google-apis-gkehub_v2 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -22,6 +22,50 @@ module Google
22
22
  module Apis
23
23
  module GkehubV2
24
24
 
25
+ # State for App Dev Exp Feature.
26
+ class AppDevExperienceState
27
+ include Google::Apis::Core::Hashable
28
+
29
+ # Status specifies state for the subcomponent.
30
+ # Corresponds to the JSON property `networkingInstallSucceeded`
31
+ # @return [Google::Apis::GkehubV2::AppDevExperienceStatus]
32
+ attr_accessor :networking_install_succeeded
33
+
34
+ def initialize(**args)
35
+ update!(**args)
36
+ end
37
+
38
+ # Update properties of this object
39
+ def update!(**args)
40
+ @networking_install_succeeded = args[:networking_install_succeeded] if args.key?(:networking_install_succeeded)
41
+ end
42
+ end
43
+
44
+ # Status specifies state for the subcomponent.
45
+ class AppDevExperienceStatus
46
+ include Google::Apis::Core::Hashable
47
+
48
+ # Code specifies AppDevExperienceFeature's subcomponent ready state.
49
+ # Corresponds to the JSON property `code`
50
+ # @return [String]
51
+ attr_accessor :code
52
+
53
+ # Description is populated if Code is Failed, explaining why it has failed.
54
+ # Corresponds to the JSON property `description`
55
+ # @return [String]
56
+ attr_accessor :description
57
+
58
+ def initialize(**args)
59
+ update!(**args)
60
+ end
61
+
62
+ # Update properties of this object
63
+ def update!(**args)
64
+ @code = args[:code] if args.key?(:code)
65
+ @description = args[:description] if args.key?(:description)
66
+ end
67
+ end
68
+
25
69
  # The request message for Operations.CancelOperation.
26
70
  class CancelOperationRequest
27
71
  include Google::Apis::Core::Hashable
@@ -35,48 +79,3052 @@ module Google
35
79
  end
36
80
  end
37
81
 
38
- # A generic empty message that you can re-use to avoid defining duplicated empty
39
- # messages in your APIs. A typical example is to use it as the request or the
40
- # response type of an API method. For instance: service Foo ` rpc Bar(google.
41
- # protobuf.Empty) returns (google.protobuf.Empty); `
42
- class Empty
82
+ # **Cloud Build**: Configurations for each Cloud Build enabled cluster.
83
+ class CloudBuildSpec
84
+ include Google::Apis::Core::Hashable
85
+
86
+ # Whether it is allowed to run the privileged builds on the cluster or not.
87
+ # Corresponds to the JSON property `securityPolicy`
88
+ # @return [String]
89
+ attr_accessor :security_policy
90
+
91
+ # Version of the cloud build software on the cluster.
92
+ # Corresponds to the JSON property `version`
93
+ # @return [String]
94
+ attr_accessor :version
95
+
96
+ def initialize(**args)
97
+ update!(**args)
98
+ end
99
+
100
+ # Update properties of this object
101
+ def update!(**args)
102
+ @security_policy = args[:security_policy] if args.key?(:security_policy)
103
+ @version = args[:version] if args.key?(:version)
104
+ end
105
+ end
106
+
107
+ # GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.
108
+ class ClusterUpgradeGkeUpgrade
109
+ include Google::Apis::Core::Hashable
110
+
111
+ # Name of the upgrade, e.g., "k8s_control_plane".
112
+ # Corresponds to the JSON property `name`
113
+ # @return [String]
114
+ attr_accessor :name
115
+
116
+ # Version of the upgrade, e.g., "1.22.1-gke.100".
117
+ # Corresponds to the JSON property `version`
118
+ # @return [String]
119
+ attr_accessor :version
120
+
121
+ def initialize(**args)
122
+ update!(**args)
123
+ end
124
+
125
+ # Update properties of this object
126
+ def update!(**args)
127
+ @name = args[:name] if args.key?(:name)
128
+ @version = args[:version] if args.key?(:version)
129
+ end
130
+ end
131
+
132
+ # IgnoredMembership represents a membership ignored by the feature. A membership
133
+ # can be ignored because it was manually upgraded to a newer version than RC
134
+ # default.
135
+ class ClusterUpgradeIgnoredMembership
136
+ include Google::Apis::Core::Hashable
137
+
138
+ # Time when the membership was first set to ignored.
139
+ # Corresponds to the JSON property `ignoredTime`
140
+ # @return [String]
141
+ attr_accessor :ignored_time
142
+
143
+ # Reason why the membership is ignored.
144
+ # Corresponds to the JSON property `reason`
145
+ # @return [String]
146
+ attr_accessor :reason
147
+
148
+ def initialize(**args)
149
+ update!(**args)
150
+ end
151
+
152
+ # Update properties of this object
153
+ def update!(**args)
154
+ @ignored_time = args[:ignored_time] if args.key?(:ignored_time)
155
+ @reason = args[:reason] if args.key?(:reason)
156
+ end
157
+ end
158
+
159
+ # MembershipGKEUpgradeState is a GKEUpgrade and its state per-membership.
160
+ class ClusterUpgradeMembershipGkeUpgradeState
161
+ include Google::Apis::Core::Hashable
162
+
163
+ # UpgradeStatus provides status information for each upgrade.
164
+ # Corresponds to the JSON property `status`
165
+ # @return [Google::Apis::GkehubV2::ClusterUpgradeUpgradeStatus]
166
+ attr_accessor :status
167
+
168
+ # GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.
169
+ # Corresponds to the JSON property `upgrade`
170
+ # @return [Google::Apis::GkehubV2::ClusterUpgradeGkeUpgrade]
171
+ attr_accessor :upgrade
172
+
173
+ def initialize(**args)
174
+ update!(**args)
175
+ end
176
+
177
+ # Update properties of this object
178
+ def update!(**args)
179
+ @status = args[:status] if args.key?(:status)
180
+ @upgrade = args[:upgrade] if args.key?(:upgrade)
181
+ end
182
+ end
183
+
184
+ # Per-membership state for this feature.
185
+ class ClusterUpgradeState
186
+ include Google::Apis::Core::Hashable
187
+
188
+ # IgnoredMembership represents a membership ignored by the feature. A membership
189
+ # can be ignored because it was manually upgraded to a newer version than RC
190
+ # default.
191
+ # Corresponds to the JSON property `ignored`
192
+ # @return [Google::Apis::GkehubV2::ClusterUpgradeIgnoredMembership]
193
+ attr_accessor :ignored
194
+
195
+ # Actual upgrade state against desired.
196
+ # Corresponds to the JSON property `upgrades`
197
+ # @return [Array<Google::Apis::GkehubV2::ClusterUpgradeMembershipGkeUpgradeState>]
198
+ attr_accessor :upgrades
199
+
200
+ def initialize(**args)
201
+ update!(**args)
202
+ end
203
+
204
+ # Update properties of this object
205
+ def update!(**args)
206
+ @ignored = args[:ignored] if args.key?(:ignored)
207
+ @upgrades = args[:upgrades] if args.key?(:upgrades)
208
+ end
209
+ end
210
+
211
+ # UpgradeStatus provides status information for each upgrade.
212
+ class ClusterUpgradeUpgradeStatus
213
+ include Google::Apis::Core::Hashable
214
+
215
+ # Status code of the upgrade.
216
+ # Corresponds to the JSON property `code`
217
+ # @return [String]
218
+ attr_accessor :code
219
+
220
+ # Reason for this status.
221
+ # Corresponds to the JSON property `reason`
222
+ # @return [String]
223
+ attr_accessor :reason
224
+
225
+ # Last timestamp the status was updated.
226
+ # Corresponds to the JSON property `updateTime`
227
+ # @return [String]
228
+ attr_accessor :update_time
229
+
230
+ def initialize(**args)
231
+ update!(**args)
232
+ end
233
+
234
+ # Update properties of this object
235
+ def update!(**args)
236
+ @code = args[:code] if args.key?(:code)
237
+ @reason = args[:reason] if args.key?(:reason)
238
+ @update_time = args[:update_time] if args.key?(:update_time)
239
+ end
240
+ end
241
+
242
+ # Configuration for Binauthz.
243
+ class ConfigManagementBinauthzConfig
244
+ include Google::Apis::Core::Hashable
245
+
246
+ # Whether binauthz is enabled in this cluster.
247
+ # Corresponds to the JSON property `enabled`
248
+ # @return [Boolean]
249
+ attr_accessor :enabled
250
+ alias_method :enabled?, :enabled
251
+
252
+ def initialize(**args)
253
+ update!(**args)
254
+ end
255
+
256
+ # Update properties of this object
257
+ def update!(**args)
258
+ @enabled = args[:enabled] if args.key?(:enabled)
259
+ end
260
+ end
261
+
262
+ # State for Binauthz.
263
+ class ConfigManagementBinauthzState
264
+ include Google::Apis::Core::Hashable
265
+
266
+ # The version of binauthz.
267
+ # Corresponds to the JSON property `version`
268
+ # @return [Google::Apis::GkehubV2::ConfigManagementBinauthzVersion]
269
+ attr_accessor :version
270
+
271
+ # The state of the binauthz webhook.
272
+ # Corresponds to the JSON property `webhook`
273
+ # @return [String]
274
+ attr_accessor :webhook
275
+
276
+ def initialize(**args)
277
+ update!(**args)
278
+ end
279
+
280
+ # Update properties of this object
281
+ def update!(**args)
282
+ @version = args[:version] if args.key?(:version)
283
+ @webhook = args[:webhook] if args.key?(:webhook)
284
+ end
285
+ end
286
+
287
+ # The version of binauthz.
288
+ class ConfigManagementBinauthzVersion
289
+ include Google::Apis::Core::Hashable
290
+
291
+ # The version of the binauthz webhook.
292
+ # Corresponds to the JSON property `webhookVersion`
293
+ # @return [String]
294
+ attr_accessor :webhook_version
295
+
296
+ def initialize(**args)
297
+ update!(**args)
298
+ end
299
+
300
+ # Update properties of this object
301
+ def update!(**args)
302
+ @webhook_version = args[:webhook_version] if args.key?(:webhook_version)
303
+ end
304
+ end
305
+
306
+ # Configuration for Config Sync
307
+ class ConfigManagementConfigSync
308
+ include Google::Apis::Core::Hashable
309
+
310
+ # Set to true to allow the vertical scaling. Defaults to false which disallows
311
+ # vertical scaling. This field is deprecated.
312
+ # Corresponds to the JSON property `allowVerticalScale`
313
+ # @return [Boolean]
314
+ attr_accessor :allow_vertical_scale
315
+ alias_method :allow_vertical_scale?, :allow_vertical_scale
316
+
317
+ # Enables the installation of ConfigSync. If set to true, ConfigSync resources
318
+ # will be created and the other ConfigSync fields will be applied if exist. If
319
+ # set to false, all other ConfigSync fields will be ignored, ConfigSync
320
+ # resources will be deleted. If omitted, ConfigSync resources will be managed
321
+ # depends on the presence of the git or oci field.
322
+ # Corresponds to the JSON property `enabled`
323
+ # @return [Boolean]
324
+ attr_accessor :enabled
325
+ alias_method :enabled?, :enabled
326
+
327
+ # Git repo configuration for a single cluster.
328
+ # Corresponds to the JSON property `git`
329
+ # @return [Google::Apis::GkehubV2::ConfigManagementGitConfig]
330
+ attr_accessor :git
331
+
332
+ # The Email of the Google Cloud Service Account (GSA) used for exporting Config
333
+ # Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is
334
+ # enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.
335
+ # metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the
336
+ # namespace `config-management-monitoring` should be bound to the GSA.
337
+ # Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud
338
+ # Service Account is no longer needed for exporting Config Sync metrics: https://
339
+ # cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-
340
+ # config-sync-cloud-monitoring#custom-monitoring.
341
+ # Corresponds to the JSON property `metricsGcpServiceAccountEmail`
342
+ # @return [String]
343
+ attr_accessor :metrics_gcp_service_account_email
344
+
345
+ # OCI repo configuration for a single cluster.
346
+ # Corresponds to the JSON property `oci`
347
+ # @return [Google::Apis::GkehubV2::ConfigManagementOciConfig]
348
+ attr_accessor :oci
349
+
350
+ # Set to true to enable the Config Sync admission webhook to prevent drifts. If
351
+ # set to `false`, disables the Config Sync admission webhook and does not
352
+ # prevent drifts.
353
+ # Corresponds to the JSON property `preventDrift`
354
+ # @return [Boolean]
355
+ attr_accessor :prevent_drift
356
+ alias_method :prevent_drift?, :prevent_drift
357
+
358
+ # Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured"
359
+ # mode.
360
+ # Corresponds to the JSON property `sourceFormat`
361
+ # @return [String]
362
+ attr_accessor :source_format
363
+
364
+ def initialize(**args)
365
+ update!(**args)
366
+ end
367
+
368
+ # Update properties of this object
369
+ def update!(**args)
370
+ @allow_vertical_scale = args[:allow_vertical_scale] if args.key?(:allow_vertical_scale)
371
+ @enabled = args[:enabled] if args.key?(:enabled)
372
+ @git = args[:git] if args.key?(:git)
373
+ @metrics_gcp_service_account_email = args[:metrics_gcp_service_account_email] if args.key?(:metrics_gcp_service_account_email)
374
+ @oci = args[:oci] if args.key?(:oci)
375
+ @prevent_drift = args[:prevent_drift] if args.key?(:prevent_drift)
376
+ @source_format = args[:source_format] if args.key?(:source_format)
377
+ end
378
+ end
379
+
380
+ # The state of ConfigSync's deployment on a cluster.
381
+ class ConfigManagementConfigSyncDeploymentState
382
+ include Google::Apis::Core::Hashable
383
+
384
+ # Deployment state of admission-webhook.
385
+ # Corresponds to the JSON property `admissionWebhook`
386
+ # @return [String]
387
+ attr_accessor :admission_webhook
388
+
389
+ # Deployment state of the git-sync pod.
390
+ # Corresponds to the JSON property `gitSync`
391
+ # @return [String]
392
+ attr_accessor :git_sync
393
+
394
+ # Deployment state of the importer pod.
395
+ # Corresponds to the JSON property `importer`
396
+ # @return [String]
397
+ attr_accessor :importer
398
+
399
+ # Deployment state of the monitor pod.
400
+ # Corresponds to the JSON property `monitor`
401
+ # @return [String]
402
+ attr_accessor :monitor
403
+
404
+ # Deployment state of otel-collector
405
+ # Corresponds to the JSON property `otelCollector`
406
+ # @return [String]
407
+ attr_accessor :otel_collector
408
+
409
+ # Deployment state of reconciler-manager pod.
410
+ # Corresponds to the JSON property `reconcilerManager`
411
+ # @return [String]
412
+ attr_accessor :reconciler_manager
413
+
414
+ # Deployment state of resource-group-controller-manager
415
+ # Corresponds to the JSON property `resourceGroupControllerManager`
416
+ # @return [String]
417
+ attr_accessor :resource_group_controller_manager
418
+
419
+ # Deployment state of root-reconciler.
420
+ # Corresponds to the JSON property `rootReconciler`
421
+ # @return [String]
422
+ attr_accessor :root_reconciler
423
+
424
+ # Deployment state of the syncer pod.
425
+ # Corresponds to the JSON property `syncer`
426
+ # @return [String]
427
+ attr_accessor :syncer
428
+
429
+ def initialize(**args)
430
+ update!(**args)
431
+ end
432
+
433
+ # Update properties of this object
434
+ def update!(**args)
435
+ @admission_webhook = args[:admission_webhook] if args.key?(:admission_webhook)
436
+ @git_sync = args[:git_sync] if args.key?(:git_sync)
437
+ @importer = args[:importer] if args.key?(:importer)
438
+ @monitor = args[:monitor] if args.key?(:monitor)
439
+ @otel_collector = args[:otel_collector] if args.key?(:otel_collector)
440
+ @reconciler_manager = args[:reconciler_manager] if args.key?(:reconciler_manager)
441
+ @resource_group_controller_manager = args[:resource_group_controller_manager] if args.key?(:resource_group_controller_manager)
442
+ @root_reconciler = args[:root_reconciler] if args.key?(:root_reconciler)
443
+ @syncer = args[:syncer] if args.key?(:syncer)
444
+ end
445
+ end
446
+
447
+ # Errors pertaining to the installation of Config Sync
448
+ class ConfigManagementConfigSyncError
449
+ include Google::Apis::Core::Hashable
450
+
451
+ # A string representing the user facing error message
452
+ # Corresponds to the JSON property `errorMessage`
453
+ # @return [String]
454
+ attr_accessor :error_message
455
+
456
+ def initialize(**args)
457
+ update!(**args)
458
+ end
459
+
460
+ # Update properties of this object
461
+ def update!(**args)
462
+ @error_message = args[:error_message] if args.key?(:error_message)
463
+ end
464
+ end
465
+
466
+ # State information for ConfigSync.
467
+ class ConfigManagementConfigSyncState
468
+ include Google::Apis::Core::Hashable
469
+
470
+ # Whether syncing resources to the cluster is stopped at the cluster level.
471
+ # Corresponds to the JSON property `clusterLevelStopSyncingState`
472
+ # @return [String]
473
+ attr_accessor :cluster_level_stop_syncing_state
474
+
475
+ # Output only. The number of RootSync and RepoSync CRs in the cluster.
476
+ # Corresponds to the JSON property `crCount`
477
+ # @return [Fixnum]
478
+ attr_accessor :cr_count
479
+
480
+ # The state of ConfigSync's deployment on a cluster.
481
+ # Corresponds to the JSON property `deploymentState`
482
+ # @return [Google::Apis::GkehubV2::ConfigManagementConfigSyncDeploymentState]
483
+ attr_accessor :deployment_state
484
+
485
+ # Errors pertaining to the installation of Config Sync.
486
+ # Corresponds to the JSON property `errors`
487
+ # @return [Array<Google::Apis::GkehubV2::ConfigManagementConfigSyncError>]
488
+ attr_accessor :errors
489
+
490
+ # The state of the Reposync CRD
491
+ # Corresponds to the JSON property `reposyncCrd`
492
+ # @return [String]
493
+ attr_accessor :reposync_crd
494
+
495
+ # The state of the RootSync CRD
496
+ # Corresponds to the JSON property `rootsyncCrd`
497
+ # @return [String]
498
+ attr_accessor :rootsync_crd
499
+
500
+ # The state of CS This field summarizes the other fields in this message.
501
+ # Corresponds to the JSON property `state`
502
+ # @return [String]
503
+ attr_accessor :state
504
+
505
+ # State indicating an ACM's progress syncing configurations to a cluster.
506
+ # Corresponds to the JSON property `syncState`
507
+ # @return [Google::Apis::GkehubV2::ConfigManagementSyncState]
508
+ attr_accessor :sync_state
509
+
510
+ # Specific versioning information pertaining to ConfigSync's Pods.
511
+ # Corresponds to the JSON property `version`
512
+ # @return [Google::Apis::GkehubV2::ConfigManagementConfigSyncVersion]
513
+ attr_accessor :version
514
+
515
+ def initialize(**args)
516
+ update!(**args)
517
+ end
518
+
519
+ # Update properties of this object
520
+ def update!(**args)
521
+ @cluster_level_stop_syncing_state = args[:cluster_level_stop_syncing_state] if args.key?(:cluster_level_stop_syncing_state)
522
+ @cr_count = args[:cr_count] if args.key?(:cr_count)
523
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
524
+ @errors = args[:errors] if args.key?(:errors)
525
+ @reposync_crd = args[:reposync_crd] if args.key?(:reposync_crd)
526
+ @rootsync_crd = args[:rootsync_crd] if args.key?(:rootsync_crd)
527
+ @state = args[:state] if args.key?(:state)
528
+ @sync_state = args[:sync_state] if args.key?(:sync_state)
529
+ @version = args[:version] if args.key?(:version)
530
+ end
531
+ end
532
+
533
+ # Specific versioning information pertaining to ConfigSync's Pods.
534
+ class ConfigManagementConfigSyncVersion
535
+ include Google::Apis::Core::Hashable
536
+
537
+ # Version of the deployed admission-webhook pod.
538
+ # Corresponds to the JSON property `admissionWebhook`
539
+ # @return [String]
540
+ attr_accessor :admission_webhook
541
+
542
+ # Version of the deployed git-sync pod.
543
+ # Corresponds to the JSON property `gitSync`
544
+ # @return [String]
545
+ attr_accessor :git_sync
546
+
547
+ # Version of the deployed importer pod.
548
+ # Corresponds to the JSON property `importer`
549
+ # @return [String]
550
+ attr_accessor :importer
551
+
552
+ # Version of the deployed monitor pod.
553
+ # Corresponds to the JSON property `monitor`
554
+ # @return [String]
555
+ attr_accessor :monitor
556
+
557
+ # Version of the deployed otel-collector pod
558
+ # Corresponds to the JSON property `otelCollector`
559
+ # @return [String]
560
+ attr_accessor :otel_collector
561
+
562
+ # Version of the deployed reconciler-manager pod.
563
+ # Corresponds to the JSON property `reconcilerManager`
564
+ # @return [String]
565
+ attr_accessor :reconciler_manager
566
+
567
+ # Version of the deployed resource-group-controller-manager pod
568
+ # Corresponds to the JSON property `resourceGroupControllerManager`
569
+ # @return [String]
570
+ attr_accessor :resource_group_controller_manager
571
+
572
+ # Version of the deployed reconciler container in root-reconciler pod.
573
+ # Corresponds to the JSON property `rootReconciler`
574
+ # @return [String]
575
+ attr_accessor :root_reconciler
576
+
577
+ # Version of the deployed syncer pod.
578
+ # Corresponds to the JSON property `syncer`
579
+ # @return [String]
580
+ attr_accessor :syncer
581
+
582
+ def initialize(**args)
583
+ update!(**args)
584
+ end
585
+
586
+ # Update properties of this object
587
+ def update!(**args)
588
+ @admission_webhook = args[:admission_webhook] if args.key?(:admission_webhook)
589
+ @git_sync = args[:git_sync] if args.key?(:git_sync)
590
+ @importer = args[:importer] if args.key?(:importer)
591
+ @monitor = args[:monitor] if args.key?(:monitor)
592
+ @otel_collector = args[:otel_collector] if args.key?(:otel_collector)
593
+ @reconciler_manager = args[:reconciler_manager] if args.key?(:reconciler_manager)
594
+ @resource_group_controller_manager = args[:resource_group_controller_manager] if args.key?(:resource_group_controller_manager)
595
+ @root_reconciler = args[:root_reconciler] if args.key?(:root_reconciler)
596
+ @syncer = args[:syncer] if args.key?(:syncer)
597
+ end
598
+ end
599
+
600
+ # Model for a config file in the git repo with an associated Sync error.
601
+ class ConfigManagementErrorResource
602
+ include Google::Apis::Core::Hashable
603
+
604
+ # A Kubernetes object's GVK.
605
+ # Corresponds to the JSON property `resourceGvk`
606
+ # @return [Google::Apis::GkehubV2::ConfigManagementGroupVersionKind]
607
+ attr_accessor :resource_gvk
608
+
609
+ # Metadata name of the resource that is causing an error
610
+ # Corresponds to the JSON property `resourceName`
611
+ # @return [String]
612
+ attr_accessor :resource_name
613
+
614
+ # Namespace of the resource that is causing an error
615
+ # Corresponds to the JSON property `resourceNamespace`
616
+ # @return [String]
617
+ attr_accessor :resource_namespace
618
+
619
+ # Path in the git repo of the erroneous config
620
+ # Corresponds to the JSON property `sourcePath`
621
+ # @return [String]
622
+ attr_accessor :source_path
623
+
624
+ def initialize(**args)
625
+ update!(**args)
626
+ end
627
+
628
+ # Update properties of this object
629
+ def update!(**args)
630
+ @resource_gvk = args[:resource_gvk] if args.key?(:resource_gvk)
631
+ @resource_name = args[:resource_name] if args.key?(:resource_name)
632
+ @resource_namespace = args[:resource_namespace] if args.key?(:resource_namespace)
633
+ @source_path = args[:source_path] if args.key?(:source_path)
634
+ end
635
+ end
636
+
637
+ # State of Policy Controller installation.
638
+ class ConfigManagementGatekeeperDeploymentState
639
+ include Google::Apis::Core::Hashable
640
+
641
+ # Status of gatekeeper-audit deployment.
642
+ # Corresponds to the JSON property `gatekeeperAudit`
643
+ # @return [String]
644
+ attr_accessor :gatekeeper_audit
645
+
646
+ # Status of gatekeeper-controller-manager pod.
647
+ # Corresponds to the JSON property `gatekeeperControllerManagerState`
648
+ # @return [String]
649
+ attr_accessor :gatekeeper_controller_manager_state
650
+
651
+ # Status of the pod serving the mutation webhook.
652
+ # Corresponds to the JSON property `gatekeeperMutation`
653
+ # @return [String]
654
+ attr_accessor :gatekeeper_mutation
655
+
656
+ def initialize(**args)
657
+ update!(**args)
658
+ end
659
+
660
+ # Update properties of this object
661
+ def update!(**args)
662
+ @gatekeeper_audit = args[:gatekeeper_audit] if args.key?(:gatekeeper_audit)
663
+ @gatekeeper_controller_manager_state = args[:gatekeeper_controller_manager_state] if args.key?(:gatekeeper_controller_manager_state)
664
+ @gatekeeper_mutation = args[:gatekeeper_mutation] if args.key?(:gatekeeper_mutation)
665
+ end
666
+ end
667
+
668
+ # Git repo configuration for a single cluster.
669
+ class ConfigManagementGitConfig
670
+ include Google::Apis::Core::Hashable
671
+
672
+ # The Google Cloud Service Account Email used for auth when secret_type is
673
+ # gcpServiceAccount.
674
+ # Corresponds to the JSON property `gcpServiceAccountEmail`
675
+ # @return [String]
676
+ attr_accessor :gcp_service_account_email
677
+
678
+ # URL for the HTTPS proxy to be used when communicating with the Git repo.
679
+ # Corresponds to the JSON property `httpsProxy`
680
+ # @return [String]
681
+ attr_accessor :https_proxy
682
+
683
+ # The path within the Git repository that represents the top level of the repo
684
+ # to sync. Default: the root directory of the repository.
685
+ # Corresponds to the JSON property `policyDir`
686
+ # @return [String]
687
+ attr_accessor :policy_dir
688
+
689
+ # Type of secret configured for access to the Git repo. Must be one of ssh,
690
+ # cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this
691
+ # is case-sensitive. Required.
692
+ # Corresponds to the JSON property `secretType`
693
+ # @return [String]
694
+ attr_accessor :secret_type
695
+
696
+ # The branch of the repository to sync from. Default: master.
697
+ # Corresponds to the JSON property `syncBranch`
698
+ # @return [String]
699
+ attr_accessor :sync_branch
700
+
701
+ # The URL of the Git repository to use as the source of truth.
702
+ # Corresponds to the JSON property `syncRepo`
703
+ # @return [String]
704
+ attr_accessor :sync_repo
705
+
706
+ # Git revision (tag or hash) to check out. Default HEAD.
707
+ # Corresponds to the JSON property `syncRev`
708
+ # @return [String]
709
+ attr_accessor :sync_rev
710
+
711
+ # Period in seconds between consecutive syncs. Default: 15.
712
+ # Corresponds to the JSON property `syncWaitSecs`
713
+ # @return [Fixnum]
714
+ attr_accessor :sync_wait_secs
715
+
716
+ def initialize(**args)
717
+ update!(**args)
718
+ end
719
+
720
+ # Update properties of this object
721
+ def update!(**args)
722
+ @gcp_service_account_email = args[:gcp_service_account_email] if args.key?(:gcp_service_account_email)
723
+ @https_proxy = args[:https_proxy] if args.key?(:https_proxy)
724
+ @policy_dir = args[:policy_dir] if args.key?(:policy_dir)
725
+ @secret_type = args[:secret_type] if args.key?(:secret_type)
726
+ @sync_branch = args[:sync_branch] if args.key?(:sync_branch)
727
+ @sync_repo = args[:sync_repo] if args.key?(:sync_repo)
728
+ @sync_rev = args[:sync_rev] if args.key?(:sync_rev)
729
+ @sync_wait_secs = args[:sync_wait_secs] if args.key?(:sync_wait_secs)
730
+ end
731
+ end
732
+
733
+ # A Kubernetes object's GVK.
734
+ class ConfigManagementGroupVersionKind
735
+ include Google::Apis::Core::Hashable
736
+
737
+ # Kubernetes Group
738
+ # Corresponds to the JSON property `group`
739
+ # @return [String]
740
+ attr_accessor :group
741
+
742
+ # Kubernetes Kind
743
+ # Corresponds to the JSON property `kind`
744
+ # @return [String]
745
+ attr_accessor :kind
746
+
747
+ # Kubernetes Version
748
+ # Corresponds to the JSON property `version`
749
+ # @return [String]
750
+ attr_accessor :version
751
+
752
+ def initialize(**args)
753
+ update!(**args)
754
+ end
755
+
756
+ # Update properties of this object
757
+ def update!(**args)
758
+ @group = args[:group] if args.key?(:group)
759
+ @kind = args[:kind] if args.key?(:kind)
760
+ @version = args[:version] if args.key?(:version)
761
+ end
762
+ end
763
+
764
+ # Configuration for Hierarchy Controller.
765
+ class ConfigManagementHierarchyControllerConfig
766
+ include Google::Apis::Core::Hashable
767
+
768
+ # Whether hierarchical resource quota is enabled in this cluster.
769
+ # Corresponds to the JSON property `enableHierarchicalResourceQuota`
770
+ # @return [Boolean]
771
+ attr_accessor :enable_hierarchical_resource_quota
772
+ alias_method :enable_hierarchical_resource_quota?, :enable_hierarchical_resource_quota
773
+
774
+ # Whether pod tree labels are enabled in this cluster.
775
+ # Corresponds to the JSON property `enablePodTreeLabels`
776
+ # @return [Boolean]
777
+ attr_accessor :enable_pod_tree_labels
778
+ alias_method :enable_pod_tree_labels?, :enable_pod_tree_labels
779
+
780
+ # Whether Hierarchy Controller is enabled in this cluster.
781
+ # Corresponds to the JSON property `enabled`
782
+ # @return [Boolean]
783
+ attr_accessor :enabled
784
+ alias_method :enabled?, :enabled
785
+
786
+ def initialize(**args)
787
+ update!(**args)
788
+ end
789
+
790
+ # Update properties of this object
791
+ def update!(**args)
792
+ @enable_hierarchical_resource_quota = args[:enable_hierarchical_resource_quota] if args.key?(:enable_hierarchical_resource_quota)
793
+ @enable_pod_tree_labels = args[:enable_pod_tree_labels] if args.key?(:enable_pod_tree_labels)
794
+ @enabled = args[:enabled] if args.key?(:enabled)
795
+ end
796
+ end
797
+
798
+ # Deployment state for Hierarchy Controller
799
+ class ConfigManagementHierarchyControllerDeploymentState
800
+ include Google::Apis::Core::Hashable
801
+
802
+ # The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1).
803
+ # Corresponds to the JSON property `extension`
804
+ # @return [String]
805
+ attr_accessor :extension
806
+
807
+ # The deployment state for open source HNC (e.g. v0.7.0-hc.0).
808
+ # Corresponds to the JSON property `hnc`
809
+ # @return [String]
810
+ attr_accessor :hnc
811
+
812
+ def initialize(**args)
813
+ update!(**args)
814
+ end
815
+
816
+ # Update properties of this object
817
+ def update!(**args)
818
+ @extension = args[:extension] if args.key?(:extension)
819
+ @hnc = args[:hnc] if args.key?(:hnc)
820
+ end
821
+ end
822
+
823
+ # State for Hierarchy Controller.
824
+ class ConfigManagementHierarchyControllerState
825
+ include Google::Apis::Core::Hashable
826
+
827
+ # Deployment state for Hierarchy Controller
828
+ # Corresponds to the JSON property `state`
829
+ # @return [Google::Apis::GkehubV2::ConfigManagementHierarchyControllerDeploymentState]
830
+ attr_accessor :state
831
+
832
+ # Version for Hierarchy Controller.
833
+ # Corresponds to the JSON property `version`
834
+ # @return [Google::Apis::GkehubV2::ConfigManagementHierarchyControllerVersion]
835
+ attr_accessor :version
836
+
837
+ def initialize(**args)
838
+ update!(**args)
839
+ end
840
+
841
+ # Update properties of this object
842
+ def update!(**args)
843
+ @state = args[:state] if args.key?(:state)
844
+ @version = args[:version] if args.key?(:version)
845
+ end
846
+ end
847
+
848
+ # Version for Hierarchy Controller.
849
+ class ConfigManagementHierarchyControllerVersion
850
+ include Google::Apis::Core::Hashable
851
+
852
+ # Version for Hierarchy Controller extension.
853
+ # Corresponds to the JSON property `extension`
854
+ # @return [String]
855
+ attr_accessor :extension
856
+
857
+ # Version for open source HNC.
858
+ # Corresponds to the JSON property `hnc`
859
+ # @return [String]
860
+ attr_accessor :hnc
861
+
862
+ def initialize(**args)
863
+ update!(**args)
864
+ end
865
+
866
+ # Update properties of this object
867
+ def update!(**args)
868
+ @extension = args[:extension] if args.key?(:extension)
869
+ @hnc = args[:hnc] if args.key?(:hnc)
870
+ end
871
+ end
872
+
873
+ # Errors pertaining to the installation of ACM.
874
+ class ConfigManagementInstallError
875
+ include Google::Apis::Core::Hashable
876
+
877
+ # A string representing the user facing error message.
878
+ # Corresponds to the JSON property `errorMessage`
879
+ # @return [String]
880
+ attr_accessor :error_message
881
+
882
+ def initialize(**args)
883
+ update!(**args)
884
+ end
885
+
886
+ # Update properties of this object
887
+ def update!(**args)
888
+ @error_message = args[:error_message] if args.key?(:error_message)
889
+ end
890
+ end
891
+
892
+ # OCI repo configuration for a single cluster.
893
+ class ConfigManagementOciConfig
894
+ include Google::Apis::Core::Hashable
895
+
896
+ # The Google Cloud Service Account Email used for auth when secret_type is
897
+ # gcpServiceAccount.
898
+ # Corresponds to the JSON property `gcpServiceAccountEmail`
899
+ # @return [String]
900
+ attr_accessor :gcp_service_account_email
901
+
902
+ # The absolute path of the directory that contains the local resources. Default:
903
+ # the root directory of the image.
904
+ # Corresponds to the JSON property `policyDir`
905
+ # @return [String]
906
+ attr_accessor :policy_dir
907
+
908
+ # Type of secret configured for access to the Git repo.
909
+ # Corresponds to the JSON property `secretType`
910
+ # @return [String]
911
+ attr_accessor :secret_type
912
+
913
+ # The OCI image repository URL for the package to sync from. e.g. `LOCATION-
914
+ # docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`.
915
+ # Corresponds to the JSON property `syncRepo`
916
+ # @return [String]
917
+ attr_accessor :sync_repo
918
+
919
+ # Period in seconds between consecutive syncs. Default: 15.
920
+ # Corresponds to the JSON property `syncWaitSecs`
921
+ # @return [Fixnum]
922
+ attr_accessor :sync_wait_secs
923
+
924
+ def initialize(**args)
925
+ update!(**args)
926
+ end
927
+
928
+ # Update properties of this object
929
+ def update!(**args)
930
+ @gcp_service_account_email = args[:gcp_service_account_email] if args.key?(:gcp_service_account_email)
931
+ @policy_dir = args[:policy_dir] if args.key?(:policy_dir)
932
+ @secret_type = args[:secret_type] if args.key?(:secret_type)
933
+ @sync_repo = args[:sync_repo] if args.key?(:sync_repo)
934
+ @sync_wait_secs = args[:sync_wait_secs] if args.key?(:sync_wait_secs)
935
+ end
936
+ end
937
+
938
+ # State information for an ACM's Operator.
939
+ class ConfigManagementOperatorState
940
+ include Google::Apis::Core::Hashable
941
+
942
+ # The state of the Operator's deployment.
943
+ # Corresponds to the JSON property `deploymentState`
944
+ # @return [String]
945
+ attr_accessor :deployment_state
946
+
947
+ # Install errors.
948
+ # Corresponds to the JSON property `errors`
949
+ # @return [Array<Google::Apis::GkehubV2::ConfigManagementInstallError>]
950
+ attr_accessor :errors
951
+
952
+ # The semenatic version number of the operator.
953
+ # Corresponds to the JSON property `version`
954
+ # @return [String]
955
+ attr_accessor :version
956
+
957
+ def initialize(**args)
958
+ update!(**args)
959
+ end
960
+
961
+ # Update properties of this object
962
+ def update!(**args)
963
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
964
+ @errors = args[:errors] if args.key?(:errors)
965
+ @version = args[:version] if args.key?(:version)
966
+ end
967
+ end
968
+
969
+ # Configuration for Policy Controller
970
+ class ConfigManagementPolicyController
971
+ include Google::Apis::Core::Hashable
972
+
973
+ # Sets the interval for Policy Controller Audit Scans (in seconds). When set to
974
+ # 0, this disables audit functionality altogether.
975
+ # Corresponds to the JSON property `auditIntervalSeconds`
976
+ # @return [Fixnum]
977
+ attr_accessor :audit_interval_seconds
978
+
979
+ # Enables the installation of Policy Controller. If false, the rest of
980
+ # PolicyController fields take no effect.
981
+ # Corresponds to the JSON property `enabled`
982
+ # @return [Boolean]
983
+ attr_accessor :enabled
984
+ alias_method :enabled?, :enabled
985
+
986
+ # The set of namespaces that are excluded from Policy Controller checks.
987
+ # Namespaces do not need to currently exist on the cluster.
988
+ # Corresponds to the JSON property `exemptableNamespaces`
989
+ # @return [Array<String>]
990
+ attr_accessor :exemptable_namespaces
991
+
992
+ # Logs all denies and dry run failures.
993
+ # Corresponds to the JSON property `logDeniesEnabled`
994
+ # @return [Boolean]
995
+ attr_accessor :log_denies_enabled
996
+ alias_method :log_denies_enabled?, :log_denies_enabled
997
+
998
+ # PolicyControllerMonitoring specifies the backends Policy Controller should
999
+ # export metrics to. For example, to specify metrics should be exported to Cloud
1000
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
1001
+ # Corresponds to the JSON property `monitoring`
1002
+ # @return [Google::Apis::GkehubV2::ConfigManagementPolicyControllerMonitoring]
1003
+ attr_accessor :monitoring
1004
+
1005
+ # Enable or disable mutation in policy controller. If true, mutation CRDs,
1006
+ # webhook and controller deployment will be deployed to the cluster.
1007
+ # Corresponds to the JSON property `mutationEnabled`
1008
+ # @return [Boolean]
1009
+ attr_accessor :mutation_enabled
1010
+ alias_method :mutation_enabled?, :mutation_enabled
1011
+
1012
+ # Enables the ability to use Constraint Templates that reference to objects
1013
+ # other than the object currently being evaluated.
1014
+ # Corresponds to the JSON property `referentialRulesEnabled`
1015
+ # @return [Boolean]
1016
+ attr_accessor :referential_rules_enabled
1017
+ alias_method :referential_rules_enabled?, :referential_rules_enabled
1018
+
1019
+ # Installs the default template library along with Policy Controller.
1020
+ # Corresponds to the JSON property `templateLibraryInstalled`
1021
+ # @return [Boolean]
1022
+ attr_accessor :template_library_installed
1023
+ alias_method :template_library_installed?, :template_library_installed
1024
+
1025
+ # Output only. Last time this membership spec was updated.
1026
+ # Corresponds to the JSON property `updateTime`
1027
+ # @return [String]
1028
+ attr_accessor :update_time
1029
+
1030
+ def initialize(**args)
1031
+ update!(**args)
1032
+ end
1033
+
1034
+ # Update properties of this object
1035
+ def update!(**args)
1036
+ @audit_interval_seconds = args[:audit_interval_seconds] if args.key?(:audit_interval_seconds)
1037
+ @enabled = args[:enabled] if args.key?(:enabled)
1038
+ @exemptable_namespaces = args[:exemptable_namespaces] if args.key?(:exemptable_namespaces)
1039
+ @log_denies_enabled = args[:log_denies_enabled] if args.key?(:log_denies_enabled)
1040
+ @monitoring = args[:monitoring] if args.key?(:monitoring)
1041
+ @mutation_enabled = args[:mutation_enabled] if args.key?(:mutation_enabled)
1042
+ @referential_rules_enabled = args[:referential_rules_enabled] if args.key?(:referential_rules_enabled)
1043
+ @template_library_installed = args[:template_library_installed] if args.key?(:template_library_installed)
1044
+ @update_time = args[:update_time] if args.key?(:update_time)
1045
+ end
1046
+ end
1047
+
1048
+ # State for the migration of PolicyController from ACM -> PoCo Hub.
1049
+ class ConfigManagementPolicyControllerMigration
1050
+ include Google::Apis::Core::Hashable
1051
+
1052
+ # Last time this membership spec was copied to PoCo feature.
1053
+ # Corresponds to the JSON property `copyTime`
1054
+ # @return [String]
1055
+ attr_accessor :copy_time
1056
+
1057
+ # Stage of the migration.
1058
+ # Corresponds to the JSON property `stage`
1059
+ # @return [String]
1060
+ attr_accessor :stage
1061
+
1062
+ def initialize(**args)
1063
+ update!(**args)
1064
+ end
1065
+
1066
+ # Update properties of this object
1067
+ def update!(**args)
1068
+ @copy_time = args[:copy_time] if args.key?(:copy_time)
1069
+ @stage = args[:stage] if args.key?(:stage)
1070
+ end
1071
+ end
1072
+
1073
+ # PolicyControllerMonitoring specifies the backends Policy Controller should
1074
+ # export metrics to. For example, to specify metrics should be exported to Cloud
1075
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
1076
+ class ConfigManagementPolicyControllerMonitoring
1077
+ include Google::Apis::Core::Hashable
1078
+
1079
+ # Specifies the list of backends Policy Controller will export to. An empty list
1080
+ # would effectively disable metrics export.
1081
+ # Corresponds to the JSON property `backends`
1082
+ # @return [Array<String>]
1083
+ attr_accessor :backends
1084
+
1085
+ def initialize(**args)
1086
+ update!(**args)
1087
+ end
1088
+
1089
+ # Update properties of this object
1090
+ def update!(**args)
1091
+ @backends = args[:backends] if args.key?(:backends)
1092
+ end
1093
+ end
1094
+
1095
+ # State for PolicyControllerState.
1096
+ class ConfigManagementPolicyControllerState
1097
+ include Google::Apis::Core::Hashable
1098
+
1099
+ # State of Policy Controller installation.
1100
+ # Corresponds to the JSON property `deploymentState`
1101
+ # @return [Google::Apis::GkehubV2::ConfigManagementGatekeeperDeploymentState]
1102
+ attr_accessor :deployment_state
1103
+
1104
+ # State for the migration of PolicyController from ACM -> PoCo Hub.
1105
+ # Corresponds to the JSON property `migration`
1106
+ # @return [Google::Apis::GkehubV2::ConfigManagementPolicyControllerMigration]
1107
+ attr_accessor :migration
1108
+
1109
+ # The build version of Gatekeeper Policy Controller is using.
1110
+ # Corresponds to the JSON property `version`
1111
+ # @return [Google::Apis::GkehubV2::ConfigManagementPolicyControllerVersion]
1112
+ attr_accessor :version
1113
+
1114
+ def initialize(**args)
1115
+ update!(**args)
1116
+ end
1117
+
1118
+ # Update properties of this object
1119
+ def update!(**args)
1120
+ @deployment_state = args[:deployment_state] if args.key?(:deployment_state)
1121
+ @migration = args[:migration] if args.key?(:migration)
1122
+ @version = args[:version] if args.key?(:version)
1123
+ end
1124
+ end
1125
+
1126
+ # The build version of Gatekeeper Policy Controller is using.
1127
+ class ConfigManagementPolicyControllerVersion
1128
+ include Google::Apis::Core::Hashable
1129
+
1130
+ # The gatekeeper image tag that is composed of ACM version, git tag, build
1131
+ # number.
1132
+ # Corresponds to the JSON property `version`
1133
+ # @return [String]
1134
+ attr_accessor :version
1135
+
1136
+ def initialize(**args)
1137
+ update!(**args)
1138
+ end
1139
+
1140
+ # Update properties of this object
1141
+ def update!(**args)
1142
+ @version = args[:version] if args.key?(:version)
1143
+ end
1144
+ end
1145
+
1146
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1147
+ # parallel the ConfigManagement CR.
1148
+ class ConfigManagementSpec
1149
+ include Google::Apis::Core::Hashable
1150
+
1151
+ # Configuration for Binauthz.
1152
+ # Corresponds to the JSON property `binauthz`
1153
+ # @return [Google::Apis::GkehubV2::ConfigManagementBinauthzConfig]
1154
+ attr_accessor :binauthz
1155
+
1156
+ # The user-specified cluster name used by Config Sync cluster-name-selector
1157
+ # annotation or ClusterSelector, for applying configs to only a subset of
1158
+ # clusters. Omit this field if the cluster's fleet membership name is used by
1159
+ # Config Sync cluster-name-selector annotation or ClusterSelector. Set this
1160
+ # field if a name different from the cluster's fleet membership name is used by
1161
+ # Config Sync cluster-name-selector annotation or ClusterSelector.
1162
+ # Corresponds to the JSON property `cluster`
1163
+ # @return [String]
1164
+ attr_accessor :cluster
1165
+
1166
+ # Configuration for Config Sync
1167
+ # Corresponds to the JSON property `configSync`
1168
+ # @return [Google::Apis::GkehubV2::ConfigManagementConfigSync]
1169
+ attr_accessor :config_sync
1170
+
1171
+ # Configuration for Hierarchy Controller.
1172
+ # Corresponds to the JSON property `hierarchyController`
1173
+ # @return [Google::Apis::GkehubV2::ConfigManagementHierarchyControllerConfig]
1174
+ attr_accessor :hierarchy_controller
1175
+
1176
+ # Enables automatic Feature management.
1177
+ # Corresponds to the JSON property `management`
1178
+ # @return [String]
1179
+ attr_accessor :management
1180
+
1181
+ # Configuration for Policy Controller
1182
+ # Corresponds to the JSON property `policyController`
1183
+ # @return [Google::Apis::GkehubV2::ConfigManagementPolicyController]
1184
+ attr_accessor :policy_controller
1185
+
1186
+ # Version of ACM installed.
1187
+ # Corresponds to the JSON property `version`
1188
+ # @return [String]
1189
+ attr_accessor :version
1190
+
1191
+ def initialize(**args)
1192
+ update!(**args)
1193
+ end
1194
+
1195
+ # Update properties of this object
1196
+ def update!(**args)
1197
+ @binauthz = args[:binauthz] if args.key?(:binauthz)
1198
+ @cluster = args[:cluster] if args.key?(:cluster)
1199
+ @config_sync = args[:config_sync] if args.key?(:config_sync)
1200
+ @hierarchy_controller = args[:hierarchy_controller] if args.key?(:hierarchy_controller)
1201
+ @management = args[:management] if args.key?(:management)
1202
+ @policy_controller = args[:policy_controller] if args.key?(:policy_controller)
1203
+ @version = args[:version] if args.key?(:version)
1204
+ end
1205
+ end
1206
+
1207
+ # **Anthos Config Management**: State for a single cluster.
1208
+ class ConfigManagementState
1209
+ include Google::Apis::Core::Hashable
1210
+
1211
+ # State for Binauthz.
1212
+ # Corresponds to the JSON property `binauthzState`
1213
+ # @return [Google::Apis::GkehubV2::ConfigManagementBinauthzState]
1214
+ attr_accessor :binauthz_state
1215
+
1216
+ # This field is set to the `cluster_name` field of the Membership Spec if it is
1217
+ # not empty. Otherwise, it is set to the cluster's fleet membership name.
1218
+ # Corresponds to the JSON property `clusterName`
1219
+ # @return [String]
1220
+ attr_accessor :cluster_name
1221
+
1222
+ # State information for ConfigSync.
1223
+ # Corresponds to the JSON property `configSyncState`
1224
+ # @return [Google::Apis::GkehubV2::ConfigManagementConfigSyncState]
1225
+ attr_accessor :config_sync_state
1226
+
1227
+ # State for Hierarchy Controller.
1228
+ # Corresponds to the JSON property `hierarchyControllerState`
1229
+ # @return [Google::Apis::GkehubV2::ConfigManagementHierarchyControllerState]
1230
+ attr_accessor :hierarchy_controller_state
1231
+
1232
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1233
+ # parallel the ConfigManagement CR.
1234
+ # Corresponds to the JSON property `membershipSpec`
1235
+ # @return [Google::Apis::GkehubV2::ConfigManagementSpec]
1236
+ attr_accessor :membership_spec
1237
+
1238
+ # State information for an ACM's Operator.
1239
+ # Corresponds to the JSON property `operatorState`
1240
+ # @return [Google::Apis::GkehubV2::ConfigManagementOperatorState]
1241
+ attr_accessor :operator_state
1242
+
1243
+ # State for PolicyControllerState.
1244
+ # Corresponds to the JSON property `policyControllerState`
1245
+ # @return [Google::Apis::GkehubV2::ConfigManagementPolicyControllerState]
1246
+ attr_accessor :policy_controller_state
1247
+
1248
+ def initialize(**args)
1249
+ update!(**args)
1250
+ end
1251
+
1252
+ # Update properties of this object
1253
+ def update!(**args)
1254
+ @binauthz_state = args[:binauthz_state] if args.key?(:binauthz_state)
1255
+ @cluster_name = args[:cluster_name] if args.key?(:cluster_name)
1256
+ @config_sync_state = args[:config_sync_state] if args.key?(:config_sync_state)
1257
+ @hierarchy_controller_state = args[:hierarchy_controller_state] if args.key?(:hierarchy_controller_state)
1258
+ @membership_spec = args[:membership_spec] if args.key?(:membership_spec)
1259
+ @operator_state = args[:operator_state] if args.key?(:operator_state)
1260
+ @policy_controller_state = args[:policy_controller_state] if args.key?(:policy_controller_state)
1261
+ end
1262
+ end
1263
+
1264
+ # An ACM created error representing a problem syncing configurations.
1265
+ class ConfigManagementSyncError
1266
+ include Google::Apis::Core::Hashable
1267
+
1268
+ # An ACM defined error code
1269
+ # Corresponds to the JSON property `code`
1270
+ # @return [String]
1271
+ attr_accessor :code
1272
+
1273
+ # A description of the error
1274
+ # Corresponds to the JSON property `errorMessage`
1275
+ # @return [String]
1276
+ attr_accessor :error_message
1277
+
1278
+ # A list of config(s) associated with the error, if any
1279
+ # Corresponds to the JSON property `errorResources`
1280
+ # @return [Array<Google::Apis::GkehubV2::ConfigManagementErrorResource>]
1281
+ attr_accessor :error_resources
1282
+
1283
+ def initialize(**args)
1284
+ update!(**args)
1285
+ end
1286
+
1287
+ # Update properties of this object
1288
+ def update!(**args)
1289
+ @code = args[:code] if args.key?(:code)
1290
+ @error_message = args[:error_message] if args.key?(:error_message)
1291
+ @error_resources = args[:error_resources] if args.key?(:error_resources)
1292
+ end
1293
+ end
1294
+
1295
+ # State indicating an ACM's progress syncing configurations to a cluster.
1296
+ class ConfigManagementSyncState
1297
+ include Google::Apis::Core::Hashable
1298
+
1299
+ # Sync status code.
1300
+ # Corresponds to the JSON property `code`
1301
+ # @return [String]
1302
+ attr_accessor :code
1303
+
1304
+ # A list of errors resulting from problematic configs. This list will be
1305
+ # truncated after 100 errors, although it is unlikely for that many errors to
1306
+ # simultaneously exist.
1307
+ # Corresponds to the JSON property `errors`
1308
+ # @return [Array<Google::Apis::GkehubV2::ConfigManagementSyncError>]
1309
+ attr_accessor :errors
1310
+
1311
+ # Token indicating the state of the importer.
1312
+ # Corresponds to the JSON property `importToken`
1313
+ # @return [String]
1314
+ attr_accessor :import_token
1315
+
1316
+ # Deprecated: use last_sync_time instead. Timestamp of when ACM last
1317
+ # successfully synced the repo. The time format is specified in https://golang.
1318
+ # org/pkg/time/#Time.String
1319
+ # Corresponds to the JSON property `lastSync`
1320
+ # @return [String]
1321
+ attr_accessor :last_sync
1322
+
1323
+ # Timestamp type of when ACM last successfully synced the repo.
1324
+ # Corresponds to the JSON property `lastSyncTime`
1325
+ # @return [String]
1326
+ attr_accessor :last_sync_time
1327
+
1328
+ # Token indicating the state of the repo.
1329
+ # Corresponds to the JSON property `sourceToken`
1330
+ # @return [String]
1331
+ attr_accessor :source_token
1332
+
1333
+ # Token indicating the state of the syncer.
1334
+ # Corresponds to the JSON property `syncToken`
1335
+ # @return [String]
1336
+ attr_accessor :sync_token
1337
+
1338
+ def initialize(**args)
1339
+ update!(**args)
1340
+ end
1341
+
1342
+ # Update properties of this object
1343
+ def update!(**args)
1344
+ @code = args[:code] if args.key?(:code)
1345
+ @errors = args[:errors] if args.key?(:errors)
1346
+ @import_token = args[:import_token] if args.key?(:import_token)
1347
+ @last_sync = args[:last_sync] if args.key?(:last_sync)
1348
+ @last_sync_time = args[:last_sync_time] if args.key?(:last_sync_time)
1349
+ @source_token = args[:source_token] if args.key?(:source_token)
1350
+ @sync_token = args[:sync_token] if args.key?(:sync_token)
1351
+ end
1352
+ end
1353
+
1354
+ # A generic empty message that you can re-use to avoid defining duplicated empty
1355
+ # messages in your APIs. A typical example is to use it as the request or the
1356
+ # response type of an API method. For instance: service Foo ` rpc Bar(google.
1357
+ # protobuf.Empty) returns (google.protobuf.Empty); `
1358
+ class Empty
1359
+ include Google::Apis::Core::Hashable
1360
+
1361
+ def initialize(**args)
1362
+ update!(**args)
1363
+ end
1364
+
1365
+ # Update properties of this object
1366
+ def update!(**args)
1367
+ end
1368
+ end
1369
+
1370
+ # Information of the FeatureConfig applied on the MembershipFeature.
1371
+ class FeatureConfigRef
1372
+ include Google::Apis::Core::Hashable
1373
+
1374
+ # Input only. Resource name of FeatureConfig, in the format: `projects/`project`/
1375
+ # locations/global/featureConfigs/`feature_config``.
1376
+ # Corresponds to the JSON property `config`
1377
+ # @return [String]
1378
+ attr_accessor :config
1379
+
1380
+ # Output only. When the FeatureConfig was last applied and copied to FeatureSpec.
1381
+ # Corresponds to the JSON property `configUpdateTime`
1382
+ # @return [String]
1383
+ attr_accessor :config_update_time
1384
+
1385
+ # Output only. An id that uniquely identify a FeatureConfig object.
1386
+ # Corresponds to the JSON property `uuid`
1387
+ # @return [String]
1388
+ attr_accessor :uuid
1389
+
1390
+ def initialize(**args)
1391
+ update!(**args)
1392
+ end
1393
+
1394
+ # Update properties of this object
1395
+ def update!(**args)
1396
+ @config = args[:config] if args.key?(:config)
1397
+ @config_update_time = args[:config_update_time] if args.key?(:config_update_time)
1398
+ @uuid = args[:uuid] if args.key?(:uuid)
1399
+ end
1400
+ end
1401
+
1402
+ # FeatureSpec contains user input per-feature spec information.
1403
+ class FeatureSpec
1404
+ include Google::Apis::Core::Hashable
1405
+
1406
+ # **Cloud Build**: Configurations for each Cloud Build enabled cluster.
1407
+ # Corresponds to the JSON property `cloudbuild`
1408
+ # @return [Google::Apis::GkehubV2::CloudBuildSpec]
1409
+ attr_accessor :cloudbuild
1410
+
1411
+ # **Anthos Config Management**: Configuration for a single cluster. Intended to
1412
+ # parallel the ConfigManagement CR.
1413
+ # Corresponds to the JSON property `configmanagement`
1414
+ # @return [Google::Apis::GkehubV2::ConfigManagementSpec]
1415
+ attr_accessor :configmanagement
1416
+
1417
+ # **IdentityService**: Configuration for a single membership.
1418
+ # Corresponds to the JSON property `identityservice`
1419
+ # @return [Google::Apis::GkehubV2::IdentityServiceSpec]
1420
+ attr_accessor :identityservice
1421
+
1422
+ # Origin defines where this FeatureSpec originated from.
1423
+ # Corresponds to the JSON property `origin`
1424
+ # @return [Google::Apis::GkehubV2::Origin]
1425
+ attr_accessor :origin
1426
+
1427
+ # **Policy Controller**: Configuration for a single cluster. Intended to
1428
+ # parallel the PolicyController CR.
1429
+ # Corresponds to the JSON property `policycontroller`
1430
+ # @return [Google::Apis::GkehubV2::PolicyControllerSpec]
1431
+ attr_accessor :policycontroller
1432
+
1433
+ # **Service Mesh**: Spec for a single Membership for the servicemesh feature
1434
+ # Corresponds to the JSON property `servicemesh`
1435
+ # @return [Google::Apis::GkehubV2::ServiceMeshSpec]
1436
+ attr_accessor :servicemesh
1437
+
1438
+ # **WorkloadCertificate**: The membership-specific input for WorkloadCertificate
1439
+ # feature.
1440
+ # Corresponds to the JSON property `workloadcertificate`
1441
+ # @return [Google::Apis::GkehubV2::WorkloadCertificateSpec]
1442
+ attr_accessor :workloadcertificate
1443
+
1444
+ def initialize(**args)
1445
+ update!(**args)
1446
+ end
1447
+
1448
+ # Update properties of this object
1449
+ def update!(**args)
1450
+ @cloudbuild = args[:cloudbuild] if args.key?(:cloudbuild)
1451
+ @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
1452
+ @identityservice = args[:identityservice] if args.key?(:identityservice)
1453
+ @origin = args[:origin] if args.key?(:origin)
1454
+ @policycontroller = args[:policycontroller] if args.key?(:policycontroller)
1455
+ @servicemesh = args[:servicemesh] if args.key?(:servicemesh)
1456
+ @workloadcertificate = args[:workloadcertificate] if args.key?(:workloadcertificate)
1457
+ end
1458
+ end
1459
+
1460
+ # FeatureState contains high-level state information and per-feature state
1461
+ # information for this MembershipFeature.
1462
+ class FeatureState
1463
+ include Google::Apis::Core::Hashable
1464
+
1465
+ # State for App Dev Exp Feature.
1466
+ # Corresponds to the JSON property `appdevexperience`
1467
+ # @return [Google::Apis::GkehubV2::AppDevExperienceState]
1468
+ attr_accessor :appdevexperience
1469
+
1470
+ # Per-membership state for this feature.
1471
+ # Corresponds to the JSON property `clusterupgrade`
1472
+ # @return [Google::Apis::GkehubV2::ClusterUpgradeState]
1473
+ attr_accessor :clusterupgrade
1474
+
1475
+ # **Anthos Config Management**: State for a single cluster.
1476
+ # Corresponds to the JSON property `configmanagement`
1477
+ # @return [Google::Apis::GkehubV2::ConfigManagementState]
1478
+ attr_accessor :configmanagement
1479
+
1480
+ # **IdentityService**: State for a single membership, analyzed and reported by
1481
+ # feature controller.
1482
+ # Corresponds to the JSON property `identityservice`
1483
+ # @return [Google::Apis::GkehubV2::IdentityServiceState]
1484
+ attr_accessor :identityservice
1485
+
1486
+ # **Metering**: State for a single membership, analyzed and reported by feature
1487
+ # controller.
1488
+ # Corresponds to the JSON property `metering`
1489
+ # @return [Google::Apis::GkehubV2::MeteringState]
1490
+ attr_accessor :metering
1491
+
1492
+ # **Policy Controller**: State for a single cluster.
1493
+ # Corresponds to the JSON property `policycontroller`
1494
+ # @return [Google::Apis::GkehubV2::PolicyControllerState]
1495
+ attr_accessor :policycontroller
1496
+
1497
+ # **Service Mesh**: State for a single Membership, as analyzed by the Service
1498
+ # Mesh Hub Controller.
1499
+ # Corresponds to the JSON property `servicemesh`
1500
+ # @return [Google::Apis::GkehubV2::ServiceMeshState]
1501
+ attr_accessor :servicemesh
1502
+
1503
+ # High-level state of a MembershipFeature.
1504
+ # Corresponds to the JSON property `state`
1505
+ # @return [Google::Apis::GkehubV2::State]
1506
+ attr_accessor :state
1507
+
1508
+ def initialize(**args)
1509
+ update!(**args)
1510
+ end
1511
+
1512
+ # Update properties of this object
1513
+ def update!(**args)
1514
+ @appdevexperience = args[:appdevexperience] if args.key?(:appdevexperience)
1515
+ @clusterupgrade = args[:clusterupgrade] if args.key?(:clusterupgrade)
1516
+ @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
1517
+ @identityservice = args[:identityservice] if args.key?(:identityservice)
1518
+ @metering = args[:metering] if args.key?(:metering)
1519
+ @policycontroller = args[:policycontroller] if args.key?(:policycontroller)
1520
+ @servicemesh = args[:servicemesh] if args.key?(:servicemesh)
1521
+ @state = args[:state] if args.key?(:state)
1522
+ end
1523
+ end
1524
+
1525
+ # The `Status` type defines a logical error model that is suitable for different
1526
+ # programming environments, including REST APIs and RPC APIs. It is used by [
1527
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
1528
+ # data: error code, error message, and error details. You can find out more
1529
+ # about this error model and how to work with it in the [API Design Guide](https:
1530
+ # //cloud.google.com/apis/design/errors).
1531
+ class GoogleRpcStatus
1532
+ include Google::Apis::Core::Hashable
1533
+
1534
+ # The status code, which should be an enum value of google.rpc.Code.
1535
+ # Corresponds to the JSON property `code`
1536
+ # @return [Fixnum]
1537
+ attr_accessor :code
1538
+
1539
+ # A list of messages that carry the error details. There is a common set of
1540
+ # message types for APIs to use.
1541
+ # Corresponds to the JSON property `details`
1542
+ # @return [Array<Hash<String,Object>>]
1543
+ attr_accessor :details
1544
+
1545
+ # A developer-facing error message, which should be in English. Any user-facing
1546
+ # error message should be localized and sent in the google.rpc.Status.details
1547
+ # field, or localized by the client.
1548
+ # Corresponds to the JSON property `message`
1549
+ # @return [String]
1550
+ attr_accessor :message
1551
+
1552
+ def initialize(**args)
1553
+ update!(**args)
1554
+ end
1555
+
1556
+ # Update properties of this object
1557
+ def update!(**args)
1558
+ @code = args[:code] if args.key?(:code)
1559
+ @details = args[:details] if args.key?(:details)
1560
+ @message = args[:message] if args.key?(:message)
1561
+ end
1562
+ end
1563
+
1564
+ # Configuration of an auth method for a member/cluster. Only one authentication
1565
+ # method (e.g., OIDC and LDAP) can be set per AuthMethod.
1566
+ class IdentityServiceAuthMethod
1567
+ include Google::Apis::Core::Hashable
1568
+
1569
+ # Configuration for the AzureAD Auth flow.
1570
+ # Corresponds to the JSON property `azureadConfig`
1571
+ # @return [Google::Apis::GkehubV2::IdentityServiceAzureAdConfig]
1572
+ attr_accessor :azuread_config
1573
+
1574
+ # Configuration for the Google Plugin Auth flow.
1575
+ # Corresponds to the JSON property `googleConfig`
1576
+ # @return [Google::Apis::GkehubV2::IdentityServiceGoogleConfig]
1577
+ attr_accessor :google_config
1578
+
1579
+ # Configuration for the LDAP Auth flow.
1580
+ # Corresponds to the JSON property `ldapConfig`
1581
+ # @return [Google::Apis::GkehubV2::IdentityServiceLdapConfig]
1582
+ attr_accessor :ldap_config
1583
+
1584
+ # Identifier for auth config.
1585
+ # Corresponds to the JSON property `name`
1586
+ # @return [String]
1587
+ attr_accessor :name
1588
+
1589
+ # Configuration for OIDC Auth flow.
1590
+ # Corresponds to the JSON property `oidcConfig`
1591
+ # @return [Google::Apis::GkehubV2::IdentityServiceOidcConfig]
1592
+ attr_accessor :oidc_config
1593
+
1594
+ # Proxy server address to use for auth method.
1595
+ # Corresponds to the JSON property `proxy`
1596
+ # @return [String]
1597
+ attr_accessor :proxy
1598
+
1599
+ # Configuration for the SAML Auth flow.
1600
+ # Corresponds to the JSON property `samlConfig`
1601
+ # @return [Google::Apis::GkehubV2::IdentityServiceSamlConfig]
1602
+ attr_accessor :saml_config
1603
+
1604
+ def initialize(**args)
1605
+ update!(**args)
1606
+ end
1607
+
1608
+ # Update properties of this object
1609
+ def update!(**args)
1610
+ @azuread_config = args[:azuread_config] if args.key?(:azuread_config)
1611
+ @google_config = args[:google_config] if args.key?(:google_config)
1612
+ @ldap_config = args[:ldap_config] if args.key?(:ldap_config)
1613
+ @name = args[:name] if args.key?(:name)
1614
+ @oidc_config = args[:oidc_config] if args.key?(:oidc_config)
1615
+ @proxy = args[:proxy] if args.key?(:proxy)
1616
+ @saml_config = args[:saml_config] if args.key?(:saml_config)
1617
+ end
1618
+ end
1619
+
1620
+ # Configuration for the AzureAD Auth flow.
1621
+ class IdentityServiceAzureAdConfig
1622
+ include Google::Apis::Core::Hashable
1623
+
1624
+ # ID for the registered client application that makes authentication requests to
1625
+ # the Azure AD identity provider.
1626
+ # Corresponds to the JSON property `clientId`
1627
+ # @return [String]
1628
+ attr_accessor :client_id
1629
+
1630
+ # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub
1631
+ # CLH.
1632
+ # Corresponds to the JSON property `clientSecret`
1633
+ # @return [String]
1634
+ attr_accessor :client_secret
1635
+
1636
+ # Output only. Encrypted AzureAD client secret.
1637
+ # Corresponds to the JSON property `encryptedClientSecret`
1638
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1639
+ # @return [String]
1640
+ attr_accessor :encrypted_client_secret
1641
+
1642
+ # Optional. Format of the AzureAD groups that the client wants for auth.
1643
+ # Corresponds to the JSON property `groupFormat`
1644
+ # @return [String]
1645
+ attr_accessor :group_format
1646
+
1647
+ # The redirect URL that kubectl uses for authorization.
1648
+ # Corresponds to the JSON property `kubectlRedirectUri`
1649
+ # @return [String]
1650
+ attr_accessor :kubectl_redirect_uri
1651
+
1652
+ # Kind of Azure AD account to be authenticated. Supported values are or for
1653
+ # accounts belonging to a specific tenant.
1654
+ # Corresponds to the JSON property `tenant`
1655
+ # @return [String]
1656
+ attr_accessor :tenant
1657
+
1658
+ # Optional. Claim in the AzureAD ID Token that holds the user details.
1659
+ # Corresponds to the JSON property `userClaim`
1660
+ # @return [String]
1661
+ attr_accessor :user_claim
1662
+
1663
+ def initialize(**args)
1664
+ update!(**args)
1665
+ end
1666
+
1667
+ # Update properties of this object
1668
+ def update!(**args)
1669
+ @client_id = args[:client_id] if args.key?(:client_id)
1670
+ @client_secret = args[:client_secret] if args.key?(:client_secret)
1671
+ @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret)
1672
+ @group_format = args[:group_format] if args.key?(:group_format)
1673
+ @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri)
1674
+ @tenant = args[:tenant] if args.key?(:tenant)
1675
+ @user_claim = args[:user_claim] if args.key?(:user_claim)
1676
+ end
1677
+ end
1678
+
1679
+ # Configuration options for the AIS diagnostic interface.
1680
+ class IdentityServiceDiagnosticInterface
1681
+ include Google::Apis::Core::Hashable
1682
+
1683
+ # Determines whether to enable the diagnostic interface.
1684
+ # Corresponds to the JSON property `enabled`
1685
+ # @return [Boolean]
1686
+ attr_accessor :enabled
1687
+ alias_method :enabled?, :enabled
1688
+
1689
+ # Determines the expiration time of the diagnostic interface enablement. When
1690
+ # reached, requests to the interface would be automatically rejected.
1691
+ # Corresponds to the JSON property `expirationTime`
1692
+ # @return [String]
1693
+ attr_accessor :expiration_time
1694
+
1695
+ def initialize(**args)
1696
+ update!(**args)
1697
+ end
1698
+
1699
+ # Update properties of this object
1700
+ def update!(**args)
1701
+ @enabled = args[:enabled] if args.key?(:enabled)
1702
+ @expiration_time = args[:expiration_time] if args.key?(:expiration_time)
1703
+ end
1704
+ end
1705
+
1706
+ # Configuration for the Google Plugin Auth flow.
1707
+ class IdentityServiceGoogleConfig
1708
+ include Google::Apis::Core::Hashable
1709
+
1710
+ # Disable automatic configuration of Google Plugin on supported platforms.
1711
+ # Corresponds to the JSON property `disable`
1712
+ # @return [Boolean]
1713
+ attr_accessor :disable
1714
+ alias_method :disable?, :disable
1715
+
1716
+ def initialize(**args)
1717
+ update!(**args)
1718
+ end
1719
+
1720
+ # Update properties of this object
1721
+ def update!(**args)
1722
+ @disable = args[:disable] if args.key?(:disable)
1723
+ end
1724
+ end
1725
+
1726
+ # Contains the properties for locating and authenticating groups in the
1727
+ # directory.
1728
+ class IdentityServiceGroupConfig
1729
+ include Google::Apis::Core::Hashable
1730
+
1731
+ # Required. The location of the subtree in the LDAP directory to search for
1732
+ # group entries.
1733
+ # Corresponds to the JSON property `baseDn`
1734
+ # @return [String]
1735
+ attr_accessor :base_dn
1736
+
1737
+ # Optional. Optional filter to be used when searching for groups a user belongs
1738
+ # to. This can be used to explicitly match only certain groups in order to
1739
+ # reduce the amount of groups returned for each user. This defaults to "(
1740
+ # objectClass=Group)".
1741
+ # Corresponds to the JSON property `filter`
1742
+ # @return [String]
1743
+ attr_accessor :filter
1744
+
1745
+ # Optional. The identifying name of each group a user belongs to. For example,
1746
+ # if this is set to "distinguishedName" then RBACs and other group expectations
1747
+ # should be written as full DNs. This defaults to "distinguishedName".
1748
+ # Corresponds to the JSON property `idAttribute`
1749
+ # @return [String]
1750
+ attr_accessor :id_attribute
1751
+
1752
+ def initialize(**args)
1753
+ update!(**args)
1754
+ end
1755
+
1756
+ # Update properties of this object
1757
+ def update!(**args)
1758
+ @base_dn = args[:base_dn] if args.key?(:base_dn)
1759
+ @filter = args[:filter] if args.key?(:filter)
1760
+ @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
1761
+ end
1762
+ end
1763
+
1764
+ # Holds non-protocol-related configuration options.
1765
+ class IdentityServiceIdentityServiceOptions
1766
+ include Google::Apis::Core::Hashable
1767
+
1768
+ # Configuration options for the AIS diagnostic interface.
1769
+ # Corresponds to the JSON property `diagnosticInterface`
1770
+ # @return [Google::Apis::GkehubV2::IdentityServiceDiagnosticInterface]
1771
+ attr_accessor :diagnostic_interface
1772
+
1773
+ # Determines the lifespan of STS tokens issued by Anthos Identity Service.
1774
+ # Corresponds to the JSON property `sessionDuration`
1775
+ # @return [String]
1776
+ attr_accessor :session_duration
1777
+
1778
+ def initialize(**args)
1779
+ update!(**args)
1780
+ end
1781
+
1782
+ # Update properties of this object
1783
+ def update!(**args)
1784
+ @diagnostic_interface = args[:diagnostic_interface] if args.key?(:diagnostic_interface)
1785
+ @session_duration = args[:session_duration] if args.key?(:session_duration)
1786
+ end
1787
+ end
1788
+
1789
+ # Configuration for the LDAP Auth flow.
1790
+ class IdentityServiceLdapConfig
1791
+ include Google::Apis::Core::Hashable
1792
+
1793
+ # Contains the properties for locating and authenticating groups in the
1794
+ # directory.
1795
+ # Corresponds to the JSON property `group`
1796
+ # @return [Google::Apis::GkehubV2::IdentityServiceGroupConfig]
1797
+ attr_accessor :group
1798
+
1799
+ # Server settings for the external LDAP server.
1800
+ # Corresponds to the JSON property `server`
1801
+ # @return [Google::Apis::GkehubV2::IdentityServiceServerConfig]
1802
+ attr_accessor :server
1803
+
1804
+ # Contains the credentials of the service account which is authorized to perform
1805
+ # the LDAP search in the directory. The credentials can be supplied by the
1806
+ # combination of the DN and password or the client certificate.
1807
+ # Corresponds to the JSON property `serviceAccount`
1808
+ # @return [Google::Apis::GkehubV2::IdentityServiceServiceAccountConfig]
1809
+ attr_accessor :service_account
1810
+
1811
+ # Defines where users exist in the LDAP directory.
1812
+ # Corresponds to the JSON property `user`
1813
+ # @return [Google::Apis::GkehubV2::IdentityServiceUserConfig]
1814
+ attr_accessor :user
1815
+
1816
+ def initialize(**args)
1817
+ update!(**args)
1818
+ end
1819
+
1820
+ # Update properties of this object
1821
+ def update!(**args)
1822
+ @group = args[:group] if args.key?(:group)
1823
+ @server = args[:server] if args.key?(:server)
1824
+ @service_account = args[:service_account] if args.key?(:service_account)
1825
+ @user = args[:user] if args.key?(:user)
1826
+ end
1827
+ end
1828
+
1829
+ # Configuration for OIDC Auth flow.
1830
+ class IdentityServiceOidcConfig
1831
+ include Google::Apis::Core::Hashable
1832
+
1833
+ # PEM-encoded CA for OIDC provider.
1834
+ # Corresponds to the JSON property `certificateAuthorityData`
1835
+ # @return [String]
1836
+ attr_accessor :certificate_authority_data
1837
+
1838
+ # ID for OIDC client application.
1839
+ # Corresponds to the JSON property `clientId`
1840
+ # @return [String]
1841
+ attr_accessor :client_id
1842
+
1843
+ # Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
1844
+ # Corresponds to the JSON property `clientSecret`
1845
+ # @return [String]
1846
+ attr_accessor :client_secret
1847
+
1848
+ # Flag to denote if reverse proxy is used to connect to auth provider. This flag
1849
+ # should be set to true when provider is not reachable by Google Cloud Console.
1850
+ # Corresponds to the JSON property `deployCloudConsoleProxy`
1851
+ # @return [Boolean]
1852
+ attr_accessor :deploy_cloud_console_proxy
1853
+ alias_method :deploy_cloud_console_proxy?, :deploy_cloud_console_proxy
1854
+
1855
+ # Enable access token.
1856
+ # Corresponds to the JSON property `enableAccessToken`
1857
+ # @return [Boolean]
1858
+ attr_accessor :enable_access_token
1859
+ alias_method :enable_access_token?, :enable_access_token
1860
+
1861
+ # Output only. Encrypted OIDC Client secret
1862
+ # Corresponds to the JSON property `encryptedClientSecret`
1863
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1864
+ # @return [String]
1865
+ attr_accessor :encrypted_client_secret
1866
+
1867
+ # Comma-separated list of key-value pairs.
1868
+ # Corresponds to the JSON property `extraParams`
1869
+ # @return [String]
1870
+ attr_accessor :extra_params
1871
+
1872
+ # Prefix to prepend to group name.
1873
+ # Corresponds to the JSON property `groupPrefix`
1874
+ # @return [String]
1875
+ attr_accessor :group_prefix
1876
+
1877
+ # Claim in OIDC ID token that holds group information.
1878
+ # Corresponds to the JSON property `groupsClaim`
1879
+ # @return [String]
1880
+ attr_accessor :groups_claim
1881
+
1882
+ # URI for the OIDC provider. This should point to the level below .well-known/
1883
+ # openid-configuration.
1884
+ # Corresponds to the JSON property `issuerUri`
1885
+ # @return [String]
1886
+ attr_accessor :issuer_uri
1887
+
1888
+ # Registered redirect uri to redirect users going through OAuth flow using
1889
+ # kubectl plugin.
1890
+ # Corresponds to the JSON property `kubectlRedirectUri`
1891
+ # @return [String]
1892
+ attr_accessor :kubectl_redirect_uri
1893
+
1894
+ # Comma-separated list of identifiers.
1895
+ # Corresponds to the JSON property `scopes`
1896
+ # @return [String]
1897
+ attr_accessor :scopes
1898
+
1899
+ # Claim in OIDC ID token that holds username.
1900
+ # Corresponds to the JSON property `userClaim`
1901
+ # @return [String]
1902
+ attr_accessor :user_claim
1903
+
1904
+ # Prefix to prepend to user name.
1905
+ # Corresponds to the JSON property `userPrefix`
1906
+ # @return [String]
1907
+ attr_accessor :user_prefix
1908
+
1909
+ def initialize(**args)
1910
+ update!(**args)
1911
+ end
1912
+
1913
+ # Update properties of this object
1914
+ def update!(**args)
1915
+ @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data)
1916
+ @client_id = args[:client_id] if args.key?(:client_id)
1917
+ @client_secret = args[:client_secret] if args.key?(:client_secret)
1918
+ @deploy_cloud_console_proxy = args[:deploy_cloud_console_proxy] if args.key?(:deploy_cloud_console_proxy)
1919
+ @enable_access_token = args[:enable_access_token] if args.key?(:enable_access_token)
1920
+ @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret)
1921
+ @extra_params = args[:extra_params] if args.key?(:extra_params)
1922
+ @group_prefix = args[:group_prefix] if args.key?(:group_prefix)
1923
+ @groups_claim = args[:groups_claim] if args.key?(:groups_claim)
1924
+ @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri)
1925
+ @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri)
1926
+ @scopes = args[:scopes] if args.key?(:scopes)
1927
+ @user_claim = args[:user_claim] if args.key?(:user_claim)
1928
+ @user_prefix = args[:user_prefix] if args.key?(:user_prefix)
1929
+ end
1930
+ end
1931
+
1932
+ # Configuration for the SAML Auth flow.
1933
+ class IdentityServiceSamlConfig
1934
+ include Google::Apis::Core::Hashable
1935
+
1936
+ # Optional. The mapping of additional user attributes like nickname, birthday
1937
+ # and address etc.. `key` is the name of this additional attribute. `value` is a
1938
+ # string presenting as CEL(common expression language, go/cel) used for getting
1939
+ # the value from the resources. Take nickname as an example, in this case, `key`
1940
+ # is "attribute.nickname" and `value` is "assertion.nickname".
1941
+ # Corresponds to the JSON property `attributeMapping`
1942
+ # @return [Hash<String,String>]
1943
+ attr_accessor :attribute_mapping
1944
+
1945
+ # Optional. Prefix to prepend to group name.
1946
+ # Corresponds to the JSON property `groupPrefix`
1947
+ # @return [String]
1948
+ attr_accessor :group_prefix
1949
+
1950
+ # Optional. The SAML attribute to read groups from. This value is expected to be
1951
+ # a string and will be passed along as-is (with the option of being prefixed by
1952
+ # the `group_prefix`).
1953
+ # Corresponds to the JSON property `groupsAttribute`
1954
+ # @return [String]
1955
+ attr_accessor :groups_attribute
1956
+
1957
+ # Required. The list of IdP certificates to validate the SAML response against.
1958
+ # Corresponds to the JSON property `identityProviderCertificates`
1959
+ # @return [Array<String>]
1960
+ attr_accessor :identity_provider_certificates
1961
+
1962
+ # Required. The entity ID of the SAML IdP.
1963
+ # Corresponds to the JSON property `identityProviderId`
1964
+ # @return [String]
1965
+ attr_accessor :identity_provider_id
1966
+
1967
+ # Required. The URI where the SAML IdP exposes the SSO service.
1968
+ # Corresponds to the JSON property `identityProviderSsoUri`
1969
+ # @return [String]
1970
+ attr_accessor :identity_provider_sso_uri
1971
+
1972
+ # Optional. The SAML attribute to read username from. If unspecified, the
1973
+ # username will be read from the NameID element of the assertion in SAML
1974
+ # response. This value is expected to be a string and will be passed along as-is
1975
+ # (with the option of being prefixed by the `user_prefix`).
1976
+ # Corresponds to the JSON property `userAttribute`
1977
+ # @return [String]
1978
+ attr_accessor :user_attribute
1979
+
1980
+ # Optional. Prefix to prepend to user name.
1981
+ # Corresponds to the JSON property `userPrefix`
1982
+ # @return [String]
1983
+ attr_accessor :user_prefix
1984
+
1985
+ def initialize(**args)
1986
+ update!(**args)
1987
+ end
1988
+
1989
+ # Update properties of this object
1990
+ def update!(**args)
1991
+ @attribute_mapping = args[:attribute_mapping] if args.key?(:attribute_mapping)
1992
+ @group_prefix = args[:group_prefix] if args.key?(:group_prefix)
1993
+ @groups_attribute = args[:groups_attribute] if args.key?(:groups_attribute)
1994
+ @identity_provider_certificates = args[:identity_provider_certificates] if args.key?(:identity_provider_certificates)
1995
+ @identity_provider_id = args[:identity_provider_id] if args.key?(:identity_provider_id)
1996
+ @identity_provider_sso_uri = args[:identity_provider_sso_uri] if args.key?(:identity_provider_sso_uri)
1997
+ @user_attribute = args[:user_attribute] if args.key?(:user_attribute)
1998
+ @user_prefix = args[:user_prefix] if args.key?(:user_prefix)
1999
+ end
2000
+ end
2001
+
2002
+ # Server settings for the external LDAP server.
2003
+ class IdentityServiceServerConfig
2004
+ include Google::Apis::Core::Hashable
2005
+
2006
+ # Optional. Contains a Base64 encoded, PEM formatted certificate authority
2007
+ # certificate for the LDAP server. This must be provided for the "ldaps" and "
2008
+ # startTLS" connections.
2009
+ # Corresponds to the JSON property `certificateAuthorityData`
2010
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
2011
+ # @return [String]
2012
+ attr_accessor :certificate_authority_data
2013
+
2014
+ # Optional. Defines the connection type to communicate with the LDAP server. If `
2015
+ # starttls` or `ldaps` is specified, the certificate_authority_data should not
2016
+ # be empty.
2017
+ # Corresponds to the JSON property `connectionType`
2018
+ # @return [String]
2019
+ attr_accessor :connection_type
2020
+
2021
+ # Required. Defines the hostname or IP of the LDAP server. Port is optional and
2022
+ # will default to 389, if unspecified. For example, "ldap.server.example" or "10.
2023
+ # 10.10.10:389".
2024
+ # Corresponds to the JSON property `host`
2025
+ # @return [String]
2026
+ attr_accessor :host
2027
+
2028
+ def initialize(**args)
2029
+ update!(**args)
2030
+ end
2031
+
2032
+ # Update properties of this object
2033
+ def update!(**args)
2034
+ @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data)
2035
+ @connection_type = args[:connection_type] if args.key?(:connection_type)
2036
+ @host = args[:host] if args.key?(:host)
2037
+ end
2038
+ end
2039
+
2040
+ # Contains the credentials of the service account which is authorized to perform
2041
+ # the LDAP search in the directory. The credentials can be supplied by the
2042
+ # combination of the DN and password or the client certificate.
2043
+ class IdentityServiceServiceAccountConfig
2044
+ include Google::Apis::Core::Hashable
2045
+
2046
+ # The structure holds the LDAP simple binding credential.
2047
+ # Corresponds to the JSON property `simpleBindCredentials`
2048
+ # @return [Google::Apis::GkehubV2::IdentityServiceSimpleBindCredentials]
2049
+ attr_accessor :simple_bind_credentials
2050
+
2051
+ def initialize(**args)
2052
+ update!(**args)
2053
+ end
2054
+
2055
+ # Update properties of this object
2056
+ def update!(**args)
2057
+ @simple_bind_credentials = args[:simple_bind_credentials] if args.key?(:simple_bind_credentials)
2058
+ end
2059
+ end
2060
+
2061
+ # The structure holds the LDAP simple binding credential.
2062
+ class IdentityServiceSimpleBindCredentials
2063
+ include Google::Apis::Core::Hashable
2064
+
2065
+ # Required. The distinguished name(DN) of the service account object/user.
2066
+ # Corresponds to the JSON property `dn`
2067
+ # @return [String]
2068
+ attr_accessor :dn
2069
+
2070
+ # Output only. The encrypted password of the service account object/user.
2071
+ # Corresponds to the JSON property `encryptedPassword`
2072
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
2073
+ # @return [String]
2074
+ attr_accessor :encrypted_password
2075
+
2076
+ # Required. Input only. The password of the service account object/user.
2077
+ # Corresponds to the JSON property `password`
2078
+ # @return [String]
2079
+ attr_accessor :password
2080
+
2081
+ def initialize(**args)
2082
+ update!(**args)
2083
+ end
2084
+
2085
+ # Update properties of this object
2086
+ def update!(**args)
2087
+ @dn = args[:dn] if args.key?(:dn)
2088
+ @encrypted_password = args[:encrypted_password] if args.key?(:encrypted_password)
2089
+ @password = args[:password] if args.key?(:password)
2090
+ end
2091
+ end
2092
+
2093
+ # **IdentityService**: Configuration for a single membership.
2094
+ class IdentityServiceSpec
2095
+ include Google::Apis::Core::Hashable
2096
+
2097
+ # A member may support multiple auth methods.
2098
+ # Corresponds to the JSON property `authMethods`
2099
+ # @return [Array<Google::Apis::GkehubV2::IdentityServiceAuthMethod>]
2100
+ attr_accessor :auth_methods
2101
+
2102
+ # Holds non-protocol-related configuration options.
2103
+ # Corresponds to the JSON property `identityServiceOptions`
2104
+ # @return [Google::Apis::GkehubV2::IdentityServiceIdentityServiceOptions]
2105
+ attr_accessor :identity_service_options
2106
+
2107
+ def initialize(**args)
2108
+ update!(**args)
2109
+ end
2110
+
2111
+ # Update properties of this object
2112
+ def update!(**args)
2113
+ @auth_methods = args[:auth_methods] if args.key?(:auth_methods)
2114
+ @identity_service_options = args[:identity_service_options] if args.key?(:identity_service_options)
2115
+ end
2116
+ end
2117
+
2118
+ # **IdentityService**: State for a single membership, analyzed and reported by
2119
+ # feature controller.
2120
+ class IdentityServiceState
2121
+ include Google::Apis::Core::Hashable
2122
+
2123
+ # The reason of the failure.
2124
+ # Corresponds to the JSON property `failureReason`
2125
+ # @return [String]
2126
+ attr_accessor :failure_reason
2127
+
2128
+ # Installed AIS version. This is the AIS version installed on this member. The
2129
+ # values makes sense iff state is OK.
2130
+ # Corresponds to the JSON property `installedVersion`
2131
+ # @return [String]
2132
+ attr_accessor :installed_version
2133
+
2134
+ # **IdentityService**: Configuration for a single membership.
2135
+ # Corresponds to the JSON property `memberConfig`
2136
+ # @return [Google::Apis::GkehubV2::IdentityServiceSpec]
2137
+ attr_accessor :member_config
2138
+
2139
+ # Deployment state on this member
2140
+ # Corresponds to the JSON property `state`
2141
+ # @return [String]
2142
+ attr_accessor :state
2143
+
2144
+ def initialize(**args)
2145
+ update!(**args)
2146
+ end
2147
+
2148
+ # Update properties of this object
2149
+ def update!(**args)
2150
+ @failure_reason = args[:failure_reason] if args.key?(:failure_reason)
2151
+ @installed_version = args[:installed_version] if args.key?(:installed_version)
2152
+ @member_config = args[:member_config] if args.key?(:member_config)
2153
+ @state = args[:state] if args.key?(:state)
2154
+ end
2155
+ end
2156
+
2157
+ # Defines where users exist in the LDAP directory.
2158
+ class IdentityServiceUserConfig
2159
+ include Google::Apis::Core::Hashable
2160
+
2161
+ # Required. The location of the subtree in the LDAP directory to search for user
2162
+ # entries.
2163
+ # Corresponds to the JSON property `baseDn`
2164
+ # @return [String]
2165
+ attr_accessor :base_dn
2166
+
2167
+ # Optional. Filter to apply when searching for the user. This can be used to
2168
+ # further restrict the user accounts which are allowed to login. This defaults
2169
+ # to "(objectClass=User)".
2170
+ # Corresponds to the JSON property `filter`
2171
+ # @return [String]
2172
+ attr_accessor :filter
2173
+
2174
+ # Optional. Determines which attribute to use as the user's identity after they
2175
+ # are authenticated. This is distinct from the loginAttribute field to allow
2176
+ # users to login with a username, but then have their actual identifier be an
2177
+ # email address or full Distinguished Name (DN). For example, setting
2178
+ # loginAttribute to "sAMAccountName" and identifierAttribute to "
2179
+ # userPrincipalName" would allow a user to login as "bsmith", but actual RBAC
2180
+ # policies for the user would be written as "bsmith@example.com". Using "
2181
+ # userPrincipalName" is recommended since this will be unique for each user.
2182
+ # This defaults to "userPrincipalName".
2183
+ # Corresponds to the JSON property `idAttribute`
2184
+ # @return [String]
2185
+ attr_accessor :id_attribute
2186
+
2187
+ # Optional. The name of the attribute which matches against the input username.
2188
+ # This is used to find the user in the LDAP database e.g. "(=)" and is combined
2189
+ # with the optional filter field. This defaults to "userPrincipalName".
2190
+ # Corresponds to the JSON property `loginAttribute`
2191
+ # @return [String]
2192
+ attr_accessor :login_attribute
2193
+
2194
+ def initialize(**args)
2195
+ update!(**args)
2196
+ end
2197
+
2198
+ # Update properties of this object
2199
+ def update!(**args)
2200
+ @base_dn = args[:base_dn] if args.key?(:base_dn)
2201
+ @filter = args[:filter] if args.key?(:filter)
2202
+ @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
2203
+ @login_attribute = args[:login_attribute] if args.key?(:login_attribute)
2204
+ end
2205
+ end
2206
+
2207
+ # LifecycleState describes the state of a MembershipFeature *resource* in the
2208
+ # GkeHub API. See `FeatureState` for the "running state" of the
2209
+ # MembershipFeature.
2210
+ class LifecycleState
2211
+ include Google::Apis::Core::Hashable
2212
+
2213
+ # Output only. The current state of the Feature resource in the Hub API.
2214
+ # Corresponds to the JSON property `state`
2215
+ # @return [String]
2216
+ attr_accessor :state
2217
+
2218
+ def initialize(**args)
2219
+ update!(**args)
2220
+ end
2221
+
2222
+ # Update properties of this object
2223
+ def update!(**args)
2224
+ @state = args[:state] if args.key?(:state)
2225
+ end
2226
+ end
2227
+
2228
+ # The response message for Locations.ListLocations.
2229
+ class ListLocationsResponse
2230
+ include Google::Apis::Core::Hashable
2231
+
2232
+ # A list of locations that matches the specified filter in the request.
2233
+ # Corresponds to the JSON property `locations`
2234
+ # @return [Array<Google::Apis::GkehubV2::Location>]
2235
+ attr_accessor :locations
2236
+
2237
+ # The standard List next-page token.
2238
+ # Corresponds to the JSON property `nextPageToken`
2239
+ # @return [String]
2240
+ attr_accessor :next_page_token
2241
+
2242
+ def initialize(**args)
2243
+ update!(**args)
2244
+ end
2245
+
2246
+ # Update properties of this object
2247
+ def update!(**args)
2248
+ @locations = args[:locations] if args.key?(:locations)
2249
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2250
+ end
2251
+ end
2252
+
2253
+ # Response message for the `GkeHubFeature.ListMembershipFeatures` method.
2254
+ class ListMembershipFeaturesResponse
2255
+ include Google::Apis::Core::Hashable
2256
+
2257
+ # The list of matching MembershipFeatures.
2258
+ # Corresponds to the JSON property `membershipFeatures`
2259
+ # @return [Array<Google::Apis::GkehubV2::MembershipFeature>]
2260
+ attr_accessor :membership_features
2261
+
2262
+ # A token to request the next page of resources from the `ListMembershipFeatures`
2263
+ # method. The value of an empty string means that there are no more resources
2264
+ # to return.
2265
+ # Corresponds to the JSON property `nextPageToken`
2266
+ # @return [String]
2267
+ attr_accessor :next_page_token
2268
+
2269
+ # List of locations that could not be reached while fetching this list.
2270
+ # Corresponds to the JSON property `unreachable`
2271
+ # @return [Array<String>]
2272
+ attr_accessor :unreachable
2273
+
2274
+ def initialize(**args)
2275
+ update!(**args)
2276
+ end
2277
+
2278
+ # Update properties of this object
2279
+ def update!(**args)
2280
+ @membership_features = args[:membership_features] if args.key?(:membership_features)
2281
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2282
+ @unreachable = args[:unreachable] if args.key?(:unreachable)
2283
+ end
2284
+ end
2285
+
2286
+ # The response message for Operations.ListOperations.
2287
+ class ListOperationsResponse
2288
+ include Google::Apis::Core::Hashable
2289
+
2290
+ # The standard List next-page token.
2291
+ # Corresponds to the JSON property `nextPageToken`
2292
+ # @return [String]
2293
+ attr_accessor :next_page_token
2294
+
2295
+ # A list of operations that matches the specified filter in the request.
2296
+ # Corresponds to the JSON property `operations`
2297
+ # @return [Array<Google::Apis::GkehubV2::Operation>]
2298
+ attr_accessor :operations
2299
+
2300
+ def initialize(**args)
2301
+ update!(**args)
2302
+ end
2303
+
2304
+ # Update properties of this object
2305
+ def update!(**args)
2306
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
2307
+ @operations = args[:operations] if args.key?(:operations)
2308
+ end
2309
+ end
2310
+
2311
+ # A resource that represents a Google Cloud location.
2312
+ class Location
2313
+ include Google::Apis::Core::Hashable
2314
+
2315
+ # The friendly name for this location, typically a nearby city name. For example,
2316
+ # "Tokyo".
2317
+ # Corresponds to the JSON property `displayName`
2318
+ # @return [String]
2319
+ attr_accessor :display_name
2320
+
2321
+ # Cross-service attributes for the location. For example `"cloud.googleapis.com/
2322
+ # region": "us-east1"`
2323
+ # Corresponds to the JSON property `labels`
2324
+ # @return [Hash<String,String>]
2325
+ attr_accessor :labels
2326
+
2327
+ # The canonical id for this location. For example: `"us-east1"`.
2328
+ # Corresponds to the JSON property `locationId`
2329
+ # @return [String]
2330
+ attr_accessor :location_id
2331
+
2332
+ # Service-specific metadata. For example the available capacity at the given
2333
+ # location.
2334
+ # Corresponds to the JSON property `metadata`
2335
+ # @return [Hash<String,Object>]
2336
+ attr_accessor :metadata
2337
+
2338
+ # Resource name for the location, which may vary between implementations. For
2339
+ # example: `"projects/example-project/locations/us-east1"`
2340
+ # Corresponds to the JSON property `name`
2341
+ # @return [String]
2342
+ attr_accessor :name
2343
+
2344
+ def initialize(**args)
2345
+ update!(**args)
2346
+ end
2347
+
2348
+ # Update properties of this object
2349
+ def update!(**args)
2350
+ @display_name = args[:display_name] if args.key?(:display_name)
2351
+ @labels = args[:labels] if args.key?(:labels)
2352
+ @location_id = args[:location_id] if args.key?(:location_id)
2353
+ @metadata = args[:metadata] if args.key?(:metadata)
2354
+ @name = args[:name] if args.key?(:name)
2355
+ end
2356
+ end
2357
+
2358
+ # MembershipFeature represents the settings and status of a Fleet Feature
2359
+ # enabled on a single Fleet Membership.
2360
+ class MembershipFeature
2361
+ include Google::Apis::Core::Hashable
2362
+
2363
+ # Output only. When the MembershipFeature resource was created.
2364
+ # Corresponds to the JSON property `createTime`
2365
+ # @return [String]
2366
+ attr_accessor :create_time
2367
+
2368
+ # Output only. When the MembershipFeature resource was deleted.
2369
+ # Corresponds to the JSON property `deleteTime`
2370
+ # @return [String]
2371
+ attr_accessor :delete_time
2372
+
2373
+ # Information of the FeatureConfig applied on the MembershipFeature.
2374
+ # Corresponds to the JSON property `featureConfigRef`
2375
+ # @return [Google::Apis::GkehubV2::FeatureConfigRef]
2376
+ attr_accessor :feature_config_ref
2377
+
2378
+ # GCP labels for this MembershipFeature.
2379
+ # Corresponds to the JSON property `labels`
2380
+ # @return [Hash<String,String>]
2381
+ attr_accessor :labels
2382
+
2383
+ # LifecycleState describes the state of a MembershipFeature *resource* in the
2384
+ # GkeHub API. See `FeatureState` for the "running state" of the
2385
+ # MembershipFeature.
2386
+ # Corresponds to the JSON property `lifecycleState`
2387
+ # @return [Google::Apis::GkehubV2::LifecycleState]
2388
+ attr_accessor :lifecycle_state
2389
+
2390
+ # Output only. The resource name of the membershipFeature, in the format: `
2391
+ # projects/`project`/locations/`location`/memberships/`membership`/features/`
2392
+ # feature``. Note that `membershipFeatures` is shortened to `features` in the
2393
+ # resource name. (see http://go/aip/122#collection-identifiers)
2394
+ # Corresponds to the JSON property `name`
2395
+ # @return [String]
2396
+ attr_accessor :name
2397
+
2398
+ # FeatureSpec contains user input per-feature spec information.
2399
+ # Corresponds to the JSON property `spec`
2400
+ # @return [Google::Apis::GkehubV2::FeatureSpec]
2401
+ attr_accessor :spec
2402
+
2403
+ # FeatureState contains high-level state information and per-feature state
2404
+ # information for this MembershipFeature.
2405
+ # Corresponds to the JSON property `state`
2406
+ # @return [Google::Apis::GkehubV2::FeatureState]
2407
+ attr_accessor :state
2408
+
2409
+ # Output only. When the MembershipFeature resource was last updated.
2410
+ # Corresponds to the JSON property `updateTime`
2411
+ # @return [String]
2412
+ attr_accessor :update_time
2413
+
2414
+ def initialize(**args)
2415
+ update!(**args)
2416
+ end
2417
+
2418
+ # Update properties of this object
2419
+ def update!(**args)
2420
+ @create_time = args[:create_time] if args.key?(:create_time)
2421
+ @delete_time = args[:delete_time] if args.key?(:delete_time)
2422
+ @feature_config_ref = args[:feature_config_ref] if args.key?(:feature_config_ref)
2423
+ @labels = args[:labels] if args.key?(:labels)
2424
+ @lifecycle_state = args[:lifecycle_state] if args.key?(:lifecycle_state)
2425
+ @name = args[:name] if args.key?(:name)
2426
+ @spec = args[:spec] if args.key?(:spec)
2427
+ @state = args[:state] if args.key?(:state)
2428
+ @update_time = args[:update_time] if args.key?(:update_time)
2429
+ end
2430
+ end
2431
+
2432
+ # **Metering**: State for a single membership, analyzed and reported by feature
2433
+ # controller.
2434
+ class MeteringState
2435
+ include Google::Apis::Core::Hashable
2436
+
2437
+ # The time stamp of the most recent measurement of the number of vCPUs in the
2438
+ # cluster.
2439
+ # Corresponds to the JSON property `lastMeasurementTime`
2440
+ # @return [String]
2441
+ attr_accessor :last_measurement_time
2442
+
2443
+ # The vCPUs capacity in the cluster according to the most recent measurement (1/
2444
+ # 1000 precision).
2445
+ # Corresponds to the JSON property `preciseLastMeasuredClusterVcpuCapacity`
2446
+ # @return [Float]
2447
+ attr_accessor :precise_last_measured_cluster_vcpu_capacity
2448
+
2449
+ def initialize(**args)
2450
+ update!(**args)
2451
+ end
2452
+
2453
+ # Update properties of this object
2454
+ def update!(**args)
2455
+ @last_measurement_time = args[:last_measurement_time] if args.key?(:last_measurement_time)
2456
+ @precise_last_measured_cluster_vcpu_capacity = args[:precise_last_measured_cluster_vcpu_capacity] if args.key?(:precise_last_measured_cluster_vcpu_capacity)
2457
+ end
2458
+ end
2459
+
2460
+ # This resource represents a long-running operation that is the result of a
2461
+ # network API call.
2462
+ class Operation
2463
+ include Google::Apis::Core::Hashable
2464
+
2465
+ # If the value is `false`, it means the operation is still in progress. If `true`
2466
+ # , the operation is completed, and either `error` or `response` is available.
2467
+ # Corresponds to the JSON property `done`
2468
+ # @return [Boolean]
2469
+ attr_accessor :done
2470
+ alias_method :done?, :done
2471
+
2472
+ # The `Status` type defines a logical error model that is suitable for different
2473
+ # programming environments, including REST APIs and RPC APIs. It is used by [
2474
+ # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
2475
+ # data: error code, error message, and error details. You can find out more
2476
+ # about this error model and how to work with it in the [API Design Guide](https:
2477
+ # //cloud.google.com/apis/design/errors).
2478
+ # Corresponds to the JSON property `error`
2479
+ # @return [Google::Apis::GkehubV2::GoogleRpcStatus]
2480
+ attr_accessor :error
2481
+
2482
+ # Service-specific metadata associated with the operation. It typically contains
2483
+ # progress information and common metadata such as create time. Some services
2484
+ # might not provide such metadata. Any method that returns a long-running
2485
+ # operation should document the metadata type, if any.
2486
+ # Corresponds to the JSON property `metadata`
2487
+ # @return [Hash<String,Object>]
2488
+ attr_accessor :metadata
2489
+
2490
+ # The server-assigned name, which is only unique within the same service that
2491
+ # originally returns it. If you use the default HTTP mapping, the `name` should
2492
+ # be a resource name ending with `operations/`unique_id``.
2493
+ # Corresponds to the JSON property `name`
2494
+ # @return [String]
2495
+ attr_accessor :name
2496
+
2497
+ # The normal, successful response of the operation. If the original method
2498
+ # returns no data on success, such as `Delete`, the response is `google.protobuf.
2499
+ # Empty`. If the original method is standard `Get`/`Create`/`Update`, the
2500
+ # response should be the resource. For other methods, the response should have
2501
+ # the type `XxxResponse`, where `Xxx` is the original method name. For example,
2502
+ # if the original method name is `TakeSnapshot()`, the inferred response type is
2503
+ # `TakeSnapshotResponse`.
2504
+ # Corresponds to the JSON property `response`
2505
+ # @return [Hash<String,Object>]
2506
+ attr_accessor :response
2507
+
2508
+ def initialize(**args)
2509
+ update!(**args)
2510
+ end
2511
+
2512
+ # Update properties of this object
2513
+ def update!(**args)
2514
+ @done = args[:done] if args.key?(:done)
2515
+ @error = args[:error] if args.key?(:error)
2516
+ @metadata = args[:metadata] if args.key?(:metadata)
2517
+ @name = args[:name] if args.key?(:name)
2518
+ @response = args[:response] if args.key?(:response)
2519
+ end
2520
+ end
2521
+
2522
+ # Metadata of the long-running operation.
2523
+ class OperationMetadata
2524
+ include Google::Apis::Core::Hashable
2525
+
2526
+ # Output only. API version used to start the operation.
2527
+ # Corresponds to the JSON property `apiVersion`
2528
+ # @return [String]
2529
+ attr_accessor :api_version
2530
+
2531
+ # Output only. Identifies whether the user has requested cancellation of the
2532
+ # operation. Operations that have successfully been cancelled have Operation.
2533
+ # error value with a google.rpc.Status.code of 1, corresponding to `Code.
2534
+ # CANCELLED`.
2535
+ # Corresponds to the JSON property `cancelRequested`
2536
+ # @return [Boolean]
2537
+ attr_accessor :cancel_requested
2538
+ alias_method :cancel_requested?, :cancel_requested
2539
+
2540
+ # Output only. The time the operation was created.
2541
+ # Corresponds to the JSON property `createTime`
2542
+ # @return [String]
2543
+ attr_accessor :create_time
2544
+
2545
+ # Output only. The time the operation finished running.
2546
+ # Corresponds to the JSON property `endTime`
2547
+ # @return [String]
2548
+ attr_accessor :end_time
2549
+
2550
+ # Output only. Human-readable status of the operation, if any.
2551
+ # Corresponds to the JSON property `statusDetail`
2552
+ # @return [String]
2553
+ attr_accessor :status_detail
2554
+
2555
+ # Output only. Server-defined resource path for the target of the operation.
2556
+ # Corresponds to the JSON property `target`
2557
+ # @return [String]
2558
+ attr_accessor :target
2559
+
2560
+ # Output only. Name of the verb executed by the operation.
2561
+ # Corresponds to the JSON property `verb`
2562
+ # @return [String]
2563
+ attr_accessor :verb
2564
+
2565
+ def initialize(**args)
2566
+ update!(**args)
2567
+ end
2568
+
2569
+ # Update properties of this object
2570
+ def update!(**args)
2571
+ @api_version = args[:api_version] if args.key?(:api_version)
2572
+ @cancel_requested = args[:cancel_requested] if args.key?(:cancel_requested)
2573
+ @create_time = args[:create_time] if args.key?(:create_time)
2574
+ @end_time = args[:end_time] if args.key?(:end_time)
2575
+ @status_detail = args[:status_detail] if args.key?(:status_detail)
2576
+ @target = args[:target] if args.key?(:target)
2577
+ @verb = args[:verb] if args.key?(:verb)
2578
+ end
2579
+ end
2580
+
2581
+ # Origin defines where this FeatureSpec originated from.
2582
+ class Origin
2583
+ include Google::Apis::Core::Hashable
2584
+
2585
+ # Type specifies which type of origin is set.
2586
+ # Corresponds to the JSON property `type`
2587
+ # @return [String]
2588
+ attr_accessor :type
2589
+
2590
+ def initialize(**args)
2591
+ update!(**args)
2592
+ end
2593
+
2594
+ # Update properties of this object
2595
+ def update!(**args)
2596
+ @type = args[:type] if args.key?(:type)
2597
+ end
2598
+ end
2599
+
2600
+ # BundleInstallSpec is the specification configuration for a single managed
2601
+ # bundle.
2602
+ class PolicyControllerBundleInstallSpec
2603
+ include Google::Apis::Core::Hashable
2604
+
2605
+ # the set of namespaces to be exempted from the bundle
2606
+ # Corresponds to the JSON property `exemptedNamespaces`
2607
+ # @return [Array<String>]
2608
+ attr_accessor :exempted_namespaces
2609
+
2610
+ def initialize(**args)
2611
+ update!(**args)
2612
+ end
2613
+
2614
+ # Update properties of this object
2615
+ def update!(**args)
2616
+ @exempted_namespaces = args[:exempted_namespaces] if args.key?(:exempted_namespaces)
2617
+ end
2618
+ end
2619
+
2620
+ # Configuration for Policy Controller
2621
+ class PolicyControllerHubConfig
2622
+ include Google::Apis::Core::Hashable
2623
+
2624
+ # Sets the interval for Policy Controller Audit Scans (in seconds). When set to
2625
+ # 0, this disables audit functionality altogether.
2626
+ # Corresponds to the JSON property `auditIntervalSeconds`
2627
+ # @return [Fixnum]
2628
+ attr_accessor :audit_interval_seconds
2629
+
2630
+ # The maximum number of audit violations to be stored in a constraint. If not
2631
+ # set, the internal default (currently 20) will be used.
2632
+ # Corresponds to the JSON property `constraintViolationLimit`
2633
+ # @return [Fixnum]
2634
+ attr_accessor :constraint_violation_limit
2635
+
2636
+ # Map of deployment configs to deployments (“admission”, “audit”, “mutation”).
2637
+ # Corresponds to the JSON property `deploymentConfigs`
2638
+ # @return [Hash<String,Google::Apis::GkehubV2::PolicyControllerPolicyControllerDeploymentConfig>]
2639
+ attr_accessor :deployment_configs
2640
+
2641
+ # The set of namespaces that are excluded from Policy Controller checks.
2642
+ # Namespaces do not need to currently exist on the cluster.
2643
+ # Corresponds to the JSON property `exemptableNamespaces`
2644
+ # @return [Array<String>]
2645
+ attr_accessor :exemptable_namespaces
2646
+
2647
+ # The install_spec represents the intended state specified by the latest request
2648
+ # that mutated install_spec in the feature spec, not the lifecycle state of the
2649
+ # feature observed by the Hub feature controller that is reported in the feature
2650
+ # state.
2651
+ # Corresponds to the JSON property `installSpec`
2652
+ # @return [String]
2653
+ attr_accessor :install_spec
2654
+
2655
+ # Logs all denies and dry run failures.
2656
+ # Corresponds to the JSON property `logDeniesEnabled`
2657
+ # @return [Boolean]
2658
+ attr_accessor :log_denies_enabled
2659
+ alias_method :log_denies_enabled?, :log_denies_enabled
2660
+
2661
+ # MonitoringConfig specifies the backends Policy Controller should export
2662
+ # metrics to. For example, to specify metrics should be exported to Cloud
2663
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
2664
+ # Corresponds to the JSON property `monitoring`
2665
+ # @return [Google::Apis::GkehubV2::PolicyControllerMonitoringConfig]
2666
+ attr_accessor :monitoring
2667
+
2668
+ # Enables the ability to mutate resources using Policy Controller.
2669
+ # Corresponds to the JSON property `mutationEnabled`
2670
+ # @return [Boolean]
2671
+ attr_accessor :mutation_enabled
2672
+ alias_method :mutation_enabled?, :mutation_enabled
2673
+
2674
+ # PolicyContentSpec defines the user's desired content configuration on the
2675
+ # cluster.
2676
+ # Corresponds to the JSON property `policyContent`
2677
+ # @return [Google::Apis::GkehubV2::PolicyControllerPolicyContentSpec]
2678
+ attr_accessor :policy_content
2679
+
2680
+ # Enables the ability to use Constraint Templates that reference to objects
2681
+ # other than the object currently being evaluated.
2682
+ # Corresponds to the JSON property `referentialRulesEnabled`
2683
+ # @return [Boolean]
2684
+ attr_accessor :referential_rules_enabled
2685
+ alias_method :referential_rules_enabled?, :referential_rules_enabled
2686
+
2687
+ def initialize(**args)
2688
+ update!(**args)
2689
+ end
2690
+
2691
+ # Update properties of this object
2692
+ def update!(**args)
2693
+ @audit_interval_seconds = args[:audit_interval_seconds] if args.key?(:audit_interval_seconds)
2694
+ @constraint_violation_limit = args[:constraint_violation_limit] if args.key?(:constraint_violation_limit)
2695
+ @deployment_configs = args[:deployment_configs] if args.key?(:deployment_configs)
2696
+ @exemptable_namespaces = args[:exemptable_namespaces] if args.key?(:exemptable_namespaces)
2697
+ @install_spec = args[:install_spec] if args.key?(:install_spec)
2698
+ @log_denies_enabled = args[:log_denies_enabled] if args.key?(:log_denies_enabled)
2699
+ @monitoring = args[:monitoring] if args.key?(:monitoring)
2700
+ @mutation_enabled = args[:mutation_enabled] if args.key?(:mutation_enabled)
2701
+ @policy_content = args[:policy_content] if args.key?(:policy_content)
2702
+ @referential_rules_enabled = args[:referential_rules_enabled] if args.key?(:referential_rules_enabled)
2703
+ end
2704
+ end
2705
+
2706
+ # MonitoringConfig specifies the backends Policy Controller should export
2707
+ # metrics to. For example, to specify metrics should be exported to Cloud
2708
+ # Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]
2709
+ class PolicyControllerMonitoringConfig
2710
+ include Google::Apis::Core::Hashable
2711
+
2712
+ # Specifies the list of backends Policy Controller will export to. An empty list
2713
+ # would effectively disable metrics export.
2714
+ # Corresponds to the JSON property `backends`
2715
+ # @return [Array<String>]
2716
+ attr_accessor :backends
2717
+
2718
+ def initialize(**args)
2719
+ update!(**args)
2720
+ end
2721
+
2722
+ # Update properties of this object
2723
+ def update!(**args)
2724
+ @backends = args[:backends] if args.key?(:backends)
2725
+ end
2726
+ end
2727
+
2728
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2729
+ class PolicyControllerOnClusterState
2730
+ include Google::Apis::Core::Hashable
2731
+
2732
+ # Surface potential errors or information logs.
2733
+ # Corresponds to the JSON property `details`
2734
+ # @return [String]
2735
+ attr_accessor :details
2736
+
2737
+ # The lifecycle state of this component.
2738
+ # Corresponds to the JSON property `state`
2739
+ # @return [String]
2740
+ attr_accessor :state
2741
+
2742
+ def initialize(**args)
2743
+ update!(**args)
2744
+ end
2745
+
2746
+ # Update properties of this object
2747
+ def update!(**args)
2748
+ @details = args[:details] if args.key?(:details)
2749
+ @state = args[:state] if args.key?(:state)
2750
+ end
2751
+ end
2752
+
2753
+ # PolicyContentSpec defines the user's desired content configuration on the
2754
+ # cluster.
2755
+ class PolicyControllerPolicyContentSpec
2756
+ include Google::Apis::Core::Hashable
2757
+
2758
+ # map of bundle name to BundleInstallSpec. The bundle name maps to the `
2759
+ # bundleName` key in the `policycontroller.gke.io/constraintData` annotation on
2760
+ # a constraint.
2761
+ # Corresponds to the JSON property `bundles`
2762
+ # @return [Hash<String,Google::Apis::GkehubV2::PolicyControllerBundleInstallSpec>]
2763
+ attr_accessor :bundles
2764
+
2765
+ # The config specifying which default library templates to install.
2766
+ # Corresponds to the JSON property `templateLibrary`
2767
+ # @return [Google::Apis::GkehubV2::PolicyControllerTemplateLibraryConfig]
2768
+ attr_accessor :template_library
2769
+
2770
+ def initialize(**args)
2771
+ update!(**args)
2772
+ end
2773
+
2774
+ # Update properties of this object
2775
+ def update!(**args)
2776
+ @bundles = args[:bundles] if args.key?(:bundles)
2777
+ @template_library = args[:template_library] if args.key?(:template_library)
2778
+ end
2779
+ end
2780
+
2781
+ # The state of the policy controller policy content
2782
+ class PolicyControllerPolicyContentState
2783
+ include Google::Apis::Core::Hashable
2784
+
2785
+ # The state of the any bundles included in the chosen version of the manifest
2786
+ # Corresponds to the JSON property `bundleStates`
2787
+ # @return [Hash<String,Google::Apis::GkehubV2::PolicyControllerOnClusterState>]
2788
+ attr_accessor :bundle_states
2789
+
2790
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2791
+ # Corresponds to the JSON property `referentialSyncConfigState`
2792
+ # @return [Google::Apis::GkehubV2::PolicyControllerOnClusterState]
2793
+ attr_accessor :referential_sync_config_state
2794
+
2795
+ # OnClusterState represents the state of a sub-component of Policy Controller.
2796
+ # Corresponds to the JSON property `templateLibraryState`
2797
+ # @return [Google::Apis::GkehubV2::PolicyControllerOnClusterState]
2798
+ attr_accessor :template_library_state
2799
+
2800
+ def initialize(**args)
2801
+ update!(**args)
2802
+ end
2803
+
2804
+ # Update properties of this object
2805
+ def update!(**args)
2806
+ @bundle_states = args[:bundle_states] if args.key?(:bundle_states)
2807
+ @referential_sync_config_state = args[:referential_sync_config_state] if args.key?(:referential_sync_config_state)
2808
+ @template_library_state = args[:template_library_state] if args.key?(:template_library_state)
2809
+ end
2810
+ end
2811
+
2812
+ # Deployment-specific configuration.
2813
+ class PolicyControllerPolicyControllerDeploymentConfig
2814
+ include Google::Apis::Core::Hashable
2815
+
2816
+ # ResourceRequirements describes the compute resource requirements.
2817
+ # Corresponds to the JSON property `containerResources`
2818
+ # @return [Google::Apis::GkehubV2::PolicyControllerResourceRequirements]
2819
+ attr_accessor :container_resources
2820
+
2821
+ # Pod affinity configuration.
2822
+ # Corresponds to the JSON property `podAffinity`
2823
+ # @return [String]
2824
+ attr_accessor :pod_affinity
2825
+
2826
+ # Pod anti-affinity enablement. Deprecated: use `pod_affinity` instead.
2827
+ # Corresponds to the JSON property `podAntiAffinity`
2828
+ # @return [Boolean]
2829
+ attr_accessor :pod_anti_affinity
2830
+ alias_method :pod_anti_affinity?, :pod_anti_affinity
2831
+
2832
+ # Pod tolerations of node taints.
2833
+ # Corresponds to the JSON property `podTolerations`
2834
+ # @return [Array<Google::Apis::GkehubV2::PolicyControllerToleration>]
2835
+ attr_accessor :pod_tolerations
2836
+
2837
+ # Pod replica count.
2838
+ # Corresponds to the JSON property `replicaCount`
2839
+ # @return [Fixnum]
2840
+ attr_accessor :replica_count
2841
+
2842
+ def initialize(**args)
2843
+ update!(**args)
2844
+ end
2845
+
2846
+ # Update properties of this object
2847
+ def update!(**args)
2848
+ @container_resources = args[:container_resources] if args.key?(:container_resources)
2849
+ @pod_affinity = args[:pod_affinity] if args.key?(:pod_affinity)
2850
+ @pod_anti_affinity = args[:pod_anti_affinity] if args.key?(:pod_anti_affinity)
2851
+ @pod_tolerations = args[:pod_tolerations] if args.key?(:pod_tolerations)
2852
+ @replica_count = args[:replica_count] if args.key?(:replica_count)
2853
+ end
2854
+ end
2855
+
2856
+ # ResourceList contains container resource requirements.
2857
+ class PolicyControllerResourceList
2858
+ include Google::Apis::Core::Hashable
2859
+
2860
+ # CPU requirement expressed in Kubernetes resource units.
2861
+ # Corresponds to the JSON property `cpu`
2862
+ # @return [String]
2863
+ attr_accessor :cpu
2864
+
2865
+ # Memory requirement expressed in Kubernetes resource units.
2866
+ # Corresponds to the JSON property `memory`
2867
+ # @return [String]
2868
+ attr_accessor :memory
2869
+
2870
+ def initialize(**args)
2871
+ update!(**args)
2872
+ end
2873
+
2874
+ # Update properties of this object
2875
+ def update!(**args)
2876
+ @cpu = args[:cpu] if args.key?(:cpu)
2877
+ @memory = args[:memory] if args.key?(:memory)
2878
+ end
2879
+ end
2880
+
2881
+ # ResourceRequirements describes the compute resource requirements.
2882
+ class PolicyControllerResourceRequirements
2883
+ include Google::Apis::Core::Hashable
2884
+
2885
+ # ResourceList contains container resource requirements.
2886
+ # Corresponds to the JSON property `limits`
2887
+ # @return [Google::Apis::GkehubV2::PolicyControllerResourceList]
2888
+ attr_accessor :limits
2889
+
2890
+ # ResourceList contains container resource requirements.
2891
+ # Corresponds to the JSON property `requests`
2892
+ # @return [Google::Apis::GkehubV2::PolicyControllerResourceList]
2893
+ attr_accessor :requests
2894
+
2895
+ def initialize(**args)
2896
+ update!(**args)
2897
+ end
2898
+
2899
+ # Update properties of this object
2900
+ def update!(**args)
2901
+ @limits = args[:limits] if args.key?(:limits)
2902
+ @requests = args[:requests] if args.key?(:requests)
2903
+ end
2904
+ end
2905
+
2906
+ # **Policy Controller**: Configuration for a single cluster. Intended to
2907
+ # parallel the PolicyController CR.
2908
+ class PolicyControllerSpec
2909
+ include Google::Apis::Core::Hashable
2910
+
2911
+ # Configuration for Policy Controller
2912
+ # Corresponds to the JSON property `policyControllerHubConfig`
2913
+ # @return [Google::Apis::GkehubV2::PolicyControllerHubConfig]
2914
+ attr_accessor :policy_controller_hub_config
2915
+
2916
+ # Version of Policy Controller installed.
2917
+ # Corresponds to the JSON property `version`
2918
+ # @return [String]
2919
+ attr_accessor :version
2920
+
2921
+ def initialize(**args)
2922
+ update!(**args)
2923
+ end
2924
+
2925
+ # Update properties of this object
2926
+ def update!(**args)
2927
+ @policy_controller_hub_config = args[:policy_controller_hub_config] if args.key?(:policy_controller_hub_config)
2928
+ @version = args[:version] if args.key?(:version)
2929
+ end
2930
+ end
2931
+
2932
+ # **Policy Controller**: State for a single cluster.
2933
+ class PolicyControllerState
2934
+ include Google::Apis::Core::Hashable
2935
+
2936
+ # Currently these include (also serving as map keys): 1. "admission" 2. "audit"
2937
+ # 3. "mutation"
2938
+ # Corresponds to the JSON property `componentStates`
2939
+ # @return [Hash<String,Google::Apis::GkehubV2::PolicyControllerOnClusterState>]
2940
+ attr_accessor :component_states
2941
+
2942
+ # The state of the policy controller policy content
2943
+ # Corresponds to the JSON property `policyContentState`
2944
+ # @return [Google::Apis::GkehubV2::PolicyControllerPolicyContentState]
2945
+ attr_accessor :policy_content_state
2946
+
2947
+ # The overall Policy Controller lifecycle state observed by the Hub Feature
2948
+ # controller.
2949
+ # Corresponds to the JSON property `state`
2950
+ # @return [String]
2951
+ attr_accessor :state
2952
+
2953
+ def initialize(**args)
2954
+ update!(**args)
2955
+ end
2956
+
2957
+ # Update properties of this object
2958
+ def update!(**args)
2959
+ @component_states = args[:component_states] if args.key?(:component_states)
2960
+ @policy_content_state = args[:policy_content_state] if args.key?(:policy_content_state)
2961
+ @state = args[:state] if args.key?(:state)
2962
+ end
2963
+ end
2964
+
2965
+ # The config specifying which default library templates to install.
2966
+ class PolicyControllerTemplateLibraryConfig
2967
+ include Google::Apis::Core::Hashable
2968
+
2969
+ # Configures the manner in which the template library is installed on the
2970
+ # cluster.
2971
+ # Corresponds to the JSON property `installation`
2972
+ # @return [String]
2973
+ attr_accessor :installation
2974
+
2975
+ def initialize(**args)
2976
+ update!(**args)
2977
+ end
2978
+
2979
+ # Update properties of this object
2980
+ def update!(**args)
2981
+ @installation = args[:installation] if args.key?(:installation)
2982
+ end
2983
+ end
2984
+
2985
+ # Toleration of a node taint.
2986
+ class PolicyControllerToleration
43
2987
  include Google::Apis::Core::Hashable
44
2988
 
2989
+ # Matches a taint effect.
2990
+ # Corresponds to the JSON property `effect`
2991
+ # @return [String]
2992
+ attr_accessor :effect
2993
+
2994
+ # Matches a taint key (not necessarily unique).
2995
+ # Corresponds to the JSON property `key`
2996
+ # @return [String]
2997
+ attr_accessor :key
2998
+
2999
+ # Matches a taint operator.
3000
+ # Corresponds to the JSON property `operator`
3001
+ # @return [String]
3002
+ attr_accessor :operator
3003
+
3004
+ # Matches a taint value.
3005
+ # Corresponds to the JSON property `value`
3006
+ # @return [String]
3007
+ attr_accessor :value
3008
+
45
3009
  def initialize(**args)
46
3010
  update!(**args)
47
3011
  end
48
3012
 
49
3013
  # Update properties of this object
50
3014
  def update!(**args)
3015
+ @effect = args[:effect] if args.key?(:effect)
3016
+ @key = args[:key] if args.key?(:key)
3017
+ @operator = args[:operator] if args.key?(:operator)
3018
+ @value = args[:value] if args.key?(:value)
51
3019
  end
52
3020
  end
53
3021
 
54
- # The `Status` type defines a logical error model that is suitable for different
55
- # programming environments, including REST APIs and RPC APIs. It is used by [
56
- # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
57
- # data: error code, error message, and error details. You can find out more
58
- # about this error model and how to work with it in the [API Design Guide](https:
59
- # //cloud.google.com/apis/design/errors).
60
- class GoogleRpcStatus
3022
+ # AnalysisMessage is a single message produced by an analyzer, and it used to
3023
+ # communicate to the end user about the state of their Service Mesh
3024
+ # configuration.
3025
+ class ServiceMeshAnalysisMessage
61
3026
  include Google::Apis::Core::Hashable
62
3027
 
63
- # The status code, which should be an enum value of google.rpc.Code.
3028
+ # A UI can combine these args with a template (based on message_base.type) to
3029
+ # produce an internationalized message.
3030
+ # Corresponds to the JSON property `args`
3031
+ # @return [Hash<String,Object>]
3032
+ attr_accessor :args
3033
+
3034
+ # A human readable description of what the error means. It is suitable for non-
3035
+ # internationalize display purposes.
3036
+ # Corresponds to the JSON property `description`
3037
+ # @return [String]
3038
+ attr_accessor :description
3039
+
3040
+ # AnalysisMessageBase describes some common information that is needed for all
3041
+ # messages.
3042
+ # Corresponds to the JSON property `messageBase`
3043
+ # @return [Google::Apis::GkehubV2::ServiceMeshAnalysisMessageBase]
3044
+ attr_accessor :message_base
3045
+
3046
+ # A list of strings specifying the resource identifiers that were the cause of
3047
+ # message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a
3048
+ # specific member cluster * MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the
3049
+ # cause is a resource in a cluster
3050
+ # Corresponds to the JSON property `resourcePaths`
3051
+ # @return [Array<String>]
3052
+ attr_accessor :resource_paths
3053
+
3054
+ def initialize(**args)
3055
+ update!(**args)
3056
+ end
3057
+
3058
+ # Update properties of this object
3059
+ def update!(**args)
3060
+ @args = args[:args] if args.key?(:args)
3061
+ @description = args[:description] if args.key?(:description)
3062
+ @message_base = args[:message_base] if args.key?(:message_base)
3063
+ @resource_paths = args[:resource_paths] if args.key?(:resource_paths)
3064
+ end
3065
+ end
3066
+
3067
+ # AnalysisMessageBase describes some common information that is needed for all
3068
+ # messages.
3069
+ class ServiceMeshAnalysisMessageBase
3070
+ include Google::Apis::Core::Hashable
3071
+
3072
+ # A url pointing to the Service Mesh or Istio documentation for this specific
3073
+ # error type.
3074
+ # Corresponds to the JSON property `documentationUrl`
3075
+ # @return [String]
3076
+ attr_accessor :documentation_url
3077
+
3078
+ # Represents how severe a message is.
3079
+ # Corresponds to the JSON property `level`
3080
+ # @return [String]
3081
+ attr_accessor :level
3082
+
3083
+ # A unique identifier for the type of message. Display_name is intended to be
3084
+ # human-readable, code is intended to be machine readable. There should be a one-
3085
+ # to-one mapping between display_name and code. (i.e. do not re-use
3086
+ # display_names or codes between message types.) See istio.analysis.v1alpha1.
3087
+ # AnalysisMessageBase.Type
3088
+ # Corresponds to the JSON property `type`
3089
+ # @return [Google::Apis::GkehubV2::ServiceMeshType]
3090
+ attr_accessor :type
3091
+
3092
+ def initialize(**args)
3093
+ update!(**args)
3094
+ end
3095
+
3096
+ # Update properties of this object
3097
+ def update!(**args)
3098
+ @documentation_url = args[:documentation_url] if args.key?(:documentation_url)
3099
+ @level = args[:level] if args.key?(:level)
3100
+ @type = args[:type] if args.key?(:type)
3101
+ end
3102
+ end
3103
+
3104
+ # Condition being reported.
3105
+ class ServiceMeshCondition
3106
+ include Google::Apis::Core::Hashable
3107
+
3108
+ # Unique identifier of the condition which describes the condition recognizable
3109
+ # to the user.
64
3110
  # Corresponds to the JSON property `code`
65
- # @return [Fixnum]
3111
+ # @return [String]
66
3112
  attr_accessor :code
67
3113
 
68
- # A list of messages that carry the error details. There is a common set of
69
- # message types for APIs to use.
3114
+ # A short summary about the issue.
70
3115
  # Corresponds to the JSON property `details`
71
- # @return [Array<Hash<String,Object>>]
3116
+ # @return [String]
72
3117
  attr_accessor :details
73
3118
 
74
- # A developer-facing error message, which should be in English. Any user-facing
75
- # error message should be localized and sent in the google.rpc.Status.details
76
- # field, or localized by the client.
77
- # Corresponds to the JSON property `message`
3119
+ # Links contains actionable information.
3120
+ # Corresponds to the JSON property `documentationLink`
78
3121
  # @return [String]
79
- attr_accessor :message
3122
+ attr_accessor :documentation_link
3123
+
3124
+ # Severity level of the condition.
3125
+ # Corresponds to the JSON property `severity`
3126
+ # @return [String]
3127
+ attr_accessor :severity
80
3128
 
81
3129
  def initialize(**args)
82
3130
  update!(**args)
@@ -86,23 +3134,29 @@ module Google
86
3134
  def update!(**args)
87
3135
  @code = args[:code] if args.key?(:code)
88
3136
  @details = args[:details] if args.key?(:details)
89
- @message = args[:message] if args.key?(:message)
3137
+ @documentation_link = args[:documentation_link] if args.key?(:documentation_link)
3138
+ @severity = args[:severity] if args.key?(:severity)
90
3139
  end
91
3140
  end
92
3141
 
93
- # The response message for Locations.ListLocations.
94
- class ListLocationsResponse
3142
+ # Status of control plane management.
3143
+ class ServiceMeshControlPlaneManagement
95
3144
  include Google::Apis::Core::Hashable
96
3145
 
97
- # A list of locations that matches the specified filter in the request.
98
- # Corresponds to the JSON property `locations`
99
- # @return [Array<Google::Apis::GkehubV2::Location>]
100
- attr_accessor :locations
3146
+ # Explanation of state.
3147
+ # Corresponds to the JSON property `details`
3148
+ # @return [Array<Google::Apis::GkehubV2::ServiceMeshStatusDetails>]
3149
+ attr_accessor :details
101
3150
 
102
- # The standard List next-page token.
103
- # Corresponds to the JSON property `nextPageToken`
3151
+ # Output only. Implementation of managed control plane.
3152
+ # Corresponds to the JSON property `implementation`
104
3153
  # @return [String]
105
- attr_accessor :next_page_token
3154
+ attr_accessor :implementation
3155
+
3156
+ # LifecycleState of control plane management.
3157
+ # Corresponds to the JSON property `state`
3158
+ # @return [String]
3159
+ attr_accessor :state
106
3160
 
107
3161
  def initialize(**args)
108
3162
  update!(**args)
@@ -110,24 +3164,63 @@ module Google
110
3164
 
111
3165
  # Update properties of this object
112
3166
  def update!(**args)
113
- @locations = args[:locations] if args.key?(:locations)
114
- @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
3167
+ @details = args[:details] if args.key?(:details)
3168
+ @implementation = args[:implementation] if args.key?(:implementation)
3169
+ @state = args[:state] if args.key?(:state)
115
3170
  end
116
3171
  end
117
3172
 
118
- # The response message for Operations.ListOperations.
119
- class ListOperationsResponse
3173
+ # Status of data plane management. Only reported per-member.
3174
+ class ServiceMeshDataPlaneManagement
120
3175
  include Google::Apis::Core::Hashable
121
3176
 
122
- # The standard List next-page token.
123
- # Corresponds to the JSON property `nextPageToken`
3177
+ # Explanation of the status.
3178
+ # Corresponds to the JSON property `details`
3179
+ # @return [Array<Google::Apis::GkehubV2::ServiceMeshStatusDetails>]
3180
+ attr_accessor :details
3181
+
3182
+ # Lifecycle status of data plane management.
3183
+ # Corresponds to the JSON property `state`
124
3184
  # @return [String]
125
- attr_accessor :next_page_token
3185
+ attr_accessor :state
126
3186
 
127
- # A list of operations that matches the specified filter in the request.
128
- # Corresponds to the JSON property `operations`
129
- # @return [Array<Google::Apis::GkehubV2::Operation>]
130
- attr_accessor :operations
3187
+ def initialize(**args)
3188
+ update!(**args)
3189
+ end
3190
+
3191
+ # Update properties of this object
3192
+ def update!(**args)
3193
+ @details = args[:details] if args.key?(:details)
3194
+ @state = args[:state] if args.key?(:state)
3195
+ end
3196
+ end
3197
+
3198
+ # **Service Mesh**: Spec for a single Membership for the servicemesh feature
3199
+ class ServiceMeshSpec
3200
+ include Google::Apis::Core::Hashable
3201
+
3202
+ # Optional. Specifies the API that will be used for configuring the mesh
3203
+ # workloads.
3204
+ # Corresponds to the JSON property `configApi`
3205
+ # @return [String]
3206
+ attr_accessor :config_api
3207
+
3208
+ # Deprecated: use `management` instead Enables automatic control plane
3209
+ # management.
3210
+ # Corresponds to the JSON property `controlPlane`
3211
+ # @return [String]
3212
+ attr_accessor :control_plane
3213
+
3214
+ # Determines which release channel to use for default injection and service mesh
3215
+ # APIs.
3216
+ # Corresponds to the JSON property `defaultChannel`
3217
+ # @return [String]
3218
+ attr_accessor :default_channel
3219
+
3220
+ # Optional. Enables automatic Service Mesh management.
3221
+ # Corresponds to the JSON property `management`
3222
+ # @return [String]
3223
+ attr_accessor :management
131
3224
 
132
3225
  def initialize(**args)
133
3226
  update!(**args)
@@ -135,43 +3228,104 @@ module Google
135
3228
 
136
3229
  # Update properties of this object
137
3230
  def update!(**args)
138
- @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
139
- @operations = args[:operations] if args.key?(:operations)
3231
+ @config_api = args[:config_api] if args.key?(:config_api)
3232
+ @control_plane = args[:control_plane] if args.key?(:control_plane)
3233
+ @default_channel = args[:default_channel] if args.key?(:default_channel)
3234
+ @management = args[:management] if args.key?(:management)
140
3235
  end
141
3236
  end
142
3237
 
143
- # A resource that represents a Google Cloud location.
144
- class Location
3238
+ # **Service Mesh**: State for a single Membership, as analyzed by the Service
3239
+ # Mesh Hub Controller.
3240
+ class ServiceMeshState
145
3241
  include Google::Apis::Core::Hashable
146
3242
 
147
- # The friendly name for this location, typically a nearby city name. For example,
148
- # "Tokyo".
149
- # Corresponds to the JSON property `displayName`
3243
+ # Output only. Results of running Service Mesh analyzers.
3244
+ # Corresponds to the JSON property `analysisMessages`
3245
+ # @return [Array<Google::Apis::GkehubV2::ServiceMeshAnalysisMessage>]
3246
+ attr_accessor :analysis_messages
3247
+
3248
+ # Output only. List of conditions reported for this membership.
3249
+ # Corresponds to the JSON property `conditions`
3250
+ # @return [Array<Google::Apis::GkehubV2::ServiceMeshCondition>]
3251
+ attr_accessor :conditions
3252
+
3253
+ # The API version (i.e. Istio CRD version) for configuring service mesh in this
3254
+ # cluster. This version is influenced by the `default_channel` field.
3255
+ # Corresponds to the JSON property `configApiVersion`
150
3256
  # @return [String]
151
- attr_accessor :display_name
3257
+ attr_accessor :config_api_version
152
3258
 
153
- # Cross-service attributes for the location. For example `"cloud.googleapis.com/
154
- # region": "us-east1"`
155
- # Corresponds to the JSON property `labels`
156
- # @return [Hash<String,String>]
157
- attr_accessor :labels
3259
+ # Status of control plane management.
3260
+ # Corresponds to the JSON property `controlPlaneManagement`
3261
+ # @return [Google::Apis::GkehubV2::ServiceMeshControlPlaneManagement]
3262
+ attr_accessor :control_plane_management
158
3263
 
159
- # The canonical id for this location. For example: `"us-east1"`.
160
- # Corresponds to the JSON property `locationId`
3264
+ # Status of data plane management. Only reported per-member.
3265
+ # Corresponds to the JSON property `dataPlaneManagement`
3266
+ # @return [Google::Apis::GkehubV2::ServiceMeshDataPlaneManagement]
3267
+ attr_accessor :data_plane_management
3268
+
3269
+ def initialize(**args)
3270
+ update!(**args)
3271
+ end
3272
+
3273
+ # Update properties of this object
3274
+ def update!(**args)
3275
+ @analysis_messages = args[:analysis_messages] if args.key?(:analysis_messages)
3276
+ @conditions = args[:conditions] if args.key?(:conditions)
3277
+ @config_api_version = args[:config_api_version] if args.key?(:config_api_version)
3278
+ @control_plane_management = args[:control_plane_management] if args.key?(:control_plane_management)
3279
+ @data_plane_management = args[:data_plane_management] if args.key?(:data_plane_management)
3280
+ end
3281
+ end
3282
+
3283
+ # Structured and human-readable details for a status.
3284
+ class ServiceMeshStatusDetails
3285
+ include Google::Apis::Core::Hashable
3286
+
3287
+ # A machine-readable code that further describes a broad status.
3288
+ # Corresponds to the JSON property `code`
161
3289
  # @return [String]
162
- attr_accessor :location_id
3290
+ attr_accessor :code
163
3291
 
164
- # Service-specific metadata. For example the available capacity at the given
165
- # location.
166
- # Corresponds to the JSON property `metadata`
167
- # @return [Hash<String,Object>]
168
- attr_accessor :metadata
3292
+ # Human-readable explanation of code.
3293
+ # Corresponds to the JSON property `details`
3294
+ # @return [String]
3295
+ attr_accessor :details
169
3296
 
170
- # Resource name for the location, which may vary between implementations. For
171
- # example: `"projects/example-project/locations/us-east1"`
172
- # Corresponds to the JSON property `name`
3297
+ def initialize(**args)
3298
+ update!(**args)
3299
+ end
3300
+
3301
+ # Update properties of this object
3302
+ def update!(**args)
3303
+ @code = args[:code] if args.key?(:code)
3304
+ @details = args[:details] if args.key?(:details)
3305
+ end
3306
+ end
3307
+
3308
+ # A unique identifier for the type of message. Display_name is intended to be
3309
+ # human-readable, code is intended to be machine readable. There should be a one-
3310
+ # to-one mapping between display_name and code. (i.e. do not re-use
3311
+ # display_names or codes between message types.) See istio.analysis.v1alpha1.
3312
+ # AnalysisMessageBase.Type
3313
+ class ServiceMeshType
3314
+ include Google::Apis::Core::Hashable
3315
+
3316
+ # A 7 character code matching `^IST[0-9]`4`$` or `^ASM[0-9]`4`$`, intended to
3317
+ # uniquely identify the message type. (e.g. "IST0001" is mapped to the "
3318
+ # InternalError" message type.)
3319
+ # Corresponds to the JSON property `code`
173
3320
  # @return [String]
174
- attr_accessor :name
3321
+ attr_accessor :code
3322
+
3323
+ # A human-readable name for the message type. e.g. "InternalError", "
3324
+ # PodMissingProxy". This should be the same for all messages of the same type. (
3325
+ # This corresponds to the `name` field in open-source Istio.)
3326
+ # Corresponds to the JSON property `displayName`
3327
+ # @return [String]
3328
+ attr_accessor :display_name
175
3329
 
176
3330
  def initialize(**args)
177
3331
  update!(**args)
@@ -179,61 +3333,51 @@ module Google
179
3333
 
180
3334
  # Update properties of this object
181
3335
  def update!(**args)
3336
+ @code = args[:code] if args.key?(:code)
182
3337
  @display_name = args[:display_name] if args.key?(:display_name)
183
- @labels = args[:labels] if args.key?(:labels)
184
- @location_id = args[:location_id] if args.key?(:location_id)
185
- @metadata = args[:metadata] if args.key?(:metadata)
186
- @name = args[:name] if args.key?(:name)
187
3338
  end
188
3339
  end
189
3340
 
190
- # This resource represents a long-running operation that is the result of a
191
- # network API call.
192
- class Operation
3341
+ # High-level state of a MembershipFeature.
3342
+ class State
193
3343
  include Google::Apis::Core::Hashable
194
3344
 
195
- # If the value is `false`, it means the operation is still in progress. If `true`
196
- # , the operation is completed, and either `error` or `response` is available.
197
- # Corresponds to the JSON property `done`
198
- # @return [Boolean]
199
- attr_accessor :done
200
- alias_method :done?, :done
201
-
202
- # The `Status` type defines a logical error model that is suitable for different
203
- # programming environments, including REST APIs and RPC APIs. It is used by [
204
- # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
205
- # data: error code, error message, and error details. You can find out more
206
- # about this error model and how to work with it in the [API Design Guide](https:
207
- # //cloud.google.com/apis/design/errors).
208
- # Corresponds to the JSON property `error`
209
- # @return [Google::Apis::GkehubV2::GoogleRpcStatus]
210
- attr_accessor :error
3345
+ # The high-level, machine-readable status of this MembershipFeature.
3346
+ # Corresponds to the JSON property `code`
3347
+ # @return [String]
3348
+ attr_accessor :code
211
3349
 
212
- # Service-specific metadata associated with the operation. It typically contains
213
- # progress information and common metadata such as create time. Some services
214
- # might not provide such metadata. Any method that returns a long-running
215
- # operation should document the metadata type, if any.
216
- # Corresponds to the JSON property `metadata`
217
- # @return [Hash<String,Object>]
218
- attr_accessor :metadata
3350
+ # A human-readable description of the current status.
3351
+ # Corresponds to the JSON property `description`
3352
+ # @return [String]
3353
+ attr_accessor :description
219
3354
 
220
- # The server-assigned name, which is only unique within the same service that
221
- # originally returns it. If you use the default HTTP mapping, the `name` should
222
- # be a resource name ending with `operations/`unique_id``.
223
- # Corresponds to the JSON property `name`
3355
+ # The time this status and any related Feature-specific details were updated.
3356
+ # Corresponds to the JSON property `updateTime`
224
3357
  # @return [String]
225
- attr_accessor :name
3358
+ attr_accessor :update_time
226
3359
 
227
- # The normal, successful response of the operation. If the original method
228
- # returns no data on success, such as `Delete`, the response is `google.protobuf.
229
- # Empty`. If the original method is standard `Get`/`Create`/`Update`, the
230
- # response should be the resource. For other methods, the response should have
231
- # the type `XxxResponse`, where `Xxx` is the original method name. For example,
232
- # if the original method name is `TakeSnapshot()`, the inferred response type is
233
- # `TakeSnapshotResponse`.
234
- # Corresponds to the JSON property `response`
235
- # @return [Hash<String,Object>]
236
- attr_accessor :response
3360
+ def initialize(**args)
3361
+ update!(**args)
3362
+ end
3363
+
3364
+ # Update properties of this object
3365
+ def update!(**args)
3366
+ @code = args[:code] if args.key?(:code)
3367
+ @description = args[:description] if args.key?(:description)
3368
+ @update_time = args[:update_time] if args.key?(:update_time)
3369
+ end
3370
+ end
3371
+
3372
+ # **WorkloadCertificate**: The membership-specific input for WorkloadCertificate
3373
+ # feature.
3374
+ class WorkloadCertificateSpec
3375
+ include Google::Apis::Core::Hashable
3376
+
3377
+ # CertificateManagement specifies workload certificate management.
3378
+ # Corresponds to the JSON property `certificateManagement`
3379
+ # @return [String]
3380
+ attr_accessor :certificate_management
237
3381
 
238
3382
  def initialize(**args)
239
3383
  update!(**args)
@@ -241,11 +3385,7 @@ module Google
241
3385
 
242
3386
  # Update properties of this object
243
3387
  def update!(**args)
244
- @done = args[:done] if args.key?(:done)
245
- @error = args[:error] if args.key?(:error)
246
- @metadata = args[:metadata] if args.key?(:metadata)
247
- @name = args[:name] if args.key?(:name)
248
- @response = args[:response] if args.key?(:response)
3388
+ @certificate_management = args[:certificate_management] if args.key?(:certificate_management)
249
3389
  end
250
3390
  end
251
3391
  end