on this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#pointintimerecoveryenablement + for more info. type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: The FirestoreDatabase name. If not given, the metadata.name + will be used. type: string required: - - displayName + - projectRef type: object status: + description: FirestoreDatabaseStatus defines the config connector machine + state of FirestoreDatabase properties: - appId: - description: |- - The globally unique, Firebase-assigned identifier of the App. - This identifier should be treated as an opaque token, as the data format is not specified. - type: string - appUrls: - description: The URLs where the 'WebApp' is hosted. - items: - type: string - type: array conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -78221,10 +80708,9 @@ spec: type: string type: object type: array - name: - description: |- - The fully qualified resource name of the App, for example: - projects/projectId/webApps/appId. + externalRef: + description: A unique specifier for the FirestoreDatabase resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -78232,27 +80718,78 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp at which this database + was created. Databases created before 2016 do not populate create_time. + type: string + earliestVersionTime: + description: |- + Output only. The earliest timestamp at which older versions of the data can + be read from the database. See [version_retention_period] above; this field + is populated with `now - version_retention_period`. + + This value is continuously updated, and becomes stale the moment it is + queried. If you are using this value to recover data, make sure to account + for the time from the moment when the value is queried to the moment when + you initiate the recovery. + type: string + etag: + description: This checksum is computed by the server based on + the value of other fields, and may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. + type: string + keyPrefix: + description: |- + Output only. The key_prefix for this database. This key_prefix is used, in + combination with the project id ("~") to construct + the application id that is returned from the Cloud Datastore APIs in Google + App Engine first generation runtimes. + + This value may be empty in which case the appid to use for URL-encoded keys + is the project_id (eg: foo instead of v~foo). + type: string + uid: + description: Output only. The system-generated UUID4 for this + Database. + type: string + updateTime: + description: Output only. The timestamp at which this database + was most recently updated. Note this only includes updates to + the database resource and not data contained by the database. + type: string + versionRetentionPeriod: + description: |- + Output only. The period during which past versions of data are retained in + the database. + + Any [read][google.firestore.v1.GetDocumentRequest.read_time] + or [query][google.firestore.v1.ListDocumentsRequest.read_time] can specify + a `read_time` within this window, and will read the state of the database + at that time. + + If the PITR feature is enabled, the retention period is 7 days. Otherwise, + the retention period is 1 hour. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78406,7 +80943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78619,7 +81156,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78916,7 +81453,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -79143,9 +81680,8 @@ spec: type: string type: object hierarchyController: - description: 'Hierarchy Controller is no longer available. - Use https://github.com/kubernetes-sigs/hierarchical-namespaces - instead.' + description: Hierarchy Controller is no longer available. Use + https://github.com/kubernetes-sigs/hierarchical-namespaces instead. properties: enableHierarchicalResourceQuota: description: Whether hierarchical resource quota is enabled @@ -79457,7 +81993,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -79723,7 +82259,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -80088,7 +82624,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80221,7 +82757,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80379,7 +82915,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80541,7 +83077,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80855,7 +83391,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81056,7 +83592,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81257,7 +83793,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81418,7 +83954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81558,7 +84094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81883,7 +84419,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82111,7 +84647,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82351,7 +84887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82530,7 +85066,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82672,7 +85208,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83030,7 +85566,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83211,7 +85747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83507,7 +86043,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83674,7 +86210,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83800,7 +86336,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83954,7 +86490,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84646,7 +87182,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -84805,7 +87341,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85010,7 +87546,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -85193,7 +87729,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85417,7 +87953,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85581,7 +88117,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85794,7 +88330,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86011,7 +88547,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86164,7 +88700,195 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: kmsautokeyconfigs.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSAutokeyConfig + listKind: KMSAutokeyConfigList + plural: kmsautokeyconfigs + shortNames: + - gcpkmsautokeyconfig + - gcpkmsautokeyconfigs + singular: kmsautokeyconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig + properties: + folderRef: + description: Immutable. The folder that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - folderRef + type: object + status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86357,7 +89081,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86510,11 +89234,179 @@ spec: type: string type: object type: array - generateTime: - description: The time this CryptoKeyVersion key material was generated. - type: string - name: - description: The resource name for this CryptoKeyVersion. + generateTime: + description: The time this CryptoKeyVersion key material was generated. + type: string + name: + description: The resource name for this CryptoKeyVersion. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + protectionLevel: + description: The ProtectionLevel describing how crypto operations + are performed with this CryptoKeyVersion. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: kmskeyhandles.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSKeyHandle + listKind: KMSKeyHandleList + plural: kmskeyhandles + shortNames: + - gcpkmskeyhandle + - gcpkmskeyhandles + singular: kmskeyhandle + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The KMSKeyHandle name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -86522,11 +89414,15 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - protectionLevel: - description: The ProtectionLevel describing how crypto operations - are performed with this CryptoKeyVersion. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object type: object required: - spec @@ -86535,18 +89431,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86726,7 +89616,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86849,7 +89739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87054,7 +89944,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87343,7 +90233,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87618,7 +90508,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87951,7 +90841,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -88074,7 +90964,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -88478,7 +91368,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88782,7 +91672,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89119,7 +92009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89295,7 +92185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90232,7 +93122,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90331,7 +93221,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -90388,7 +93278,7 @@ spec: properties: external: description: The `projectID` field of a - project, when not managed by KCC. + project, when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -90474,7 +93364,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -92382,7 +95272,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -92437,7 +95327,7 @@ spec: properties: external: description: The `projectID` field of a project, - when not managed by KCC. + when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -92522,7 +95412,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -94249,7 +97139,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -94305,7 +97195,7 @@ spec: properties: external: description: The `projectID` field of a project, - when not managed by KCC. + when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -94391,7 +97281,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -96203,7 +99093,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -96262,7 +99152,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -96319,7 +99209,7 @@ spec: properties: external: description: The `projectID` field of a - project, when not managed by KCC. + project, when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -96405,7 +99295,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -98307,7 +101197,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98498,7 +101388,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98793,7 +101683,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98920,7 +101810,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -99221,7 +102111,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99792,7 +102682,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99951,7 +102841,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100330,7 +103220,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100512,7 +103402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -100588,8 +103478,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -100617,7 +103507,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -100665,7 +103555,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -100859,7 +103749,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101246,7 +104136,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -101521,7 +104411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101779,7 +104669,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102008,7 +104898,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102252,7 +105142,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102489,7 +105379,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102836,7 +105726,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103743,7 +106633,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104064,7 +106954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104290,7 +107180,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104757,7 +107647,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105491,7 +108381,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105667,7 +108557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105997,7 +108887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106318,7 +109208,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -106538,7 +109428,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -106699,7 +109589,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107468,7 +110358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -108470,7 +111360,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -109161,7 +112051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -109297,7 +112187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -109800,7 +112690,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -110805,7 +113695,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -111716,7 +114606,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -112096,43 +114986,800 @@ spec: type: string type: object type: array - createTime: - description: Output only. The time at which this CertificateTemplate - was created. - format: date-time + createTime: + description: Output only. The time at which this CertificateTemplate + was created. + format: date-time + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + updateTime: + description: Output only. The time at which this CertificateTemplate + was updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com +spec: + group: privilegedaccessmanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: PrivilegedAccessManagerEntitlement + listKind: PrivilegedAccessManagerEntitlementList + plural: privilegedaccessmanagerentitlements + singular: privilegedaccessmanagerentitlement + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. + type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 type: integer - updateTime: - description: Output only. The time at which this CertificateTemplate - was updated. - format: date-time + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112357,7 +116004,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112513,7 +116160,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112680,7 +116327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112884,7 +116531,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113039,7 +116686,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113547,7 +117194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113764,7 +117411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -114018,10 +117665,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: beta cnrm.cloud.google.com/system: "true" name: redisclusters.redis.cnrm.cloud.google.com spec: @@ -114134,7 +117782,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -114173,8 +117821,347 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` + resource. + type: string + type: object + required: + - networkRef + type: object + type: array + redisConfigs: + additionalProperties: + type: string + description: Optional. Key/Value pairs of customer overrides for mutable + Redis Configs + type: object + replicaCount: + description: Optional. The number of replica nodes per shard. + format: int32 + type: integer + resourceID: + description: The RedisCluster name. If not given, the metadata.name + will be used. + type: string + shardCount: + description: Required. Number of shards for the Redis cluster. + format: int32 + type: integer + transitEncryptionMode: + description: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + type: string + zoneDistributionConfig: + description: Optional. This config will be used to determine how the + customer wants us to distribute cluster resources within the region. + properties: + mode: + description: Optional. The mode of zone distribution. Defaults + to MULTI_ZONE, when not specified. + type: string + zone: + description: Optional. When SINGLE ZONE distribution is selected, + zone field would be used to allocate all resources in that zone. + This is not applicable to MULTI_ZONE, and would be ignored for + MULTI_ZONE clusters. + type: string + type: object + required: + - location + - projectRef + type: object + status: + description: RedisClusterStatus defines the config connector machine state + of RedisCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the RedisCluster resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp associated with the cluster + creation request. + type: string + discoveryEndpoints: + description: Output only. Endpoints created on each given network, + for Redis clients to connect to the cluster. Currently only + one discovery endpoint is supported. + items: + properties: + address: + description: Output only. Address of the exposed Redis endpoint + used by clients to connect to the service. The address + could be either IP or hostname. + type: string + port: + description: Output only. The port number of the exposed + Redis endpoint. + format: int32 + type: integer + pscConfig: + description: Output only. Customer configuration for where + the endpoint is created and accessed from. + properties: + network: + description: Required. The network where the IP address + of the discovery endpoint will be reserved, in the + form of projects/{network_project}/global/networks/{network_id}. + type: string + type: object + type: object + type: array + preciseSizeGb: + description: Output only. Precise value of redis memory size in + GB for the entire cluster. + type: number + pscConnections: + description: Output only. PSC connections for discovery of the + cluster topology and accessing the cluster. + items: + properties: + address: + description: Output only. The IP allocated on the consumer + network for the PSC forwarding rule. + type: string + forwardingRule: + description: 'Output only. The URI of the consumer side + forwarding rule. Example: projects/{projectNumOrId}/regions/us-east1/forwardingRules/{resourceId}.' + type: string + network: + description: The consumer network where the IP address resides, + in the form of projects/{project_id}/global/networks/{network_id}. + type: string + projectID: + description: Output only. The consumer project_id where + the forwarding rule is created from. + type: string + pscConnectionID: + description: Output only. The PSC connection id of the forwarding + rule connected to the service attachment. + type: string + type: object + type: array + sizeGb: + description: Output only. Redis memory size in GB for the entire + cluster rounded up to the next integer. + format: int32 + type: integer + state: + description: Output only. The current state of this cluster. Can + be CREATING, READY, UPDATING, DELETING and SUSPENDED + type: string + stateInfo: + description: Output only. Additional information about the current + state of the cluster. + properties: + updateInfo: + description: Describes ongoing update on the cluster when + cluster state is UPDATING. + properties: + targetReplicaCount: + description: Target number of replica nodes per shard. + format: int32 + type: integer + targetShardCount: + description: Target number of shards for redis cluster + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. System assigned, unique identifier for + the cluster. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: RedisCluster is the Schema for the RedisCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RedisClusterSpec defines the desired state of RedisCluster + properties: + authorizationMode: + description: Optional. The authorization mode of the Redis cluster. + If not provided, auth feature is disabled for the cluster. + type: string + deletionProtectionEnabled: + description: Optional. The delete operation will fail when the value + is set to true. + type: boolean + location: + description: Immutable. Location of the resource. + type: string + nodeType: + description: Optional. The type of a redis node in the cluster. NodeType + determines the underlying machine-type of a redis node. + type: string + persistenceConfig: + description: Optional. Persistence config (RDB, AOF) for the cluster. + properties: + aofConfig: + description: Optional. AOF configuration. This field will be ignored + if mode is not AOF. + properties: + appendFsync: + description: Optional. fsync configuration. + type: string + type: object + mode: + description: Optional. The mode of persistence. + type: string + rdbConfig: + description: Optional. RDB configuration. This field will be ignored + if mode is not RDB. + properties: + rdbSnapshotPeriod: + description: Optional. Period between RDB snapshots. + type: string + rdbSnapshotStartTime: + description: Optional. The time that the first snapshot was/will + be attempted, and to which future snapshots will be aligned. + If not provided, the current time will be used. + type: string + type: object + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pscConfigs: + description: Required. Each PscConfig configures the consumer network + where IPs will be designated to the cluster for client access through + Private Service Connect Automation. Currently, only one PscConfig + is supported. + items: + properties: + networkRef: + description: Required. The network where the IP address of the + discovery endpoint will be reserved, in the form of projects/{network_project}/global/networks/{network_id}. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -114380,7 +118367,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114898,7 +118885,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115076,7 +119063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115357,7 +119344,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116402,7 +120389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117532,7 +121519,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117546,6 +121533,7 @@ spec: categories: - gcp kind: SecretManagerSecret + listKind: SecretManagerSecretList plural: secretmanagersecrets shortNames: - gcpsecretmanagersecret @@ -117573,65 +121561,84 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SecretManagerSecret is the Schema for the SecretManagerSecret + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SecretManagerSecretSpec defines the desired state of SecretManagerSecret properties: annotations: additionalProperties: type: string description: |- - Custom metadata about the secret. - - Annotations are distinct from various forms of labels. Annotations exist to allow - client tools to store their own state information without requiring a database. + Optional. Custom metadata about the secret. - Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of - maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and - may have dashes (-), underscores (_), dots (.), and alphanumerics in between these - symbols. + Annotations are distinct from various forms of labels. + Annotations exist to allow client tools to store their own state + information without requiring a database. - The total size of annotation keys and values must be less than 16KiB. + Annotation keys must be between 1 and 63 characters long, have a UTF-8 + encoding of maximum 128 bytes, begin and end with an alphanumeric character + ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and + alphanumerics in between these symbols. - An object containing a list of "key": value pairs. Example: - { "name": "wrench", "mass": "1.3kg", "count": "3" }. + The total size of annotation keys and values must be less than 16KiB. type: object expireTime: - description: |- - Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + description: Optional. Timestamp in UTC when the [Secret][google.cloud.secretmanager.v1.Secret] + is scheduled to expire. This is always provided on output, regardless + of what was sent on input. type: string replication: description: |- - Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed - after the Secret has been created. + Optional. Immutable. The replication policy of the secret data attached to + the [Secret][google.cloud.secretmanager.v1.Secret]. + + The replication policy cannot be changed after the Secret has been created. properties: auto: - description: The Secret will automatically be replicated without - any restrictions. + description: The [Secret][google.cloud.secretmanager.v1.Secret] + will automatically be replicated without any restrictions. properties: customerManagedEncryption: description: |- - The customer-managed encryption configuration of the Secret. - If no configuration is provided, Google-managed default - encryption is used. + Optional. The customer-managed encryption configuration of the + [Secret][google.cloud.secretmanager.v1.Secret]. If no configuration is + provided, Google-managed default encryption is used. + + Updates to the [Secret][google.cloud.secretmanager.v1.Secret] encryption + configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] added + afterwards. They do not apply retroactively to existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. properties: kmsKeyRef: description: |- - The customer-managed encryption configuration of the Secret. - If no configuration is provided, Google-managed default - encryption is used. + Required. The resource name of the Cloud KMS CryptoKey used to encrypt + secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in the same + location as the [replica location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in `global`. + + The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. oneOf: - not: required: @@ -117648,15 +121655,14 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field - of a `KMSCryptoKey` resource.' + description: A reference to an externally managed + KMSCryptoKey. Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` of a `KMSCryptoKey` resource. type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` of a `KMSCryptoKey` resource. type: string type: object required: @@ -117668,20 +121674,44 @@ spec: any restrictions. type: boolean userManaged: - description: Immutable. The Secret will be replicated to the regions - specified by the user. + description: The [Secret][google.cloud.secretmanager.v1.Secret] + will only be replicated into the locations specified. properties: replicas: - description: Immutable. The list of Replicas for this Secret. - Cannot be empty. + description: |- + Required. The list of Replicas for this + [Secret][google.cloud.secretmanager.v1.Secret]. + + Cannot be empty. items: properties: customerManagedEncryption: - description: Customer Managed Encryption for the secret. + description: |- + Optional. The customer-managed encryption configuration of the + [User-Managed Replica][Replication.UserManaged.Replica]. If no + configuration is provided, Google-managed default encryption is used. + + Updates to the [Secret][google.cloud.secretmanager.v1.Secret] + encryption configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] added + afterwards. They do not apply retroactively to existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. properties: kmsKeyRef: - description: Customer Managed Encryption for the - secret. + description: |- + Required. The resource name of the Cloud KMS CryptoKey used to encrypt + secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in the same + location as the [replica location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in `global`. + + The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. oneOf: - not: required: @@ -117698,24 +121728,24 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` - field of a `KMSCryptoKey` resource.' + description: A reference to an externally managed + KMSCryptoKey. Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` of a `KMSCryptoKey` + resource. type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` of a `KMSCryptoKey` + resource. type: string type: object required: - kmsKeyRef type: object location: - description: 'Immutable. The canonical IDs of the location - to replicate data. For example: "us-east1".' + description: 'The canonical IDs of the location to replicate + data. For example: `"us-east1"`.' type: string required: - location @@ -117726,37 +121756,50 @@ spec: type: object type: object resourceID: - description: Immutable. Optional. The secretId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SecretManagerSecret name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf rotation: - description: The rotation time and period for a Secret. At 'next_rotation_time', - Secret Manager will send a Pub/Sub notification to the topics configured - on the Secret. 'topics' must be set to configure rotation. + description: Optional. Rotation policy attached to the [Secret][google.cloud.secretmanager.v1.Secret]. + May be excluded if there is no rotation policy. properties: nextRotationTime: description: |- - Timestamp in UTC at which the Secret is scheduled to rotate. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + Optional. Timestamp in UTC at which the + [Secret][google.cloud.secretmanager.v1.Secret] is scheduled to rotate. + Cannot be set to less than 300s (5 min) in the future and at most + 3153600000s (100 years). + + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + MUST be set if + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set. type: string rotationPeriod: description: |- - Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). - If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + Input only. The Duration between rotation notifications. Must be in seconds + and at least 3600s (1h) and at most 3153600000s (100 years). + + If + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set, + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + must be set. + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + will be advanced by this period when the service automatically sends + rotation notifications. type: string type: object topics: - description: A list of up to 10 Pub/Sub topics to which messages are - published when control plane operations are called on the secret - or its versions. + description: Optional. A list of up to 10 Pub/Sub topics to which + messages are published when control plane operations are called + on the secret or its versions. items: properties: topicRef: - description: |- - A list of up to 10 Pub/Sub topics to which messages are - published when control plane operations are called on the secret - or its versions. oneOf: - not: required: @@ -117773,15 +121816,15 @@ spec: - external properties: external: - description: 'Allowed value: string of the format `projects/{{project}}/topics/{{value}}`, - where {{value}} is the `name` field of a `PubSubTopic` - resource.' + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `metadata.name` field of a `PubSubTopic` + resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `metadata.namespace` field of a `PubSubTopic` + resource. type: string type: object required: @@ -117789,32 +121832,32 @@ spec: type: object type: array ttl: - description: |- - Immutable. The TTL for the Secret. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + description: Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret]. type: string versionAliases: additionalProperties: type: string description: |- - Mapping from version alias to version name. + Optional. Mapping from version alias to version name. - A version alias is a string with a maximum length of 63 characters and can contain - uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') - characters. An alias string must start with a letter and cannot be the string - 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret. + A version alias is a string with a maximum length of 63 characters and can + contain uppercase and lowercase letters, numerals, and the hyphen (`-`) + and underscore ('_') characters. An alias string must start with a + letter and cannot be the string 'latest' or 'NEW'. + No more than 50 aliases can be assigned to a given secret. - An object containing a list of "key": value pairs. Example: - { "name": "wrench", "mass": "1.3kg", "count": "3" }. + Version-Alias pairs will be viewable via GetSecret and modifiable via + UpdateSecret. Access by alias is only be supported on + GetSecretVersion and AccessSecretVersion. type: object - required: - - replication type: object status: + description: SecretManagerSecretStatus defines the config connector machine + state of SecretManagerSecret properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -117838,13 +121881,13 @@ spec: type: string type: object type: array - createTime: - description: The time at which the Secret was created. + externalRef: + description: A unique specifier for the SecretManagerSecret resource + in GCP. type: string name: - description: |- - The resource name of the Secret. Format: - 'projects/{{project}}/secrets/{{secret_id}}'. + description: '[DEPRECATED] Please read from `.status.externalRef` + instead. Config Connector will remove the `.status.name` in v1 Version.' type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -117852,27 +121895,24 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118088,7 +122128,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118148,10 +122188,35 @@ spec: description: SecureSourceManagerInstanceSpec defines the desired state of SecureSourceManagerInstance properties: - kmsKey: + kmsKeyRef: description: Optional. Immutable. Customer-managed encryption key - name, in the format projects/*/locations/*/keyRings/*/cryptoKeys/*. - type: string + name. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object location: description: Immutable. Location of the instance. type: string @@ -118174,7 +122239,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -118278,7 +122343,359 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerRepository + listKind: SecureSourceManagerRepositoryList + plural: securesourcemanagerrepositories + shortNames: + - gcpsecuresourcemanagerrepository + - gcpsecuresourcemanagerrepositories + singular: securesourcemanagerrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerRepositorySpec defines the desired state + of SecureSourceManagerRepository + properties: + initialConfig: + description: Input only. Initial configurations for the repository. + properties: + defaultBranch: + description: Default branch name of the repository. + type: string + gitignores: + description: 'List of gitignore template names user can choose + from. Valid values: actionscript, ada, agda, android, anjuta, + ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, + atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, + c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, + c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, + concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, + dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, + drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, + godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, + igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, + jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, + joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, + ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, + lemon-stand, libre-office, lilypond, linux, lithium, logtalk, + lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + mercurial, mercury, metals, meta-programming-system, meteor, + microsoft-office, model-sim, momentics, mono-develop, nanoc, + net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, + ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, + packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, + plone, prestashop, processing, psoc-creator, puppet, pure-script, + putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, + redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, + scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, + smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, + svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, + tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, + typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, + virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + web-methods, windows, word-press, xcode, xilinx, xilinx-ise, + xojo, yeoman, yii, zend-framework, zephir.' + items: + type: string + type: array + license: + description: 'License template name user can choose from. Valid + values: license-0bsd, license-389-exception, aal, abstyles, + adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, + antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, + apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, + artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, + borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, + bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, + caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, + cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, + cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, + cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, + cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, + cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, + cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, + cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, + cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, + cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, + cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, + clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, + condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, + cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, + cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, + doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, + efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, + erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, + eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, + frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, + fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, + gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, + gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, + gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, + gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, + gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, + glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, + gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, + ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, + intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, + jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, + lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, + lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, + libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, + liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, + lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, + lppl-1-3c, lzma-exception, make-index, mif-exception, miros, + mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, + mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, + mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, + mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, + ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, + occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, + ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, + ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, + ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, + oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, + oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, + openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, + osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, + parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, + polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, + ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, + qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, + rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, + sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, + sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, + sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, + spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, + swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, + tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, + unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, + w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, + x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, + ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, + zpl-1-1, zpl-2-0, zpl-2-1.' + type: string + readme: + description: 'README template name. Valid template name(s) are: + default.' + type: string + type: object + instanceRef: + description: The name of the instance in which the repository is hosted, + formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed SecureSourceManagerInstance + resource. Should be in the format "projects//locations//instances/". + type: string + name: + description: The name of a SecureSourceManagerInstance resource. + type: string + namespace: + description: The namespace of a SecureSourceManagerInstance resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The SecureSourceManagerRepository name. If + not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - instanceRef + - location + - projectRef + type: object + status: + description: SecureSourceManagerRepositoryStatus defines the config connector + machine state of SecureSourceManagerRepository + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerRepository + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + uris: + description: Output only. URIs for the repository. + properties: + api: + description: Output only. API is the URI for API access. + type: string + gitHTTPS: + description: Output only. git_https is the git HTTPS URI for + git operations. + type: string + html: + description: Output only. HTML is the URI for user to view + the repository in a browser. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118483,7 +122900,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118646,7 +123063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118866,7 +123283,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119023,7 +123440,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119175,7 +123592,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119322,7 +123739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119500,7 +123917,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119641,7 +124058,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119823,7 +124240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120022,7 +124439,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120231,11 +124648,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: spannerinstances.spanner.cnrm.cloud.google.com @@ -120245,6 +124661,7 @@ spec: categories: - gcp kind: SpannerInstance + listKind: SpannerInstanceList plural: spannerinstances shortNames: - gcpspannerinstance @@ -120272,53 +124689,63 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SpannerInstance is the Schema for the SpannerInstance API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SpannerInstanceSpec defines the desired state of SpannerInstance properties: config: - description: |- - Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines the geographic placement and - replication of your databases in this instance. It determines where your data - is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. - In order to obtain a valid list please consult the - [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). - type: string + description: Immutable. The name of the instance's configuration (similar + but not quite the same as a region) which defines the geographic + placement and replication of your databases in this instance. It + determines where your data is stored. Values are typically of the + form 'regional-europe-west1' , 'us-central' etc. In order to obtain + a valid list please consult the [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). + type: string + x-kubernetes-validations: + - message: Config field is immutable + rule: self == oldSelf displayName: - description: |- - The descriptive name for this instance as it appears in UIs. Must be - unique per project and between 4 and 30 characters in length. + description: The descriptive name for this instance as it appears + in UIs. Must be unique per project and between 4 and 30 characters + in length. type: string numNodes: + format: int64 type: integer processingUnits: + format: int64 type: integer resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SpannerInstance name. If not given, the + metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - config - displayName type: object status: + description: SpannerInstanceStatus defines the config connector machine + state of SpannerInstance properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the SpannerInstance's current state. items: properties: lastTransitionTime: @@ -120342,12 +124769,17 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the SpannerInstance resource in + GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer state: description: 'Instance status: ''CREATING'' or ''READY''.' @@ -120360,18 +124792,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120542,12 +124968,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" name: sqlinstances.sql.cnrm.cloud.google.com spec: group: sql.cnrm.cloud.google.com @@ -121084,8 +125511,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -121362,7 +125789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121538,7 +125965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121779,7 +126206,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121949,7 +126376,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122356,7 +126783,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122542,7 +126969,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122710,7 +127137,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122913,7 +127340,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123075,7 +127502,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123713,7 +128140,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123896,7 +128323,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124073,7 +128500,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124238,7 +128665,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124412,7 +128839,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124632,7 +129059,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125019,7 +129446,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125466,7 +129893,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125611,7 +130038,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125847,7 +130274,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126062,7 +130489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126250,7 +130677,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126760,7 +131187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126942,7 +131369,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127132,7 +131559,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127411,7 +131838,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127603,25 +132030,21 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: workstationsworkstationclusters.workstations.cnrm.cloud.google.com + name: workstationclusters.workstations.cnrm.cloud.google.com spec: group: workstations.cnrm.cloud.google.com names: categories: - gcp - kind: WorkstationsWorkstationCluster - plural: workstationsworkstationclusters - shortNames: - - gcpworkstationsworkstationcluster - - gcpworkstationsworkstationclusters - singular: workstationsworkstationcluster + kind: WorkstationCluster + listKind: WorkstationClusterList + plural: workstationclusters + singular: workstationcluster preserveUnknownFields: false scope: Namespaced versions: @@ -127644,68 +132067,135 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster properties: annotations: - additionalProperties: - type: string - description: Client-specified annotations. This is distinct from labels. - type: object + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array displayName: - description: Human-readable name for this resource. + description: Optional. Human-readable name for this workstation cluster. type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array location: - description: Immutable. The location where the workstation cluster - should reside. - type: string - network: - description: |- - Immutable. The relative resource name of the VPC network on which the instance can be accessed. - It is specified in the following form: "projects/{projectNumber}/global/networks/{network_id}". + description: The location of the cluster. type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object privateClusterConfig: - description: Configuration for private cluster. + description: Optional. Configuration for private workstation cluster. properties: allowedProjects: - description: |- - Additional project IDs that are allowed to attach to the workstation cluster's service attachment. - By default, the workstation cluster's project and the VPC host project (if different) are allowed. + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. items: - type: string + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object type: array - clusterHostname: - description: |- - Hostname for the workstation cluster. - This field will be populated only when private endpoint is enabled. - To access workstations in the cluster, create a new DNS zone mapping this domain name to an internal IP address and a forwarding rule mapping that address to the service attachment. - type: string enablePrivateEndpoint: description: Immutable. Whether Workstations endpoint is private. type: boolean - serviceAttachmentUri: - description: |- - Service attachment URI for the workstation cluster. - The service attachment is created when private endpoint is enabled. - To access workstations in the cluster, configure access to the managed service using (Private Service Connect)[https://cloud.google.com/vpc/docs/configure-private-service-connect-services]. - type: string - required: - - enablePrivateEndpoint type: object projectRef: - description: The project that this resource belongs to. + description: Immutable. The Project that this resource belongs to. oneOf: - not: required: @@ -127722,36 +132212,73 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf resourceID: - description: Immutable. Optional. The workstationClusterId of the - resource. Used for creation and acquisition. When unset, the value - of `metadata.name` is used as the default. - type: string - subnetwork: - description: |- - Immutable. Name of the Compute Engine subnetwork in which instances associated with this cluster will be created. - Must be part of the subnetwork specified for this cluster. + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object required: - - location - - network + - networkRef - projectRef - - subnetwork + - subnetworkRef type: object status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -127775,21 +132302,9 @@ spec: type: string type: object type: array - createTime: - description: Time when this resource was created. - type: string - degraded: - description: |- - Whether this resource is in degraded mode, in which case it may require user action to restore full functionality. - Details can be found in the conditions field. - type: boolean - etag: - description: |- - Checksum computed by the server. - May be sent on update and delete requests to ensure that the client has an up-to-date value before proceeding. - type: string - name: - description: The name of the cluster resource. + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -127797,41 +132312,431 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - resourceConditions: - description: Status conditions describing the current resource state. + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster + properties: + annotations: + description: Optional. Client-specified annotations. items: properties: - code: - description: The status code, which should be an enum value - of google.rpc.Code. - type: integer - details: - description: A list of messages that carry the error details. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation cluster. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + location: + description: The location of the cluster. + type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object + privateClusterConfig: + description: Optional. Configuration for private workstation cluster. + properties: + allowedProjects: + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. + items: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + type: array + enablePrivateEndpoint: + description: Immutable. Whether Workstations endpoint is private. + type: boolean + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceID: + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object + required: + - networkRef + - projectRef + - subnetworkRef + type: object + status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string message: - description: Human readable message indicating details about - the current status. + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. type: string type: object type: array - uid: - description: The system-generated UID of the resource. + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml similarity index 94% rename from operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml rename to operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml index 89256c9a9d..2c63dddaaa 100644 --- a/operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1001,6 +1013,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1085,6 +1109,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1270,7 +1306,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1320,7 +1356,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1378,7 +1414,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1403,7 +1439,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1433,7 +1469,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-cluster-role @@ -1464,7 +1500,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1807,6 +1843,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2071,6 +2115,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2127,6 +2179,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2252,7 +2312,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2315,7 +2375,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2333,7 +2393,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2351,7 +2411,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2374,7 +2434,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2391,7 +2451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2408,7 +2468,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-binding @@ -2425,7 +2485,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2442,7 +2502,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2459,7 +2519,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2480,7 +2540,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2498,7 +2558,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2511,8 +2571,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2545,7 +2605,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2560,7 +2620,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2575,7 +2635,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2605,7 +2665,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2620,7 +2680,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2628,7 +2688,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2658,7 +2718,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2673,7 +2733,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2681,7 +2741,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/unmanageddetector:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 imagePullPolicy: Always name: unmanageddetector ports: @@ -2712,7 +2772,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml similarity index 91% rename from operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml rename to operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml index 5c4ea84336..d629e56121 100644 --- a/operator/autopilot-channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 iam.gke.io/gcp-service-account: cnrm-system-${NAMESPACE?}@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -14,7 +14,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -35,7 +35,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -56,7 +56,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -75,7 +75,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -93,7 +93,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -117,7 +117,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -134,7 +134,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: diff --git a/operator/autopilot-channels/stable b/operator/autopilot-channels/stable index bd0c1313a1..950eec8b2a 100644 --- a/operator/autopilot-channels/stable +++ b/operator/autopilot-channels/stable @@ -1,2 +1,2 @@ manifests: - - version: 1.124.0 + - version: 1.125.0 diff --git a/operator/channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml index 94f33efcf8..7ebd1629b8 100644 --- a/operator/channels/packages/configconnector/1.122.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -25,7 +25,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-controller-manager @@ -35,7 +35,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -45,7 +45,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -55,7 +55,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -65,7 +65,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -86,7 +86,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -107,7 +107,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -619,6 +619,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1015,6 +1027,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1099,6 +1123,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1284,7 +1320,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1334,7 +1370,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1392,7 +1428,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1417,7 +1453,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1447,7 +1483,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1790,6 +1826,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2054,6 +2098,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2110,6 +2162,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2235,7 +2295,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2298,7 +2358,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2316,7 +2376,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2334,7 +2394,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2357,7 +2417,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2374,7 +2434,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2391,7 +2451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2408,7 +2468,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2425,7 +2485,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2442,7 +2502,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2459,7 +2519,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2481,7 +2541,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2502,7 +2562,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2520,7 +2580,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2533,8 +2593,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2568,7 +2628,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2583,7 +2643,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2598,7 +2658,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2628,7 +2688,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2643,7 +2703,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2656,7 +2716,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2693,7 +2753,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2708,7 +2768,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2716,7 +2776,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2747,7 +2807,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml index 4ebd27a790..e8a37ee026 100644 --- a/operator/channels/packages/configconnector/1.122.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 iam.gke.io/gcp-service-account: cnrm-system@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/system: "true" @@ -22,7 +22,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -32,7 +32,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -42,7 +42,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -52,7 +52,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -73,7 +73,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -94,7 +94,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -606,6 +606,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1002,6 +1014,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1086,6 +1110,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1271,7 +1307,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1321,7 +1357,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1379,7 +1415,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1404,7 +1440,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1434,7 +1470,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1777,6 +1813,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2041,6 +2085,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2097,6 +2149,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2222,7 +2282,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2285,7 +2345,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2303,7 +2363,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2321,7 +2381,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2344,7 +2404,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2361,7 +2421,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-binding @@ -2378,7 +2438,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-watcher-binding @@ -2395,7 +2455,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2412,7 +2472,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2429,7 +2489,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2446,7 +2506,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -2468,7 +2528,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2489,7 +2549,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2507,7 +2567,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2520,8 +2580,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2573,7 +2633,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2588,7 +2648,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2603,7 +2663,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2633,7 +2693,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2648,7 +2708,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/system: "true" @@ -2658,7 +2718,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2706,7 +2766,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2721,7 +2781,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2729,7 +2789,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2760,7 +2820,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/autopilot-channels/packages/configconnector/1.122.0/crds.yaml b/operator/channels/packages/configconnector/1.125.0/crds.yaml similarity index 95% rename from operator/autopilot-channels/packages/configconnector/1.122.0/crds.yaml rename to operator/channels/packages/configconnector/1.125.0/crds.yaml index 13f5a24abc..33ed979158 100644 --- a/operator/autopilot-channels/packages/configconnector/1.122.0/crds.yaml +++ b/operator/channels/packages/configconnector/1.125.0/crds.yaml @@ -16,7 +16,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -264,7 +264,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -650,7 +650,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -780,7 +780,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -949,7 +949,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -1262,7 +1262,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2456,7 +2456,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -2895,7 +2895,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4366,7 +4366,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -4559,6 +4559,9 @@ spec: type: string type: object type: array + enableOutboundPublicIp: + description: Enabling outbound public ip for the instance. + type: boolean enablePublicIp: description: Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized @@ -4627,6 +4630,14 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + outboundPublicIpAddresses: + description: |- + The outbound public IP addresses for the instance. This is available ONLY when + networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used + for outbound connections. + items: + type: string + type: array publicIpAddress: description: The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the @@ -4826,6 +4837,9 @@ spec: type: string type: object type: array + enableOutboundPublicIp: + description: Enabling outbound public ip for the instance. + type: boolean enablePublicIp: description: Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized @@ -4894,6 +4908,14 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + outboundPublicIpAddresses: + description: |- + The outbound public IP addresses for the instance. This is available ONLY when + networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used + for outbound connections. + items: + type: string + type: array publicIpAddress: description: The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the @@ -4933,7 +4955,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5129,7 +5151,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5403,7 +5425,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5562,7 +5584,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5726,7 +5748,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -5899,7 +5921,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6043,7 +6065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6173,7 +6195,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6301,7 +6323,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -6476,7 +6498,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6606,7 +6628,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6782,7 +6804,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -6911,7 +6933,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -7205,7 +7227,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7340,7 +7362,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7421,7 +7443,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -7592,7 +7614,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7767,7 +7789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -7900,7 +7922,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8601,7 +8623,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -8751,7 +8773,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9202,7 +9224,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9569,7 +9591,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9771,7 +9793,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -9942,7 +9964,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -10122,13 +10144,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: bigqueryanalyticshubdataexchanges.bigqueryanalyticshub.cnrm.cloud.google.com spec: group: bigqueryanalyticshub.cnrm.cloud.google.com @@ -10136,10 +10157,8 @@ spec: categories: - gcp kind: BigQueryAnalyticsHubDataExchange + listKind: BigQueryAnalyticsHubDataExchangeList plural: bigqueryanalyticshubdataexchanges - shortNames: - - gcpbigqueryanalyticshubdataexchange - - gcpbigqueryanalyticshubdataexchanges singular: bigqueryanalyticshubdataexchange preserveUnknownFields: false scope: Namespaced @@ -10163,41 +10182,54 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange properties: description: - description: Description of the data exchange. + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. type: string displayName: - description: Human-readable display name of the data exchange. The - display name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), and must not start or end with spaces. + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' type: string documentation: - description: Documentation describing the data exchange. - type: string - icon: - description: Base64 encoded image representing the data exchange. + description: Optional. Documentation describing the data exchange. type: string location: description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the data - exchange. + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' type: string projectRef: description: The project that this resource belongs to. @@ -10217,30 +10249,38 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The dataExchangeId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - - displayName - location - projectRef type: object status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10264,13 +10304,9 @@ spec: type: string type: object type: array - listingCount: - description: Number of listings contained in the data exchange. - type: integer - name: - description: |- - The resource name of the data exchange, for example: - "projects/myproject/locations/US/dataExchanges/123". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10278,48 +10314,25 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer + type: object type: object required: - spec type: object served: true - storage: true + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com -spec: - group: bigqueryanalyticshub.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryAnalyticsHubListing - plural: bigqueryanalyticshublistings - shortNames: - - gcpbigqueryanalyticshublisting - - gcpbigqueryanalyticshublistings - singular: bigqueryanalyticshublisting - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -10336,81 +10349,57 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1alpha1 + name: v1beta1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubDataExchange is the Schema for the BigQueryAnalyticsHubDataExchange + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubDataExchangeSpec defines the desired + state of BigQueryAnalyticsHubDataExchange properties: - bigqueryDataset: - description: Shared dataset i.e. BigQuery dataset source. - properties: - dataset: - description: Resource name of the dataset source for this listing. - e.g. projects/myproject/datasets/123. - type: string - required: - - dataset - type: object - categories: - description: Categories of the listing. Up to two categories are allowed. - items: - type: string - type: array - dataExchangeId: - description: Immutable. The ID of the data exchange. Must contain - only Unicode letters, numbers (0-9), underscores (_). Should not - use characters that require URL-escaping, or characters outside - of ASCII, spaces. - type: string - dataProvider: - description: Details of the data provider who owns the source data. - properties: - name: - description: Name of the data provider. - type: string - primaryContact: - description: Email or URL of the data provider. - type: string - required: - - name - type: object description: - description: Short description of the listing. The description must - not contain Unicode non-characters and C0 and C1 control codes except - tabs (HT), new lines (LF), carriage returns (CR), and page breaks - (FF). + description: 'Optional. Description of the data exchange. The description + must not contain Unicode non-characters as well as C0 and C1 control + codes except tabs (HT), new lines (LF), carriage returns (CR), and + page breaks (FF). Default value is an empty string. Max length: + 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery on the discovery page for + all the listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. type: string displayName: - description: Human-readable display name of the listing. The display - name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), ampersands (&) and can't start or end - with spaces. + description: 'Required. Human-readable display name of the data exchange. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and must + not start or end with spaces. Default value is an empty string. + Max length: 63 bytes.' type: string documentation: - description: Documentation describing the listing. - type: string - icon: - description: Base64 encoded image representing the listing. + description: Optional. Documentation describing the data exchange. type: string location: - description: Immutable. The name of the location this data exchange - listing. + description: Immutable. The name of the location this data exchange. type: string primaryContact: - description: Email or URL of the primary point of contact of the listing. + description: 'Optional. Email or URL of the primary point of contact + of the data exchange. Max Length: 1000 bytes.' type: string projectRef: description: The project that this resource belongs to. @@ -10430,223 +10419,38 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - publisher: - description: Details of the publisher who owns the listing and who - can share the source data. - properties: - name: - description: Name of the listing publisher. - type: string - primaryContact: - description: Email or URL of the listing publisher. - type: string - required: - - name - type: object - requestAccess: - description: Email or URL of the request access of the listing. Subscribers - can use this reference to request access. - type: string - resourceID: - description: Immutable. Optional. The listingId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - required: - - bigqueryDataset - - dataExchangeId - - displayName - - location - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - name: - description: The resource name of the listing. e.g. "projects/myproject/locations/US/dataExchanges/123/listings/456". - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigqueryconnectionconnections.bigqueryconnection.cnrm.cloud.google.com -spec: - group: bigqueryconnection.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryConnectionConnection - plural: bigqueryconnectionconnections - shortNames: - - gcpbigqueryconnectionconnection - - gcpbigqueryconnectionconnections - singular: bigqueryconnectionconnection - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - cloudResource: - description: Container for connection properties for delegation of - access to GCP resources. - properties: - serviceAccountId: - description: The account ID of the service created for the purpose - of this connection. + description: The `projectID` field of a project, when not managed + by Config Connector. type: string - type: object - description: - description: A descriptive description for the connection. - type: string - friendlyName: - description: A descriptive name for the connection. - type: string - location: - description: |- - Immutable. The geographic location where the connection should reside. - Cloud SQL instance must be in the same location as the connection - with following exceptions: Cloud SQL us-central1 maps to BigQuery US, Cloud SQL europe-west1 maps to BigQuery EU. - Examples: US, EU, asia-northeast1, us-central1, europe-west1. - Spanner Connections same as spanner region - AWS allowed regions are aws-us-east-1 - Azure allowed regions are azure-eastus2. - type: string - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The connectionId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchange name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - location - projectRef type: object status: + description: BigQueryAnalyticsHubDataExchangeStatus defines the config + connector machine state of BigQueryAnalyticsHubDataExchange properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10670,13 +10474,9 @@ spec: type: string type: object type: array - hasCredential: - description: True if the connection has credential assigned. - type: boolean - name: - description: |- - The resource name of the connection in the form of: - "projects/{project_id}/locations/{location_id}/connections/{connectionId}". + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchange + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10684,19 +10484,16 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer observedState: - description: The observed state of the underlying GCP resource. + description: ObservedState is the state of the resource as most recently + observed in GCP. properties: - cloudResource: - description: Container for connection properties for delegation - of access to GCP resources. - properties: - serviceAccountId: - description: The account ID of the service created for the - purpose of this connection. - type: string - type: object + listingCount: + description: Number of listings contained in the data exchange. + format: int64 + type: integer type: object type: object required: @@ -10706,36 +10503,26 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatapolicydatapolicies.bigquerydatapolicy.cnrm.cloud.google.com + name: bigqueryanalyticshublistings.bigqueryanalyticshub.cnrm.cloud.google.com spec: - group: bigquerydatapolicy.cnrm.cloud.google.com + group: bigqueryanalyticshub.cnrm.cloud.google.com names: categories: - gcp - kind: BigQueryDataPolicyDataPolicy - plural: bigquerydatapolicydatapolicies - shortNames: - - gcpbigquerydatapolicydatapolicy - - gcpbigquerydatapolicydatapolicies - singular: bigquerydatapolicydatapolicy + kind: BigQueryAnalyticsHubListing + listKind: BigQueryAnalyticsHubListingList + plural: bigqueryanalyticshublistings + singular: bigqueryanalyticshublisting preserveUnknownFields: false scope: Namespaced versions: @@ -10758,46 +10545,99 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryAnalyticsHubListing is the Schema for the BigQueryAnalyticsHubListing + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryAnalyticsHubListingSpec defines the desired state + of BigQueryAnalyticsHubDataExchangeListing properties: - dataMaskingPolicy: - description: The data masking policy that specifies the data masking - rule to use. + categories: + description: Optional. Categories of the listing. Up to two categories + are allowed. + items: + type: string + type: array + dataExchangeRef: + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external properties: - predefinedExpression: - description: 'The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. - Possible values: ["SHA256", "ALWAYS_NULL", "DEFAULT_MASKING_VALUE", - "LAST_FOUR_CHARACTERS", "FIRST_FOUR_CHARACTERS", "EMAIL_MASK", - "DATE_YEAR_MASK"].' + external: + description: The DataExchange selfLink, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `DataExchange` resource. + type: string + namespace: + description: The `namespace` field of a `DataExchange` resource. type: string - required: - - predefinedExpression type: object - dataPolicyType: - description: 'The enrollment level of the service. Possible values: - ["COLUMN_LEVEL_SECURITY_POLICY", "DATA_MASKING_POLICY"].' + dataProvider: + description: Optional. Details of the data provider who owns the source + data. + properties: + name: + description: Optional. Name of the data provider. + type: string + primaryContact: + description: 'Optional. Email or URL of the data provider. Max + Length: 1000 bytes.' + type: string + type: object + description: + description: 'Optional. Short description of the listing. The description + must contain only Unicode characters or tabs (HT), new lines (LF), + carriage returns (CR), and page breaks (FF). Default value is an + empty string. Max length: 2000 bytes.' + type: string + discoveryType: + description: Optional. Type of discovery of the listing on the discovery + page. + type: string + displayName: + description: 'Required. Human-readable display name of the listing. + The display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can''t + start or end with spaces. Default value is an empty string. Max + length: 63 bytes.' + type: string + documentation: + description: Optional. Documentation describing the listing. type: string location: - description: Immutable. The name of the location of the data policy. + description: Immutable. The name of the location this data exchange. type: string - policyTag: - description: Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. + primaryContact: + description: 'Optional. Email or URL of the primary point of contact + of the listing. Max Length: 1000 bytes.' type: string projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -10814,31 +10654,138 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object + publisher: + description: Optional. Details of the publisher who owns the listing + and who can share the source data. + properties: + name: + description: Optional. Name of the listing publisher. + type: string + primaryContact: + description: 'Optional. Email or URL of the listing publisher. + Max Length: 1000 bytes.' + type: string + type: object + requestAccess: + description: 'Optional. Email or URL of the request access of the + listing. Subscribers can use this reference to request access. Max + Length: 1000 bytes.' + type: string resourceID: - description: Immutable. Optional. The dataPolicyId of the resource. - Used for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The BigQueryAnalyticsHubDataExchangeListing + name. If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + source: + properties: + bigQueryDatasetSource: + description: One of the following fields must be set. + properties: + datasetRef: + description: Resource name of the dataset source for this + listing. e.g. `projects/myproject/datasets/123` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + restrictedExportPolicy: + description: Optional. If set, restricted export policy will + be propagated and enforced on the linked dataset. + properties: + enabled: + description: Optional. If true, enable restricted export. + properties: + value: + description: The bool value. + type: boolean + type: object + restrictDirectTableAccess: + description: Optional. If true, restrict direct table + access (read api/tabledata.list) on linked table. + properties: + value: + description: The bool value. + type: boolean + type: object + restrictQueryResult: + description: Optional. If true, restrict export of query + result derived from restricted linked dataset table. + properties: + value: + description: The bool value. + type: boolean + type: object + type: object + selectedResources: + description: Optional. Resources in this dataset that are + selectively shared. If this field is empty, then the entire + dataset (all resources) are shared. This field is only valid + for data clean room exchanges. + items: + properties: + table: + description: 'Optional. Format: For table: `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table"' + type: string + type: object + type: array + required: + - datasetRef + type: object + type: object required: - - dataPolicyType + - dataExchangeRef + - displayName - location - - policyTag - projectRef + - source type: object status: + description: BigQueryAnalyticsHubListingStatus defines the config connector + machine state of BigQueryAnalyticsHubDataExchangeListing properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -10862,8 +10809,9 @@ spec: type: string type: object type: array - name: - description: Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -10871,45 +10819,45 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of the listing. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatasetaccesses.bigquery.cnrm.cloud.google.com + name: bigqueryconnectionconnections.bigqueryconnection.cnrm.cloud.google.com spec: - group: bigquery.cnrm.cloud.google.com + group: bigqueryconnection.cnrm.cloud.google.com names: categories: - gcp - kind: BigQueryDatasetAccess - plural: bigquerydatasetaccesses + kind: BigQueryConnectionConnection + listKind: BigQueryConnectionConnectionList + plural: bigqueryconnectionconnections shortNames: - - gcpbigquerydatasetaccess - - gcpbigquerydatasetaccesses - singular: bigquerydatasetaccess + - gcpbigqueryconnectionconnection + - gcpbigqueryconnectionconnections + singular: bigqueryconnectionconnection preserveUnknownFields: false scope: Namespaced versions: @@ -10932,73 +10880,238 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources properties: - dataset: - description: Immutable. Grants all resources of particular types in - a particular dataset read access to the current dataset. + aws: + description: Amazon Web Services (AWS) properties. properties: - dataset: - description: Immutable. The dataset this entry applies to. + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. properties: - datasetId: - description: Immutable. The ID of the dataset containing this - table. - type: string - projectId: - description: Immutable. The ID of the project containing this - table. + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. type: string required: - - datasetId - - projectId + - iamRoleID type: object - targetTypes: + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` + type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The SQLInstance selfLink, when not managed by + Config Connector. + type: string + name: + description: The `name` field of a `SQLInstance` resource. + type: string + namespace: + description: The `namespace` field of a `SQLInstance` resource. + type: string + type: object + type: + description: Type of the Cloud SQL database. + type: string + required: + - credential + - databaseRef + - instanceRef + - type + type: object + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: description: |- - Immutable. Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS. - items: - type: string - type: array + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). + + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. + + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean required: - - dataset - - targetTypes + - databaseRef type: object - datasetId: - description: |- - Immutable. A unique ID for this dataset, without the project name. The ID - must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - type: string - domain: - description: |- - Immutable. A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access. + description: + description: User provided description. type: string - groupByEmail: - description: Immutable. An email address of a Google Group to grant - access to. + friendlyName: + description: User provided display name for the connection. type: string - iamMember: - description: |- - Immutable. Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: 'allUsers'. + location: + description: Immutable. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -11015,91 +11128,103 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The routine of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - role: - description: |- - Immutable. Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles are - supported. Predefined roles that have equivalent basic roles are - swapped by the API to their basic counterparts, and will show a diff - post-create. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string - specialGroup: - description: |- - Immutable. A special group to grant access to. Possible values include: - - - * 'projectOwners': Owners of the enclosing project. - - - * 'projectReaders': Readers of the enclosing project. + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. + Example: - * 'projectWriters': Writers of the enclosing project. + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + Example: - * 'allAuthenticatedUsers': All authenticated BigQuery users. - type: string - userByEmail: - description: |- - Immutable. An email address of a user to grant access to. For example: - fred@example.com. - type: string - view: - description: |- - Immutable. A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - properties: - datasetId: - description: Immutable. The ID of the dataset containing this - table. - type: string - projectId: - description: Immutable. The ID of the project containing this - table. - type: string - tableId: - description: |- - Immutable. The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - type: string - required: - - datasetId - - projectId - - tableId + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object type: object required: - - datasetId + - location - projectRef type: object status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection properties: - apiUpdatedMember: - description: If true, represents that that the iam_member in the config - was translated to a different member type by the API, and is stored - in state as a different member type. - type: boolean conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -11123,54 +11248,116 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatasets.bigquery.cnrm.cloud.google.com -spec: - group: bigquery.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryDataset - plural: bigquerydatasets - shortNames: - - gcpbigquerydataset - - gcpbigquerydatasets - singular: bigquerydataset - preserveUnknownFields: false - scope: Namespaced - versions: + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -11190,173 +11377,111 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: BigQueryConnectionConnection is the Schema for the BigQueryConnectionConnection + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: BigQueryConnectionConnectionSpec defines the desired state + to connect BigQuery to external resources properties: - access: - description: An array of objects that define dataset access for one - or more entities. - items: - properties: - dataset: - description: Grants all resources of particular types in a particular - dataset read access to the current dataset. - properties: - dataset: - description: The dataset this entry applies to. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - required: - - datasetId - - projectId - type: object - targetTypes: - description: |- - Which resources in the dataset this entry applies to. Currently, only views are supported, - but additional target types may be added in the future. Possible values: VIEWS. - items: + aws: + description: Amazon Web Services (AWS) properties. + properties: + accessRole: + description: Authentication using Google owned service account + to assume into customer's AWS IAM Role. + properties: + iamRoleID: + description: The user’s AWS IAM Role that trusts the Google-owned + AWS IAM user Connection. + type: string + required: + - iamRoleID + type: object + required: + - accessRole + type: object + azure: + description: Azure properties. + properties: + customerTenantID: + description: The id of customer's directory that host the data. + type: string + federatedApplicationClientID: + description: The client ID of the user's Azure Active Directory + Application used for a federated connection. + type: string + required: + - customerTenantID + type: object + cloudResource: + description: Use Cloud Resource properties. + type: object + cloudSQL: + description: Cloud SQL properties. + properties: + credential: + description: Cloud SQL credential. + properties: + secretRef: + description: The Kubernetes Secret object that stores the + "username" and "password" information. The Secret type has + to be `kubernetes.io/basic-auth`. + properties: + name: + description: The `metadata.name` field of a Kubernetes + `Secret` type: string - type: array - required: - - dataset - - targetTypes - type: object - domain: - description: |- - A domain to grant access to. Any users signed in with the - domain specified will be granted the specified access. - type: string - groupByEmail: - description: An email address of a Google Group to grant access - to. - type: string - iamMember: - description: |- - Some other type of member that appears in the IAM Policy but isn't a user, - group, domain, or special group. For example: 'allUsers'. - type: string - role: - description: |- - Describes the rights granted to the user specified by the other - member of the access object. Basic, predefined, and custom roles - are supported. Predefined roles that have equivalent basic roles - are swapped by the API to their basic counterparts. See - [official docs](https://cloud.google.com/bigquery/docs/access-control). - type: string - routine: - description: |- - A routine from a different dataset to grant access to. Queries - executed against that routine will have read access to tables in - this dataset. The role field is not required when this field is - set. If that routine is updated by any user, access to the routine - needs to be granted again via an update operation. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - routineId: - description: |- - The ID of the routine. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 256 characters. - type: string + namespace: + description: The `metadata.namespace` field of a Kubernetes + `Secret`. + type: string + required: + - name + type: object + type: object + databaseRef: + description: Reference to the SQL Database. + oneOf: + - not: + required: + - external required: - - datasetId - - projectId - - routineId - type: object - specialGroup: - description: |- - A special group to grant access to. Possible values include: - - - * 'projectOwners': Owners of the enclosing project. - - - * 'projectReaders': Readers of the enclosing project. - - - * 'projectWriters': Writers of the enclosing project. - - - * 'allAuthenticatedUsers': All authenticated BigQuery users. - type: string - userByEmail: - description: |- - An email address of a user to grant access to. For example: - fred@example.com. - type: string - view: - description: |- - A view from a different dataset to grant access to. Queries - executed against that view will have read access to tables in - this dataset. The role field is not required when this field is - set. If that view is updated by any user, access to the view - needs to be granted again via an update operation. - properties: - datasetId: - description: The ID of the dataset containing this table. - type: string - projectId: - description: The ID of the project containing this table. - type: string - tableId: - description: |- - The ID of the table. The ID must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_). The maximum length - is 1,024 characters. - type: string + - name + - not: + anyOf: + - required: + - name + - required: + - namespace required: - - datasetId - - projectId - - tableId - type: object - type: object - type: array - defaultCollation: - description: |- - Defines the default collation specification of future tables created - in the dataset. If a table is created in this dataset without table-level - default collation, then the table inherits the dataset default collation, - which is applied to the string fields that do not have explicit collation - specified. A change to this field affects only tables created afterwards, - and does not alter the existing tables. - - The following values are supported: - - 'und:ci': undetermined locale, case insensitive. - - '': empty string. Default to case-sensitive behavior. - type: string - defaultEncryptionConfiguration: - description: |- - The default encryption key for all tables in the dataset. Once this property is set, - all newly-created partitioned tables in the dataset will have encryption key set to - this value, unless table creation request (or query) overrides the key. - properties: - kmsKeyRef: - description: |- - Describes the Cloud KMS encryption key that will be used to protect destination - BigQuery table. The BigQuery Service Account associated with your project requires - access to this encryption key. + - external + properties: + external: + description: The SQL Database name, when not managed by Config + Connector. + type: string + name: + description: The `name` field of a `SQLDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SQLDatabase` resource. + type: string + type: object + instanceRef: + description: Reference to the Cloud SQL instance ID. oneOf: - not: required: @@ -11373,86 +11498,117 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey` - resource.' + description: The SQLInstance selfLink, when not managed by + Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `SQLInstance` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `SQLInstance` resource. type: string type: object + type: + description: Type of the Cloud SQL database. + type: string required: - - kmsKeyRef + - credential + - databaseRef + - instanceRef + - type type: object - defaultPartitionExpirationMs: - description: |- - The default partition expiration for all partitioned tables in - the dataset, in milliseconds. + cloudSpanner: + description: Cloud Spanner properties. + properties: + databaseRef: + description: Reference to a spanner database ID. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The Spanner Database selfLink, when not managed + by Config Connector. + type: string + name: + description: The `name` field of a `SpannerDatabase` resource. + type: string + namespace: + description: The `namespace` field of a `SpannerDatabase` + resource. + type: string + type: object + databaseRole: + description: |- + Optional. Cloud Spanner database role for fine-grained access control. + The Cloud Spanner admin should have provisioned the database role with + appropriate permissions, such as `SELECT` and `INSERT`. Other users should + only use roles provided by their Cloud Spanner admins. + For more details, see [About fine-grained access control] + (https://cloud.google.com/spanner/docs/fgac-about). - Once this property is set, all newly-created partitioned tables in - the dataset will have an 'expirationMs' property in the 'timePartitioning' - settings set to this value, and changing the value will only - affect new tables, not existing ones. The storage in a partition will - have an expiration time of its partition time plus this value. - Setting this property overrides the use of 'defaultTableExpirationMs' - for partitioned tables: only one of 'defaultTableExpirationMs' and - 'defaultPartitionExpirationMs' will be used for any new partitioned - table. If you provide an explicit 'timePartitioning.expirationMs' when - creating or updating a partitioned table, that value takes precedence - over the default partition expiration time indicated by this property. - type: integer - defaultTableExpirationMs: - description: |- - The default lifetime of all tables in the dataset, in milliseconds. - The minimum value is 3600000 milliseconds (one hour). + REQUIRES: The database role name must start with a letter, and can only + contain letters, numbers, and underscores. + type: string + maxParallelism: + description: |- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner instance + configuration. + REQUIRES: `use_parallelism` must be set. + REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be + set. + format: int32 + type: integer + useDataBoost: + description: |- + If set, the request will be executed via Spanner independent compute + resources. + REQUIRES: `use_parallelism` must be set. - Once this property is set, all newly-created tables in the dataset - will have an 'expirationTime' property set to the creation time plus - the value in this property, and changing the value will only affect - new tables, not existing ones. When the 'expirationTime' for a given - table is reached, that table will be deleted automatically. - If a table's 'expirationTime' is modified or removed before the - table expires, or if you provide an explicit 'expirationTime' when - creating a table, that value takes precedence over the default - expiration time indicated by this property. - type: integer + NOTE: `use_serverless_analytics` will be deprecated. Prefer + `use_data_boost` over `use_serverless_analytics`. + type: boolean + useParallelism: + description: If parallelism should be used when reading from Cloud + Spanner + type: boolean + useServerlessAnalytics: + description: 'If the serverless analytics service should be used + to read data from Cloud Spanner. Note: `use_parallelism` must + be set when using serverless analytics.' + type: boolean + required: + - databaseRef + type: object description: - description: A user-friendly description of the dataset. + description: User provided description. type: string friendlyName: - description: A descriptive name for the dataset. + description: User provided display name for the connection. type: string - isCaseInsensitive: - description: |- - TRUE if the dataset and its table names are case-insensitive, otherwise FALSE. - By default, this is FALSE, which means the dataset and its table names are - case-sensitive. This field does not affect routine references. - type: boolean location: - description: |- - Immutable. The geographic location where the dataset should reside. - See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). - - - There are two types of locations, regional or multi-regional. A regional - location is a specific geographic place, such as Tokyo, and a multi-regional - location is a large geographic area, such as the United States, that - contains at least two geographic places. - - - The default value is multi-regional location 'US'. - Changing this forces a new resource to be created. - type: string - maxTimeTravelHours: - description: Defines the time travel window in hours. The value can - be from 48 to 168 hours (2 to 7 days). + description: Immutable. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The Project that this resource belongs to. oneOf: - not: required: @@ -11469,34 +11625,1805 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The datasetId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: 'Immutable. Optional. The BigQuery Connection ID used + for resource creation or acquisition. For creation: If specified, + this value is used as the connection ID. If not provided, a UUID + will be generated and assigned as the connection ID. For acquisition: + This field must be provided to identify the connection resource + to acquire.' type: string - storageBillingModel: - description: |- - Specifies the storage billing model for the dataset. - Set this flag value to LOGICAL to use logical bytes for storage billing, - or to PHYSICAL to use physical bytes instead. + spark: + description: Spark properties. + properties: + metastoreService: + description: Optional. Dataproc Metastore Service configuration + for the connection. + properties: + metastoreServiceRef: + description: |- + Optional. Resource name of an existing Dataproc Metastore service. - LOGICAL is the default if this flag isn't specified. - type: string + Example: + + * `projects/[project_id]/locations/[region]/services/[service_id]` + properties: + external: + description: The self-link of an existing Dataproc Metastore + service , when not managed by Config Connector. + type: string + required: + - external + type: object + type: object + sparkHistoryServer: + description: Optional. Spark History Server configuration for + the connection. + properties: + dataprocClusterRef: + description: |- + Optional. Resource name of an existing Dataproc Cluster to act as a Spark + History Server for the connection. + + Example: + + * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The self-link of an existing Dataproc Cluster + to act as a Spark History Server for the connection + , when not managed by Config Connector. + type: string + name: + description: The `name` field of a Dataproc Cluster. + type: string + namespace: + description: The `namespace` field of a Dataproc Cluster. + type: string + type: object + type: object + type: object + required: + - location + - projectRef type: object status: + description: BigQueryConnectionConnectionStatus defines the config connector + machine state of BigQueryConnectionConnection properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryConnectionConnection + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + aws: + properties: + accessRole: + properties: + identity: + description: A unique Google-owned and Google-generated + identity for the Connection. This identity will be used + to access the user's AWS IAM Role. + type: string + type: object + type: object + azure: + properties: + application: + description: The name of the Azure Active Directory Application. + type: string + clientID: + description: The client id of the Azure Active Directory Application. + type: string + identity: + description: A unique Google-owned and Google-generated identity + for the Connection. This identity will be used to access + the user's Azure Active Directory Application. + type: string + objectID: + description: The object id of the Azure Active Directory Application. + type: string + redirectUri: + description: The URL user will be redirected to after granting + consent during connection setup. + type: string + type: object + cloudResource: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it + when it is created. After creation, customers delegate permissions + to the service account. When the connection is used in the context of an + operation in BigQuery, the service account will be used to connect to the + desired resources in GCP. + + The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + type: string + type: object + cloudSQL: + properties: + serviceAccountID: + description: |- + The account ID of the service used for the purpose of this connection. + + When the connection is used in the context of an operation in + BigQuery, this service account will serve as the identity being used for + connecting to the CloudSQL instance specified in this connection. + type: string + type: object + description: + description: The description for the connection. + type: string + friendlyName: + description: The display name for the connection. + type: string + hasCredential: + description: Output only. True, if credential is configured for + this connection. + type: boolean + spark: + properties: + serviceAccountID: + description: |2- + The account ID of the service created for the purpose of this + connection. + + The service account does not have any permissions associated with it when + it is created. After creation, customers delegate permissions to the + service account. When the connection is used in the context of a stored + procedure for Apache Spark in BigQuery, the service account is used to + connect to the desired resources in Google Cloud. + + The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + type: string + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatapolicydatapolicies.bigquerydatapolicy.cnrm.cloud.google.com +spec: + group: bigquerydatapolicy.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataPolicyDataPolicy + plural: bigquerydatapolicydatapolicies + shortNames: + - gcpbigquerydatapolicydatapolicy + - gcpbigquerydatapolicydatapolicies + singular: bigquerydatapolicydatapolicy + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + dataMaskingPolicy: + description: The data masking policy that specifies the data masking + rule to use. + properties: + predefinedExpression: + description: 'The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. + Possible values: ["SHA256", "ALWAYS_NULL", "DEFAULT_MASKING_VALUE", + "LAST_FOUR_CHARACTERS", "FIRST_FOUR_CHARACTERS", "EMAIL_MASK", + "DATE_YEAR_MASK"].' + type: string + required: + - predefinedExpression + type: object + dataPolicyType: + description: 'The enrollment level of the service. Possible values: + ["COLUMN_LEVEL_SECURITY_POLICY", "DATA_MASKING_POLICY"].' + type: string + location: + description: Immutable. The name of the location of the data policy. + type: string + policyTag: + description: Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The dataPolicyId of the resource. + Used for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - dataPolicyType + - location + - policyTag + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + name: + description: Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatasetaccesses.bigquery.cnrm.cloud.google.com +spec: + group: bigquery.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDatasetAccess + plural: bigquerydatasetaccesses + shortNames: + - gcpbigquerydatasetaccess + - gcpbigquerydatasetaccesses + singular: bigquerydatasetaccess + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + dataset: + description: Immutable. Grants all resources of particular types in + a particular dataset read access to the current dataset. + properties: + dataset: + description: Immutable. The dataset this entry applies to. + properties: + datasetId: + description: Immutable. The ID of the dataset containing this + table. + type: string + projectId: + description: Immutable. The ID of the project containing this + table. + type: string + required: + - datasetId + - projectId + type: object + targetTypes: + description: |- + Immutable. Which resources in the dataset this entry applies to. Currently, only views are supported, + but additional target types may be added in the future. Possible values: VIEWS. + items: + type: string + type: array + required: + - dataset + - targetTypes + type: object + datasetId: + description: |- + Immutable. A unique ID for this dataset, without the project name. The ID + must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. + type: string + domain: + description: |- + Immutable. A domain to grant access to. Any users signed in with the + domain specified will be granted the specified access. + type: string + groupByEmail: + description: Immutable. An email address of a Google Group to grant + access to. + type: string + iamMember: + description: |- + Immutable. Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: 'allUsers'. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The routine of the resource. Used + for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + role: + description: |- + Immutable. Describes the rights granted to the user specified by the other + member of the access object. Basic, predefined, and custom roles are + supported. Predefined roles that have equivalent basic roles are + swapped by the API to their basic counterparts, and will show a diff + post-create. See + [official docs](https://cloud.google.com/bigquery/docs/access-control). + type: string + specialGroup: + description: |- + Immutable. A special group to grant access to. Possible values include: + + + * 'projectOwners': Owners of the enclosing project. + + + * 'projectReaders': Readers of the enclosing project. + + + * 'projectWriters': Writers of the enclosing project. + + + * 'allAuthenticatedUsers': All authenticated BigQuery users. + type: string + userByEmail: + description: |- + Immutable. An email address of a user to grant access to. For example: + fred@example.com. + type: string + view: + description: |- + Immutable. A view from a different dataset to grant access to. Queries + executed against that view will have read access to tables in + this dataset. The role field is not required when this field is + set. If that view is updated by any user, access to the view + needs to be granted again via an update operation. + properties: + datasetId: + description: Immutable. The ID of the dataset containing this + table. + type: string + projectId: + description: Immutable. The ID of the project containing this + table. + type: string + tableId: + description: |- + Immutable. The ID of the table. The ID must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum length + is 1,024 characters. + type: string + required: + - datasetId + - projectId + - tableId + type: object + required: + - datasetId + - projectRef + type: object + status: + properties: + apiUpdatedMember: + description: If true, represents that that the iam_member in the config + was translated to a different member type by the API, and is stored + in state as a different member type. + type: boolean + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: stable + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: bigquerydatasets.bigquery.cnrm.cloud.google.com +spec: + group: bigquery.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataset + listKind: BigQueryDatasetList + plural: bigquerydatasets + shortNames: + - gcpbigquerydataset + - gcpbigquerydatasets + singular: bigquerydataset + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataset is the Schema for the BigQueryDataset API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDatasetSpec defines the desired state of BigQueryDataset + properties: + access: + description: An array of objects that define dataset access for one + or more entities. + items: + properties: + dataset: + description: '[Pick one] A grant authorizing all resources of + a particular type in a particular dataset access to this dataset. + Only views are supported for now. The role field is not required + when this field is set. If that dataset is deleted and re-created, + its access needs to be granted again via an update operation.' + properties: + dataset: + description: The dataset this entry applies to. + properties: + datasetId: + description: A unique Id for this dataset, without the + project name. The Id must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_). The maximum + length is 1,024 characters. + type: string + projectId: + description: The ID of the project containing this dataset. + type: string + required: + - datasetId + - projectId + type: object + targetTypes: + description: Which resources in the dataset this entry applies + to. Currently, only views are supported, but additional + target types may be added in the future. + items: + type: string + type: array + required: + - dataset + - targetTypes + type: object + domain: + description: '[Pick one] A domain to grant access to. Any users + signed in with the domain specified will be granted the specified + access. Example: "example.com". Maps to IAM policy member + "domain:DOMAIN".' + type: string + groupByEmail: + description: '[Pick one] An email address of a Google Group + to grant access to. Maps to IAM policy member "group:GROUP".' + type: string + iamMember: + description: '[Pick one] Some other type of member that appears + in the IAM Policy but isn''t a user, group, domain, or special + group.' + type: string + role: + description: |- + An IAM role ID that should be granted to the user, group, + or domain specified in this access entry. + The following legacy mappings will be applied: + + * `OWNER`: `roles/bigquery.dataOwner` + * `WRITER`: `roles/bigquery.dataEditor` + * `READER`: `roles/bigquery.dataViewer` + + This field will accept any of the above formats, but will return only + the legacy format. For example, if you set this field to + "roles/bigquery.dataOwner", it will be returned back as "OWNER". + type: string + routine: + description: '[Pick one] A routine from a different dataset + to grant access to. Queries executed against that routine + will have read access to views/tables/routines in this dataset. + Only UDF is supported for now. The role field is not required + when this field is set. If that routine is updated by any + user, access to the routine needs to be granted again via + an update operation.' + properties: + datasetId: + description: The ID of the dataset containing this routine. + type: string + projectId: + description: The ID of the project containing this routine. + type: string + routineId: + description: The Id of the routine. The Id must contain + only letters (a-z, A-Z), numbers (0-9), or underscores + (_). The maximum length is 256 characters. + type: string + required: + - datasetId + - projectId + - routineId + type: object + specialGroup: + description: |- + [Pick one] A special group to grant access to. Possible values include: + + * projectOwners: Owners of the enclosing project. + * projectReaders: Readers of the enclosing project. + * projectWriters: Writers of the enclosing project. + * allAuthenticatedUsers: All authenticated BigQuery users. + + Maps to similarly-named IAM members. + type: string + userByEmail: + description: '[Pick one] An email address of a user to grant + access to. For example: fred@example.com. Maps to IAM policy + member "user:EMAIL" or "serviceAccount:EMAIL".' + type: string + view: + description: '[Pick one] A view from a different dataset to + grant access to. Queries executed against that view will have + read access to views/tables/routines in this dataset. The + role field is not required when this field is set. If that + view is updated by any user, access to the view needs to be + granted again via an update operation.' + properties: + datasetId: + description: The ID of the dataset containing this table. + type: string + projectId: + description: The ID of the project containing this table. + type: string + tableId: + description: The Id of the table. The Id can contain Unicode + characters in category L (letter), M (mark), N (number), + Pc (connector, including underscore), Pd (dash), and Zs + (space). For more information, see [General Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). + The maximum length is 1,024 characters. Certain operations + allow suffixing of the table Id with a partition decorator, + such as `sample_table$20190123`. + type: string + required: + - datasetId + - projectId + - tableId + type: object + type: object + type: array + defaultCollation: + description: |- + Optional. Defines the default collation specification of future tables + created in the dataset. If a table is created in this dataset without + table-level default collation, then the table inherits the dataset default + collation, which is applied to the string fields that do not have explicit + collation specified. A change to this field affects only tables created + afterwards, and does not alter the existing tables. + The following values are supported: + + * 'und:ci': undetermined locale, case insensitive. + * '': empty string. Default to case-sensitive behavior. + type: string + defaultEncryptionConfiguration: + description: The default encryption key for all tables in the dataset. + After this property is set, the encryption key of all newly-created + tables in the dataset is set to this value unless the table creation + request or query explicitly overrides the key. + properties: + kmsKeyRef: + description: Optional. Describes the Cloud KMS encryption key + that will be used to protect destination BigQuery table. The + BigQuery Service Account associated with your project requires + access to this encryption key. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + defaultPartitionExpirationMs: + description: |- + This default partition expiration, expressed in milliseconds. + + When new time-partitioned tables are created in a dataset where this + property is set, the table will inherit this value, propagated as the + `TimePartitioning.expirationMs` property on the new table. If you set + `TimePartitioning.expirationMs` explicitly when creating a table, + the `defaultPartitionExpirationMs` of the containing dataset is ignored. + + When creating a partitioned table, if `defaultPartitionExpirationMs` + is set, the `defaultTableExpirationMs` value is ignored and the table + will not be inherit a table expiration deadline. + format: int64 + type: integer + defaultTableExpirationMs: + description: Optional. The default lifetime of all tables in the dataset, + in milliseconds. The minimum lifetime value is 3600000 milliseconds + (one hour). To clear an existing default expiration with a PATCH + request, set to 0. Once this property is set, all newly-created + tables in the dataset will have an expirationTime property set to + the creation time plus the value in this property, and changing + the value will only affect new tables, not existing ones. When the + expirationTime for a given table is reached, that table will be + deleted automatically. If a table's expirationTime is modified or + removed before the table expires, or if you provide an explicit + expirationTime when creating a table, that value takes precedence + over the default expiration time indicated by this property. + format: int64 + type: integer + description: + description: Optional. A user-friendly description of the dataset. + type: string + friendlyName: + description: Optional. A descriptive name for the dataset. + type: string + isCaseInsensitive: + description: Optional. TRUE if the dataset and its table names are + case-insensitive, otherwise FALSE. By default, this is FALSE, which + means the dataset and its table names are case-sensitive. This field + does not affect routine references. + type: boolean + location: + description: Optional. The geographic location where the dataset should + reside. See https://cloud.google.com/bigquery/docs/locations for + supported locations. + type: string + maxTimeTravelHours: + description: Optional. Defines the time travel window in hours. The + value can be from 48 to 168 hours (2 to 7 days). The default value + is 168 hours if this is not set. + type: string + projectRef: + description: ' Optional. The project that this resource belongs to.' + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: The BigQueryDataset name. If not given, the metadata.name + will be used. + type: string + storageBillingModel: + description: Optional. Updates storage_billing_model for the dataset. + type: string + type: object + status: + description: BigQueryDatasetStatus defines the config connector machine + state of BigQueryDataset + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + creationTime: + description: Output only. The time when this dataset was created, + in milliseconds since the epoch. + format: int64 + type: integer + etag: + description: Output only. A hash of the resource. + type: string + externalRef: + description: A unique specifier for the BigQueryAnalyticsHubDataExchangeListing + resource in GCP. + type: string + lastModifiedTime: + description: Output only. The date when this dataset was last modified, + in milliseconds since the epoch. + format: int64 + type: integer + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + location: + description: Optional. If the location is not specified in the + spec, the GCP server defaults to a location and will be captured + here. + type: string + type: object + selfLink: + description: Output only. A URL that can be used to access the resource + again. You can use this URL in Get or Update requests to the resource. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com +spec: + group: bigquerydatatransfer.cnrm.cloud.google.com + names: + categories: + - gcp + kind: BigQueryDataTransferConfig + listKind: BigQueryDataTransferConfigList + plural: bigquerydatatransferconfigs + singular: bigquerydatatransferconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. + type: string + name: + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. + type: string + nextRunTime: + description: Output only. Next time when data transfer will run. + type: string + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. + properties: + email: + description: E-mail address of the user. + type: string + type: object + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BigQueryDataTransferConfig is the Schema for the BigQueryDataTransferConfig + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BigQueryDataTransferConfigSpec defines the desired state + of BigQueryDataTransferConfig + properties: + dataRefreshWindowDays: + description: The number of days to look back to automatically refresh + the data. For example, if `data_refresh_window_days = 10`, then + every day BigQuery reingests data for [today-10, today-1], rather + than ingesting data for just [today-1]. Only valid if the data source + supports the feature. Set the value to 0 to use the default value. + format: int32 + type: integer + dataSourceID: + description: 'Immutable. Data source ID. This cannot be changed once + data transfer is created. The full list of available data source + IDs can be returned through an API call: https://cloud.google.com/bigquery-transfer/docs/reference/datatransfer/rest/v1/projects.locations.dataSources/list' + type: string + x-kubernetes-validations: + - message: DataSourceID field is immutable + rule: self == oldSelf + datasetRef: + description: The BigQuery target dataset id. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/datasets/[dataset_id]`. + type: string + name: + description: The `metadata.name` field of a `BigQueryDataset` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `BigQueryDataset` + resource. + type: string + type: object + disabled: + description: Is this config disabled. When set to true, no runs will + be scheduled for this transfer config. + type: boolean + displayName: + description: User specified display name for the data transfer. + type: string + emailPreferences: + description: Email notifications will be sent according to these preferences + to the email address of the user who owns this transfer config. + properties: + enableFailureEmail: + description: If true, email notifications will be sent on transfer + run failures. + type: boolean + type: object + encryptionConfiguration: + description: The encryption configuration part. Currently, it is only + used for the optional KMS key name. The BigQuery service account + of your project must be granted permissions to use the key. Read + methods will return the key name applied in effect. Write methods + will apply the key if it is present, or otherwise try to apply project + default keys if it is absent. + properties: + kmsKeyRef: + description: The KMS key used for encrypting BigQuery data. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object + type: object + location: + description: Immutable. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf + params: + additionalProperties: + type: string + description: 'Parameters specific to each data source. For more information + see the bq tab in the ''Setting up a data transfer'' section for + each data source. For example the parameters for Cloud Storage transfers + are listed here: https://cloud.google.com/bigquery-transfer/docs/cloud-storage-transfer#bq' + type: object + projectRef: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pubSubTopicRef: + description: Pub/Sub topic where notifications will be sent after + transfer runs associated with this transfer config finish. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. + type: string + name: + description: The `metadata.name` field of a `PubSubTopic` resource. + type: string + namespace: + description: The `metadata.namespace` field of a `PubSubTopic` + resource. + type: string + type: object + resourceID: + description: Immutable. The BigQueryDataTransferConfig name. If not + given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + schedule: + description: |- + Data transfer schedule. + If the data source does not support a custom schedule, this should be + empty. If it is empty, the default value for the data source will be used. + The specified times are in UTC. + Examples of valid format: + `1st,3rd monday of month 15:30`, + `every wed,fri of jan,jun 13:15`, and + `first sunday of quarter 00:00`. + See more explanation about the format here: + https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format + + NOTE: The minimum interval time between recurring transfers depends on the + data source; refer to the documentation for your data source. + type: string + scheduleOptions: + description: Options customizing the data transfer schedule. + properties: + disableAutoScheduling: + description: If true, automatic scheduling of data transfer runs + for this configuration will be disabled. The runs can be started + on ad-hoc basis using StartManualTransferRuns API. When automatic + scheduling is disabled, the TransferConfig.schedule field will + be ignored. + type: boolean + endTime: + description: Defines time to stop scheduling transfer runs. A + transfer run cannot be scheduled at or after the end time. The + end time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + startTime: + description: Specifies time to start scheduling transfer runs. + The first run will be scheduled at or after the start time according + to a recurrence pattern defined in the schedule string. The + start time can be changed at any moment. The time when a data + transfer can be triggered manually is not limited by this option. + type: string + type: object + serviceAccountRef: + description: Service account email. If this field is set, the transfer + config will be created with this service account's credentials. + It requires that the requesting user calling this API has permissions + to act as this service account. Note that not all data sources support + service account credentials when creating a transfer config. For + the latest list of data sources, please refer to https://cloud.google.com/bigquery/docs/use-service-accounts. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + required: + - dataSourceID + - datasetRef + - location + - params + - projectRef + type: object + status: + description: BigQueryDataTransferConfigStatus defines the config connector + machine state of BigQueryDataTransferConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -11520,326 +13447,60 @@ spec: type: string type: object type: array - creationTime: - description: |- - The time when this dataset was created, in milliseconds since the - epoch. - type: integer - etag: - description: A hash of the resource. + externalRef: + description: A unique specifier for the BigQueryDataTransferConfig + resource in GCP. type: string - lastModifiedTime: - description: |- - The date when this dataset or any of its tables was last modified, in - milliseconds since the epoch. - type: integer observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - selfLink: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: bigquerydatatransferconfigs.bigquerydatatransfer.cnrm.cloud.google.com -spec: - group: bigquerydatatransfer.cnrm.cloud.google.com - names: - categories: - - gcp - kind: BigQueryDataTransferConfig - plural: bigquerydatatransferconfigs - shortNames: - - gcpbigquerydatatransferconfig - - gcpbigquerydatatransferconfigs - singular: bigquerydatatransferconfig - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - dataRefreshWindowDays: - description: |- - The number of days to look back to automatically refresh the data. - For example, if dataRefreshWindowDays = 10, then every day BigQuery - reingests data for [today-10, today-1], rather than ingesting data for - just [today-1]. Only valid if the data source supports the feature. - Set the value to 0 to use the default value. - type: integer - dataSourceId: - description: Immutable. The data source id. Cannot be changed once - the transfer config is created. - type: string - destinationDatasetId: - description: The BigQuery target dataset id. - type: string - disabled: - description: When set to true, no runs are scheduled for a given transfer. - type: boolean - displayName: - description: The user specified display name for the transfer config. - type: string - emailPreferences: - description: |- - Email notifications will be sent according to these preferences to the - email address of the user who owns this transfer config. - properties: - enableFailureEmail: - description: If true, email notifications will be sent on transfer - run failures. - type: boolean - required: - - enableFailureEmail - type: object - location: - description: |- - Immutable. The geographic location where the transfer config should reside. - Examples: US, EU, asia-northeast1. The default value is US. - type: string - notificationPubsubTopic: - description: |- - Pub/Sub topic where notifications will be sent after transfer runs - associated with this transfer config finish. - type: string - params: - additionalProperties: - type: string - type: object - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' + datasetRegion: + description: Output only. Region in which BigQuery dataset is + located. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: Identifier. The resource name of the transfer config. + Transfer config names have the form either `projects/{project_id}/locations/{region}/transferConfigs/{config_id}` + or `projects/{project_id}/transferConfigs/{config_id}`, where + `config_id` is usually a UUID, even though it is not guaranteed + or required. The name is ignored when creating a transfer config. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. - type: string - schedule: - description: |- - Data transfer schedule. If the data source does not support a custom - schedule, this should be empty. If it is empty, the default value for - the data source will be used. The specified times are in UTC. Examples - of valid format: 1st,3rd monday of month 15:30, every wed,fri of jan, - jun 13:15, and first sunday of quarter 00:00. See more explanation - about the format here: - https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format - NOTE: the granularity should be at least 8 hours, or less frequent. - type: string - scheduleOptions: - description: Options customizing the data transfer schedule. - properties: - disableAutoScheduling: - description: |- - If true, automatic scheduling of data transfer runs for this - configuration will be disabled. The runs can be started on ad-hoc - basis using transferConfigs.startManualRuns API. When automatic - scheduling is disabled, the TransferConfig.schedule field will - be ignored. - type: boolean - endTime: - description: |- - Defines time to stop scheduling transfer runs. A transfer run cannot be - scheduled at or after the end time. The end time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. + nextRunTime: + description: Output only. Next time when data transfer will run. type: string - startTime: - description: |- - Specifies time to start scheduling transfer runs. The first run will be - scheduled at or after the start time according to a recurrence pattern - defined in the schedule string. The start time can be changed at any - moment. The time when a data transfer can be triggered manually is not - limited by this option. - type: string - type: object - sensitiveParams: - description: |- - Different parameters are configured primarily using the the 'params' field on this - resource. This block contains the parameters which contain secrets or passwords so that they can be marked - sensitive and hidden from plan output. The name of the field, eg: secret_access_key, will be the key - in the 'params' map in the api request. - - Credentials may not be specified in both locations and will cause an error. Changing from one location - to a different credential configuration in the config will require an apply to update state. - properties: - secretAccessKey: - description: The Secret Access Key of the AWS account transferring - data from. - oneOf: - - not: - required: - - valueFrom - required: - - value - - not: - required: - - value - required: - - valueFrom + ownerInfo: + description: Output only. Information about the user whose credentials + are used to transfer data. Populated only for `transferConfigs.get` + requests. In case the user information is not available, this + field will not be populated. properties: - value: - description: Value of the field. Cannot be used if 'valueFrom' - is specified. + email: + description: E-mail address of the user. type: string - valueFrom: - description: Source for the field's value. Cannot be used - if 'value' is specified. - properties: - secretKeyRef: - description: Reference to a value with the given key in - the given Secret in the resource's namespace. - properties: - key: - description: Key that identifies the value to be extracted. - type: string - name: - description: Name of the Secret to extract a value - from. - type: string - required: - - name - - key - type: object - type: object type: object - required: - - secretAccessKey + state: + description: Output only. State of the most recently updated transfer + run. + type: string + updateTime: + description: Output only. Data transfer modification time. Ignored + by server on input. + type: string + userID: + description: Deprecated. Unique ID of the user on whose behalf + transfer is done. + format: int64 + type: integer type: object - serviceAccountName: - description: |- - Service account email. If this field is set, transfer config will - be created with this service account credentials. It requires that - requesting user calling this API has permissions to act as this service account. - type: string - required: - - dataSourceId - - displayName - - params - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - name: - description: |- - The resource name of the transfer config. Transfer config names have the - form projects/{projectId}/locations/{location}/transferConfigs/{configId} - or projects/{projectId}/transferConfigs/{configId}, - where configId is usually a uuid, but this is not required. - The name is ignored when creating a transfer config. - type: string - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer type: object required: - spec @@ -11848,18 +13509,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12715,7 +14370,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -12902,7 +14557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13092,7 +14747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13354,7 +15009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -13939,7 +15594,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14127,7 +15782,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14348,7 +16003,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14580,7 +16235,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -14753,7 +16408,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15212,7 +16867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15480,7 +17135,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -15905,7 +17560,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16346,7 +18001,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -16699,7 +18354,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -17520,13 +19175,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" name: certificatemanagerdnsauthorizations.certificatemanager.cnrm.cloud.google.com spec: group: certificatemanager.cnrm.cloud.google.com @@ -17534,6 +19188,7 @@ spec: categories: - gcp kind: CertificateManagerDNSAuthorization + listKind: CertificateManagerDNSAuthorizationList plural: certificatemanagerdnsauthorizations shortNames: - gcpcertificatemanagerdnsauthorization @@ -17542,148 +19197,6 @@ spec: preserveUnknownFields: false scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: When 'True', the most recent reconcile of the resource succeeded - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - description: The reason for the value in 'Ready' - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Status - type: string - - description: The last transition time for the value in 'Status' - jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime - name: Status Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'apiVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - description: - description: A human-readable description of the resource. - type: string - domain: - description: |- - Immutable. A domain which is being authorized. A DnsAuthorization resource covers a - single domain and its wildcard, e.g. authorization for "example.com" can - be used to issue certificates for "example.com" and "*.example.com". - type: string - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. - type: string - required: - - domain - - projectRef - type: object - status: - properties: - conditions: - description: Conditions represent the latest available observation - of the resource's current state. - items: - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: Status is the status of the condition. Can be True, - False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - type: object - type: array - dnsResourceRecord: - description: |- - The structure describing the DNS Resource Record that needs to be added - to DNS configuration for the authorization to be usable by - certificate. - items: - properties: - data: - description: Data of the DNS Resource Record. - type: string - name: - description: |- - Fully qualified name of the DNS Resource Record. - E.g. '_acme-challenge.example.com'. - type: string - type: - description: Type of the DNS Resource Record. - type: string - type: object - type: array - observedGeneration: - description: ObservedGeneration is the generation of the resource - that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. - type: integer - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -17703,30 +19216,37 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: CertificateManagerDNSAuthorization is the Schema for the CertificateManagerDNSAuthorization + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: CertificateManagerDNSAuthorizationSpec defines the desired + state of CertificateManagerDNSAuthorization properties: description: description: A human-readable description of the resource. type: string domain: - description: |- - Immutable. A domain which is being authorized. A DnsAuthorization resource covers a - single domain and its wildcard, e.g. authorization for "example.com" can - be used to issue certificates for "example.com" and "*.example.com". - type: string + description: Immutable. A domain which is being authorized. A DnsAuthorization + resource covers a single domain and its wildcard, e.g. authorization + for "example.com" can be used to issue certificates for "example.com" + and "*.example.com". + type: string + x-kubernetes-validations: + - message: Domain field is immutable + rule: self == oldSelf projectRef: description: The project that this resource belongs to. oneOf: @@ -17745,13 +19265,18 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: @@ -17759,15 +19284,20 @@ spec: creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - domain - projectRef type: object status: + description: CertificateManagerDNSAuthorizationStatus defines the config + connector machine state of CertificateManagerDNSAuthorization properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the CertificateManagerDNSAuthorization's current state. items: properties: lastTransitionTime: @@ -17792,18 +19322,16 @@ spec: type: object type: array dnsResourceRecord: - description: |- - The structure describing the DNS Resource Record that needs to be added - to DNS configuration for the authorization to be usable by - certificate. + description: The structure describing the DNS Resource Record that + needs to be added to DNS configuration for the authorization to + be usable by certificate. items: properties: data: description: Data of the DNS Resource Record. type: string name: - description: |- - Fully qualified name of the DNS Resource Record. + description: Fully qualified name of the DNS Resource Record. E.g. '_acme-challenge.example.com'. type: string type: @@ -17817,6 +19345,175 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 + type: integer + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: CertificateManagerDNSAuthorization is the Schema for the CertificateManagerDNSAuthorization + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CertificateManagerDNSAuthorizationSpec defines the desired + state of CertificateManagerDNSAuthorization + properties: + description: + description: A human-readable description of the resource. + type: string + domain: + description: Immutable. A domain which is being authorized. A DnsAuthorization + resource covers a single domain and its wildcard, e.g. authorization + for "example.com" can be used to issue certificates for "example.com" + and "*.example.com". + type: string + x-kubernetes-validations: + - message: Domain field is immutable + rule: self == oldSelf + location: + description: Immutable. Optional. Location represents the geographical + location of the DnsAuthorization. If not specified, "global" is + used. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - domain + - projectRef + type: object + status: + description: CertificateManagerDNSAuthorizationStatus defines the config + connector machine state of CertificateManagerDNSAuthorization + properties: + conditions: + description: Conditions represent the latest available observations + of the CertificateManagerDNSAuthorization's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + dnsResourceRecord: + description: The structure describing the DNS Resource Record that + needs to be added to DNS configuration for the authorization to + be usable by certificate. + items: + properties: + data: + description: Output only. Data of the DNS Resource Record. + type: string + name: + description: Output only. Fully qualified name of the DNS Resource + Record. e.g. `_acme-challenge.example.com` + type: string + type: + description: Output only. Type of the DNS Resource Record. Currently + always set to "CNAME". + type: string + type: object + type: array + externalRef: + description: A unique specifier for the CertificateManagerDNSAuthorization + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 type: integer type: object required: @@ -17826,18 +19523,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18076,7 +19767,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18307,7 +19998,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -18537,7 +20228,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20045,7 +21736,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20113,8 +21804,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20157,7 +21848,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -20321,8 +22012,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -20374,7 +22065,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -20506,7 +22197,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -20980,7 +22671,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21412,7 +23103,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -21610,7 +23301,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -21877,7 +23568,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22272,7 +23963,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22451,7 +24142,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -22713,7 +24404,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -23251,7 +24942,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23522,7 +25213,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -23793,7 +25484,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24248,7 +25939,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24518,7 +26209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -24732,7 +26423,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -25896,7 +27587,8 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `NetworkSecurityClientTLSPolicy` + description: 'Allowed value: string of the format `//networksecurity.googleapis.com/projects/{{project}}/locations/{{location}}/clientTlsPolicies/{{value}}`, + where {{value}} is the `name` field of a `NetworkSecurityClientTLSPolicy` resource.' type: string name: @@ -26011,7 +27703,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26225,7 +27917,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -26402,7 +28094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27166,7 +28858,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -27317,7 +29009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27537,7 +29229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27729,7 +29421,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -27743,6 +29435,7 @@ spec: categories: - gcp kind: ComputeFirewallPolicyRule + listKind: ComputeFirewallPolicyRuleList plural: computefirewallpolicyrules shortNames: - gcpcomputefirewallpolicyrule @@ -27770,16 +29463,17 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeFirewallPolicyRule is the Schema for the compute API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -27826,16 +29520,15 @@ spec: - external properties: external: - description: |- - The firewall policy of the resource. - - Allowed value: The Google Cloud resource name of a `ComputeFirewallPolicy` resource (format: `locations/global/firewallPolicies/{{name}}`). + description: A reference to an externally managed ComputeFirewallPolicy + resource. Should be in the format `locations/global/firewallPolicies/`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeFirewall olicy ` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeFirewallPolicy + ` resource. type: string type: object match: @@ -27961,14 +29654,14 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeNetwork` - resource.' + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeNetwork` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeNetwork` resource. type: string type: object type: array @@ -27990,8 +29683,7 @@ spec: - external properties: external: - description: 'Allowed value: The Google Cloud resource name - of an `IAMServiceAccount` resource (format: `projects/{{project}}/serviceAccounts/{{name}}@{{project}}.iam.gserviceaccount.com`).' + description: The `email` field of an `IAMServiceAccount` resource. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' @@ -28011,8 +29703,8 @@ spec: status: properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -28036,6 +29728,10 @@ spec: type: string type: object type: array + externalRef: + description: A unique Config Connector specifier for the resource + in GCP. + type: string kind: description: Type of the resource. Always `compute#firewallPolicyRule` for firewall policy rules @@ -28046,6 +29742,7 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer ruleTupleCount: description: Calculation of the complexity of a single firewall policy @@ -28053,25 +29750,17 @@ spec: format: int64 type: integer type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28449,7 +30138,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -28562,7 +30251,7 @@ spec: external: description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeBackendService` resource. @@ -28616,7 +30305,7 @@ spec: properties: external: description: The ComputeAddress selflink in the form "projects/{{project}}/regions/{{region}}/addresses/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeAddress` resource. @@ -28752,8 +30441,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -28905,7 +30594,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -28920,6 +30609,8 @@ spec: For INTERNAL_SELF_MANAGED load balancing, only HTTP and HTTPS targets are valid. properties: + googleAPIsBundle: + type: string serviceAttachmentRef: oneOf: - not: @@ -28939,7 +30630,7 @@ spec: external: description: The ComputeServiceAttachment selflink in the form "projects/{{project}}/regions/{{region}}/serviceAttachments/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeServiceAttachment` @@ -28969,7 +30660,7 @@ spec: external: description: The ComputeTargetGrpcProxy selflink in the form "projects/{{project}}/global/targetGrpcProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetGrpcProxy` @@ -29000,7 +30691,7 @@ spec: description: The ComputeTargetHTTPProxy selflink in the form "projects/{{project}}/global/targetHttpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetHTTPProxy` @@ -29031,7 +30722,7 @@ spec: description: The ComputeTargetHTTPSProxy selflink in the form "projects/{{project}}/global/targetHttpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetHttpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetHTTPSProxy` @@ -29061,7 +30752,7 @@ spec: external: description: The ComputeTargetSSLProxy selflink in the form "projects/{{project}}/global/targetSslProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetSSLProxy` @@ -29092,7 +30783,7 @@ spec: description: The ComputeTargetTCPProxy selflink in the form "projects/{{project}}/global/targetTcpProxies/{{name}}" or "projects/{{project}}/regions/{{region}}/targetTcpProxies/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetTCPProxy` @@ -29122,7 +30813,7 @@ spec: external: description: The ComputeTargetVPNGateway selflink in the form "projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}" - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeTargetVPNGateway` @@ -29218,7 +30909,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29380,7 +31071,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -29538,7 +31229,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30002,7 +31693,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30163,7 +31854,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30324,7 +32015,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -30682,7 +32373,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -31461,7 +33152,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31643,7 +33334,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -31846,7 +33537,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -32879,7 +34570,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -33911,7 +35602,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34236,7 +35927,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34453,7 +36144,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -34798,7 +36489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35008,7 +36699,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35220,7 +36911,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35391,7 +37082,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35597,7 +37288,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -35985,7 +37676,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36166,7 +37857,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36366,7 +38057,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36540,7 +38231,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -36830,7 +38521,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37011,7 +38702,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37156,7 +38847,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37285,7 +38976,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -37511,7 +39202,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -37911,7 +39602,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38208,7 +39899,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38326,7 +40017,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38759,7 +40450,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -38936,7 +40627,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39238,7 +40929,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39535,7 +41226,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39731,7 +41422,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -39945,7 +41636,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40269,7 +41960,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -40561,7 +42252,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41018,7 +42709,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41374,7 +43065,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41601,7 +43292,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -41880,7 +43571,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42501,7 +44192,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -42848,7 +44539,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -42954,7 +44645,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43098,7 +44789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43497,7 +45188,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43715,7 +45406,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -43878,7 +45569,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44172,7 +45863,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44350,7 +46041,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44529,7 +46220,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -44887,7 +46578,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45112,7 +46803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45367,7 +47058,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45626,7 +47317,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45640,6 +47331,7 @@ spec: categories: - gcp kind: ComputeTargetTCPProxy + listKind: ComputeTargetTCPProxyList plural: computetargettcpproxies shortNames: - gcpcomputetargettcpproxy @@ -45667,20 +47359,23 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeTargetTCPProxy is the Schema for the ComputeTargetTCPProxy + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ComputeTargetTCPProxySpec defines the desired state of ComputeTargetTCPProxy properties: backendServiceRef: description: A reference to the ComputeBackendService resource. @@ -45700,42 +47395,58 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendService` - resource.' + description: The ComputeBackendService selflink in the form "projects/{{project}}/global/backendServices/{{name}}" + or "projects/{{project}}/regions/{{region}}/backendServices/{{name}}" + when not managed by Config Connector. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `ComputeBackendService` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `ComputeBackendService` + resource. type: string type: object description: description: Immutable. An optional description of this resource. type: string + x-kubernetes-validations: + - message: Description is immutable + rule: self == oldSelf + location: + description: 'The geographical location of the ComputeTargetTCPProxy. + Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)' + type: string proxyBind: - description: |- - Immutable. This field only applies when the forwarding rule that references - this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. + description: Immutable. This field only applies when the forwarding + rule that references this target proxy has a loadBalancingScheme + set to INTERNAL_SELF_MANAGED. type: boolean + x-kubernetes-validations: + - message: ProxyBind is immutable + rule: self == oldSelf proxyHeader: - description: |- - Specifies the type of proxy header to append before sending data to - the backend. Default value: "NONE" Possible values: ["NONE", "PROXY_V1"]. + description: 'Specifies the type of proxy header to append before + sending data to the backend. Default value: "NONE" Possible values: + ["NONE", "PROXY_V1"].' type: string resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The ComputeTargetTCPProxy name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID is immutable + rule: self == oldSelf required: - backendServiceRef type: object status: + description: ComputeTargetTCPProxyStatus defines the config connector + machine state of ComputeTargetTCPProxy properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -45762,17 +47473,24 @@ spec: creationTimestamp: description: Creation timestamp in RFC3339 text format. type: string + externalRef: + description: A unique specifier for the ComputeTargetTCPProxy resource + in GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer proxyId: description: The unique identifier for the resource. + format: int64 type: integer selfLink: + description: The SelfLink for the resource. type: string type: object required: @@ -45782,18 +47500,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -45954,7 +47666,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -48677,7 +50389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -48881,7 +50593,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -49253,7 +50965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -49569,7 +51281,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -50158,7 +51870,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50394,7 +52106,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -50408,6 +52120,7 @@ spec: categories: - gcp kind: ContainerAttachedCluster + listKind: ContainerAttachedClusterList plural: containerattachedclusters shortNames: - gcpcontainerattachedcluster @@ -50435,79 +52148,93 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ContainerAttachedCluster is the Schema for the ContainerAttachedCluster + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ContainerAttachedClusterSpec defines the desired state of + ContainerAttachedCluster properties: annotations: additionalProperties: type: string description: |- - Optional. Annotations on the cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys and - values combined is limited to 256k. Key can have 2 segments: prefix (optional) - and name (required), separated by a slash (/). Prefix must be a DNS subdomain. - Name must be 63 characters or less, begin and end with alphanumerics, - with dashes (-), underscores (_), dots (.), and alphanumerics between. + Optional. Annotations on the cluster. + + This field has the same restrictions as Kubernetes annotations. + The total size of all keys and values combined is limited to 256k. + Key can have 2 segments: prefix (optional) and name (required), + separated by a slash (/). + Prefix must be a DNS subdomain. + Name must be 63 characters or less, begin and end with alphanumerics, + with dashes (-), underscores (_), dots (.), and alphanumerics between. type: object authorization: - description: Configuration related to the cluster RBAC settings. + description: Optional. Configuration related to the cluster RBAC settings. properties: adminUsers: description: |- - Users that can perform operations as a cluster admin. A managed - ClusterRoleBinding will be created to grant the 'cluster-admin' ClusterRole - to the users. Up to ten admin users can be provided. + Optional. Users that can perform operations as a cluster admin. A managed + ClusterRoleBinding will be created to grant the `cluster-admin` ClusterRole + to the users. Up to ten admin users can be provided. - For more info on RBAC, see - https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles. + For more info on RBAC, see + https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles items: type: string type: array type: object binaryAuthorization: - description: Binary Authorization configuration. + description: Optional. Binary Authorization configuration for this + cluster. properties: evaluationMode: - description: 'Configure Binary Authorization evaluation mode. - Possible values: ["DISABLED", "PROJECT_SINGLETON_POLICY_ENFORCE"].' + description: 'Mode of operation for binauthz policy evaluation. + If unspecified, defaults to DISABLED. Possible values: ["DISABLED", + "PROJECT_SINGLETON_POLICY_ENFORCE"].' type: string type: object deletionPolicy: - description: Policy to determine what flags to send on delete. + description: Optional. Policy to determine what flags to send on delete. type: string description: - description: |- - A human readable description of this attached cluster. Cannot be longer - than 255 UTF-8 encoded bytes. + description: Optional. A human readable description of this Attached + cluster. Cannot be longer than 255 UTF-8 encoded bytes. type: string distribution: description: |- - Immutable. The Kubernetes distribution of the underlying attached cluster. Supported values: - "eks", "aks". + Immutable. The Kubernetes distribution of the underlying attached cluster. + + Supported values: ["eks", "aks", "generic"]. type: string + x-kubernetes-validations: + - message: Distribution field is immutable + rule: self == oldSelf fleet: - description: Fleet configuration. + description: Required. Fleet configuration. properties: membership: description: |- - The name of the managed Hub Membership resource associated to this - cluster. Membership names are formatted as - projects//locations/global/membership/. + Output only. The name of the managed Hub Membership resource associated to + this cluster. + + Membership names are formatted as + `projects//locations/global/membership/`. type: string projectRef: - description: The number of the Fleet host project where this cluster + description: The id of the Fleet host project where this cluster will be registered. oneOf: - not: @@ -50525,14 +52252,16 @@ spec: - external properties: external: - description: 'Allowed value: string of the format `projects/{{value}}`, - where {{value}} is the `number` field of a `Project` resource.' + description: 'The project of the fleet. Allowed value: The + Google Cloud resource name of a `Project` resource (format: + `projects/{{name}}`).' type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: 'Name of the project resource. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: 'Namespace of the project resource. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: @@ -50541,11 +52270,14 @@ spec: location: description: Immutable. The location for the resource. type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf loggingConfig: - description: Logging configuration. + description: Optional. Logging configuration for this cluster. properties: componentConfig: - description: The configuration of the logging components. + description: The configuration of the logging components; properties: enableComponents: description: 'The components to be enabled. Possible values: @@ -50556,7 +52288,7 @@ spec: type: object type: object monitoringConfig: - description: Monitoring configuration. + description: Optional. Monitoring configuration for this cluster. properties: managedPrometheusConfig: description: Enable Google Cloud Managed Service for Prometheus @@ -50568,36 +52300,49 @@ spec: type: object type: object oidcConfig: - description: |- - OIDC discovery information of the target cluster. - - Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster - API server. This fields indicates how GCP services - validate KSA tokens in order to allow system workloads (such as GKE Connect - and telemetry agents) to authenticate back to GCP. - - Both clusters with public and private issuer URLs are supported. - Clusters with public issuers only need to specify the 'issuer_url' field - while clusters with private issuers need to provide both - 'issuer_url' and 'jwks'. + description: "Required. OpenID Connect (OIDC) discovery information + of the target cluster.\n\nKubernetes Service Account (KSA) tokens + are JWT tokens signed by the cluster\nAPI server. This field indicates + how GCP services\tvalidate KSA tokens in order\nto allow system + workloads (such as GKE Connect and telemetry agents) to\nauthenticate + back to GCP.\n\nBoth clusters with public and private issuer URLs + are supported.\nClusters with public issuers only need to specify + the 'issuerUrl' field\nwhile clusters with private issuers need + to provide both 'issuerUrl' and 'jwks'." properties: issuerUrl: - description: Immutable. A JSON Web Token (JWT) issuer URI. 'issuer' - must start with 'https://'. + description: Immutable. A JSON Web Token (JWT) issuer URI. `issuer` + must start with `https://`. type: string + x-kubernetes-validations: + - message: IssuerURL field is immutable + rule: self == oldSelf jwks: - description: Immutable. OIDC verification keys in JWKS format - (RFC 7517). + description: |- + Immutable, Optional. OIDC verification keys in JWKS format (RFC 7517). + It contains a list of OIDC verification keys that can be used to verify + OIDC JWTs. + + This field is required for cluster that doesn't have a publicly available + discovery endpoint. When provided, it will be directly used + to verify the OIDC JWT asserted by the IDP. + format: byte type: string + x-kubernetes-validations: + - message: Jwks field is immutable + rule: self == oldSelf required: - issuerUrl type: object + x-kubernetes-validations: + - message: OidcConfig field is immutable + rule: self == oldSelf platformVersion: - description: The platform version for the cluster (e.g. '1.23.0-gke.1'). + description: Required. The platform version for the cluster (e.g. + `1.30.0-gke.1`). type: string projectRef: description: The ID of the project in which the resource belongs. - If it is not provided, the provider project is used. oneOf: - not: required: @@ -50614,20 +52359,27 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable, Optional. The ContainerAttachedCluster name. + If not given, the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - distribution - fleet @@ -50637,17 +52389,19 @@ spec: - projectRef type: object status: + description: ContainerAttachedClusterStatus defines the config connector + machine state of ContainerAttachedCluster properties: clusterRegion: description: |- - Output only. The region where this cluster runs. + The region where this cluster runs. - For EKS clusters, this is an AWS region. For AKS clusters, - this is an Azure region. + For EKS clusters, this is an AWS region. For AKS clusters, + this is an Azure region. type: string conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -50672,7 +52426,7 @@ spec: type: object type: array createTime: - description: Output only. The time at which this cluster was created. + description: The time at which this cluster was registered. type: string errors: description: A set of errors found in the cluster. @@ -50692,16 +52446,29 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + fleetMembership: + description: |- + Output only. The name of the managed Hub Membership resource associated to + this cluster. + + Membership names are formatted as + `projects//locations/global/membership/`. + This field mirrors the Spec.Fleet.Membership field. + type: string + type: object reconciling: description: If set, there are currently changes in flight to the cluster. type: boolean state: - description: |- - The current state of the cluster. Possible values: - STATE_UNSPECIFIED, PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR, - DEGRADED. + description: "The current state of the cluster. Possible values:\tSTATE_UNSPECIFIED, + PROVISIONING, RUNNING, RECONCILING, STOPPING, ERROR,\tDEGRADED." type: string uid: description: A globally unique identifier for the cluster. @@ -50714,9 +52481,8 @@ spec: items: properties: identityProvider: - description: |- - The ID of the OIDC Identity Provider (IdP) associated to - the Workload Identity Pool. + description: The ID of the OIDC Identity Provider (IdP) associated + to the Workload Identity Pool. type: string issuerUri: description: The OIDC issuer URL for this cluster. @@ -50734,18 +52500,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -52620,7 +54380,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53544,7 +55304,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53816,7 +55576,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -53982,7 +55742,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54178,7 +55938,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54363,7 +56123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54595,7 +56355,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54769,7 +56529,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -54909,8 +56669,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -54992,7 +56752,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -55084,7 +56844,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -55334,8 +57094,346 @@ spec: type: string type: object type: array - jobId: - description: The unique ID of this job. + jobId: + description: The unique ID of this job. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + state: + description: The current state of the resource, selected from the + JobState enum. + type: string + type: + description: The type of this job, selected from the JobType enum. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + name: dataformrepositories.dataform.cnrm.cloud.google.com +spec: + group: dataform.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DataformRepository + listKind: DataformRepositoryList + plural: dataformrepositories + shortNames: + - gcpdataformrepository + - gcpdataformrepositories + singular: dataformrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DataformRepository is the Schema for the dataform API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + displayName: + description: Optional. The repository's user-friendly name. + type: string + gitRemoteSettings: + description: Optional. If set, configures this repository to be linked + to a Git remote. + properties: + authenticationTokenSecretVersionRef: + description: The name of the Secret Manager secret version to + use as an authentication token for Git operations. Must be in + the format projects/* /secrets/* /versions/*. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + defaultBranch: + description: The Git remote's default branch name. + type: string + sshAuthenticationConfig: + description: Authentication fields for remote uris using SSH protocol. + properties: + hostPublicKey: + description: Content of a public SSH key to verify an identity + of a remote Git host. + type: string + userPrivateKeySecretVersionRef: + description: The name of the Secret Manager secret version + to use as a ssh private key for Git operations. Must be + in the format projects/*/secrets/*/versions/* . + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + required: + - hostPublicKey + - userPrivateKeySecretVersionRef + type: object + url: + description: The Git remote's URL. + type: string + required: + - defaultBranch + - url + type: object + npmrcEnvironmentVariablesSecretVersionRef: + description: Optional. The name of the Secret Manager secret version + to be used to interpolate variables into the .npmrc file for package + installation operations. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: ' If provided must be in the format `projects/*/secrets/*/versions/*`.' + type: string + name: + description: The `name` field of a `SecretManagerSecretVersion` + resource. + type: string + namespace: + description: The `metadata.namespace` field of a `SecretManagerSecretVersion` + resource. + type: string + type: object + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + region: + description: Immutable. A reference to the region. + type: string + resourceID: + description: Immutable. Optional. The name of the resource. Used for + creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + serviceAccountRef: + description: Optional. The service account reference to run workflow + invocations under. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `email` field of an `IAMServiceAccount` resource. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + setAuthenticatedUserAdmin: + description: Optional. Input only. If set to true, the authenticated + user will be granted the roles/dataform.admin role on the created + repository. + type: boolean + workspaceCompilationOverrides: + description: Optional. If set, fields of workspaceCompilationOverrides + override the default compilation settings that are specified in + dataform.json when creating workspace-scoped compilation results. + properties: + defaultDatabase: + description: Optional. The default database (Google Cloud project + ID). + type: string + schemaSuffix: + description: Optional. The suffix that should be appended to all + schema (BigQuery dataset ID) names. + type: string + tablePrefix: + description: Optional. The prefix that should be prepended to + all table names. + type: string + type: object + required: + - projectRef + - region + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observations + of the DataformRepository's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the DataformReposity resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -55343,55 +57441,20 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - state: - description: The current state of the resource, selected from the - JobState enum. - type: string - type: - description: The type of this job, selected from the JobType enum. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object type: object required: - spec type: object served: true - storage: true + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cnrm.cloud.google.com/version: 1.122.0 - creationTimestamp: null - labels: - cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha - cnrm.cloud.google.com/system: "true" - name: dataformrepositories.dataform.cnrm.cloud.google.com -spec: - group: dataform.cnrm.cloud.google.com - names: - categories: - - gcp - kind: DataformRepository - listKind: DataformRepositoryList - plural: dataformrepositories - shortNames: - - gcpdataformrepository - - gcpdataformrepositories - singular: dataformrepository - preserveUnknownFields: false - scope: Namespaced - versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age @@ -55408,7 +57471,7 @@ spec: jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date - name: v1alpha1 + name: v1beta1 schema: openAPIV3Schema: description: DataformRepository is the Schema for the dataform API @@ -55567,7 +57630,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -55700,7 +57763,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -55979,7 +58042,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -56274,7 +58337,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -58089,7 +60152,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -60031,7 +62094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60203,7 +62266,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60804,7 +62867,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -60997,7 +63060,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -61931,7 +63994,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62146,7 +64209,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62331,7 +64394,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62545,7 +64608,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -62740,7 +64803,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63290,7 +65353,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -63510,7 +65573,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64608,7 +66671,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -64817,7 +66880,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65011,7 +67074,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65208,7 +67271,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -65251,72 +67314,288 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + action: + description: |- + The name of the action associated with the intent. + Note: The action name must not contain whitespaces. + type: string + defaultResponsePlatforms: + description: |- + The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED + (i.e. default platform). Possible values: ["FACEBOOK", "SLACK", "TELEGRAM", "KIK", "SKYPE", "LINE", "VIBER", "ACTIONS_ON_GOOGLE", "GOOGLE_HANGOUTS"]. + items: + type: string + type: array + displayName: + description: The name of this intent to be displayed on the console. + type: string + events: + description: |- + The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of + the contexts must be present in the active user session for an event to trigger this intent. See the + [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. + items: + type: string + type: array + inputContextNames: + description: |- + The list of context names required for this intent to be triggered. + Format: projects//agent/sessions/-/contexts/. + items: + type: string + type: array + isFallback: + description: Indicates whether this is a fallback intent. + type: boolean + mlDisabled: + description: |- + Indicates whether Machine Learning is disabled for the intent. + Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML + ONLY match mode. Also, auto-markup in the UI is turned off. + type: boolean + parentFollowupIntentName: + description: |- + Immutable. The unique identifier of the parent intent in the chain of followup intents. + Format: projects//agent/intents/. + type: string + priority: + description: |- + The priority of this intent. Higher numbers represent higher priorities. + - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds + to the Normal priority in the console. + - If the supplied value is negative, the intent is ignored in runtime detect intent requests. + type: integer + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resetContexts: + description: Indicates whether to delete all contexts in the current + session when this intent is matched. + type: boolean + resourceID: + description: Immutable. Optional. The service-generated name of the + resource. Used for acquisition only. Leave unset to create a new + resource. + type: string + webhookState: + description: |- + Indicates whether webhooks are enabled for the intent. + * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. + * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot + filling prompt is forwarded to the webhook. Possible values: ["WEBHOOK_STATE_ENABLED", "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING"]. + type: string + required: + - displayName + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + followupIntentInfo: + description: |- + Information about all followup intents that have this intent as a direct or indirect parent. We populate this field + only in the output. + items: + properties: + followupIntentName: + description: |- + The unique identifier of the followup intent. + Format: projects//agent/intents/. + type: string + parentFollowupIntentName: + description: |- + The unique identifier of the followup intent's parent. + Format: projects//agent/intents/. + type: string + type: object + type: array + name: + description: |- + The unique identifier of this intent. + Format: projects//agent/intents/. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + rootFollowupIntentName: + description: |- + The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup + intents chain for this intent. + Format: projects//agent/intents/. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: discoveryenginedatastores.discoveryengine.cnrm.cloud.google.com +spec: + group: discoveryengine.cnrm.cloud.google.com + names: + categories: + - gcp + kind: DiscoveryEngineDataStore + listKind: DiscoveryEngineDataStoreList + plural: discoveryenginedatastores + shortNames: + - gcpdiscoveryenginedatastore + - gcpdiscoveryenginedatastores + singular: discoveryenginedatastore + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: DiscoveryEngineDataStore is the Schema for the DiscoveryEngineDataStore + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: DiscoveryEngineDataStoreSpec defines the desired state of + DiscoveryEngineDataStore properties: - action: - description: |- - The name of the action associated with the intent. - Note: The action name must not contain whitespaces. + collection: + description: Immutable. The collection for the DataStore. type: string - defaultResponsePlatforms: - description: |- - The list of platforms for which the first responses will be copied from the messages in PLATFORM_UNSPECIFIED - (i.e. default platform). Possible values: ["FACEBOOK", "SLACK", "TELEGRAM", "KIK", "SKYPE", "LINE", "VIBER", "ACTIONS_ON_GOOGLE", "GOOGLE_HANGOUTS"]. - items: - type: string - type: array - displayName: - description: The name of this intent to be displayed on the console. + x-kubernetes-validations: + - message: Collection field is immutable + rule: self == oldSelf + contentConfig: + description: Immutable. The content config of the data store. If this + field is unset, the server behavior defaults to [ContentConfig.NO_CONTENT][google.cloud.discoveryengine.v1.DataStore.ContentConfig.NO_CONTENT]. type: string - events: - description: |- - The collection of event names that trigger the intent. If the collection of input contexts is not empty, all of - the contexts must be present in the active user session for an event to trigger this intent. See the - [events reference](https://cloud.google.com/dialogflow/docs/events-overview) for more details. - items: - type: string - type: array - inputContextNames: - description: |- - The list of context names required for this intent to be triggered. - Format: projects//agent/sessions/-/contexts/. - items: - type: string - type: array - isFallback: - description: Indicates whether this is a fallback intent. - type: boolean - mlDisabled: - description: |- - Indicates whether Machine Learning is disabled for the intent. - Note: If mlDisabled setting is set to true, then this intent is not taken into account during inference in ML - ONLY match mode. Also, auto-markup in the UI is turned off. - type: boolean - parentFollowupIntentName: + displayName: description: |- - Immutable. The unique identifier of the parent intent in the chain of followup intents. - Format: projects//agent/intents/. + Required. The data store display name. + + This field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. type: string - priority: - description: |- - The priority of this intent. Higher numbers represent higher priorities. - - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds - to the Normal priority in the console. - - If the supplied value is negative, the intent is ignored in runtime detect intent requests. - type: integer + industryVertical: + description: Immutable. The industry vertical that the data store + registers. + type: string + location: + description: Immutable. The location for the resource. + type: string + x-kubernetes-validations: + - message: Location field is immutable + rule: self == oldSelf projectRef: - description: The project that this resource belongs to. + description: The ID of the project in which the resource belongs. oneOf: - not: required: @@ -65333,40 +67612,72 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object - resetContexts: - description: Indicates whether to delete all contexts in the current - session when this intent is matched. - type: boolean resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: Immutable. The DiscoveryEngineDataStore name. If not + given, the metadata.name will be used. type: string - webhookState: + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + solutionTypes: description: |- - Indicates whether webhooks are enabled for the intent. - * WEBHOOK_STATE_ENABLED: Webhook is enabled in the agent and in the intent. - * WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING: Webhook is enabled in the agent and in the intent. Also, each slot - filling prompt is forwarded to the webhook. Possible values: ["WEBHOOK_STATE_ENABLED", "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING"]. - type: string + The solutions that the data store enrolls. Available solutions for each + [industry_vertical][google.cloud.discoveryengine.v1.DataStore.industry_vertical]: + + * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` and `SOLUTION_TYPE_SEARCH`. + * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` is automatically enrolled. Other + solutions cannot be enrolled. + items: + type: string + type: array + workspaceConfig: + description: Config to store data store type configuration for workspace + data. This must be set when [DataStore.content_config][google.cloud.discoveryengine.v1.DataStore.content_config] + is set as [DataStore.ContentConfig.GOOGLE_WORKSPACE][google.cloud.discoveryengine.v1.DataStore.ContentConfig.GOOGLE_WORKSPACE]. + properties: + dasherCustomerID: + description: Obfuscated Dasher customer ID. + type: string + superAdminEmailAddress: + description: Optional. The super admin email address for the workspace + that will be used for access token generation. For now we only + use it for Native Google Drive connector data ingestion. + type: string + superAdminServiceAccount: + description: Optional. The super admin service account for the + workspace that will be used for access token generation. For + now we only use it for Native Google Drive connector data ingestion. + type: string + type: + description: The Google Workspace data source. + type: string + type: object required: - - displayName + - collection + - location - projectRef type: object status: + description: DiscoveryEngineDataStoreStatus defines the config connector + machine state of DiscoveryEngineDataStore properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -65390,28 +67701,9 @@ spec: type: string type: object type: array - followupIntentInfo: - description: |- - Information about all followup intents that have this intent as a direct or indirect parent. We populate this field - only in the output. - items: - properties: - followupIntentName: - description: |- - The unique identifier of the followup intent. - Format: projects//agent/intents/. - type: string - parentFollowupIntentName: - description: |- - The unique identifier of the followup intent's parent. - Format: projects//agent/intents/. - type: string - type: object - type: array - name: - description: |- - The unique identifier of this intent. - Format: projects//agent/intents/. + externalRef: + description: A unique specifier for the DiscoveryEngineDataStore resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -65419,13 +67711,46 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - rootFollowupIntentName: - description: |- - The unique identifier of the root intent in the chain of followup intents. It identifies the correct followup - intents chain for this intent. - Format: projects//agent/intents/. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + billingEstimation: + description: Output only. Data size estimation for billing. + properties: + structuredDataSize: + description: Data size for structured data in terms of bytes. + format: int64 + type: integer + structuredDataUpdateTime: + description: Last updated timestamp for structured data. + type: string + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: integer + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + type: string + websiteDataSize: + description: Data size for websites in terms of bytes. + format: int64 + type: integer + websiteDataUpdateTime: + description: Last updated timestamp for websites. + type: string + type: object + createTime: + description: Output only. Timestamp the [DataStore][google.cloud.discoveryengine.v1.DataStore] + was created at. + type: string + defaultSchemaID: + description: Output only. The id of the default [Schema][google.cloud.discoveryengine.v1.Schema] + asscociated to this data store. + type: string + type: object type: object required: - spec @@ -65434,18 +67759,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -69621,7 +71940,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -70233,7 +72552,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -71709,7 +74028,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -72080,7 +74399,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -72465,7 +74784,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -72661,7 +74980,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73633,7 +75952,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -73812,7 +76131,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74008,7 +76327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74131,7 +76450,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74296,7 +76615,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -74832,7 +77151,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75083,7 +77402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75322,7 +77641,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75502,7 +77821,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75726,7 +78045,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -75868,7 +78187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76414,7 +78733,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76636,7 +78955,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -76965,7 +79284,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77134,7 +79453,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77321,7 +79640,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77498,7 +79817,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -77642,25 +79961,188 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: alpha + cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" + name: firebasehostingsites.firebasehosting.cnrm.cloud.google.com +spec: + group: firebasehosting.cnrm.cloud.google.com + names: + categories: + - gcp + kind: FirebaseHostingSite + plural: firebasehostingsites + shortNames: + - gcpfirebasehostingsite + - gcpfirebasehostingsites + singular: firebasehostingsite + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'apiVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + appId: + description: |- + Optional. The [ID of a Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id) + associated with the Hosting site. + type: string + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: 'Allowed value: The `name` field of a `Project` resource.' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + type: object + resourceID: + description: Immutable. Optional. The siteId of the resource. Used + for creation and acquisition. When unset, the value of `metadata.name` + is used as the default. + type: string + required: + - projectRef + type: object + status: + properties: + conditions: + description: Conditions represent the latest available observation + of the resource's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + defaultUrl: + description: The default URL for the site in the form of https://{name}.web.app. + type: string + name: + description: |- + Output only. The fully-qualified resource name of the Hosting site, in the + format: projects/PROJECT_IDENTIFIER/sites/SITE_ID PROJECT_IDENTIFIER: the + Firebase project's + ['ProjectNumber'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its + ['ProjectId'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_id). + Learn more about using project identifiers in Google's + [AIP 2510 standard](https://google.aip.dev/cloud/2510). + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebasehostingsites.firebasehosting.cnrm.cloud.google.com + name: firebaseprojects.firebase.cnrm.cloud.google.com spec: - group: firebasehosting.cnrm.cloud.google.com + group: firebase.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseHostingSite - plural: firebasehostingsites + kind: FirebaseProject + plural: firebaseprojects shortNames: - - gcpfirebasehostingsite - - gcpfirebasehostingsites - singular: firebasehostingsite + - gcpfirebaseproject + - gcpfirebaseprojects + singular: firebaseproject preserveUnknownFields: false scope: Namespaced versions: @@ -77698,11 +80180,6 @@ spec: type: object spec: properties: - appId: - description: |- - Optional. The [ID of a Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id) - associated with the Hosting site. - type: string projectRef: description: The project that this resource belongs to. oneOf: @@ -77731,7 +80208,7 @@ spec: type: string type: object resourceID: - description: Immutable. Optional. The siteId of the resource. Used + description: Immutable. Optional. The project of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string @@ -77766,18 +80243,8 @@ spec: type: string type: object type: array - defaultUrl: - description: The default URL for the site in the form of https://{name}.web.app. - type: string - name: - description: |- - Output only. The fully-qualified resource name of the Hosting site, in the - format: projects/PROJECT_IDENTIFIER/sites/SITE_ID PROJECT_IDENTIFIER: the - Firebase project's - ['ProjectNumber'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_number) ***(recommended)*** or its - ['ProjectId'](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects#FirebaseProject.FIELDS.project_id). - Learn more about using project identifiers in Google's - [AIP 2510 standard](https://google.aip.dev/cloud/2510). + displayName: + description: The GCP project display name. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -77786,6 +80253,10 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer + projectNumber: + description: The number of the google project that firebase is enabled + on. + type: string type: object required: - spec @@ -77805,25 +80276,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebaseprojects.firebase.cnrm.cloud.google.com + name: firebasestoragebuckets.firebasestorage.cnrm.cloud.google.com spec: - group: firebase.cnrm.cloud.google.com + group: firebasestorage.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseProject - plural: firebaseprojects + kind: FirebaseStorageBucket + plural: firebasestoragebuckets shortNames: - - gcpfirebaseproject - - gcpfirebaseprojects - singular: firebaseproject + - gcpfirebasestoragebucket + - gcpfirebasestoragebuckets + singular: firebasestoragebucket preserveUnknownFields: false scope: Namespaced versions: @@ -77889,7 +80360,7 @@ spec: type: string type: object resourceID: - description: Immutable. Optional. The project of the resource. Used + description: Immutable. Optional. The bucketId of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string @@ -77924,8 +80395,8 @@ spec: type: string type: object type: array - displayName: - description: The GCP project display name. + name: + description: Resource name of the bucket in the format projects/PROJECT_IDENTIFIER/buckets/BUCKET_ID. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -77934,10 +80405,6 @@ spec: current reported status reflects the most recent desired state of the resource. type: integer - projectNumber: - description: The number of the google project that firebase is enabled - on. - type: string type: object required: - spec @@ -77957,25 +80424,25 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" - name: firebasestoragebuckets.firebasestorage.cnrm.cloud.google.com + name: firebasewebapps.firebase.cnrm.cloud.google.com spec: - group: firebasestorage.cnrm.cloud.google.com + group: firebase.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseStorageBucket - plural: firebasestoragebuckets + kind: FirebaseWebApp + plural: firebasewebapps shortNames: - - gcpfirebasestoragebucket - - gcpfirebasestoragebuckets - singular: firebasestoragebucket + - gcpfirebasewebapp + - gcpfirebasewebapps + singular: firebasewebapp preserveUnknownFields: false scope: Namespaced versions: @@ -78013,43 +80480,40 @@ spec: type: object spec: properties: - projectRef: - description: The project that this resource belongs to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `name` field of a `Project` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + apiKeyId: + description: |- + The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the WebApp. + If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the WebApp. + This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned. + type: string + deletionPolicy: + type: string + displayName: + description: The user-assigned display name of the App. + type: string + project: + description: Immutable. + type: string resourceID: - description: Immutable. Optional. The bucketId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. Optional. The service-generated name of the + resource. Used for acquisition only. Leave unset to create a new + resource. type: string required: - - projectRef + - displayName type: object status: properties: + appId: + description: |- + The globally unique, Firebase-assigned identifier of the App. + This identifier should be treated as an opaque token, as the data format is not specified. + type: string + appUrls: + description: The URLs where the 'WebApp' is hosted. + items: + type: string + type: array conditions: description: Conditions represent the latest available observation of the resource's current state. @@ -78077,7 +80541,9 @@ spec: type: object type: array name: - description: Resource name of the bucket in the format projects/PROJECT_IDENTIFIER/buckets/BUCKET_ID. + description: |- + The fully qualified resource name of the App, for example: + projects/projectId/webApps/appId. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -78105,25 +80571,21 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: firebasewebapps.firebase.cnrm.cloud.google.com + name: firestoredatabases.firestore.cnrm.cloud.google.com spec: - group: firebase.cnrm.cloud.google.com + group: firestore.cnrm.cloud.google.com names: categories: - gcp - kind: FirebaseWebApp - plural: firebasewebapps - shortNames: - - gcpfirebasewebapp - - gcpfirebasewebapps - singular: firebasewebapp + kind: FirestoreDatabase + listKind: FirestoreDatabaseList + plural: firestoredatabases + singular: firestoredatabase preserveUnknownFields: false scope: Namespaced versions: @@ -78146,58 +80608,83 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: FirestoreDatabase is the Schema for the FirestoreDatabase API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: FirestoreDatabaseSpec defines the desired state of FirestoreDatabase properties: - apiKeyId: - description: |- - The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the WebApp. - If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the WebApp. - This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned. - type: string - deletionPolicy: + concurrencyMode: + description: The concurrency control mode to use for this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#concurrencymode + for more info. type: string - displayName: - description: The user-assigned display name of the App. + locationID: + description: The location of the database. Available locations are + listed at https://cloud.google.com/firestore/docs/locations. type: string - project: - description: Immutable. + pointInTimeRecoveryEnablement: + description: Whether to enable the PITR feature on this database. + See https://cloud.google.com/firestore/docs/reference/rest/v1/projects.databases#pointintimerecoveryenablement + for more info. type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object resourceID: - description: Immutable. Optional. The service-generated name of the - resource. Used for acquisition only. Leave unset to create a new - resource. + description: The FirestoreDatabase name. If not given, the metadata.name + will be used. type: string required: - - displayName + - projectRef type: object status: + description: FirestoreDatabaseStatus defines the config connector machine + state of FirestoreDatabase properties: - appId: - description: |- - The globally unique, Firebase-assigned identifier of the App. - This identifier should be treated as an opaque token, as the data format is not specified. - type: string - appUrls: - description: The URLs where the 'WebApp' is hosted. - items: - type: string - type: array conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -78221,10 +80708,9 @@ spec: type: string type: object type: array - name: - description: |- - The fully qualified resource name of the App, for example: - projects/projectId/webApps/appId. + externalRef: + description: A unique specifier for the FirestoreDatabase resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -78232,27 +80718,78 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp at which this database + was created. Databases created before 2016 do not populate create_time. + type: string + earliestVersionTime: + description: |- + Output only. The earliest timestamp at which older versions of the data can + be read from the database. See [version_retention_period] above; this field + is populated with `now - version_retention_period`. + + This value is continuously updated, and becomes stale the moment it is + queried. If you are using this value to recover data, make sure to account + for the time from the moment when the value is queried to the moment when + you initiate the recovery. + type: string + etag: + description: This checksum is computed by the server based on + the value of other fields, and may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. + type: string + keyPrefix: + description: |- + Output only. The key_prefix for this database. This key_prefix is used, in + combination with the project id ("~") to construct + the application id that is returned from the Cloud Datastore APIs in Google + App Engine first generation runtimes. + + This value may be empty in which case the appid to use for URL-encoded keys + is the project_id (eg: foo instead of v~foo). + type: string + uid: + description: Output only. The system-generated UUID4 for this + Database. + type: string + updateTime: + description: Output only. The timestamp at which this database + was most recently updated. Note this only includes updates to + the database resource and not data contained by the database. + type: string + versionRetentionPeriod: + description: |- + Output only. The period during which past versions of data are retained in + the database. + + Any [read][google.firestore.v1.GetDocumentRequest.read_time] + or [query][google.firestore.v1.ListDocumentsRequest.read_time] can specify + a `read_time` within this window, and will read the state of the database + at that time. + + If the PITR feature is enabled, the retention period is 7 days. Otherwise, + the retention period is 1 hour. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78406,7 +80943,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78619,7 +81156,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -78916,7 +81453,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -79143,9 +81680,8 @@ spec: type: string type: object hierarchyController: - description: 'Hierarchy Controller is no longer available. - Use https://github.com/kubernetes-sigs/hierarchical-namespaces - instead.' + description: Hierarchy Controller is no longer available. Use + https://github.com/kubernetes-sigs/hierarchical-namespaces instead. properties: enableHierarchicalResourceQuota: description: Whether hierarchical resource quota is enabled @@ -79457,7 +81993,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -79723,7 +82259,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -80088,7 +82624,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80221,7 +82757,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80379,7 +82915,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80541,7 +83077,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -80855,7 +83391,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81056,7 +83592,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81257,7 +83793,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81418,7 +83954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81558,7 +84094,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -81883,7 +84419,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82111,7 +84647,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82351,7 +84887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82530,7 +85066,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -82672,7 +85208,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83030,7 +85566,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83211,7 +85747,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83507,7 +86043,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83674,7 +86210,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83800,7 +86336,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -83954,7 +86490,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -84646,7 +87182,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -84805,7 +87341,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85010,7 +87546,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -85193,7 +87729,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85417,7 +87953,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85581,7 +88117,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -85794,7 +88330,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86011,7 +88547,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -86164,7 +88700,195 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: kmsautokeyconfigs.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSAutokeyConfig + listKind: KMSAutokeyConfigList + plural: kmsautokeyconfigs + shortNames: + - gcpkmsautokeyconfig + - gcpkmsautokeyconfigs + singular: kmsautokeyconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSAutokeyConfig is the Schema for the KMSAutokeyConfig API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSAutokeyConfigSpec defines the desired state of KMSAutokeyConfig + properties: + folderRef: + description: Immutable. The folder that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + keyProject: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + required: + - folderRef + type: object + status: + description: KMSAutokeyConfigStatus defines the config connector machine + state of KMSAutokeyConfig + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSAutokeyConfig resource + in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + state: + description: Output only. Current state of this AutokeyConfig. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86357,7 +89081,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86510,11 +89234,179 @@ spec: type: string type: object type: array - generateTime: - description: The time this CryptoKeyVersion key material was generated. - type: string - name: - description: The resource name for this CryptoKeyVersion. + generateTime: + description: The time this CryptoKeyVersion key material was generated. + type: string + name: + description: The resource name for this CryptoKeyVersion. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + protectionLevel: + description: The ProtectionLevel describing how crypto operations + are performed with this CryptoKeyVersion. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: kmskeyhandles.kms.cnrm.cloud.google.com +spec: + group: kms.cnrm.cloud.google.com + names: + categories: + - gcp + kind: KMSKeyHandle + listKind: KMSKeyHandleList + plural: kmskeyhandles + shortNames: + - gcpkmskeyhandle + - gcpkmskeyhandles + singular: kmskeyhandle + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: KMSKeyHandle is the Schema for the KMSKeyHandle API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KMSKeyHandleSpec defines the desired state of KMSKeyHandle + properties: + location: + description: Location name to create KeyHandle + type: string + projectRef: + description: Project hosting KMSKeyHandle + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The KMSKeyHandle name. If not given, the metadata.name + will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceTypeSelector: + description: Indicates the resource type that the resulting [CryptoKey][] + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types https://cloud.google.com/kms/docs/autokey-overview#compatible-services. + type: string + type: object + status: + description: KMSKeyHandleStatus defines the config connector machine state + of KMSKeyHandle + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the KMSKeyHandle resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -86522,11 +89414,15 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - protectionLevel: - description: The ProtectionLevel describing how crypto operations - are performed with this CryptoKeyVersion. - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + kmsKey: + type: string + type: object type: object required: - spec @@ -86535,18 +89431,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86726,7 +89616,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -86849,7 +89739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87054,7 +89944,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87343,7 +90233,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -87618,7 +90508,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -87951,7 +90841,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -88074,7 +90964,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -88478,7 +91368,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -88782,7 +91672,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89119,7 +92009,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -89295,7 +92185,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90232,7 +93122,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -90331,7 +93221,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -90388,7 +93278,7 @@ spec: properties: external: description: The `projectID` field of a - project, when not managed by KCC. + project, when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -90474,7 +93364,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -92382,7 +95272,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -92437,7 +95327,7 @@ spec: properties: external: description: The `projectID` field of a project, - when not managed by KCC. + when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -92522,7 +95412,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -94249,7 +97139,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -94305,7 +97195,7 @@ spec: properties: external: description: The `projectID` field of a project, - when not managed by KCC. + when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -94391,7 +97281,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -96203,7 +99093,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -96262,7 +99152,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -96319,7 +99209,7 @@ spec: properties: external: description: The `projectID` field of a - project, when not managed by KCC. + project, when not managed by Config Connector. type: string kind: description: The kind of the Project resource; @@ -96405,7 +99295,7 @@ spec: external: description: The MonitoringAlertPolicy link in the form "projects/[PROJECT_ID_OR_NUMBER]/alertPolicies/[ALERT_POLICY_ID]", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `MonitoringAlertPolicy` @@ -98307,7 +101197,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98498,7 +101388,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98793,7 +101683,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -98920,7 +101810,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -99221,7 +102111,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99792,7 +102682,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -99951,7 +102841,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100330,7 +103220,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -100512,7 +103402,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -100588,8 +103478,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -100617,7 +103507,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -100665,7 +103555,7 @@ spec: properties: external: description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", - when not managed by KCC. + when not managed by Config Connector. type: string name: description: The `name` field of a `ComputeSubnetwork` resource. @@ -100859,7 +103749,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101246,7 +104136,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -101521,7 +104411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -101779,7 +104669,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102008,7 +104898,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -102252,7 +105142,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102489,7 +105379,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -102836,7 +105726,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -103743,7 +106633,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104064,7 +106954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104290,7 +107180,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -104757,7 +107647,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105491,7 +108381,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105667,7 +108557,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -105997,7 +108887,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -106318,7 +109208,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -106538,7 +109428,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -106699,7 +109589,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -107468,7 +110358,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -108470,7 +111360,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -109161,7 +112051,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -109297,7 +112187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -109800,7 +112690,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -110805,7 +113695,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -111716,7 +114606,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -112096,43 +114986,800 @@ spec: type: string type: object type: array - createTime: - description: Output only. The time at which this CertificateTemplate - was created. - format: date-time + createTime: + description: Output only. The time at which this CertificateTemplate + was created. + format: date-time + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + type: integer + updateTime: + description: Output only. The time at which this CertificateTemplate + was updated. + format: date-time + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: privilegedaccessmanagerentitlements.privilegedaccessmanager.cnrm.cloud.google.com +spec: + group: privilegedaccessmanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: PrivilegedAccessManagerEntitlement + listKind: PrivilegedAccessManagerEntitlementList + plural: privilegedaccessmanagerentitlements + singular: privilegedaccessmanagerentitlement + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. + type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. - If this is equal to metadata.generation, then that means that the - current reported status reflects the most recent desired state of - the resource. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 type: integer - updateTime: - description: Output only. The time at which this CertificateTemplate - was updated. - format: date-time + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: PrivilegedAccessManagerEntitlement is the Schema for the PrivilegedAccessManagerEntitlement + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PrivilegedAccessManagerEntitlementSpec defines the desired + state of PrivilegedAccessManagerEntitlement. + properties: + additionalNotificationTargets: + description: Optional. Additional email addresses to be notified based + on actions taken. + properties: + adminEmailRecipients: + description: Optional. Additional email addresses to be notified + when a principal (requester) is granted access. + items: + type: string + type: array + requesterEmailRecipients: + description: Optional. Additional email address to be notified + about an eligible entitlement. + items: + type: string + type: array + type: object + approvalWorkflow: + description: Optional. The approvals needed before access are granted + to a requester. No approvals are needed if this field is null. + properties: + manualApprovals: + description: An approval workflow where users designated as approvers + review and act on the grants. + properties: + requireApproverJustification: + description: Optional. Whether the approvers need to provide + a justification for their actions. + type: boolean + steps: + description: Optional. List of approval steps in this workflow. + These steps are followed in the specified order sequentially. + Only 1 step is supported. + items: + description: Step represents a logical step in a manual + approval workflow. + properties: + approvalsNeeded: + description: Required. How many users from the above + list need to approve. If there aren't enough distinct + users in the list, then the workflow indefinitely + blocks. Should always be greater than 0. 1 is the + only supported value. + format: int32 + type: integer + approverEmailRecipients: + description: Optional. Additional email addresses to + be notified when a grant is pending approval. + items: + type: string + type: array + approvers: + description: Optional. The potential set of approvers + in this step. This list must contain at most one entry. + items: + description: AccessControlEntry is used to control + who can do some operation. + properties: + principals: + description: 'Optional. Users who are allowed + for the operation. Each entry should be a valid + v1 IAM principal identifier. The format for + these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + required: + - approvalsNeeded + type: object + type: array + type: object + required: + - manualApprovals + type: object + eligibleUsers: + description: Who can create grants using this entitlement. This list + should contain at most one entry. + items: + description: AccessControlEntry is used to control who can do some + operation. + properties: + principals: + description: 'Optional. Users who are allowed for the operation. + Each entry should be a valid v1 IAM principal identifier. + The format for these is documented at: https://cloud.google.com/iam/docs/principal-identifiers#v1' + items: + type: string + type: array + required: + - principals + type: object + type: array + folderRef: + description: Immutable. The Folder that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The 'name' field of a folder, when not managed by + Config Connector. This field must be set when 'name' field is + not set. + type: string + name: + description: The 'name' field of a 'Folder' resource. This field + must be set when 'external' field is not set. + type: string + namespace: + description: The 'namespace' field of a 'Folder' resource. If + unset, the namespace is defaulted to the namespace of the referencer + resource. + type: string + type: object + location: + description: Immutable. Location of the resource. type: string + maxRequestDuration: + description: Required. The maximum amount of time that access is granted + for a request. A requester can ask for a duration less than this, + but never more. + type: string + organizationRef: + description: Immutable. The Organization that this resource belongs + to. One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + properties: + external: + description: The 'name' field of an organization, when not managed + by Config Connector. + type: string + required: + - external + type: object + privilegedAccess: + description: The access granted to a requester on successful approval. + properties: + gcpIAMAccess: + description: Access to a Google Cloud resource through IAM. + properties: + roleBindings: + description: Required. Role bindings that are created on successful + grant. + items: + description: RoleBinding represents IAM role bindings that + are created after a successful grant. + properties: + conditionExpression: + description: |- + Optional. The expression field of the IAM condition to be associated + with the role. If specified, a user with an active grant for this + entitlement is able to access the resource only if this condition + evaluates to true for their request. + + This field uses the same CEL format as IAM and supports all attributes + that IAM supports, except tags. More details can be found at + https://cloud.google.com/iam/docs/conditions-overview#attributes. + type: string + role: + description: Required. IAM role to be granted. More + details can be found at https://cloud.google.com/iam/docs/roles-overview. + type: string + required: + - role + type: object + type: array + required: + - roleBindings + type: object + required: + - gcpIAMAccess + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + One and only one of 'projectRef', 'folderRef', or 'organizationRef' + must be set. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + requesterJustificationConfig: + description: Required. The manner in which the requester should provide + a justification for requesting access. + properties: + notMandatory: + description: NotMandatory justification type means the justification + isn't required and can be provided in any of the supported formats. + The user must explicitly opt out using this field if a justification + from the requester isn't mandatory. The only accepted value + is `{}` (empty struct). Either 'notMandatory' or 'unstructured' + field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + unstructured: + description: Unstructured justification type means the justification + is in the format of a string. If this is set, the server allows + the requester to provide a justification but doesn't validate + it. The only accepted value is `{}` (empty struct). Either 'notMandatory' + or 'unstructured' field must be set. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + resourceID: + description: Immutable. The PrivilegedAccessManagerEntitlement name. + If not given, the 'metadata.name' will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - eligibleUsers + - location + - maxRequestDuration + - privilegedAccess + - requesterJustificationConfig + type: object + status: + description: PrivilegedAccessManagerEntitlementStatus defines the config + connector machine state of PrivilegedAccessManagerEntitlement. + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the PrivilegedAccessManagerEntitlement + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to 'metadata.generation', then that means that + the current reported status reflects the most recent desired state + of the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. Create time stamp. + type: string + etag: + description: An 'etag' is used for optimistic concurrency control + as a way to prevent simultaneous updates to the same entitlement. + An 'etag' is returned in the response to 'GetEntitlement' and + the caller should put the 'etag' in the request to 'UpdateEntitlement' + so that their change is applied on the same version. If this + field is omitted or if there is a mismatch while updating an + entitlement, then the server rejects the request. + type: string + state: + description: Output only. Current state of this entitlement. + type: string + updateTime: + description: Output only. Update time stamp. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112357,7 +116004,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112513,7 +116160,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112680,7 +116327,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -112884,7 +116531,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113039,7 +116686,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113547,7 +117194,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -113764,7 +117411,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/dcl2crd: "true" @@ -114018,10 +117665,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/stability-level: beta cnrm.cloud.google.com/system: "true" name: redisclusters.redis.cnrm.cloud.google.com spec: @@ -114134,7 +117782,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -114173,8 +117821,347 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` + resource. + type: string + type: object + required: + - networkRef + type: object + type: array + redisConfigs: + additionalProperties: + type: string + description: Optional. Key/Value pairs of customer overrides for mutable + Redis Configs + type: object + replicaCount: + description: Optional. The number of replica nodes per shard. + format: int32 + type: integer + resourceID: + description: The RedisCluster name. If not given, the metadata.name + will be used. + type: string + shardCount: + description: Required. Number of shards for the Redis cluster. + format: int32 + type: integer + transitEncryptionMode: + description: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + type: string + zoneDistributionConfig: + description: Optional. This config will be used to determine how the + customer wants us to distribute cluster resources within the region. + properties: + mode: + description: Optional. The mode of zone distribution. Defaults + to MULTI_ZONE, when not specified. + type: string + zone: + description: Optional. When SINGLE ZONE distribution is selected, + zone field would be used to allocate all resources in that zone. + This is not applicable to MULTI_ZONE, and would be ignored for + MULTI_ZONE clusters. + type: string + type: object + required: + - location + - projectRef + type: object + status: + description: RedisClusterStatus defines the config connector machine state + of RedisCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the RedisCluster resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + createTime: + description: Output only. The timestamp associated with the cluster + creation request. + type: string + discoveryEndpoints: + description: Output only. Endpoints created on each given network, + for Redis clients to connect to the cluster. Currently only + one discovery endpoint is supported. + items: + properties: + address: + description: Output only. Address of the exposed Redis endpoint + used by clients to connect to the service. The address + could be either IP or hostname. + type: string + port: + description: Output only. The port number of the exposed + Redis endpoint. + format: int32 + type: integer + pscConfig: + description: Output only. Customer configuration for where + the endpoint is created and accessed from. + properties: + network: + description: Required. The network where the IP address + of the discovery endpoint will be reserved, in the + form of projects/{network_project}/global/networks/{network_id}. + type: string + type: object + type: object + type: array + preciseSizeGb: + description: Output only. Precise value of redis memory size in + GB for the entire cluster. + type: number + pscConnections: + description: Output only. PSC connections for discovery of the + cluster topology and accessing the cluster. + items: + properties: + address: + description: Output only. The IP allocated on the consumer + network for the PSC forwarding rule. + type: string + forwardingRule: + description: 'Output only. The URI of the consumer side + forwarding rule. Example: projects/{projectNumOrId}/regions/us-east1/forwardingRules/{resourceId}.' + type: string + network: + description: The consumer network where the IP address resides, + in the form of projects/{project_id}/global/networks/{network_id}. + type: string + projectID: + description: Output only. The consumer project_id where + the forwarding rule is created from. + type: string + pscConnectionID: + description: Output only. The PSC connection id of the forwarding + rule connected to the service attachment. + type: string + type: object + type: array + sizeGb: + description: Output only. Redis memory size in GB for the entire + cluster rounded up to the next integer. + format: int32 + type: integer + state: + description: Output only. The current state of this cluster. Can + be CREATING, READY, UPDATING, DELETING and SUSPENDED + type: string + stateInfo: + description: Output only. Additional information about the current + state of the cluster. + properties: + updateInfo: + description: Describes ongoing update on the cluster when + cluster state is UPDATING. + properties: + targetReplicaCount: + description: Target number of replica nodes per shard. + format: int32 + type: integer + targetShardCount: + description: Target number of shards for redis cluster + format: int32 + type: integer + type: object + type: object + uid: + description: Output only. System assigned, unique identifier for + the cluster. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: RedisCluster is the Schema for the RedisCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RedisClusterSpec defines the desired state of RedisCluster + properties: + authorizationMode: + description: Optional. The authorization mode of the Redis cluster. + If not provided, auth feature is disabled for the cluster. + type: string + deletionProtectionEnabled: + description: Optional. The delete operation will fail when the value + is set to true. + type: boolean + location: + description: Immutable. Location of the resource. + type: string + nodeType: + description: Optional. The type of a redis node in the cluster. NodeType + determines the underlying machine-type of a redis node. + type: string + persistenceConfig: + description: Optional. Persistence config (RDB, AOF) for the cluster. + properties: + aofConfig: + description: Optional. AOF configuration. This field will be ignored + if mode is not AOF. + properties: + appendFsync: + description: Optional. fsync configuration. + type: string + type: object + mode: + description: Optional. The mode of persistence. + type: string + rdbConfig: + description: Optional. RDB configuration. This field will be ignored + if mode is not RDB. + properties: + rdbSnapshotPeriod: + description: Optional. Period between RDB snapshots. + type: string + rdbSnapshotStartTime: + description: Optional. The time that the first snapshot was/will + be attempted, and to which future snapshots will be aligned. + If not provided, the current time will be used. + type: string + type: object + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + pscConfigs: + description: Required. Each PscConfig configures the consumer network + where IPs will be designated to the cluster for client access through + Private Service Connect Automation. Currently, only one PscConfig + is supported. + items: + properties: + networkRef: + description: Required. The network where the IP address of the + discovery endpoint will be reserved, in the form of projects/{network_project}/global/networks/{network_id}. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -114380,7 +118367,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -114898,7 +118885,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115076,7 +119063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -115357,7 +119344,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -116402,7 +120389,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117532,7 +121519,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -117546,6 +121533,7 @@ spec: categories: - gcp kind: SecretManagerSecret + listKind: SecretManagerSecretList plural: secretmanagersecrets shortNames: - gcpsecretmanagersecret @@ -117573,65 +121561,84 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SecretManagerSecret is the Schema for the SecretManagerSecret + API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SecretManagerSecretSpec defines the desired state of SecretManagerSecret properties: annotations: additionalProperties: type: string description: |- - Custom metadata about the secret. - - Annotations are distinct from various forms of labels. Annotations exist to allow - client tools to store their own state information without requiring a database. + Optional. Custom metadata about the secret. - Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of - maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and - may have dashes (-), underscores (_), dots (.), and alphanumerics in between these - symbols. + Annotations are distinct from various forms of labels. + Annotations exist to allow client tools to store their own state + information without requiring a database. - The total size of annotation keys and values must be less than 16KiB. + Annotation keys must be between 1 and 63 characters long, have a UTF-8 + encoding of maximum 128 bytes, begin and end with an alphanumeric character + ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and + alphanumerics in between these symbols. - An object containing a list of "key": value pairs. Example: - { "name": "wrench", "mass": "1.3kg", "count": "3" }. + The total size of annotation keys and values must be less than 16KiB. type: object expireTime: - description: |- - Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + description: Optional. Timestamp in UTC when the [Secret][google.cloud.secretmanager.v1.Secret] + is scheduled to expire. This is always provided on output, regardless + of what was sent on input. type: string replication: description: |- - Immutable. The replication policy of the secret data attached to the Secret. It cannot be changed - after the Secret has been created. + Optional. Immutable. The replication policy of the secret data attached to + the [Secret][google.cloud.secretmanager.v1.Secret]. + + The replication policy cannot be changed after the Secret has been created. properties: auto: - description: The Secret will automatically be replicated without - any restrictions. + description: The [Secret][google.cloud.secretmanager.v1.Secret] + will automatically be replicated without any restrictions. properties: customerManagedEncryption: description: |- - The customer-managed encryption configuration of the Secret. - If no configuration is provided, Google-managed default - encryption is used. + Optional. The customer-managed encryption configuration of the + [Secret][google.cloud.secretmanager.v1.Secret]. If no configuration is + provided, Google-managed default encryption is used. + + Updates to the [Secret][google.cloud.secretmanager.v1.Secret] encryption + configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] added + afterwards. They do not apply retroactively to existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. properties: kmsKeyRef: description: |- - The customer-managed encryption configuration of the Secret. - If no configuration is provided, Google-managed default - encryption is used. + Required. The resource name of the Cloud KMS CryptoKey used to encrypt + secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in the same + location as the [replica location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in `global`. + + The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. oneOf: - not: required: @@ -117648,15 +121655,14 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` field - of a `KMSCryptoKey` resource.' + description: A reference to an externally managed + KMSCryptoKey. Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` of a `KMSCryptoKey` resource. type: string namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` of a `KMSCryptoKey` resource. type: string type: object required: @@ -117668,20 +121674,44 @@ spec: any restrictions. type: boolean userManaged: - description: Immutable. The Secret will be replicated to the regions - specified by the user. + description: The [Secret][google.cloud.secretmanager.v1.Secret] + will only be replicated into the locations specified. properties: replicas: - description: Immutable. The list of Replicas for this Secret. - Cannot be empty. + description: |- + Required. The list of Replicas for this + [Secret][google.cloud.secretmanager.v1.Secret]. + + Cannot be empty. items: properties: customerManagedEncryption: - description: Customer Managed Encryption for the secret. + description: |- + Optional. The customer-managed encryption configuration of the + [User-Managed Replica][Replication.UserManaged.Replica]. If no + configuration is provided, Google-managed default encryption is used. + + Updates to the [Secret][google.cloud.secretmanager.v1.Secret] + encryption configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] added + afterwards. They do not apply retroactively to existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. properties: kmsKeyRef: - description: Customer Managed Encryption for the - secret. + description: |- + Required. The resource name of the Cloud KMS CryptoKey used to encrypt + secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in the same + location as the [replica location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in `global`. + + The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. oneOf: - not: required: @@ -117698,24 +121728,24 @@ spec: - external properties: external: - description: 'Allowed value: The `selfLink` - field of a `KMSCryptoKey` resource.' + description: A reference to an externally managed + KMSCryptoKey. Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` of a `KMSCryptoKey` + resource. type: string namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` of a `KMSCryptoKey` + resource. type: string type: object required: - kmsKeyRef type: object location: - description: 'Immutable. The canonical IDs of the location - to replicate data. For example: "us-east1".' + description: 'The canonical IDs of the location to replicate + data. For example: `"us-east1"`.' type: string required: - location @@ -117726,37 +121756,50 @@ spec: type: object type: object resourceID: - description: Immutable. Optional. The secretId of the resource. Used - for creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SecretManagerSecret name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf rotation: - description: The rotation time and period for a Secret. At 'next_rotation_time', - Secret Manager will send a Pub/Sub notification to the topics configured - on the Secret. 'topics' must be set to configure rotation. + description: Optional. Rotation policy attached to the [Secret][google.cloud.secretmanager.v1.Secret]. + May be excluded if there is no rotation policy. properties: nextRotationTime: description: |- - Timestamp in UTC at which the Secret is scheduled to rotate. - A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + Optional. Timestamp in UTC at which the + [Secret][google.cloud.secretmanager.v1.Secret] is scheduled to rotate. + Cannot be set to less than 300s (5 min) in the future and at most + 3153600000s (100 years). + + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + MUST be set if + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set. type: string rotationPeriod: description: |- - Immutable. The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). - If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications. + Input only. The Duration between rotation notifications. Must be in seconds + and at least 3600s (1h) and at most 3153600000s (100 years). + + If + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set, + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + must be set. + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + will be advanced by this period when the service automatically sends + rotation notifications. type: string type: object topics: - description: A list of up to 10 Pub/Sub topics to which messages are - published when control plane operations are called on the secret - or its versions. + description: Optional. A list of up to 10 Pub/Sub topics to which + messages are published when control plane operations are called + on the secret or its versions. items: properties: topicRef: - description: |- - A list of up to 10 Pub/Sub topics to which messages are - published when control plane operations are called on the secret - or its versions. oneOf: - not: required: @@ -117773,15 +121816,15 @@ spec: - external properties: external: - description: 'Allowed value: string of the format `projects/{{project}}/topics/{{value}}`, - where {{value}} is the `name` field of a `PubSubTopic` - resource.' + description: If provided must be in the format `projects/[project_id]/topics/[topic_id]`. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `metadata.name` field of a `PubSubTopic` + resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `metadata.namespace` field of a `PubSubTopic` + resource. type: string type: object required: @@ -117789,32 +121832,32 @@ spec: type: object type: array ttl: - description: |- - Immutable. The TTL for the Secret. - A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". + description: Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret]. type: string versionAliases: additionalProperties: type: string description: |- - Mapping from version alias to version name. + Optional. Mapping from version alias to version name. - A version alias is a string with a maximum length of 63 characters and can contain - uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') - characters. An alias string must start with a letter and cannot be the string - 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret. + A version alias is a string with a maximum length of 63 characters and can + contain uppercase and lowercase letters, numerals, and the hyphen (`-`) + and underscore ('_') characters. An alias string must start with a + letter and cannot be the string 'latest' or 'NEW'. + No more than 50 aliases can be assigned to a given secret. - An object containing a list of "key": value pairs. Example: - { "name": "wrench", "mass": "1.3kg", "count": "3" }. + Version-Alias pairs will be viewable via GetSecret and modifiable via + UpdateSecret. Access by alias is only be supported on + GetSecretVersion and AccessSecretVersion. type: object - required: - - replication type: object status: + description: SecretManagerSecretStatus defines the config connector machine + state of SecretManagerSecret properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -117838,13 +121881,13 @@ spec: type: string type: object type: array - createTime: - description: The time at which the Secret was created. + externalRef: + description: A unique specifier for the SecretManagerSecret resource + in GCP. type: string name: - description: |- - The resource name of the Secret. Format: - 'projects/{{project}}/secrets/{{secret_id}}'. + description: '[DEPRECATED] Please read from `.status.externalRef` + instead. Config Connector will remove the `.status.name` in v1 Version.' type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -117852,27 +121895,24 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118088,7 +122128,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118148,10 +122188,35 @@ spec: description: SecureSourceManagerInstanceSpec defines the desired state of SecureSourceManagerInstance properties: - kmsKey: + kmsKeyRef: description: Optional. Immutable. Customer-managed encryption key - name, in the format projects/*/locations/*/keyRings/*/cryptoKeys/*. - type: string + name. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed KMSCryptoKey. + Should be in the format `projects/[kms_project_id]/locations/[region]/keyRings/[key_ring_id]/cryptoKeys/[key]`. + type: string + name: + description: The `name` of a `KMSCryptoKey` resource. + type: string + namespace: + description: The `namespace` of a `KMSCryptoKey` resource. + type: string + type: object location: description: Immutable. Location of the instance. type: string @@ -118174,7 +122239,7 @@ spec: properties: external: description: The `projectID` field of a project, when not managed - by KCC. + by Config Connector. type: string kind: description: The kind of the Project resource; optional but must @@ -118278,7 +122343,359 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 + creationTimestamp: null + labels: + cnrm.cloud.google.com/managed-by-kcc: "true" + cnrm.cloud.google.com/system: "true" + name: securesourcemanagerrepositories.securesourcemanager.cnrm.cloud.google.com +spec: + group: securesourcemanager.cnrm.cloud.google.com + names: + categories: + - gcp + kind: SecureSourceManagerRepository + listKind: SecureSourceManagerRepositoryList + plural: securesourcemanagerrepositories + shortNames: + - gcpsecuresourcemanagerrepository + - gcpsecuresourcemanagerrepositories + singular: securesourcemanagerrepository + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecureSourceManagerRepository is the Schema for the SecureSourceManagerRepository + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecureSourceManagerRepositorySpec defines the desired state + of SecureSourceManagerRepository + properties: + initialConfig: + description: Input only. Initial configurations for the repository. + properties: + defaultBranch: + description: Default branch name of the repository. + type: string + gitignores: + description: 'List of gitignore template names user can choose + from. Valid values: actionscript, ada, agda, android, anjuta, + ansible, appcelerator-titanium, app-engine, archives, arch-linux-packages, + atmel-studio, autotools, backup, bazaar, bazel, bitrix, bricx-cc, + c, cake-php, calabash, cf-wheels, chef-cookbook, clojure, cloud9, + c-make, code-igniter, code-kit, code-sniffer, common-lisp, composer, + concrete5, coq, cordova, cpp, craft-cms, cuda, cvs, d, dart, + dart-editor, delphi, diff, dm, dreamweaver, dropbox, drupal, + drupal-7, eagle, eclipse, eiffel-studio, elisp, elixir, elm, + emacs, ensime, epi-server, erlang, esp-idf, espresso, exercism, + expression-engine, ext-js, fancy, finale, flex-builder, force-dot-com, + fortran, fuel-php, gcov, git-book, gnome-shell-extension, go, + godot, gpg, gradle, grails, gwt, haskell, hugo, iar-ewarm, idris, + igor-pro, images, infor-cms, java, jboss, jboss-4, jboss-6, + jdeveloper, jekyll, jenkins-home, jenv, jet-brains, jigsaw, + joomla, julia, jupyter-notebooks, kate, kdevelop4, kentico, + ki-cad, kohana, kotlin, lab-view, laravel, lazarus, leiningen, + lemon-stand, libre-office, lilypond, linux, lithium, logtalk, + lua, lyx, mac-os, magento, magento-1, magento-2, matlab, maven, + mercurial, mercury, metals, meta-programming-system, meteor, + microsoft-office, model-sim, momentics, mono-develop, nanoc, + net-beans, nikola, nim, ninja, node, notepad-pp, nwjs, objective--c, + ocaml, octave, opa, open-cart, openssl, oracle-forms, otto, + packer, patch, perl, perl6, phalcon, phoenix, pimcore, play-framework, + plone, prestashop, processing, psoc-creator, puppet, pure-script, + putty, python, qooxdoo, qt, r, racket, rails, raku, red, redcar, + redis, rhodes-rhomobile, ros, ruby, rust, sam, sass, sbt, scala, + scheme, scons, scrivener, sdcc, seam-gen, sketch-up, slick-edit, + smalltalk, snap, splunk, stata, stella, sublime-text, sugar-crm, + svn, swift, symfony, symphony-cms, synopsys-vcs, tags, terraform, + tex, text-mate, textpattern, think-php, tortoise-git, turbo-gears-2, + typo3, umbraco, unity, unreal-engine, vagrant, vim, virtual-env, + virtuoso, visual-studio, visual-studio-code, vue, vvvv, waf, + web-methods, windows, word-press, xcode, xilinx, xilinx-ise, + xojo, yeoman, yii, zend-framework, zephir.' + items: + type: string + type: array + license: + description: 'License template name user can choose from. Valid + values: license-0bsd, license-389-exception, aal, abstyles, + adobe-2006, adobe-glyph, adsl, afl-1-1, afl-1-2, afl-2-0, afl-2-1, + afl-3-0, afmparse, agpl-1-0, agpl-1-0-only, agpl-1-0-or-later, + agpl-3-0-only, agpl-3-0-or-later, aladdin, amdplpa, aml, ampas, + antlr-pd, antlr-pd-fallback, apache-1-0, apache-1-1, apache-2-0, + apafml, apl-1-0, apsl-1-0, apsl-1-1, apsl-1-2, apsl-2-0, artistic-1-0, + artistic-1-0-cl8, artistic-1-0-perl, artistic-2-0, autoconf-exception-2-0, + autoconf-exception-3-0, bahyph, barr, beerware, bison-exception-2-2, + bittorrent-1-0, bittorrent-1-1, blessing, blueoak-1-0-0, bootloader-exception, + borceux, bsd-1-clause, bsd-2-clause, bsd-2-clause-freebsd, bsd-2-clause-netbsd, + bsd-2-clause-patent, bsd-2-clause-views, bsd-3-clause, bsd-3-clause-attribution, + bsd-3-clause-clear, bsd-3-clause-lbnl, bsd-3-clause-modification, + bsd-3-clause-no-nuclear-license, bsd-3-clause-no-nuclear-license-2014, + bsd-3-clause-no-nuclear-warranty, bsd-3-clause-open-mpi, bsd-4-clause, + bsd-4-clause-shortened, bsd-4-clause-uc, bsd-protection, bsd-source-code, + bsl-1-0, busl-1-1, cal-1-0, cal-1-0-combined-work-exception, + caldera, catosl-1-1, cc0-1-0, cc-by-1-0, cc-by-2-0, cc-by-3-0, + cc-by-3-0-at, cc-by-3-0-us, cc-by-4-0, cc-by-nc-1-0, cc-by-nc-2-0, + cc-by-nc-3-0, cc-by-nc-4-0, cc-by-nc-nd-1-0, cc-by-nc-nd-2-0, + cc-by-nc-nd-3-0, cc-by-nc-nd-3-0-igo, cc-by-nc-nd-4-0, cc-by-nc-sa-1-0, + cc-by-nc-sa-2-0, cc-by-nc-sa-3-0, cc-by-nc-sa-4-0, cc-by-nd-1-0, + cc-by-nd-2-0, cc-by-nd-3-0, cc-by-nd-4-0, cc-by-sa-1-0, cc-by-sa-2-0, + cc-by-sa-2-0-uk, cc-by-sa-2-1-jp, cc-by-sa-3-0, cc-by-sa-3-0-at, + cc-by-sa-4-0, cc-pddc, cddl-1-0, cddl-1-1, cdla-permissive-1-0, + cdla-sharing-1-0, cecill-1-0, cecill-1-1, cecill-2-0, cecill-2-1, + cecill-b, cecill-c, cern-ohl-1-1, cern-ohl-1-2, cern-ohl-p-2-0, + cern-ohl-s-2-0, cern-ohl-w-2-0, clartistic, classpath-exception-2-0, + clisp-exception-2-0, cnri-jython, cnri-python, cnri-python-gpl-compatible, + condor-1-1, copyleft-next-0-3-0, copyleft-next-0-3-1, cpal-1-0, + cpl-1-0, cpol-1-02, crossword, crystal-stacker, cua-opl-1-0, + cube, c-uda-1-0, curl, d-fsl-1-0, diffmark, digirule-foss-exception, + doc, dotseqn, drl-1-0, dsdp, dvipdfm, ecl-1-0, ecl-2-0, ecos-exception-2-0, + efl-1-0, efl-2-0, egenix, entessa, epics, epl-1-0, epl-2-0, + erlpl-1-1, etalab-2-0, eu-datagrid, eupl-1-0, eupl-1-1, eupl-1-2, + eurosym, fair, fawkes-runtime-exception, fltk-exception, font-exception-2-0, + frameworx-1-0, freebsd-doc, freeimage, freertos-exception-2-0, + fsfap, fsful, fsfullr, ftl, gcc-exception-2-0, gcc-exception-3-1, + gd, gfdl-1-1-invariants-only, gfdl-1-1-invariants-or-later, + gfdl-1-1-no-invariants-only, gfdl-1-1-no-invariants-or-later, + gfdl-1-1-only, gfdl-1-1-or-later, gfdl-1-2-invariants-only, + gfdl-1-2-invariants-or-later, gfdl-1-2-no-invariants-only, gfdl-1-2-no-invariants-or-later, + gfdl-1-2-only, gfdl-1-2-or-later, gfdl-1-3-invariants-only, + gfdl-1-3-invariants-or-later, gfdl-1-3-no-invariants-only, gfdl-1-3-no-invariants-or-later, + gfdl-1-3-only, gfdl-1-3-or-later, giftware, gl2ps, glide, glulxe, + glwtpl, gnu-javamail-exception, gnuplot, gpl-1-0-only, gpl-1-0-or-later, + gpl-2-0-only, gpl-2-0-or-later, gpl-3-0-linking-exception, gpl-3-0-linking-source-exception, + gpl-3-0-only, gpl-3-0-or-later, gpl-cc-1-0, gsoap-1-3b, haskell-report, + hippocratic-2-1, hpnd, hpnd-sell-variant, htmltidy, i2p-gpl-java-exception, + ibm-pibs, icu, ijg, image-magick, imatix, imlib2, info-zip, + intel, intel-acpi, interbase-1-0, ipa, ipl-1-0, isc, jasper-2-0, + jpnic, json, lal-1-2, lal-1-3, latex2e, leptonica, lgpl-2-0-only, + lgpl-2-0-or-later, lgpl-2-1-only, lgpl-2-1-or-later, lgpl-3-0-linking-exception, + lgpl-3-0-only, lgpl-3-0-or-later, lgpllr, libpng, libpng-2-0, + libselinux-1-0, libtiff, libtool-exception, liliq-p-1-1, liliq-r-1-1, + liliq-rplus-1-1, linux-openib, linux-syscall-note, llvm-exception, + lpl-1-0, lpl-1-02, lppl-1-0, lppl-1-1, lppl-1-2, lppl-1-3a, + lppl-1-3c, lzma-exception, make-index, mif-exception, miros, + mit, mit-0, mit-advertising, mit-cmu, mit-enna, mit-feh, mit-modern-variant, + mitnfa, mit-open-group, motosoto, mpich2, mpl-1-0, mpl-1-1, + mpl-2-0, mpl-2-0-no-copyleft-exception, ms-pl, ms-rl, mtll, + mulanpsl-1-0, mulanpsl-2-0, multics, mup, naist-2003, nasa-1-3, + naumen, nbpl-1-0, ncgl-uk-2-0, ncsa, netcdf, net-snmp, newsletr, + ngpl, nist-pd, nist-pd-fallback, nlod-1-0, nlpl, nokia, nokia-qt-exception-1-1, + nosl, noweb, npl-1-0, npl-1-1, nposl-3-0, nrl, ntp, ntp-0, ocaml-lgpl-linking-exception, + occt-exception-1-0, occt-pl, oclc-2-0, odbl-1-0, odc-by-1-0, + ofl-1-0, ofl-1-0-no-rfn, ofl-1-0-rfn, ofl-1-1, ofl-1-1-no-rfn, + ofl-1-1-rfn, ogc-1-0, ogdl-taiwan-1-0, ogl-canada-2-0, ogl-uk-1-0, + ogl-uk-2-0, ogl-uk-3-0, ogtsl, oldap-1-1, oldap-1-2, oldap-1-3, + oldap-1-4, oldap-2-0, oldap-2-0-1, oldap-2-1, oldap-2-2, oldap-2-2-1, + oldap-2-2-2, oldap-2-3, oldap-2-4, oldap-2-7, oml, openjdk-assembly-exception-1-0, + openssl, openvpn-openssl-exception, opl-1-0, oset-pl-2-1, osl-1-0, + osl-1-1, osl-2-0, osl-2-1, osl-3-0, o-uda-1-0, parity-6-0-0, + parity-7-0-0, pddl-1-0, php-3-0, php-3-01, plexus, polyform-noncommercial-1-0-0, + polyform-small-business-1-0-0, postgresql, psf-2-0, psfrag, + ps-or-pdf-font-exception-20170817, psutils, python-2-0, qhull, + qpl-1-0, qt-gpl-exception-1-0, qt-lgpl-exception-1-1, qwt-exception-1-0, + rdisc, rhecos-1-1, rpl-1-1, rpsl-1-0, rsa-md, rscpl, ruby, saxpath, + sax-pd, scea, sendmail, sendmail-8-23, sgi-b-1-0, sgi-b-1-1, + sgi-b-2-0, shl-0-51, shl-2-0, shl-2-1, simpl-2-0, sissl, sissl-1-2, + sleepycat, smlnj, smppl, snia, spencer-86, spencer-94, spencer-99, + spl-1-0, ssh-openssh, ssh-short, sspl-1-0, sugarcrm-1-1-3, swift-exception, + swl, tapr-ohl-1-0, tcl, tcp-wrappers, tmate, torque-1-1, tosl, + tu-berlin-1-0, tu-berlin-2-0, u-boot-exception-2-0, ucl-1-0, + unicode-dfs-2015, unicode-dfs-2016, unicode-tou, universal-foss-exception-1-0, + unlicense, upl-1-0, vim, vostrom, vsl-1-0, w3c, w3c-19980720, + w3c-20150513, watcom-1-0, wsuipa, wtfpl, wxwindows-exception-3-1, + x11, xerox, xfree86-1-1, xinetd, xnet, xpp, xskat, ypl-1-0, + ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, + zpl-1-1, zpl-2-0, zpl-2-1.' + type: string + readme: + description: 'README template name. Valid template name(s) are: + default.' + type: string + type: object + instanceRef: + description: The name of the instance in which the repository is hosted, + formatted as `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed SecureSourceManagerInstance + resource. Should be in the format "projects//locations//instances/". + type: string + name: + description: The name of a SecureSourceManagerInstance resource. + type: string + namespace: + description: The namespace of a SecureSourceManagerInstance resource. + type: string + type: object + location: + description: Immutable. Location of the instance. + type: string + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + resourceID: + description: Immutable. The SecureSourceManagerRepository name. If + not given, the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + required: + - instanceRef + - location + - projectRef + type: object + status: + description: SecureSourceManagerRepositoryStatus defines the config connector + machine state of SecureSourceManagerRepository + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + externalRef: + description: A unique specifier for the SecureSourceManagerRepository + resource in GCP. + type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + uris: + description: Output only. URIs for the repository. + properties: + api: + description: Output only. API is the URI for API access. + type: string + gitHTTPS: + description: Output only. git_https is the git HTTPS URI for + git operations. + type: string + html: + description: Output only. HTML is the URI for user to view + the repository in a browser. + type: string + type: object + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118483,7 +122900,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118646,7 +123063,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -118866,7 +123283,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119023,7 +123440,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119175,7 +123592,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119322,7 +123739,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119500,7 +123917,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119641,7 +124058,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -119823,7 +124240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120022,7 +124439,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120231,11 +124648,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: spannerinstances.spanner.cnrm.cloud.google.com @@ -120245,6 +124661,7 @@ spec: categories: - gcp kind: SpannerInstance + listKind: SpannerInstanceList plural: spannerinstances shortNames: - gcpspannerinstance @@ -120272,53 +124689,63 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: SpannerInstance is the Schema for the SpannerInstance API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: SpannerInstanceSpec defines the desired state of SpannerInstance properties: config: - description: |- - Immutable. The name of the instance's configuration (similar but not - quite the same as a region) which defines the geographic placement and - replication of your databases in this instance. It determines where your data - is stored. Values are typically of the form 'regional-europe-west1' , 'us-central' etc. - In order to obtain a valid list please consult the - [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). - type: string + description: Immutable. The name of the instance's configuration (similar + but not quite the same as a region) which defines the geographic + placement and replication of your databases in this instance. It + determines where your data is stored. Values are typically of the + form 'regional-europe-west1' , 'us-central' etc. In order to obtain + a valid list please consult the [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances). + type: string + x-kubernetes-validations: + - message: Config field is immutable + rule: self == oldSelf displayName: - description: |- - The descriptive name for this instance as it appears in UIs. Must be - unique per project and between 4 and 30 characters in length. + description: The descriptive name for this instance as it appears + in UIs. Must be unique per project and between 4 and 30 characters + in length. type: string numNodes: + format: int64 type: integer processingUnits: + format: int64 type: integer resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: Immutable. The SpannerInstance name. If not given, the + metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf required: - config - displayName type: object status: + description: SpannerInstanceStatus defines the config connector machine + state of SpannerInstance properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the SpannerInstance's current state. items: properties: lastTransitionTime: @@ -120342,12 +124769,17 @@ spec: type: string type: object type: array + externalRef: + description: A unique specifier for the SpannerInstance resource in + GCP. + type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer state: description: 'Instance status: ''CREATING'' or ''READY''.' @@ -120360,18 +124792,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -120542,12 +124968,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" + cnrm.cloud.google.com/tf2crd: "true" name: sqlinstances.sql.cnrm.cloud.google.com spec: group: sql.cnrm.cloud.google.com @@ -121084,8 +125511,8 @@ spec: - external properties: external: - description: The compute network selflink of form "projects//global/networks/", - when not managed by Config Connector. + description: A reference to an externally managed Compute + Network resource. Should be in the format `projects//global/networks/`. type: string name: description: The `name` field of a `ComputeNetwork` resource. @@ -121362,7 +125789,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121538,7 +125965,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121779,7 +126206,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -121949,7 +126376,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122356,7 +126783,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122542,7 +126969,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122710,7 +127137,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -122913,7 +127340,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123075,7 +127502,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123713,7 +128140,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -123896,7 +128323,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124073,7 +128500,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124238,7 +128665,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124412,7 +128839,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -124632,7 +129059,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125019,7 +129446,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125466,7 +129893,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125611,7 +130038,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -125847,7 +130274,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126062,7 +130489,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126250,7 +130677,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126760,7 +131187,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -126942,7 +131369,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127132,7 +131559,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127411,7 +131838,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" @@ -127603,25 +132030,21 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" - cnrm.cloud.google.com/tf2crd: "true" - name: workstationsworkstationclusters.workstations.cnrm.cloud.google.com + name: workstationclusters.workstations.cnrm.cloud.google.com spec: group: workstations.cnrm.cloud.google.com names: categories: - gcp - kind: WorkstationsWorkstationCluster - plural: workstationsworkstationclusters - shortNames: - - gcpworkstationsworkstationcluster - - gcpworkstationsworkstationclusters - singular: workstationsworkstationcluster + kind: WorkstationCluster + listKind: WorkstationClusterList + plural: workstationclusters + singular: workstationcluster preserveUnknownFields: false scope: Namespaced versions: @@ -127644,68 +132067,135 @@ spec: name: v1alpha1 schema: openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster properties: annotations: - additionalProperties: - type: string - description: Client-specified annotations. This is distinct from labels. - type: object + description: Optional. Client-specified annotations. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array displayName: - description: Human-readable name for this resource. + description: Optional. Human-readable name for this workstation cluster. type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array location: - description: Immutable. The location where the workstation cluster - should reside. - type: string - network: - description: |- - Immutable. The relative resource name of the VPC network on which the instance can be accessed. - It is specified in the following form: "projects/{projectNumber}/global/networks/{network_id}". + description: The location of the cluster. type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object privateClusterConfig: - description: Configuration for private cluster. + description: Optional. Configuration for private workstation cluster. properties: allowedProjects: - description: |- - Additional project IDs that are allowed to attach to the workstation cluster's service attachment. - By default, the workstation cluster's project and the VPC host project (if different) are allowed. + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. items: - type: string + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object type: array - clusterHostname: - description: |- - Hostname for the workstation cluster. - This field will be populated only when private endpoint is enabled. - To access workstations in the cluster, create a new DNS zone mapping this domain name to an internal IP address and a forwarding rule mapping that address to the service attachment. - type: string enablePrivateEndpoint: description: Immutable. Whether Workstations endpoint is private. type: boolean - serviceAttachmentUri: - description: |- - Service attachment URI for the workstation cluster. - The service attachment is created when private endpoint is enabled. - To access workstations in the cluster, configure access to the managed service using (Private Service Connect)[https://cloud.google.com/vpc/docs/configure-private-service-connect-services]. - type: string - required: - - enablePrivateEndpoint type: object projectRef: - description: The project that this resource belongs to. + description: Immutable. The Project that this resource belongs to. oneOf: - not: required: @@ -127722,36 +132212,73 @@ spec: - external properties: external: - description: 'Allowed value: The `name` field of a `Project` resource.' + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: The `name` field of a `Project` resource. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: The `namespace` field of a `Project` resource. type: string type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf resourceID: - description: Immutable. Optional. The workstationClusterId of the - resource. Used for creation and acquisition. When unset, the value - of `metadata.name` is used as the default. - type: string - subnetwork: - description: |- - Immutable. Name of the Compute Engine subnetwork in which instances associated with this cluster will be created. - Must be part of the subnetwork specified for this cluster. + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object required: - - location - - network + - networkRef - projectRef - - subnetwork + - subnetworkRef type: object status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -127775,21 +132302,9 @@ spec: type: string type: object type: array - createTime: - description: Time when this resource was created. - type: string - degraded: - description: |- - Whether this resource is in degraded mode, in which case it may require user action to restore full functionality. - Details can be found in the conditions field. - type: boolean - etag: - description: |- - Checksum computed by the server. - May be sent on update and delete requests to ensure that the client has an up-to-date value before proceeding. - type: string - name: - description: The name of the cluster resource. + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. type: string observedGeneration: description: ObservedGeneration is the generation of the resource @@ -127797,41 +132312,431 @@ spec: If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - resourceConditions: - description: Status conditions describing the current resource state. + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: When 'True', the most recent reconcile of the resource succeeded + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: The reason for the value in 'Ready' + jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Status + type: string + - description: The last transition time for the value in 'Status' + jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime + name: Status Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: WorkstationCluster is the Schema for the WorkstationCluster API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkstationClusterSpec defines the desired state of WorkstationCluster + properties: + annotations: + description: Optional. Client-specified annotations. items: properties: - code: - description: The status code, which should be an enum value - of google.rpc.Code. - type: integer - details: - description: A list of messages that carry the error details. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + displayName: + description: Optional. Human-readable name for this workstation cluster. + type: string + labels: + description: Optional. [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also propagated + to the underlying Compute Engine resources. + items: + properties: + key: + description: Key for the annotation. + type: string + value: + description: Value for the annotation. + type: string + type: object + type: array + location: + description: The location of the cluster. + type: string + networkRef: + description: Immutable. Reference to the Compute Engine network in + which instances associated with this workstation cluster will be + created. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: A reference to an externally managed Compute Network + resource. Should be in the format `projects//global/networks/`. + type: string + name: + description: The `name` field of a `ComputeNetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeNetwork` resource. + type: string + type: object + privateClusterConfig: + description: Optional. Configuration for private workstation cluster. + properties: + allowedProjects: + description: Optional. Additional projects that are allowed to + attach to the workstation cluster's service attachment. By default, + the workstation cluster's project and the VPC host project (if + different) are allowed. + items: + description: The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - kind + - not: + anyOf: + - required: + - name + - required: + - namespace + - required: + - kind + required: + - external + properties: + external: + description: The `projectID` field of a project, when not + managed by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional + but must be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + type: array + enablePrivateEndpoint: + description: Immutable. Whether Workstations endpoint is private. + type: boolean + type: object + projectRef: + description: Immutable. The Project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + resourceID: + description: Immutable. The WorkstationCluster name. If not given, + the metadata.name will be used. + type: string + x-kubernetes-validations: + - message: ResourceID field is immutable + rule: self == oldSelf + subnetworkRef: + description: Immutable. Reference to the Compute Engine subnetwork + in which instances associated with this workstation cluster will + be created. Must be part of the subnetwork specified for this workstation + cluster. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The ComputeSubnetwork selflink of form "projects/{{project}}/regions/{{region}}/subnetworks/{{name}}", + when not managed by Config Connector. + type: string + name: + description: The `name` field of a `ComputeSubnetwork` resource. + type: string + namespace: + description: The `namespace` field of a `ComputeSubnetwork` resource. + type: string + type: object + required: + - networkRef + - projectRef + - subnetworkRef + type: object + status: + description: WorkstationClusterStatus defines the config connector machine + state of WorkstationCluster + properties: + conditions: + description: Conditions represent the latest available observations + of the object's current state. + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string message: - description: Human readable message indicating details about - the current status. + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: Status is the status of the condition. Can be True, + False, Unknown. + type: string + type: + description: Type is the type of the condition. type: string type: object type: array - uid: - description: The system-generated UID of the resource. + externalRef: + description: A unique specifier for the WorkstationCluster resource + in GCP. type: string + observedGeneration: + description: ObservedGeneration is the generation of the resource + that was most recently observed by the Config Connector controller. + If this is equal to metadata.generation, then that means that the + current reported status reflects the most recent desired state of + the resource. + format: int64 + type: integer + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + clusterHostname: + description: Output only. Hostname for the workstation cluster. + This field will be populated only when private endpoint is enabled. + To access workstations in the workstation cluster, create a + new DNS zone mapping this domain name to an internal IP address + and a forwarding rule mapping that address to the service attachment. + type: string + controlPlaneIP: + description: Output only. The private IP address of the control + plane for this workstation cluster. Workstation VMs need access + to this IP address to work with the service, so make sure that + your firewall rules allow egress from the workstation VMs to + this address. + type: string + createTime: + description: Output only. Time when this workstation cluster was + created. + type: string + degraded: + description: Output only. Whether this workstation cluster is + in degraded mode, in which case it may require user action to + restore full functionality. Details can be found in [conditions][google.cloud.workstations.v1.WorkstationCluster.conditions]. + type: boolean + deleteTime: + description: Output only. Time when this workstation cluster was + soft-deleted. + type: string + etag: + description: Optional. Checksum computed by the server. May be + sent on update and delete requests to make sure that the client + has an up-to-date value before proceeding. + type: string + gcpConditions: + description: Output only. Status conditions describing the workstation + cluster's current state. + items: + properties: + code: + description: The status code, which should be an enum value + of [google.rpc.Code][google.rpc.Code]. + format: int32 + type: integer + message: + description: A developer-facing error message, which should + be in English. Any user-facing error message should be + localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] + field, or localized by the client. + type: string + type: object + type: array + reconciling: + description: Output only. Indicates whether this workstation cluster + is currently being updated to match its intended state. + type: boolean + serviceAttachmentUri: + description: Output only. Service attachment URI for the workstation + cluster. The service attachment is created when private endpoint + is enabled. To access workstations in the workstation cluster, + configure access to the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + type: string + uid: + description: Output only. A system-assigned unique identifier + for this workstation cluster. + type: string + updateTime: + description: Output only. Time when this workstation cluster was + most recently updated. + type: string + type: object type: object - required: - - spec type: object served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/operator/channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml similarity index 94% rename from operator/channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml rename to operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml index c8ea9ec36c..f8dcc11b9e 100644 --- a/operator/channels/packages/configconnector/1.122.0/namespaced/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-system @@ -11,7 +11,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -21,7 +21,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-resource-stats-recorder @@ -31,7 +31,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector @@ -41,7 +41,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-manager @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-cnrm-system-role @@ -72,7 +72,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-cnrm-system-role @@ -93,7 +93,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -605,6 +605,18 @@ rules: - update - patch - delete +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -1001,6 +1013,18 @@ rules: - update - patch - delete +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -1085,6 +1109,18 @@ rules: - update - patch - delete +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -1270,7 +1306,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role @@ -1320,7 +1356,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-cluster-role @@ -1378,7 +1414,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-manager-ns-role @@ -1403,7 +1439,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-role @@ -1433,7 +1469,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-cluster-role @@ -1464,7 +1500,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -1807,6 +1843,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -2071,6 +2115,14 @@ rules: - get - list - watch +- apiGroups: + - privilegedaccessmanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - pubsub.cnrm.cloud.google.com resources: @@ -2127,6 +2179,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: @@ -2252,7 +2312,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role @@ -2315,7 +2375,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-role-binding @@ -2333,7 +2393,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-role-binding @@ -2351,7 +2411,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-admin-binding @@ -2374,7 +2434,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender-binding @@ -2391,7 +2451,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-recorder-binding @@ -2408,7 +2468,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-unmanaged-detector-binding @@ -2425,7 +2485,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook-binding @@ -2442,7 +2502,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-deletiondefender @@ -2459,7 +2519,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "48797" prometheus.io/scrape: "true" labels: @@ -2480,7 +2540,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2498,7 +2558,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-resource-stats-recorder cnrm.cloud.google.com/system: "true" @@ -2511,8 +2571,8 @@ spec: - /configconnector/recorder env: - name: CONFIG_CONNECTOR_VERSION - value: 1.122.0 - image: gcr.io/gke-release/cnrm/recorder:e373e18 + value: 1.125.0 + image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2564,7 +2624,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2579,7 +2639,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-webhook-manager cnrm.cloud.google.com/system: "true" @@ -2594,7 +2654,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/webhook:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2624,7 +2684,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2639,7 +2699,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-deletiondefender cnrm.cloud.google.com/system: "true" @@ -2647,7 +2707,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/deletiondefender:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2677,7 +2737,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2692,7 +2752,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-unmanaged-detector cnrm.cloud.google.com/system: "true" @@ -2700,7 +2760,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/unmanageddetector:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 imagePullPolicy: Always name: unmanageddetector ports: @@ -2731,7 +2791,7 @@ kind: HorizontalPodAutoscaler metadata: annotations: autoscaling.alpha.kubernetes.io/metrics: '[{"type":"Resource","resource":{"name":"memory","targetAverageUtilization":70}}]' - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/system: "true" name: cnrm-webhook diff --git a/operator/channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml b/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml similarity index 93% rename from operator/channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml rename to operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml index 5f636b5443..e80ba1fd0b 100644 --- a/operator/channels/packages/configconnector/1.122.0/namespaced/per-namespace-components.yaml +++ b/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 iam.gke.io/gcp-service-account: cnrm-system-${NAMESPACE?}@${PROJECT_ID?}.iam.gserviceaccount.com labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -14,7 +14,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -35,7 +35,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 finalizers: - configconnector.cnrm.cloud.google.com/finalizer labels: @@ -56,7 +56,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -75,7 +75,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} cnrm.cloud.google.com/system: "true" @@ -93,7 +93,7 @@ apiVersion: v1 kind: Service metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 prometheus.io/port: "8888" prometheus.io/scrape: "true" labels: @@ -117,7 +117,7 @@ apiVersion: apps/v1 kind: StatefulSet metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -134,7 +134,7 @@ spec: template: metadata: annotations: - cnrm.cloud.google.com/version: 1.122.0 + cnrm.cloud.google.com/version: 1.125.0 labels: cnrm.cloud.google.com/component: cnrm-controller-manager cnrm.cloud.google.com/scoped-namespace: ${NAMESPACE?} @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/controller:e373e18 + image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: diff --git a/operator/channels/stable b/operator/channels/stable index bd0c1313a1..950eec8b2a 100644 --- a/operator/channels/stable +++ b/operator/channels/stable @@ -1,2 +1,2 @@ manifests: - - version: 1.124.0 + - version: 1.125.0 diff --git a/operator/config/autopilot/kustomization.yaml b/operator/config/autopilot/kustomization.yaml index 7fd9d30909..6c60ee7e20 100644 --- a/operator/config/autopilot/kustomization.yaml +++ b/operator/config/autopilot/kustomization.yaml @@ -22,7 +22,7 @@ commonLabels: commonAnnotations: # Given our weekly release schedule, the version of the operator should remain the same of ConfigConnector Core, # if we have to release the operator independently with the KCC core, append extension e.g. 1.6.0-operator.x - cnrm.cloud.google.com/operator-version: "1.124.0" + cnrm.cloud.google.com/operator-version: "1.125.0" bases: - ../crd diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index f20cf411a8..908fe69866 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -22,7 +22,7 @@ commonLabels: commonAnnotations: # Given our weekly release schedule, the version of the operator should remain the same of ConfigConnector Core, # if we have to release the operator independently with the KCC core, append extension e.g. 1.6.0-operator.x - cnrm.cloud.google.com/operator-version: "1.124.0" + cnrm.cloud.google.com/operator-version: "1.125.0" bases: - ../crd diff --git a/operator/config/gke-addon/image_configmap.yaml b/operator/config/gke-addon/image_configmap.yaml index 5d9ef74233..8a184e5567 100644 --- a/operator/config/gke-addon/image_configmap.yaml +++ b/operator/config/gke-addon/image_configmap.yaml @@ -1,10 +1,10 @@ apiVersion: v1 data: - cnrm.controller: gcr.io/gke-release/cnrm/controller:7a86865 - cnrm.deletiondefender: gcr.io/gke-release/cnrm/deletiondefender:7a86865 - cnrm.recorder: gcr.io/gke-release/cnrm/recorder:7a86865 - cnrm.unmanageddetector: gcr.io/gke-release/cnrm/unmanageddetector:7a86865 - cnrm.webhook: gcr.io/gke-release/cnrm/webhook:7a86865 + cnrm.controller: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + cnrm.deletiondefender: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + cnrm.recorder: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + cnrm.unmanageddetector: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 + cnrm.webhook: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 prom-to-sd: gcr.io/gke-release/prometheus-to-sd:v0.11.12-gke.11 kind: ConfigMap metadata: diff --git a/operator/config/rbac/cnrm_viewer_role.yaml b/operator/config/rbac/cnrm_viewer_role.yaml index 899142baeb..7bda2cda89 100644 --- a/operator/config/rbac/cnrm_viewer_role.yaml +++ b/operator/config/rbac/cnrm_viewer_role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: - cnrm.cloud.google.com/version: 1.124.0 + cnrm.cloud.google.com/version: 1.125.0 creationTimestamp: null labels: cnrm.cloud.google.com/system: "true" @@ -345,6 +345,14 @@ rules: - get - list - watch +- apiGroups: + - discoveryengine.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - dlp.cnrm.cloud.google.com resources: @@ -673,6 +681,14 @@ rules: - get - list - watch +- apiGroups: + - securesourcemanager.cnrm.cloud.google.com + resources: + - '*' + verbs: + - get + - list + - watch - apiGroups: - securitycenter.cnrm.cloud.google.com resources: From e82a34730fbb81e86bd542596500c4a740d44043 Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Wed, 13 Nov 2024 20:41:09 +0000 Subject: [PATCH 2/2] manuallly fix kcc release image --- .../1.125.0/cluster/gcp-identity/0-cnrm-system.yaml | 8 ++++---- .../cluster/workload-identity/0-cnrm-system.yaml | 8 ++++---- .../1.125.0/namespaced/0-cnrm-system.yaml | 8 ++++---- .../1.125.0/namespaced/per-namespace-components.yaml | 2 +- .../1.125.0/cluster/gcp-identity/0-cnrm-system.yaml | 8 ++++---- .../cluster/workload-identity/0-cnrm-system.yaml | 8 ++++---- .../1.125.0/namespaced/0-cnrm-system.yaml | 8 ++++---- .../1.125.0/namespaced/per-namespace-components.yaml | 2 +- operator/config/gke-addon/image_configmap.yaml | 10 +++++----- 9 files changed, 31 insertions(+), 31 deletions(-) diff --git a/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml index d41408eba6..4b5642700d 100644 --- a/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -2580,7 +2580,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2643,7 +2643,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2701,7 +2701,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2761,7 +2761,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: diff --git a/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml index 55e69b06a3..af85e6f6a8 100644 --- a/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2581,7 +2581,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2644,7 +2644,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2699,7 +2699,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2752,7 +2752,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: diff --git a/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml index 2c63dddaaa..a85a4ee0b5 100644 --- a/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml @@ -2572,7 +2572,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2635,7 +2635,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2688,7 +2688,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2741,7 +2741,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 + image: gcr.io/gke-release/cnrm/unmanageddetector:2fa0f72 imagePullPolicy: Always name: unmanageddetector ports: diff --git a/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml index d629e56121..7c24718c60 100644 --- a/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml +++ b/operator/autopilot-channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: diff --git a/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml index 7ebd1629b8..72777ee594 100644 --- a/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/cluster/gcp-identity/0-cnrm-system.yaml @@ -2594,7 +2594,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2658,7 +2658,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2716,7 +2716,7 @@ spec: env: - name: GOOGLE_APPLICATION_CREDENTIALS value: /var/secrets/google/key.json - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2776,7 +2776,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: diff --git a/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml index e8a37ee026..d8875ffb01 100644 --- a/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/cluster/workload-identity/0-cnrm-system.yaml @@ -2581,7 +2581,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2663,7 +2663,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2718,7 +2718,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: @@ -2789,7 +2789,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: diff --git a/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml b/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml index f8dcc11b9e..c421bd52c7 100644 --- a/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml +++ b/operator/channels/packages/configconnector/1.125.0/namespaced/0-cnrm-system.yaml @@ -2572,7 +2572,7 @@ spec: env: - name: CONFIG_CONNECTOR_VERSION value: 1.125.0 - image: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 + image: gcr.io/gke-release/cnrm/recorder:2fa0f72 imagePullPolicy: Always name: recorder ports: @@ -2654,7 +2654,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + image: gcr.io/gke-release/cnrm/webhook:2fa0f72 imagePullPolicy: Always name: webhook ports: @@ -2707,7 +2707,7 @@ spec: containers: - command: - /configconnector/deletiondefender - image: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 + image: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 imagePullPolicy: Always name: deletiondefender ports: @@ -2760,7 +2760,7 @@ spec: containers: - command: - /configconnector/unmanageddetector - image: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 + image: gcr.io/gke-release/cnrm/unmanageddetector:2fa0f72 imagePullPolicy: Always name: unmanageddetector ports: diff --git a/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml b/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml index e80ba1fd0b..c4240a3e13 100644 --- a/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml +++ b/operator/channels/packages/configconnector/1.125.0/namespaced/per-namespace-components.yaml @@ -146,7 +146,7 @@ spec: - --prometheus-scrape-endpoint=:8888 command: - /configconnector/manager - image: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 + image: gcr.io/gke-release/cnrm/controller:2fa0f72 imagePullPolicy: Always name: manager ports: diff --git a/operator/config/gke-addon/image_configmap.yaml b/operator/config/gke-addon/image_configmap.yaml index 8a184e5567..7eba5fde0c 100644 --- a/operator/config/gke-addon/image_configmap.yaml +++ b/operator/config/gke-addon/image_configmap.yaml @@ -1,10 +1,10 @@ apiVersion: v1 data: - cnrm.controller: gcr.io/gke-release/cnrm/cnrm/controller:2fa0f72 - cnrm.deletiondefender: gcr.io/gke-release/cnrm/cnrm/deletiondefender:2fa0f72 - cnrm.recorder: gcr.io/gke-release/cnrm/cnrm/recorder:2fa0f72 - cnrm.unmanageddetector: gcr.io/gke-release/cnrm/cnrm/unmanageddetector:2fa0f72 - cnrm.webhook: gcr.io/gke-release/cnrm/cnrm/webhook:2fa0f72 + cnrm.controller: gcr.io/gke-release/cnrm/controller:2fa0f72 + cnrm.deletiondefender: gcr.io/gke-release/cnrm/deletiondefender:2fa0f72 + cnrm.recorder: gcr.io/gke-release/cnrm/recorder:2fa0f72 + cnrm.unmanageddetector: gcr.io/gke-release/cnrm/unmanageddetector:2fa0f72 + cnrm.webhook: gcr.io/gke-release/cnrm/webhook:2fa0f72 prom-to-sd: gcr.io/gke-release/prometheus-to-sd:v0.11.12-gke.11 kind: ConfigMap metadata: