feat(gkeonprem)!: update the API

BREAKING CHANGE: This release has breaking changes. #### gkeonprem:v1 The following keys were deleted: - schemas.VmwareCluster.properties.vcenter.readOnly The following keys were added: - schemas.BareMetalAdminCluster.properties.binaryAuthorization.$ref - schemas.BareMetalAdminCluster.properties.binaryAuthorization.description - schemas.BareMetalCluster.properties.binaryAuthorization.$ref - schemas.BareMetalCluster.properties.binaryAuthorization.description - schemas.BinaryAuthorization.description - schemas.BinaryAuthorization.id - schemas.BinaryAuthorization.properties.evaluationMode.description - schemas.BinaryAuthorization.properties.evaluationMode.enum - schemas.BinaryAuthorization.properties.evaluationMode.enumDescriptions - schemas.BinaryAuthorization.properties.evaluationMode.type - schemas.BinaryAuthorization.type - schemas.UpgradeDependency.properties.membership.description - schemas.UpgradeDependency.properties.membership.type - schemas.VmwareAdminSeesawConfig.properties.stackdriverName.description - schemas.VmwareAdminSeesawConfig.properties.stackdriverName.type - schemas.VmwareCluster.properties.disableBundledIngress.description - schemas.VmwareCluster.properties.disableBundledIngress.type - schemas.VmwareCluster.properties.upgradePolicy.$ref - schemas.VmwareCluster.properties.upgradePolicy.description - schemas.VmwareClusterUpgradePolicy.description - schemas.VmwareClusterUpgradePolicy.id - schemas.VmwareClusterUpgradePolicy.properties.controlPlaneOnly.description - schemas.VmwareClusterUpgradePolicy.properties.controlPlaneOnly.type - schemas.VmwareClusterUpgradePolicy.type - schemas.VmwareControlPlaneVsphereConfig.properties.storagePolicyName.description - schemas.VmwareControlPlaneVsphereConfig.properties.storagePolicyName.type - schemas.VmwareLoadBalancerConfig.properties.seesawConfig.$ref - schemas.VmwareLoadBalancerConfig.properties.seesawConfig.description - schemas.VmwareLoadBalancerConfig.properties.seesawConfig.readOnly - schemas.VmwareSeesawConfig.description - schemas.VmwareSeesawConfig.id - schemas.VmwareSeesawConfig.properties.enableHa.description - schemas.VmwareSeesawConfig.properties.enableHa.type - schemas.VmwareSeesawConfig.properties.group.description - schemas.VmwareSeesawConfig.properties.group.type - schemas.VmwareSeesawConfig.properties.ipBlocks.description - schemas.VmwareSeesawConfig.properties.ipBlocks.items.$ref - schemas.VmwareSeesawConfig.properties.ipBlocks.type - schemas.VmwareSeesawConfig.properties.masterIp.description - schemas.VmwareSeesawConfig.properties.masterIp.type - schemas.VmwareSeesawConfig.properties.stackdriverName.description - schemas.VmwareSeesawConfig.properties.stackdriverName.type - schemas.VmwareSeesawConfig.properties.vms.description - schemas.VmwareSeesawConfig.properties.vms.items.type - schemas.VmwareSeesawConfig.properties.vms.type - schemas.VmwareSeesawConfig.type - schemas.VmwareVCenterConfig.properties.address.readOnly - schemas.VmwareVCenterConfig.properties.storagePolicyName.description - schemas.VmwareVCenterConfig.properties.storagePolicyName.type - schemas.VmwareVersionInfo.properties.dependencies.description - schemas.VmwareVersionInfo.properties.dependencies.items.$ref - schemas.VmwareVersionInfo.properties.dependencies.type The following keys were changed: - schemas.BareMetalAdminControlPlaneConfig.properties.controlPlaneNodePoolConfig.description - schemas.BareMetalAdminControlPlaneNodePoolConfig.properties.nodePoolConfig.description - schemas.Operation.properties.response.description - schemas.Policy.description - schemas.VmwareCluster.properties.vcenter.description - schemas.VmwareVCenterConfig.properties.address.description
googleapis · Sep 22, 2023 · 26188f7 · 26188f7
1 parent 5918dbd
commit 26188f7
Show file tree

Hide file tree

Showing 2 changed files with 214 additions and 14 deletions.
diff --git a/discovery/gkeonprem-v1.json b/discovery/gkeonprem-v1.json
@@ -2996,7 +2996,7 @@
       }
     }
   },
-  "revision": "20230731",
+  "revision": "20230906",
   "rootUrl": "https://gkeonprem.googleapis.com/",
   "schemas": {
     "Authorization": {
@@ -3043,6 +3043,10 @@
           "description": "The Anthos clusters on bare metal version for the bare metal admin cluster.",
           "type": "string"
         },
+        "binaryAuthorization": {
+          "$ref": "BinaryAuthorization",
+          "description": "Binary Authorization related configurations."
+        },
         "clusterOperations": {
           "$ref": "BareMetalAdminClusterOperationsConfig",
           "description": "Cluster operations configuration."
@@ -3207,7 +3211,7 @@
         },
         "controlPlaneNodePoolConfig": {
           "$ref": "BareMetalAdminControlPlaneNodePoolConfig",
-          "description": "Configures the node pool running the control plane. If specified the corresponding NodePool will be created for the cluster's control plane. The NodePool will have the same name and namespace as the cluster."
+          "description": "Required. Configures the node pool running the control plane. If specified the corresponding NodePool will be created for the cluster's control plane. The NodePool will have the same name and namespace as the cluster."
         }
       },
       "type": "object"
@@ -3218,7 +3222,7 @@
       "properties": {
         "nodePoolConfig": {
           "$ref": "BareMetalNodePoolConfig",
-          "description": "The generic configuration for a node pool running the control plane."
+          "description": "Required. The generic configuration for a node pool running the control plane."
         }
       },
       "type": "object"
@@ -3551,6 +3555,10 @@
           "description": "Required. The Anthos clusters on bare metal version for your user cluster.",
           "type": "string"
         },
+        "binaryAuthorization": {
+          "$ref": "BinaryAuthorization",
+          "description": "Binary Authorization related configurations."
+        },
         "clusterOperations": {
           "$ref": "BareMetalClusterOperationsConfig",
           "description": "Cluster operations configuration."
@@ -4360,6 +4368,27 @@
       },
       "type": "object"
     },
+    "BinaryAuthorization": {
+      "description": "Configuration for Binary Authorization.",
+      "id": "BinaryAuthorization",
+      "properties": {
+        "evaluationMode": {
+          "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.",
+          "enum": [
+            "EVALUATION_MODE_UNSPECIFIED",
+            "DISABLED",
+            "PROJECT_SINGLETON_POLICY_ENFORCE"
+          ],
+          "enumDescriptions": [
+            "Default value",
+            "Disable BinaryAuthorization",
+            "Enforce Kubernetes admission requests with BinaryAuthorization using the project's singleton policy."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "Binding": {
       "description": "Associates `members`, or principals, with a `role`.",
       "id": "Binding",
@@ -4875,7 +4904,7 @@
             "description": "Properties of the object. Contains field @type with type URL.",
             "type": "any"
           },
-          "description": "The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.",
+          "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.",
           "type": "object"
         }
       },
@@ -5034,7 +5063,7 @@
       "type": "object"
     },
     "Policy": {
-      "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).",
+      "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).",
       "id": "Policy",
       "properties": {
         "bindings": {
@@ -5235,6 +5264,10 @@
           "description": "Local name of the dependency.",
           "type": "string"
         },
+        "membership": {
+          "description": "Membership names are formatted as `projects//locations//memberships/`.",
+          "type": "string"
+        },
         "resourceName": {
           "description": "Resource name of the dependency.",
           "type": "string"
@@ -5706,6 +5739,10 @@
           "description": "MasterIP is the IP announced by the master of Seesaw group.",
           "type": "string"
         },
+        "stackdriverName": {
+          "description": "Name to be used by Stackdriver.",
+          "type": "string"
+        },
         "vms": {
           "description": "Names of the VMs created for this Seesaw group.",
           "items": {
@@ -5864,6 +5901,10 @@
           "description": "A human readable description of this VMware user cluster.",
           "type": "string"
         },
+        "disableBundledIngress": {
+          "description": "Disable bundled ingress.",
+          "type": "boolean"
+        },
         "enableControlPlaneV2": {
           "description": "Enable control plane V2. Default to false.",
           "type": "boolean"
@@ -5951,15 +5992,18 @@
           "readOnly": true,
           "type": "string"
         },
+        "upgradePolicy": {
+          "$ref": "VmwareClusterUpgradePolicy",
+          "description": "Specifies upgrade policy for the cluster."
+        },
         "validationCheck": {
           "$ref": "ValidationCheck",
           "description": "Output only. ValidationCheck represents the result of the preflight check job.",
           "readOnly": true
         },
         "vcenter": {
           "$ref": "VmwareVCenterConfig",
-          "description": "Output only. VmwareVCenterConfig specifies vCenter config for the user cluster. Inherited from the admin cluster.",
-          "readOnly": true
+          "description": "VmwareVCenterConfig specifies vCenter config for the user cluster. Inherited from the admin cluster."
         },
         "vmTrackingEnabled": {
           "description": "Enable VM tracking.",
@@ -5968,6 +6012,17 @@
       },
       "type": "object"
     },
+    "VmwareClusterUpgradePolicy": {
+      "description": "VmwareClusterUpgradePolicy defines the cluster upgrade policy.",
+      "id": "VmwareClusterUpgradePolicy",
+      "properties": {
+        "controlPlaneOnly": {
+          "description": "Controls whether the upgrade applies to the control plane only.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "VmwareControlPlaneNodeConfig": {
       "description": "Specifies control plane node config for the VMware user cluster.",
       "id": "VmwareControlPlaneNodeConfig",
@@ -6016,6 +6071,10 @@
         "datastore": {
           "description": "The Vsphere datastore used by the control plane Node.",
           "type": "string"
+        },
+        "storagePolicyName": {
+          "description": "The Vsphere storage policy used by the control plane Node.",
+          "type": "string"
         }
       },
       "type": "object"
@@ -6150,6 +6209,11 @@
           "$ref": "VmwareMetalLbConfig",
           "description": "Configuration for MetalLB typed load balancers."
         },
+        "seesawConfig": {
+          "$ref": "VmwareSeesawConfig",
+          "description": "Output only. Configuration for Seesaw typed load balancers.",
+          "readOnly": true
+        },
         "vipConfig": {
           "$ref": "VmwareVipConfig",
           "description": "The VIPs used by the load balancer."
@@ -6437,6 +6501,43 @@
       },
       "type": "object"
     },
+    "VmwareSeesawConfig": {
+      "description": "VmwareSeesawConfig represents configuration parameters for an already existing Seesaw load balancer. IMPORTANT: Please note that the Anthos On-Prem API will not generate or update Seesaw configurations it can only bind a pre-existing configuration to a new user cluster. IMPORTANT: When attempting to create a user cluster with a pre-existing Seesaw load balancer you will need to follow some preparation steps before calling the 'CreateVmwareCluster' API method. First you will need to create the user cluster's namespace via kubectl. The namespace will need to use the following naming convention : -gke-onprem-mgmt or -gke-onprem-mgmt depending on whether you used the 'VmwareCluster.local_name' to disambiguate collisions; for more context see the documentation of 'VmwareCluster.local_name'. Once the namespace is created you will need to create a secret resource via kubectl. This secret will contain copies of your Seesaw credentials. The Secret must be called 'user-cluster-creds' and contain Seesaw's SSH and Cert credentials. The credentials must be keyed with the following names: 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', 'seesaw-ssh-ca-cert'.",
+      "id": "VmwareSeesawConfig",
+      "properties": {
+        "enableHa": {
+          "description": "Enable two load balancer VMs to achieve a highly-available Seesaw load balancer.",
+          "type": "boolean"
+        },
+        "group": {
+          "description": "Required. In general the following format should be used for the Seesaw group name: seesaw-for-[cluster_name].",
+          "type": "string"
+        },
+        "ipBlocks": {
+          "description": "Required. The IP Blocks to be used by the Seesaw load balancer",
+          "items": {
+            "$ref": "VmwareIpBlock"
+          },
+          "type": "array"
+        },
+        "masterIp": {
+          "description": "Required. MasterIP is the IP announced by the master of Seesaw group.",
+          "type": "string"
+        },
+        "stackdriverName": {
+          "description": "Name to be used by Stackdriver.",
+          "type": "string"
+        },
+        "vms": {
+          "description": "Names of the VMs created for this Seesaw group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "VmwareStaticIpConfig": {
       "description": "Represents the network configuration required for the VMware user clusters with Static IP configurations.",
       "id": "VmwareStaticIpConfig",
@@ -6467,7 +6568,8 @@
       "id": "VmwareVCenterConfig",
       "properties": {
         "address": {
-          "description": "The vCenter IP address.",
+          "description": "Output only. The vCenter IP address.",
+          "readOnly": true,
           "type": "string"
         },
         "caCertData": {
@@ -6493,6 +6595,10 @@
         "resourcePool": {
           "description": "The name of the vCenter resource pool for the user cluster.",
           "type": "string"
+        },
+        "storagePolicyName": {
+          "description": "The name of the vCenter storage policy for the user cluster.",
+          "type": "string"
         }
       },
       "type": "object"
@@ -6501,6 +6607,13 @@
       "description": "Contains information about a specific Anthos on VMware version.",
       "id": "VmwareVersionInfo",
       "properties": {
+        "dependencies": {
+          "description": "The list of upgrade dependencies for this version.",
+          "items": {
+            "$ref": "UpgradeDependency"
+          },
+          "type": "array"
+        },
         "hasDependencies": {
           "description": "If set, the cluster dependencies (e.g. the admin cluster, other user clusters managed by the same admin cluster) must be upgraded before this version can be installed or upgraded to.",
           "type": "boolean"