diff --git a/docs/dyn/run_v1alpha1.namespaces.jobs.html b/docs/dyn/run_v1alpha1.namespaces.jobs.html index a8396af9868..dd8a5197038 100644 --- a/docs/dyn/run_v1alpha1.namespaces.jobs.html +++ b/docs/dyn/run_v1alpha1.namespaces.jobs.html @@ -107,25 +107,25 @@

Method Details

{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion. "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional - "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional + "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional + "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations "a_key": "A String", }, - "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional - "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional - "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge + "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge "A String", ], - "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; - "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional - "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional + "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; + "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels "a_key": "A String", }, "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. - "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional + "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. "apiVersion": "A String", # API version of the referent. "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional @@ -135,9 +135,9 @@

Method Details

"uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, ], - "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional - "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; - "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional + "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; + "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, "spec": { # JobSpec describes how the job execution will look like. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional "activeDeadlineSeconds": "A String", # Optional. Not supported. Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it. If set to zero, the system will never attempt to terminate the job based on time. Otherwise, the value must be positive integer. +optional @@ -149,299 +149,199 @@

Method Details

"activeDeadlineSeconds": "A String", # Optional. Optional duration in seconds the instance may be active relative to StartTime before the system will actively try to mark it failed and kill associated containers. If set to zero, the system will never attempt to kill an instance based on time. Otherwise, value must be a positive integer. +optional "containers": [ # Optional. List of containers belonging to the instance. We disallow a number of fields on this Container. Only a single container may be provided. { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. - "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell "A String", ], - "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "command": [ "A String", ], - "env": [ # List of environment variables to set in the container. Cannot be updated. +optional + "env": [ # (Optional) List of environment variables to set in the container. { # EnvVar represents an environment variable present in a Container. "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. - "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional - "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: supported Source for the environment variable's value. Only supports secret_key_ref. Cloud Run for Anthos: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional - "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional - "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. + "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. + "key": "A String", # The key to select. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined }, - "secretKeyRef": { # Cloud Run fully managed: supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: supported. Selects a key (version) of a secret in Secret Manager. Cloud Run for Anthos: supported. Selects a key of a secret in the pod's namespace. +optional - "key": "A String", # Cloud Run fully managed: supported A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. Cloud Run for Anthos: supported The key of the secret to select from. Must be a valid secret key. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. + "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported The name of the secret in the pod's namespace to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional + "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. + "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined }, }, }, ], - "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional - { # EnvFromSource represents the source of a set of ConfigMaps - "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps + "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined }, - "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional - "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional + "name": "A String", # The Secret to select from. + "optional": True or False, # (Optional) Specify whether the Secret must be defined }, }, ], - "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional - "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional - "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images + "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], }, - "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - }, - "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. - "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional + "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names + "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. { # ContainerPort represents a network port in a single container. - "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - "hostIP": "A String", # What host IP to bind the external port to. +optional - "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional - "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional - "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional + "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. + "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". }, ], - "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. + }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional - "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, - "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1' and '2'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, }, - "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional - "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional - "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional - "add": [ # Added capabilities +optional + "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + }, + "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. "A String", ], - "drop": [ # Removed capabilities +optional - "A String", + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value + }, ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional - "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional - "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "level": "A String", # Level is SELinux level label that applies to the container. +optional - "role": "A String", # Role is a SELinux role label that applies to the container. +optional - "type": "A String", # Type is a SELinux type label that applies to the container. +optional - "user": "A String", # User is a SELinux user label that applies to the container. +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional - "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional - "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional - "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional - "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional - "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional - { # volumeDevice describes a mapping of a raw block device within a container. - "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. - "name": "A String", # name must match the name of a persistentVolumeClaim in the pod - }, - ], - "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional - { # VolumeMount describes a mounting of a Volume within a container. + "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. + "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. + { # Not supported by Cloud Run VolumeMount describes a mounting of a Volume within a container. "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. - "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional "name": "A String", # This must match the Name of a Volume. - "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional - "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional + "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. + "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). }, ], - "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional + "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. }, ], "restartPolicy": "A String", # Optional. Restart policy for all containers within the instance. Allowed values are: - OnFailure: Instances will always be restarted on failure if the backoffLimit has not been reached. - Never: Instances are never restarted and all failures are permanent. Cannot be used if backoffLimit is set. +optional "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the instance of a Job. The service account represents the identity of the running instance, and determines what permissions the instance has. If not provided, the instance will use the project's default service account. +optional "terminationGracePeriodSeconds": "A String", # Optional. Optional duration in seconds the instance needs to terminate gracefully. Value must be non-negative integer. The value zero indicates delete immediately. The grace period is the duration in seconds after the processes running in the instance are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. +optional "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the instance. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional - { # Volume represents a named volume in a container. - "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + { # Not supported by Cloud Run Volume represents a named volume in a container. + "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], "name": "A String", # Name of the config. - "optional": True or False, # Specify whether the Secret or its keys must be defined. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. }, "name": "A String", # Volume's name. - "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # Cloud Run fully managed: supported If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. Cloud Run for Anthos: supported If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. NOTE: This is an integer representation of the mode bits. So, the integer value should look exactly as the chmod numeric notation, i.e. Unix chmod "777" (a=rwx) should have the integer value 777. + "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], - "optional": True or False, # Specify whether the Secret or its keys must be defined. - "secretName": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported Name of the secret in the container's namespace to use. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. + "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. }, }, ], @@ -492,25 +392,25 @@

Method Details

{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion. "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional - "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional + "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional + "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations "a_key": "A String", }, - "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional - "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional - "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge + "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge "A String", ], - "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; - "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional - "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional + "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; + "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels "a_key": "A String", }, "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. - "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional + "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. "apiVersion": "A String", # API version of the referent. "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional @@ -520,9 +420,9 @@

Method Details

"uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, ], - "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional - "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; - "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional + "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; + "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, "spec": { # JobSpec describes how the job execution will look like. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional "activeDeadlineSeconds": "A String", # Optional. Not supported. Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it. If set to zero, the system will never attempt to terminate the job based on time. Otherwise, the value must be positive integer. +optional @@ -534,299 +434,199 @@

Method Details

"activeDeadlineSeconds": "A String", # Optional. Optional duration in seconds the instance may be active relative to StartTime before the system will actively try to mark it failed and kill associated containers. If set to zero, the system will never attempt to kill an instance based on time. Otherwise, value must be a positive integer. +optional "containers": [ # Optional. List of containers belonging to the instance. We disallow a number of fields on this Container. Only a single container may be provided. { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. - "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell "A String", ], - "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "command": [ "A String", ], - "env": [ # List of environment variables to set in the container. Cannot be updated. +optional + "env": [ # (Optional) List of environment variables to set in the container. { # EnvVar represents an environment variable present in a Container. "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. - "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional - "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: supported Source for the environment variable's value. Only supports secret_key_ref. Cloud Run for Anthos: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional - "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional - "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. + "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. + "key": "A String", # The key to select. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined }, - "secretKeyRef": { # Cloud Run fully managed: supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: supported. Selects a key (version) of a secret in Secret Manager. Cloud Run for Anthos: supported. Selects a key of a secret in the pod's namespace. +optional - "key": "A String", # Cloud Run fully managed: supported A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. Cloud Run for Anthos: supported The key of the secret to select from. Must be a valid secret key. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. + "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported The name of the secret in the pod's namespace to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional + "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. + "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined }, }, }, ], - "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional - { # EnvFromSource represents the source of a set of ConfigMaps - "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps + "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined }, - "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional - "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional + "name": "A String", # The Secret to select from. + "optional": True or False, # (Optional) Specify whether the Secret must be defined }, }, ], - "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional - "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional - "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images + "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], }, - "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - }, - "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. - "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional + "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names + "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. { # ContainerPort represents a network port in a single container. - "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - "hostIP": "A String", # What host IP to bind the external port to. +optional - "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional - "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional - "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional + "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. + "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". }, ], - "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. + }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional - "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, - "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1' and '2'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, }, - "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional - "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional - "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional - "add": [ # Added capabilities +optional + "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + }, + "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. "A String", ], - "drop": [ # Removed capabilities +optional - "A String", + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value + }, ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional - "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional - "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "level": "A String", # Level is SELinux level label that applies to the container. +optional - "role": "A String", # Role is a SELinux role label that applies to the container. +optional - "type": "A String", # Type is a SELinux type label that applies to the container. +optional - "user": "A String", # User is a SELinux user label that applies to the container. +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional - "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional - "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional - "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional - "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional - "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional - { # volumeDevice describes a mapping of a raw block device within a container. - "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. - "name": "A String", # name must match the name of a persistentVolumeClaim in the pod - }, - ], - "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional - { # VolumeMount describes a mounting of a Volume within a container. + "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. + "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. + { # Not supported by Cloud Run VolumeMount describes a mounting of a Volume within a container. "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. - "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional "name": "A String", # This must match the Name of a Volume. - "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional - "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional + "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. + "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). }, ], - "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional + "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. }, ], "restartPolicy": "A String", # Optional. Restart policy for all containers within the instance. Allowed values are: - OnFailure: Instances will always be restarted on failure if the backoffLimit has not been reached. - Never: Instances are never restarted and all failures are permanent. Cannot be used if backoffLimit is set. +optional "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the instance of a Job. The service account represents the identity of the running instance, and determines what permissions the instance has. If not provided, the instance will use the project's default service account. +optional "terminationGracePeriodSeconds": "A String", # Optional. Optional duration in seconds the instance needs to terminate gracefully. Value must be non-negative integer. The value zero indicates delete immediately. The grace period is the duration in seconds after the processes running in the instance are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. +optional "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the instance. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional - { # Volume represents a named volume in a container. - "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + { # Not supported by Cloud Run Volume represents a named volume in a container. + "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], "name": "A String", # Name of the config. - "optional": True or False, # Specify whether the Secret or its keys must be defined. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. }, "name": "A String", # Volume's name. - "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # Cloud Run fully managed: supported If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. Cloud Run for Anthos: supported If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. NOTE: This is an integer representation of the mode bits. So, the integer value should look exactly as the chmod numeric notation, i.e. Unix chmod "777" (a=rwx) should have the integer value 777. + "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], - "optional": True or False, # Specify whether the Secret or its keys must be defined. - "secretName": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported Name of the secret in the container's namespace to use. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. + "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. }, }, ], @@ -905,25 +705,25 @@

Method Details

{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion. "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional - "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional + "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional + "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations "a_key": "A String", }, - "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional - "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional - "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge + "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge "A String", ], - "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; - "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional - "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional + "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; + "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels "a_key": "A String", }, "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. - "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional + "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. "apiVersion": "A String", # API version of the referent. "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional @@ -933,9 +733,9 @@

Method Details

"uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, ], - "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional - "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; - "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional + "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; + "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, "spec": { # JobSpec describes how the job execution will look like. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional "activeDeadlineSeconds": "A String", # Optional. Not supported. Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it. If set to zero, the system will never attempt to terminate the job based on time. Otherwise, the value must be positive integer. +optional @@ -947,299 +747,199 @@

Method Details

"activeDeadlineSeconds": "A String", # Optional. Optional duration in seconds the instance may be active relative to StartTime before the system will actively try to mark it failed and kill associated containers. If set to zero, the system will never attempt to kill an instance based on time. Otherwise, value must be a positive integer. +optional "containers": [ # Optional. List of containers belonging to the instance. We disallow a number of fields on this Container. Only a single container may be provided. { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. - "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell "A String", ], - "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "command": [ "A String", ], - "env": [ # List of environment variables to set in the container. Cannot be updated. +optional + "env": [ # (Optional) List of environment variables to set in the container. { # EnvVar represents an environment variable present in a Container. "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. - "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional - "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: supported Source for the environment variable's value. Only supports secret_key_ref. Cloud Run for Anthos: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional - "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional - "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. + "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. + "key": "A String", # The key to select. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined }, - "secretKeyRef": { # Cloud Run fully managed: supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: supported. Selects a key (version) of a secret in Secret Manager. Cloud Run for Anthos: supported. Selects a key of a secret in the pod's namespace. +optional - "key": "A String", # Cloud Run fully managed: supported A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. Cloud Run for Anthos: supported The key of the secret to select from. Must be a valid secret key. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. + "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported The name of the secret in the pod's namespace to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional + "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. + "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined }, }, }, ], - "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional - { # EnvFromSource represents the source of a set of ConfigMaps - "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps + "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined }, - "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional - "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional + "name": "A String", # The Secret to select from. + "optional": True or False, # (Optional) Specify whether the Secret must be defined }, }, ], - "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional - "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional - "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images + "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], }, - "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - }, - "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. - "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional + "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names + "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. { # ContainerPort represents a network port in a single container. - "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - "hostIP": "A String", # What host IP to bind the external port to. +optional - "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional - "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional - "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional + "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. + "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". }, ], - "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. + }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional - "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, - "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1' and '2'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, }, - "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional - "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional - "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional - "add": [ # Added capabilities +optional + "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + }, + "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. "A String", ], - "drop": [ # Removed capabilities +optional - "A String", + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value + }, ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional - "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional - "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "level": "A String", # Level is SELinux level label that applies to the container. +optional - "role": "A String", # Role is a SELinux role label that applies to the container. +optional - "type": "A String", # Type is a SELinux type label that applies to the container. +optional - "user": "A String", # User is a SELinux user label that applies to the container. +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional - "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional - "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional - "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional - "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional - "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional - { # volumeDevice describes a mapping of a raw block device within a container. - "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. - "name": "A String", # name must match the name of a persistentVolumeClaim in the pod - }, - ], - "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional - { # VolumeMount describes a mounting of a Volume within a container. + "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. + "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. + { # Not supported by Cloud Run VolumeMount describes a mounting of a Volume within a container. "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. - "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional "name": "A String", # This must match the Name of a Volume. - "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional - "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional + "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. + "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). }, ], - "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional + "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. }, ], "restartPolicy": "A String", # Optional. Restart policy for all containers within the instance. Allowed values are: - OnFailure: Instances will always be restarted on failure if the backoffLimit has not been reached. - Never: Instances are never restarted and all failures are permanent. Cannot be used if backoffLimit is set. +optional "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the instance of a Job. The service account represents the identity of the running instance, and determines what permissions the instance has. If not provided, the instance will use the project's default service account. +optional "terminationGracePeriodSeconds": "A String", # Optional. Optional duration in seconds the instance needs to terminate gracefully. Value must be non-negative integer. The value zero indicates delete immediately. The grace period is the duration in seconds after the processes running in the instance are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. +optional "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the instance. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional - { # Volume represents a named volume in a container. - "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + { # Not supported by Cloud Run Volume represents a named volume in a container. + "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], "name": "A String", # Name of the config. - "optional": True or False, # Specify whether the Secret or its keys must be defined. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. }, "name": "A String", # Volume's name. - "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # Cloud Run fully managed: supported If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. Cloud Run for Anthos: supported If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. NOTE: This is an integer representation of the mode bits. So, the integer value should look exactly as the chmod numeric notation, i.e. Unix chmod "777" (a=rwx) should have the integer value 777. + "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], - "optional": True or False, # Specify whether the Secret or its keys must be defined. - "secretName": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported Name of the secret in the container's namespace to use. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. + "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. }, }, ], @@ -1307,25 +1007,25 @@

Method Details

{ # Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion. "apiVersion": "A String", # Optional. APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources +optional "kind": "A String", # Optional. Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional - "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional + "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional + "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations "a_key": "A String", }, - "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional - "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional - "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional - "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge + "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge "A String", ], - "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; - "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional - "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional + "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; + "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels "a_key": "A String", }, "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. - "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional + "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. "apiVersion": "A String", # API version of the referent. "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional @@ -1335,9 +1035,9 @@

Method Details

"uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, ], - "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional - "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; - "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional + "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; + "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids }, "spec": { # JobSpec describes how the job execution will look like. # Optional. Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status +optional "activeDeadlineSeconds": "A String", # Optional. Not supported. Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it. If set to zero, the system will never attempt to terminate the job based on time. Otherwise, the value must be positive integer. +optional @@ -1349,299 +1049,199 @@

Method Details

"activeDeadlineSeconds": "A String", # Optional. Optional duration in seconds the instance may be active relative to StartTime before the system will actively try to mark it failed and kill associated containers. If set to zero, the system will never attempt to kill an instance based on time. Otherwise, value must be a positive integer. +optional "containers": [ # Optional. List of containers belonging to the instance. We disallow a number of fields on this Container. Only a single container may be provided. { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. - "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell "A String", ], - "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional + "command": [ "A String", ], - "env": [ # List of environment variables to set in the container. Cannot be updated. +optional + "env": [ # (Optional) List of environment variables to set in the container. { # EnvVar represents an environment variable present in a Container. "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. - "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional - "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: supported Source for the environment variable's value. Only supports secret_key_ref. Cloud Run for Anthos: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional - "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional - "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. + "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. + "key": "A String", # The key to select. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined }, - "secretKeyRef": { # Cloud Run fully managed: supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: supported. Selects a key (version) of a secret in Secret Manager. Cloud Run for Anthos: supported. Selects a key of a secret in the pod's namespace. +optional - "key": "A String", # Cloud Run fully managed: supported A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. Cloud Run for Anthos: supported The key of the secret to select from. Must be a valid secret key. - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. + "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported The name of the secret in the pod's namespace to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional + "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. + "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined }, }, }, ], - "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional - { # EnvFromSource represents the source of a set of ConfigMaps - "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps + "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional + "name": "A String", # The ConfigMap to select from. + "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined }, - "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional - "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional - "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. - "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from + "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. + "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names }, - "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. - "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional + "name": "A String", # The Secret to select from. + "optional": True or False, # (Optional) Specify whether the Secret must be defined }, }, ], - "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional - "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional - "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images + "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], }, - "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - }, - "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - }, + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. - "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional + "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names + "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. { # ContainerPort represents a network port in a single container. - "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - "hostIP": "A String", # What host IP to bind the external port to. +optional - "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional - "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional - "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional + "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. + "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". + "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". }, ], - "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional - "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container - "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional - "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional - "A String", - ], - }, - "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional - "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional - "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional - { # HTTPHeader describes a custom header to be used in HTTP probes - "name": "A String", # The header field name - "value": "A String", # The header field value - }, - ], - "path": "A String", # Path to access on the HTTP server. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. - }, - "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional - }, - "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported - "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional - "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - "intVal": 42, # The int value. - "strVal": "A String", # The string value. - "type": 42, # The type of the value. + "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + "A String", + ], + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value }, - }, + ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional - "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional - "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional - "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. + }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional - "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, - "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1' and '2'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go "a_key": "A String", }, - "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. - "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto - "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". - }, - }, }, - "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional - "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional - "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional - "add": [ # Added capabilities +optional + "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + }, + "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. + "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. "A String", ], - "drop": [ # Removed capabilities +optional - "A String", + }, + "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. + "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. + { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes + "name": "A String", # The header field name + "value": "A String", # The header field value + }, ], + "path": "A String", # (Optional) Path to access on the HTTP server. + "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. }, - "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional - "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional - "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional - "level": "A String", # Level is SELinux level label that applies to the container. +optional - "role": "A String", # Role is a SELinux role label that applies to the container. +optional - "type": "A String", # Type is a SELinux type label that applies to the container. +optional - "user": "A String", # User is a SELinux user label that applies to the container. +optional + "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. + "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. + "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. + "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. }, + "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes }, - "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional - "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional - "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional - "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional - "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional - "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional - { # volumeDevice describes a mapping of a raw block device within a container. - "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. - "name": "A String", # name must match the name of a persistentVolumeClaim in the pod - }, - ], - "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional - { # VolumeMount describes a mounting of a Volume within a container. + "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. + "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. + { # Not supported by Cloud Run VolumeMount describes a mounting of a Volume within a container. "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. - "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional "name": "A String", # This must match the Name of a Volume. - "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional - "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional + "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. + "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). }, ], - "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional + "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. }, ], "restartPolicy": "A String", # Optional. Restart policy for all containers within the instance. Allowed values are: - OnFailure: Instances will always be restarted on failure if the backoffLimit has not been reached. - Never: Instances are never restarted and all failures are permanent. Cannot be used if backoffLimit is set. +optional "serviceAccountName": "A String", # Optional. Email address of the IAM service account associated with the instance of a Job. The service account represents the identity of the running instance, and determines what permissions the instance has. If not provided, the instance will use the project's default service account. +optional "terminationGracePeriodSeconds": "A String", # Optional. Optional duration in seconds the instance needs to terminate gracefully. Value must be non-negative integer. The value zero indicates delete immediately. The grace period is the duration in seconds after the processes running in the instance are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. +optional "volumes": [ # Optional. List of volumes that can be mounted by containers belonging to the instance. More info: https://kubernetes.io/docs/concepts/storage/volumes +optional - { # Volume represents a named volume in a container. - "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + { # Not supported by Cloud Run Volume represents a named volume in a container. + "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], "name": "A String", # Name of the config. - "optional": True or False, # Specify whether the Secret or its keys must be defined. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. }, "name": "A String", # Volume's name. - "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. - "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - "items": [ # Cloud Run fully managed: supported If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. Cloud Run for Anthos: supported If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. + "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. + "defaultMode": 42, # (Optional) Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. NOTE: This is an integer representation of the mode bits. So, the integer value should look exactly as the chmod numeric notation, i.e. Unix chmod "777" (a=rwx) should have the integer value 777. + "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. { # Maps a string key to a path within a volume. - "key": "A String", # Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project. - "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional - "path": "A String", # Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. + "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. }, ], - "optional": True or False, # Specify whether the Secret or its keys must be defined. - "secretName": "A String", # Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported Name of the secret in the container's namespace to use. + "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. + "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. }, }, ], diff --git a/googleapiclient/discovery_cache/documents/run.v1.json b/googleapiclient/discovery_cache/documents/run.v1.json index 3bfd31cc6c0..36e5de5436a 100644 --- a/googleapiclient/discovery_cache/documents/run.v1.json +++ b/googleapiclient/discovery_cache/documents/run.v1.json @@ -12,7 +12,7 @@ "baseUrl": "https://run.googleapis.com/", "batchPath": "batch", "canonicalName": "Cloud Run", - "description": "Deploy and manage user provided container images that scale automatically based on incoming requets. The Cloud Run Admin API follows the Knative Serving API specification.", + "description": "Deploy and manage user provided container images that scale automatically based on incoming requests. The Cloud Run Admin API follows the Knative Serving API specification.", "discoveryVersion": "v1", "documentationLink": "https://cloud.google.com/run/", "fullyEncodeReservedExpansion": true, @@ -1736,7 +1736,7 @@ } } }, - "revision": "20210618", + "revision": "20210628", "rootUrl": "https://run.googleapis.com/", "schemas": { "Addressable": { diff --git a/googleapiclient/discovery_cache/documents/run.v1alpha1.json b/googleapiclient/discovery_cache/documents/run.v1alpha1.json index 2fb1adad844..3da6051fc8e 100644 --- a/googleapiclient/discovery_cache/documents/run.v1alpha1.json +++ b/googleapiclient/discovery_cache/documents/run.v1alpha1.json @@ -12,7 +12,7 @@ "baseUrl": "https://run.googleapis.com/", "batchPath": "batch", "canonicalName": "Cloud Run", - "description": "Deploy and manage user provided container images that scale automatically based on incoming requets. The Cloud Run Admin API follows the Knative Serving API specification.", + "description": "Deploy and manage user provided container images that scale automatically based on incoming requests. The Cloud Run Admin API follows the Knative Serving API specification.", "discoveryVersion": "v1", "documentationLink": "https://cloud.google.com/run/", "fullyEncodeReservedExpansion": true, @@ -268,32 +268,11 @@ } } }, - "revision": "20210618", + "revision": "20210628", "rootUrl": "https://run.googleapis.com/", "schemas": { - "Capabilities": { - "description": "Adds and removes POSIX capabilities from running containers.", - "id": "Capabilities", - "properties": { - "add": { - "description": "Added capabilities +optional", - "items": { - "type": "string" - }, - "type": "array" - }, - "drop": { - "description": "Removed capabilities +optional", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, "ConfigMapEnvSource": { - "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", + "description": "Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", "id": "ConfigMapEnvSource", "properties": { "localObjectReference": { @@ -301,22 +280,22 @@ "description": "This field should not be used directly as it is meant to be inlined directly into the message. Use the \"name\" field instead." }, "name": { - "description": "Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from.", + "description": "The ConfigMap to select from.", "type": "string" }, "optional": { - "description": "Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional", + "description": "(Optional) Specify whether the ConfigMap must be defined", "type": "boolean" } }, "type": "object" }, "ConfigMapKeySelector": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap.", + "description": "Not supported by Cloud Run Selects a key from a ConfigMap.", "id": "ConfigMapKeySelector", "properties": { "key": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select.", + "description": "The key to select.", "type": "string" }, "localObjectReference": { @@ -324,27 +303,27 @@ "description": "This field should not be used directly as it is meant to be inlined directly into the message. Use the \"name\" field instead." }, "name": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from.", + "description": "The ConfigMap to select from.", "type": "string" }, "optional": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional", + "description": "(Optional) Specify whether the ConfigMap or its key must be defined", "type": "boolean" } }, "type": "object" }, "ConfigMapVolumeSource": { - "description": "Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.", + "description": "Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.", "id": "ConfigMapVolumeSource", "properties": { "defaultMode": { - "description": "Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "description": "(Optional) Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", "format": "int32", "type": "integer" }, "items": { - "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional.", + "description": "(Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.", "items": { "$ref": "KeyToPath" }, @@ -355,7 +334,7 @@ "type": "string" }, "optional": { - "description": "Specify whether the Secret or its keys must be defined.", + "description": "(Optional) Specify whether the Secret or its keys must be defined.", "type": "boolean" } }, @@ -366,55 +345,50 @@ "id": "Container", "properties": { "args": { - "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional", + "description": "(Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", "items": { "type": "string" }, "type": "array" }, "command": { - "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional", "items": { "type": "string" }, "type": "array" }, "env": { - "description": "List of environment variables to set in the container. Cannot be updated. +optional", + "description": "(Optional) List of environment variables to set in the container.", "items": { "$ref": "EnvVar" }, "type": "array" }, "envFrom": { - "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional", + "description": "(Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", "items": { "$ref": "EnvFromSource" }, "type": "array" }, "image": { - "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images", + "description": "Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images", "type": "string" }, "imagePullPolicy": { - "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional", + "description": "(Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", "type": "string" }, - "lifecycle": { - "$ref": "Lifecycle", - "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional" - }, "livenessProbe": { "$ref": "Probe", - "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional" + "description": "(Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" }, "name": { - "description": "Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated.", + "description": "(Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names", "type": "string" }, "ports": { - "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated. +optional", + "description": "(Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on.", "items": { "$ref": "ContainerPort" }, @@ -422,52 +396,37 @@ }, "readinessProbe": { "$ref": "Probe", - "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional" + "description": "(Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" }, "resources": { "$ref": "ResourceRequirements", - "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional" + "description": "(Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" }, "securityContext": { "$ref": "SecurityContext", - "description": "Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional" - }, - "stdin": { - "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional", - "type": "boolean" + "description": "(Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" }, - "stdinOnce": { - "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional", - "type": "boolean" + "startupProbe": { + "$ref": "Probe", + "description": "(Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" }, "terminationMessagePath": { - "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional", + "description": "(Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log.", "type": "string" }, "terminationMessagePolicy": { - "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional", + "description": "(Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", "type": "string" }, - "tty": { - "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional", - "type": "boolean" - }, - "volumeDevices": { - "description": "volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional", - "items": { - "$ref": "VolumeDevice" - }, - "type": "array" - }, "volumeMounts": { - "description": "Pod volumes to mount into the container's filesystem. Cannot be updated. +optional", + "description": "(Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem.", "items": { "$ref": "VolumeMount" }, "type": "array" }, "workingDir": { - "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional", + "description": "(Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.", "type": "string" } }, @@ -478,25 +437,16 @@ "id": "ContainerPort", "properties": { "containerPort": { - "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", - "format": "int32", - "type": "integer" - }, - "hostIP": { - "description": "What host IP to bind the external port to. +optional", - "type": "string" - }, - "hostPort": { - "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional", + "description": "(Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536.", "format": "int32", "type": "integer" }, "name": { - "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional", + "description": "(Optional) If specified, used to specify which protocol to use. Allowed values are \"http1\" and \"h2c\".", "type": "string" }, "protocol": { - "description": "Protocol for port. Must be UDP or TCP. Defaults to \"TCP\". +optional", + "description": "(Optional) Protocol for port. Must be \"TCP\". Defaults to \"TCP\".", "type": "string" } }, @@ -509,20 +459,20 @@ "type": "object" }, "EnvFromSource": { - "description": "EnvFromSource represents the source of a set of ConfigMaps", + "description": "Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps", "id": "EnvFromSource", "properties": { "configMapRef": { "$ref": "ConfigMapEnvSource", - "description": "The ConfigMap to select from +optional" + "description": "(Optional) The ConfigMap to select from" }, "prefix": { - "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional", + "description": "(Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", "type": "string" }, "secretRef": { "$ref": "SecretEnvSource", - "description": "The Secret to select from +optional" + "description": "(Optional) The Secret to select from" } }, "type": "object" @@ -536,37 +486,37 @@ "type": "string" }, "value": { - "description": "Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\". +optional", + "description": "(Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", "type": "string" }, "valueFrom": { "$ref": "EnvVarSource", - "description": "Cloud Run fully managed: supported Source for the environment variable's value. Only supports secret_key_ref. Cloud Run for Anthos: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional" + "description": "(Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty." } }, "type": "object" }, "EnvVarSource": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar.", + "description": "EnvVarSource represents a source for the value of an EnvVar.", "id": "EnvVarSource", "properties": { "configMapKeyRef": { "$ref": "ConfigMapKeySelector", - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional" + "description": "(Optional) Not supported by Cloud Run Selects a key of a ConfigMap." }, "secretKeyRef": { "$ref": "SecretKeySelector", - "description": "Cloud Run fully managed: supported. Selects a key (version) of a secret in Secret Manager. Cloud Run for Anthos: supported. Selects a key of a secret in the pod's namespace. +optional" + "description": "(Optional) Selects a key (version) of a secret in Secret Manager." } }, "type": "object" }, "ExecAction": { - "description": "ExecAction describes a \"run in container\" action.", + "description": "Not supported by Cloud Run ExecAction describes a \"run in container\" action.", "id": "ExecAction", "properties": { "command": { - "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional", + "description": "(Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", "items": { "type": "string" }, @@ -576,37 +526,33 @@ "type": "object" }, "HTTPGetAction": { - "description": "HTTPGetAction describes an action based on HTTP Get requests.", + "description": "Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests.", "id": "HTTPGetAction", "properties": { "host": { - "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead. +optional", + "description": "(Optional) Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", "type": "string" }, "httpHeaders": { - "description": "Custom headers to set in the request. HTTP allows repeated headers. +optional", + "description": "(Optional) Custom headers to set in the request. HTTP allows repeated headers.", "items": { "$ref": "HTTPHeader" }, "type": "array" }, "path": { - "description": "Path to access on the HTTP server. +optional", + "description": "(Optional) Path to access on the HTTP server.", "type": "string" }, - "port": { - "$ref": "IntOrString", - "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." - }, "scheme": { - "description": "Scheme to use for connecting to the host. Defaults to HTTP. +optional", + "description": "(Optional) Scheme to use for connecting to the host. Defaults to HTTP.", "type": "string" } }, "type": "object" }, "HTTPHeader": { - "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "description": "Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes", "id": "HTTPHeader", "properties": { "name": { @@ -620,25 +566,6 @@ }, "type": "object" }, - "Handler": { - "description": "Handler defines a specific action that should be taken", - "id": "Handler", - "properties": { - "exec": { - "$ref": "ExecAction", - "description": "One and only one of the following should be specified. Exec specifies the action to take. +optional" - }, - "httpGet": { - "$ref": "HTTPGetAction", - "description": "HTTPGet specifies the http request to perform. +optional" - }, - "tcpSocket": { - "$ref": "TCPSocketAction", - "description": "TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported" - } - }, - "type": "object" - }, "InstanceSpec": { "description": "InstanceSpec is a description of an instance.", "id": "InstanceSpec", @@ -731,27 +658,6 @@ }, "type": "object" }, - "IntOrString": { - "description": "IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.", - "id": "IntOrString", - "properties": { - "intVal": { - "description": "The int value.", - "format": "int32", - "type": "integer" - }, - "strVal": { - "description": "The string value.", - "type": "string" - }, - "type": { - "description": "The type of the value.", - "format": "int32", - "type": "integer" - } - }, - "type": "object" - }, "Job": { "description": "Job represents the configuration of a single job. A job an immutable resource that references a container image which is run to completion.", "id": "Job", @@ -907,36 +813,21 @@ "id": "KeyToPath", "properties": { "key": { - "description": "Cloud Run fully managed: supported The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. Cloud Run for Anthos: supported The key to project.", + "description": "The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project.", "type": "string" }, "mode": { - "description": "Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional", + "description": "(Optional) Mode bits to use on this file, must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", "format": "int32", "type": "integer" }, "path": { - "description": "Cloud Run fully managed: supported Cloud Run for Anthos: supported The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", "type": "string" } }, "type": "object" }, - "Lifecycle": { - "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", - "id": "Lifecycle", - "properties": { - "postStart": { - "$ref": "Handler", - "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional" - }, - "preStop": { - "$ref": "Handler", - "description": "PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional" - } - }, - "type": "object" - }, "ListJobsResponse": { "description": "ListJobsResponse is a list of Jobs resources.", "id": "ListJobsResponse", @@ -994,59 +885,59 @@ "type": "object" }, "LocalObjectReference": { - "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "description": "Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", "id": "LocalObjectReference", "properties": { "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "description": "(Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, "type": "object" }, "ObjectMeta": { - "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", + "description": "k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", "id": "ObjectMeta", "properties": { "annotations": { "additionalProperties": { "type": "string" }, - "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional", + "description": "(Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", "type": "object" }, "clusterName": { - "description": "Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional", + "description": "(Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.", "type": "string" }, "creationTimestamp": { - "description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional", + "description": "(Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", "format": "google-datetime", "type": "string" }, "deletionGracePeriodSeconds": { - "description": "Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional", + "description": "(Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", "format": "int32", "type": "integer" }, "deletionTimestamp": { - "description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional", + "description": "(Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", "format": "google-datetime", "type": "string" }, "finalizers": { - "description": "Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge", + "description": "(Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge", "items": { "type": "string" }, "type": "array" }, "generateName": { - "description": "Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2;", + "description": "(Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2;", "type": "string" }, "generation": { - "description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional", + "description": "(Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", "format": "int32", "type": "integer" }, @@ -1054,7 +945,7 @@ "additionalProperties": { "type": "string" }, - "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional", + "description": "(Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels", "type": "object" }, "name": { @@ -1066,22 +957,22 @@ "type": "string" }, "ownerReferences": { - "description": "List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional", + "description": "(Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected.", "items": { "$ref": "OwnerReference" }, "type": "array" }, "resourceVersion": { - "description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional", + "description": "Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", "type": "string" }, "selfLink": { - "description": "SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4;", + "description": "(Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4;", "type": "string" }, "uid": { - "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional", + "description": "(Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", "type": "string" } }, @@ -1119,52 +1010,49 @@ "type": "object" }, "Probe": { - "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", + "description": "Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "id": "Probe", "properties": { + "exec": { + "$ref": "ExecAction", + "description": "(Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message." + }, "failureThreshold": { - "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional", + "description": "(Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", "format": "int32", "type": "integer" }, - "handler": { - "$ref": "Handler", - "description": "The action taken to determine the health of a container" + "httpGet": { + "$ref": "HTTPGetAction", + "description": "(Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message." }, "initialDelaySeconds": { - "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional", + "description": "(Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", "format": "int32", "type": "integer" }, "periodSeconds": { - "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional", + "description": "(Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", "format": "int32", "type": "integer" }, "successThreshold": { - "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional", + "description": "(Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.", "format": "int32", "type": "integer" }, + "tcpSocket": { + "$ref": "TCPSocketAction", + "description": "(Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message." + }, "timeoutSeconds": { - "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional", + "description": "(Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", "format": "int32", "type": "integer" } }, "type": "object" }, - "Quantity": { - "description": "The view model of a single quantity, e.g. \"800 MiB\". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto", - "id": "Quantity", - "properties": { - "string": { - "description": "Stringified version of the quantity, e.g., \"800 MiB\".", - "type": "string" - } - }, - "type": "object" - }, "ResourceRequirements": { "description": "ResourceRequirements describes the compute resource requirements.", "id": "ResourceRequirements", @@ -1173,58 +1061,21 @@ "additionalProperties": { "type": "string" }, - "description": "Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go", - "type": "object" - }, - "limitsInMap": { - "additionalProperties": { - "$ref": "Quantity" - }, - "description": "Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field.", + "description": "(Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go", "type": "object" }, "requests": { "additionalProperties": { "type": "string" }, - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go", - "type": "object" - }, - "requestsInMap": { - "additionalProperties": { - "$ref": "Quantity" - }, - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field.", + "description": "(Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1' and '2'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go", "type": "object" } }, "type": "object" }, - "SELinuxOptions": { - "description": "SELinuxOptions are the labels to be applied to the container", - "id": "SELinuxOptions", - "properties": { - "level": { - "description": "Level is SELinux level label that applies to the container. +optional", - "type": "string" - }, - "role": { - "description": "Role is a SELinux role label that applies to the container. +optional", - "type": "string" - }, - "type": { - "description": "Type is a SELinux type label that applies to the container. +optional", - "type": "string" - }, - "user": { - "description": "User is a SELinux user label that applies to the container. +optional", - "type": "string" - } - }, - "type": "object" - }, "SecretEnvSource": { - "description": "SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables.", + "description": "Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables.", "id": "SecretEnvSource", "properties": { "localObjectReference": { @@ -1232,22 +1083,22 @@ "description": "This field should not be used directly as it is meant to be inlined directly into the message. Use the \"name\" field instead." }, "name": { - "description": "Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from.", + "description": "The Secret to select from.", "type": "string" }, "optional": { - "description": "Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional", + "description": "(Optional) Specify whether the Secret must be defined", "type": "boolean" } }, "type": "object" }, "SecretKeySelector": { - "description": "Cloud Run fully managed: supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret.", + "description": "SecretKeySelector selects a key of a Secret.", "id": "SecretKeySelector", "properties": { "key": { - "description": "Cloud Run fully managed: supported A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. Cloud Run for Anthos: supported The key of the secret to select from. Must be a valid secret key.", + "description": "A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key.", "type": "string" }, "localObjectReference": { @@ -1255,101 +1106,73 @@ "description": "This field should not be used directly as it is meant to be inlined directly into the message. Use the \"name\" field instead." }, "name": { - "description": "Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported The name of the secret in the pod's namespace to select from.", + "description": "The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from.", "type": "string" }, "optional": { - "description": "Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional", + "description": "(Optional) Specify whether the Secret or its key must be defined", "type": "boolean" } }, "type": "object" }, "SecretVolumeSource": { - "description": "The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.", + "description": "The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.", "id": "SecretVolumeSource", "properties": { "defaultMode": { - "description": "Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "description": "(Optional) Mode bits to use on created files by default. Must be a value between 0000 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. NOTE: This is an integer representation of the mode bits. So, the integer value should look exactly as the chmod numeric notation, i.e. Unix chmod \"777\" (a=rwx) should have the integer value 777.", "format": "int32", "type": "integer" }, "items": { - "description": "Cloud Run fully managed: supported If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. Cloud Run for Anthos: supported If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional.", + "description": "(Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional.", "items": { "$ref": "KeyToPath" }, "type": "array" }, "optional": { - "description": "Specify whether the Secret or its keys must be defined.", + "description": "(Optional) Specify whether the Secret or its keys must be defined.", "type": "boolean" }, "secretName": { - "description": "Cloud Run fully managed: supported The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Cloud Run for Anthos: supported Name of the secret in the container's namespace to use.", + "description": "The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use.", "type": "string" } }, "type": "object" }, "SecurityContext": { - "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", + "description": "Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", "id": "SecurityContext", "properties": { - "allowPrivilegeEscalation": { - "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional", - "type": "boolean" - }, - "capabilities": { - "$ref": "Capabilities", - "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional" - }, - "privileged": { - "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional", - "type": "boolean" - }, - "readOnlyRootFilesystem": { - "description": "Whether this container has a read-only root filesystem. Default is false. +optional", - "type": "boolean" - }, - "runAsGroup": { - "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional", - "format": "int32", - "type": "integer" - }, - "runAsNonRoot": { - "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional", - "type": "boolean" - }, "runAsUser": { - "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional", + "description": "(Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", "format": "int32", "type": "integer" - }, - "seLinuxOptions": { - "$ref": "SELinuxOptions", - "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional" } }, "type": "object" }, "TCPSocketAction": { - "description": "TCPSocketAction describes an action based on opening a socket", + "description": "Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket", "id": "TCPSocketAction", "properties": { "host": { - "description": "Optional: Host name to connect to, defaults to the pod IP. +optional", + "description": "(Optional) Optional: Host name to connect to, defaults to the pod IP.", "type": "string" }, "port": { - "$ref": "IntOrString", - "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type.", + "format": "int32", + "type": "integer" } }, "type": "object" }, "Volume": { - "description": "Volume represents a named volume in a container.", + "description": "Not supported by Cloud Run Volume represents a named volume in a container.", "id": "Volume", "properties": { "configMap": { @@ -1365,43 +1188,24 @@ }, "type": "object" }, - "VolumeDevice": { - "description": "volumeDevice describes a mapping of a raw block device within a container.", - "id": "VolumeDevice", - "properties": { - "devicePath": { - "description": "devicePath is the path inside of the container that the device will be mapped to.", - "type": "string" - }, - "name": { - "description": "name must match the name of a persistentVolumeClaim in the pod", - "type": "string" - } - }, - "type": "object" - }, "VolumeMount": { - "description": "VolumeMount describes a mounting of a Volume within a container.", + "description": "Not supported by Cloud Run VolumeMount describes a mounting of a Volume within a container.", "id": "VolumeMount", "properties": { "mountPath": { "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", "type": "string" }, - "mountPropagation": { - "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional", - "type": "string" - }, "name": { "description": "This must match the Name of a Volume.", "type": "string" }, "readOnly": { - "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional", + "description": "(Optional) Only true is accepted. Defaults to true.", "type": "boolean" }, "subPath": { - "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root). +optional", + "description": "(Optional) Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", "type": "string" } },