Chiebot-Mirror
/
googleapis
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Adds OSConfig v1beta protos and initial client library config

Browse Source 
PiperOrigin-RevId: 284799663
pull/589/head
Google APIs 5 years ago committed by Copybara-Service
parent 6cc9499e22
commit 6156f433fd
10 changed files with 2604 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      google/cloud/osconfig/agentendpoint/v1beta/osconfig_gapic.yaml
  2. 329
      google/cloud/osconfig/v1beta/BUILD.bazel
  3. 34
      google/cloud/osconfig/v1beta/artman_osconfig_v1beta.yaml
  4. 800
      google/cloud/osconfig/v1beta/guest_policies.proto
  5. 337
      google/cloud/osconfig/v1beta/osconfig_gapic.yaml
  6. 33
      google/cloud/osconfig/v1beta/osconfig_grpc_service_config.json
  7. 167
      google/cloud/osconfig/v1beta/osconfig_service.proto
  8. 25
      google/cloud/osconfig/v1beta/osconfig_v1beta.yaml
  9. 246
      google/cloud/osconfig/v1beta/patch_deployments.proto
  10. 630
      google/cloud/osconfig/v1beta/patch_jobs.proto

6
google/cloud/osconfig/agentendpoint/v1beta/osconfig_gapic.yaml
Unescape View File

@ -9,11 +9,11 @@ language_settings:
go:
package_name: cloud.google.com/go/osconfig/agentendpoint/apiv1beta
csharp:
package_name: Google.Cloud.Osconfig.Agentendpoint.V1beta
package_name: Google.Cloud.OsConfig.Agentendpoint.V1beta
ruby:
package_name: Google::Cloud::Osconfig::Agentendpoint::V1beta
package_name: Google::Cloud::OsConfig::Agentendpoint::V1beta
php:
package_name: Google\Cloud\Osconfig\Agentendpoint\V1beta
package_name: Google\Cloud\OsConfig\Agentendpoint\V1beta
nodejs:
package_name: agentendpoint.v1beta
# A list of API interface configurations.

329
google/cloud/osconfig/v1beta/BUILD.bazel
Unescape View File

@ -0,0 +1,329 @@
# This is an API workspace, having public visibility by default makes perfect sense.
package(default_visibility = ["//visibility:public"])
##############################################################################
# Common
##############################################################################
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info")
proto_library(
name = "osconfig_proto",
srcs = [
"osconfig_service.proto",
"guest_policies.proto",
"patch_deployments.proto",
"patch_jobs.proto",
],
deps = [
"//google/api:annotations_proto",
"//google/api:client_proto",
"//google/api:field_behavior_proto",
"//google/api:resource_proto",
"//google/type:datetime_proto",
"//google/type:dayofweek_proto",
"//google/type:timeofday_proto",
"@com_google_protobuf//:duration_proto",
"@com_google_protobuf//:empty_proto",
"@com_google_protobuf//:field_mask_proto",
"@com_google_protobuf//:timestamp_proto",
],
)
proto_library_with_info(
name = "osconfig_proto_with_info",
deps = [
":osconfig_proto",
"//google/cloud:common_resources_proto",
],
)
##############################################################################
# Java
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"java_gapic_assembly_gradle_pkg",
"java_gapic_library",
"java_gapic_test",
"java_grpc_library",
"java_proto_library",
)
java_proto_library(
name = "osconfig_java_proto",
deps = [":osconfig_proto"],
)
java_grpc_library(
name = "osconfig_java_grpc",
srcs = [":osconfig_proto"],
deps = [":osconfig_java_proto"],
)
java_gapic_library(
name = "osconfig_java_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
test_deps = [
":osconfig_java_grpc",
],
deps = [
":osconfig_java_proto",
],
)
java_gapic_test(
name = "osconfig_java_gapic_test_suite",
test_classes = [
"com.google.cloud.osconfig.v1beta.osconfigServiceClientTest",
],
runtime_deps = [":osconfig_java_gapic_test"],
)
# Open Source Packages
java_gapic_assembly_gradle_pkg(
name = "google-cloud-osconfig-v1beta-java",
deps = [
":osconfig_java_gapic",
":osconfig_java_grpc",
":osconfig_java_proto",
":osconfig_proto",
],
)
##############################################################################
# Go
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"go_gapic_assembly_pkg",
"go_gapic_library",
"go_proto_library",
"go_test",
)
go_proto_library(
name = "osconfig_go_proto",
compilers = ["@io_bazel_rules_go//proto:go_grpc"],
importpath = "google.golang.org/genproto/googleapis/cloud/osconfig/v1beta",
protos = [":osconfig_proto"],
deps = [
"//google/api:annotations_go_proto",
"//google/type:datetime_go_proto",
"//google/type:dayofweek_go_proto",
"//google/type:timeofday_go_proto",
],
)
go_gapic_library(
name = "osconfig_go_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
importpath = "cloud.google.com/go/osconfig/apiv1beta",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
deps = [
":osconfig_go_proto",
"@io_bazel_rules_go//proto/wkt:duration_go_proto",
],
)
go_test(
name = "osconfig_go_gapic_test",
srcs = [":osconfig_go_gapic_srcjar_test"],
embed = [":osconfig_go_gapic"],
importpath = "cloud.google.com/go/osconfig/apiv1beta",
)
# Open Source Packages
go_gapic_assembly_pkg(
name = "gapi-cloud-osconfig-osconfig-v1beta-go",
deps = [
":osconfig_go_gapic",
":osconfig_go_gapic_srcjar-smoke-test.srcjar",
":osconfig_go_gapic_srcjar-test.srcjar",
":osconfig_go_proto",
],
)
##############################################################################
# Python
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"moved_proto_library",
"py_gapic_assembly_pkg",
"py_gapic_library",
"py_grpc_library",
"py_proto_library",
)
moved_proto_library(
name = "osconfig_moved_proto",
srcs = [":osconfig_proto"],
deps = [
"//google/api:annotations_proto",
"//google/api:client_proto",
"//google/api:field_behavior_proto",
"//google/api:resource_proto",
"//google/iam/v1:policy_proto",
"//google/type:datetime_proto",
"//google/type:dayofweek_proto",
"//google/type:timeofday_proto",
"@com_google_protobuf//:duration_proto",
"@com_google_protobuf//:empty_proto",
"@com_google_protobuf//:field_mask_proto",
"@com_google_protobuf//:timestamp_proto",
],
)
py_proto_library(
name = "osconfig_py_proto",
plugin = "@protoc_docs_plugin//:docs_plugin",
deps = [":osconfig_moved_proto"],
)
py_grpc_library(
name = "osconfig_py_grpc",
srcs = [":osconfig_moved_proto"],
deps = [":osconfig_py_proto"],
)
py_gapic_library(
name = "osconfig_py_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
deps = [
":osconfig_py_grpc",
":osconfig_py_proto",
],
)
# Open Source Packages
py_gapic_assembly_pkg(
name = "osconfig-v1beta-py",
deps = [
":osconfig_py_gapic",
":osconfig_py_grpc",
":osconfig_py_proto",
],
)
##############################################################################
# Node.js
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"nodejs_gapic_assembly_pkg",
"nodejs_gapic_library",
)
nodejs_gapic_library(
name = "osconfig_nodejs_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
deps = [],
)
nodejs_gapic_assembly_pkg(
name = "osconfig-v1beta-nodejs",
deps = [
":osconfig_nodejs_gapic",
":osconfig_proto",
],
)
##############################################################################
# Ruby
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"ruby_gapic_assembly_pkg",
"ruby_gapic_library",
"ruby_grpc_library",
"ruby_proto_library",
)
ruby_proto_library(
name = "osconfig_ruby_proto",
deps = [":osconfig_proto"],
)
ruby_grpc_library(
name = "osconfig_ruby_grpc",
srcs = [":osconfig_proto"],
deps = [":osconfig_ruby_proto"],
)
ruby_gapic_library(
name = "osconfig_ruby_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
deps = [
":osconfig_ruby_grpc",
":osconfig_ruby_proto",
],
)
# Open Source Packages
ruby_gapic_assembly_pkg(
name = "google-cloud-osconfig-v1beta-ruby",
deps = [
":osconfig_ruby_gapic",
":osconfig_ruby_grpc",
":osconfig_ruby_proto",
],
)
##############################################################################
# C#
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"csharp_gapic_assembly_pkg",
"csharp_gapic_library",
"csharp_grpc_library",
"csharp_proto_library",
)
csharp_proto_library(
name = "osconfig_csharp_proto",
deps = [":osconfig_proto"],
)
csharp_grpc_library(
name = "osconfig_csharp_grpc",
srcs = [":osconfig_proto"],
deps = [":osconfig_csharp_proto"],
)
csharp_gapic_library(
name = "osconfig_csharp_gapic",
src = ":osconfig_proto_with_info",
gapic_yaml = "osconfig_gapic.yaml",
package = "google.cloud.osconfig.v1beta",
service_yaml = "osconfig_v1beta.yaml",
deps = [
":osconfig_csharp_grpc",
":osconfig_csharp_proto",
],
)
# Open Source Packages
csharp_gapic_assembly_pkg(
name = "google-cloud-osconfig-v1beta-csharp",
deps = [
":osconfig_csharp_gapic",
":osconfig_csharp_grpc",
":osconfig_csharp_proto",
],
)

34
google/cloud/osconfig/v1beta/artman_osconfig_v1beta.yaml
Unescape View File

@ -0,0 +1,34 @@
common:
api_name: osconfig
api_version: v1beta
organization_name: google-cloud
proto_deps:
- name: google-common-protos
src_proto_paths:
- .
service_yaml: osconfig_v1beta.yaml
gapic_yaml: osconfig_gapic.yaml
artifacts:
- name: gapic_config
type: GAPIC_CONFIG
- name: java_gapic
type: GAPIC
language: JAVA
- name: python_gapic
type: GAPIC
language: PYTHON
- name: nodejs_gapic
type: GAPIC
language: NODEJS
- name: php_gapic
type: GAPIC
language: PHP
- name: go_gapic
type: GAPIC
language: GO
- name: ruby_gapic
type: GAPIC
language: RUBY
- name: csharp_gapic
type: GAPIC
language: CSHARP

800
google/cloud/osconfig/v1beta/guest_policies.proto
Unescape View File

@ -0,0 +1,800 @@
// Copyright 2019 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
syntax = "proto3";
package google.cloud.osconfig.v1beta;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1beta;osconfig";
option java_outer_classname = "GuestPolicies";
option java_package = "com.google.cloud.osconfig.v1beta";
// An OS Config resource representing a guest configuration policy. These
// policies represent the desired state for VM instance guest environments
// including packages to install or remove, package repository configurations,
// and software to install.
message GuestPolicy {
option (google.api.resource) = {
type: "osconfig.googleapis.com/GuestPolicy"
pattern: "projects/{project_number}/guestPolicies/{guest_policy_id}"
history: FUTURE_MULTI_PATTERN
};
// Required. Unique name of the resource in this project using one of the
// following forms:
// `projects/{project_number}/guestPolicies/{guest_policy_id}`.
string name = 1 [(google.api.field_behavior) = REQUIRED];
// Description of the guest policy. Length of the description is limited
// to 1024 characters.
string description = 2;
// Output only. Time this guest policy was created.
google.protobuf.Timestamp create_time = 3
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Last time this guest policy was updated.
google.protobuf.Timestamp update_time = 4
[(google.api.field_behavior) = OUTPUT_ONLY];
// Required. Specifies the VM instances that are assigned to this policy. This
// allows you to target sets or groups of VM instances by different parameters
// such as labels, names, OS, or zones.
//
// If left empty, all VM instances underneath this policy are targeted.
//
//
// Conflict Management
//
// At the same level in the resource hierarchy (that is within a project), the
// service prevents the creation of multiple policies that conflict with
// each other. If there are multiple policies that specify the same config
// (eg. package, software recipe, repository, etc.), the service ensures
// that no VM instance could potentially receive instructions from both
// policies. To create multiple policies that specify different versions of a
// package or different configs for different operating systems, each policy
// must be mutually exclusive in their targeting according to labels, OS, or
// other criteria.
//
// Different configs are identified for conflicts in different ways. Packages
// are identified by their name and the package manager(s) they target.
// Package repositories are identified by their unique id where applicable.
// Some package managers don't have a unique identifier for repositories and
// where that's the case, no uniqueness is validated by the service.
//
// Note that if OS Inventory is disabled, a VM instance cannot assign a policy
// that targets by OS because the service sees the OS as unknown.
Assignment assignment = 6 [(google.api.field_behavior) = REQUIRED];
// The software packages to be managed by this policy.
repeated Package packages = 7;
// A list of package repositories to configure on the VM instance. This is
// done before any other configs are applied so they can use these repos.
// Package repositories are only configured if the corresponding package
// manager(s) are available.
repeated PackageRepository package_repositories = 8;
// A list of Recipes to install on the VM instance.
repeated SoftwareRecipe recipes = 9;
// The etag for this guest policy.
// If this is provided on update, it must match the server's etag.
string etag = 10;
}
// An assignment represents the group or groups of VM instances that the policy
// applies to.
//
// If an assignment is empty, it applies to all VM instances. Otherwise, the
// targeted VM instances must meet all the criteria specified. So if both
// labels and zones are specified, the policy applies to VM instances with those
// labels and in those zones.
message Assignment {
// Represents a group of VM intances that can be identified as having all
// these labels, for example "env=prod and app=web".
message GroupLabel {
// GCE instance labels that must be present for an instance to be included
// in this assignment group.
map<string, string> labels = 1;
}
// Defines the criteria for selecting VM Instances by OS type.
message OsType {
// Targets VM instances with OS Inventory enabled and having the following
// OS short name, for example "debian" or "windows".
string os_short_name = 1;
// Targets VM instances with OS Inventory enabled and having the following
// following OS version.
string os_version = 2;
// Targets VM instances with OS Inventory enabled and having the following
// OS architecture.
string os_architecture = 3;
}
// Targets instances matching at least one of these label sets. This allows
// an assignment to target disparate groups, for example "env=prod or
// env=staging".
repeated GroupLabel group_labels = 1;
// Targets instances in any of these zones. Leave empty to target instances
// in any zone.
//
// Zonal targeting is uncommon and is supported to facilitate the management
// of changes by zone.
repeated string zones = 2;
// Targets any of the instances specified. Instances are specified by their
// URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME]`.
//
// Instance targeting is uncommon and is supported to facilitate the
// management of changes by the instance or to target specific VM instances
// for development and testing.
//
// Only supported for project-level policies and must reference instances
// within this project.
repeated string instances = 3;
// Targets VM instances whose name starts with one of these prefixes.
//
// Like labels, this is another way to group VM instances when targeting
// configs, for example prefix=prod-.
//
// Only supported for project-level policies.
repeated string instance_name_prefixes = 4;
// Targets VM instances matching at least one of the following OS types.
//
// VM instances must match all supplied criteria for a given OsType to be
// included.
repeated OsType os_types = 5;
}
// Package is a reference to the software package to be installed or removed.
// The agent on the VM instance uses the system package manager to apply the
// config.
//
//
// These are the commands that the agent uses to install or remove
// packages.
//
// Apt
// install: `apt-get update && apt-get -y install package1 package2 package3`
// remove: `apt-get -y remove package1 package2 package3`
//
// Yum
// install: `yum -y install package1 package2 package3`
// remove: `yum -y remove package1 package2 package3`
//
// Zypper
// install: `zypper install package1 package2 package3`
// remove: `zypper rm package1 package2`
//
// Googet
// install: `googet -noconfirm install package1 package2 package3`
// remove: `googet -noconfirm remove package1 package2 package3`
message Package {
// Types of package managers that may be used to manage this package.
enum Manager {
// The default behavior is ANY.
MANAGER_UNSPECIFIED = 0;
// Apply this package config using the default system package manager.
ANY = 1;
// Apply this package config only if Apt is available on the system.
APT = 2;
// Apply this package config only if Yum is available on the system.
YUM = 3;
// Apply this package config only if Zypper is available on the system.
ZYPPER = 4;
// Apply this package config only if GooGet is available on the system.
GOO = 5;
}
// Required. The name of the package. A package is uniquely identified for
// conflict validation by checking the package name and the manager(s) that
// the package targets.
string name = 1 [(google.api.field_behavior) = REQUIRED];
// The desired_state the agent should maintain for this package. The
// default is to ensure the package is installed.
DesiredState desired_state = 2;
// Type of package manager that can be used to install this package.
// If a system does not have the package manager, the package is not
// installed or removed no error message is returned. By default,
// or if you specify `ANY`,
// the agent attempts to install and remove this package using the default
// package manager. This is useful when creating a policy that applies to
// different types of systems.
//
// The default behavior is ANY.
Manager manager = 3;
}
// Represents a single Apt package repository. This repository is added to
// a repo file that is stored at
// `/etc/apt/sources.list.d/google_osconfig.list`.
message AptRepository {
// Type of archive.
enum ArchiveType {
// Unspecified.
ARCHIVE_TYPE_UNSPECIFIED = 0;
// DEB indicates that the archive contains binary files.
DEB = 1;
// DEB_SRC indicates that the archive contains source files.
DEB_SRC = 2;
}
// Type of archive files in this repository. The default behavior is DEB.
ArchiveType archive_type = 1;
// Required. URI for this repository.
string uri = 2 [(google.api.field_behavior) = REQUIRED];
// Required. Distribution of this repository.
string distribution = 3 [(google.api.field_behavior) = REQUIRED];
// Required. List of components for this repository. Must contain at least one
// item.
repeated string components = 4 [(google.api.field_behavior) = REQUIRED];
// URI of the key file for this repository. The agent maintains
// a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg` containing
// all the keys in any applied guest policy.
string gpg_key = 5;
}
// Represents a single Yum package repository. This repository is added to a
// repo file that is stored at `/etc/yum.repos.d/google_osconfig.repo`.
message YumRepository {
// Required. A one word, unique name for this repository. This is
// the `repo id` in the Yum config file and also the `display_name` if
// `display_name` is omitted. This id is also used as the unique identifier
// when checking for guest policy conflicts.
string id = 1 [(google.api.field_behavior) = REQUIRED];
// The display name of the repository.
string display_name = 2;
// Required. The location of the repository directory.
string base_url = 3 [(google.api.field_behavior) = REQUIRED];
// URIs of GPG keys.
repeated string gpg_keys = 4;
}
// Represents a single Zypper package repository. This repository is added to a
// repo file that is stored at `/etc/zypp/repos.d/google_osconfig.repo`.
message ZypperRepository {
// Required. A one word, unique name for this repository. This is
// the `repo id` in the zypper config file and also the `display_name` if
// `display_name` is omitted. This id is also used as the unique identifier
// when checking for guest policy conflicts.
string id = 1 [(google.api.field_behavior) = REQUIRED];
// The display name of the repository.
string display_name = 2;
// Required. The location of the repository directory.
string base_url = 3 [(google.api.field_behavior) = REQUIRED];
// URIs of GPG keys.
repeated string gpg_keys = 4;
}
// Represents a Goo package repository. These is added to a repo file
// that is stored at C:/ProgramData/GooGet/repos/google_osconfig.repo.
message GooRepository {
// Required. The name of the repository.
string name = 1 [(google.api.field_behavior) = REQUIRED];
// Required. The url of the repository.
string url = 2 [(google.api.field_behavior) = REQUIRED];
}
// The desired state that the OS Config agent maintains on the VM instance.
enum DesiredState {
// The default is to ensure the package is installed.
DESIRED_STATE_UNSPECIFIED = 0;
// The agent ensures that the package is installed.
INSTALLED = 1;
// The agent ensures that the package is installed and
// periodically checks for and install any updates.
UPDATED = 2;
// The agent ensures that the package is not installed and uninstall it
// if detected.
REMOVED = 3;
}
// A package repository.
message PackageRepository {
// A specific type of repository.
oneof repository {
// An Apt Repository.
AptRepository apt = 1;
// A Yum Repository.
YumRepository yum = 2;
// A Zypper Repository.
ZypperRepository zypper = 3;
// A Goo Repository.
GooRepository goo = 4;
}
}
// A software recipe is a set of instructions for installing and configuring a
// piece of software. It consists of a set of artifacts that are
// downloaded, and a set of steps that install, configure, and/or update the
// software.
//
// Recipes support installing and updating software from artifacts in the
// following formats:
// Zip archive, Tar archive, Windows MSI, Debian package, and RPM package.
//
// Additionally, recipes support executing a script (either defined in a file or
// directly in this api) in bash, sh, cmd, and powershell.
//
// Updating a software recipe
//
// If a recipe is assigned to an instance and there is a recipe with the same
// name but a lower version already installed and the assigned state
// of the recipe is `INSTALLED_KEEP_UPDATED`, then the recipe is updated to
// the new version.
//
// Script Working Directories
//
// Each script or execution step is run in its own temporary directory which
// is deleted after completing the step.
message SoftwareRecipe {
// Specifies a resource to be used in the recipe.
message Artifact {
// Specifies an artifact available via some URI.
message Remote {
// URI from which to fetch the object. It should contain both the protocol
// and path following the format {protocol}://{location}.
string uri = 1;
// Must be provided if `allow_insecure` is `false`.
// SHA256 checksum in hex format, to compare to the checksum of the
// artifact. If the checksum is not empty and it doesn't match the
// artifact then the recipe installation fails before running any of the
// steps.
string checksum = 2;
}
// Specifies an artifact available as a Cloud Storage object.
message Gcs {
// Bucket of the Cloud Storage object.
// Given an example URL:
// `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
// this value would be `my-bucket`.
string bucket = 1;
// Name of the Cloud Storage object.
// As specified [here]
// (https://cloud.google.com/storage/docs/naming#objectnames)
// Given an example URL:
// `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
// this value would be `foo/bar`.
string object = 2;
// Must be provided if allow_insecure is false.
// Generation number of the Cloud Storage object.
// `https://storage.googleapis.com/my-bucket/foo/bar#1234567`
// this value would be `1234567`.
int64 generation = 3;
}
// Required. Id of the artifact, which the installation and update steps of
// this recipe can reference. Artifacts in a recipe cannot have the same id.
string id = 1 [(google.api.field_behavior) = REQUIRED];
// A specific type of artifact.
oneof artifact {
// A generic remote artifact.
Remote remote = 2;
// A Cloud Storage artifact.
Gcs gcs = 3;
}
// Defaults to false. When false, recipes are subject to validations
// based on the artifact type:
//
// Remote: A checksum must be specified, and only protocols with
// transport-layer security are permitted.
// GCS: An object generation number must be specified.
bool allow_insecure = 4;
}
// An action that can be taken as part of installing or updating a recipe.
message Step {
// Copies the artifact to the specified path on the instance.
message CopyFile {
// Required. The id of the relevant artifact in the recipe.
string artifact_id = 1 [(google.api.field_behavior) = REQUIRED];
// Required. The absolute path on the instance to put the file.
string destination = 2 [(google.api.field_behavior) = REQUIRED];
// Whether to allow this step to overwrite existing files. If this is
// false and the file already exists the file is not overwritten
// and the step is considered a success. Defaults to false.
bool overwrite = 3;
// Consists of three octal digits which represent, in
// order, the permissions of the owner, group, and other users for the
// file (similarly to the numeric mode used in the linux chmod utility).
// Each digit represents a three bit number with the 4 bit
// corresponding to the read permissions, the 2 bit corresponds to the
// write bit, and the one bit corresponds to the execute permission.
// Default behavior is 755.
//
// Below are some examples of permissions and their associated values:
// read, write, and execute: 7
// read and execute: 5
// read and write: 6
// read only: 4
string permissions = 4;
}
// Extracts an archive of the type specified in the specified directory.
message ExtractArchive {
// Specifying the type of archive.
enum ArchiveType {
// Indicates that the archive type isn't specified.
ARCHIVE_TYPE_UNSPECIFIED = 0;
// Indicates that the archive is a tar archive with no encryption.
TAR = 1;
// Indicates that the archive is a tar archive with gzip encryption.
TAR_GZIP = 2;
// Indicates that the archive is a tar archive with bzip encryption.
TAR_BZIP = 3;
// Indicates that the archive is a tar archive with lzma encryption.
TAR_LZMA = 4;
// Indicates that the archive is a tar archive with xz encryption.
TAR_XZ = 5;
// Indicates that the archive is a zip archive.
ZIP = 11;
}
// Required. The id of the relevant artifact in the recipe.
string artifact_id = 1 [(google.api.field_behavior) = REQUIRED];
// Directory to extract archive to.
// Defaults to `/` on Linux or `C:\` on Windows.
string destination = 2;
// Required. The type of the archive to extract.
ArchiveType type = 3 [(google.api.field_behavior) = REQUIRED];
}
// Installs an MSI file.
message InstallMsi {
// Required. The id of the relevant artifact in the recipe.
string artifact_id = 1 [(google.api.field_behavior) = REQUIRED];
// The flags to use when installing the MSI
// defaults to ["/i"] (i.e. the install flag).
repeated string flags = 2;
// Return codes that indicate that the software installed or updated
// successfully. Behaviour defaults to [0]
repeated int32 allowed_exit_codes = 3;
}
// Installs a deb via dpkg.
message InstallDpkg {
// Required. The id of the relevant artifact in the recipe.
string artifact_id = 1 [(google.api.field_behavior) = REQUIRED];
}
// Installs an rpm file via the rpm utility.
message InstallRpm {
// Required. The id of the relevant artifact in the recipe.
string artifact_id = 1 [(google.api.field_behavior) = REQUIRED];
}
// Executes an artifact or local file.
message ExecFile {
// Location of the file to execute.
oneof location_type {
// The id of the relevant artifact in the recipe.
string artifact_id = 1;
// The absolute path of the file on the local filesystem.
string local_path = 2;
}
// Arguments to be passed to the provided executable.
repeated string args = 3;
// Defaults to [0]. A list of possible return values that the program
// can return to indicate a success.
repeated int32 allowed_exit_codes = 4;
}
// Runs a script through an interpreter.
message RunScript {
// The interpreter used to execute a script.
enum Interpreter {
// Default value for ScriptType.
INTERPRETER_UNSPECIFIED = 0;
// Indicates that the script is run with `/bin/sh` on Linux and `cmd`
// on windows.
SHELL = 1;
// Indicates that the script is run with powershell.
POWERSHELL = 3;
}
// Required. The shell script to be executed.
string script = 1 [(google.api.field_behavior) = REQUIRED];
// Return codes that indicate that the software installed or updated
// successfully. Behaviour defaults to [0]
repeated int32 allowed_exit_codes = 2;
// The script interpreter to use to run the script. If no interpreter is
// specified the script is executed directly, which likely
// only succeed for scripts with
// [shebang lines](https://en.wikipedia.org/wiki/Shebang_(Unix)).
Interpreter interpreter = 3;
}
// A specific type of step.
oneof step {
// Copies a file onto the instance.
CopyFile file_copy = 1;
// Extracts an archive into the specified directory.
ExtractArchive archive_extraction = 2;
// Installs an MSI file.
InstallMsi msi_installation = 3;
// Installs a deb file via dpkg.
InstallDpkg dpkg_installation = 4;
// Installs an rpm file via the rpm utility.
InstallRpm rpm_installation = 5;
// Executes an artifact or local file.
ExecFile file_exec = 6;
// Runs commands in a shell.
RunScript script_run = 7;
}
}
// Required. Unique identifier for the recipe. Only one recipe with a given
// name is installed on an instance.
//
// Names are also used to identify resources which helps to determine whether
// guest policies have conflicts. This means that requests to create multiple
// recipes with the same name and version are rejected since they
// could potentially have conflicting assignments.
string name = 1 [(google.api.field_behavior) = REQUIRED];
// The version of this software recipe. Version can be up to 4 period
// separated numbers (e.g. 12.34.56.78).
string version = 2;
// Resources available to be used in the steps in the recipe.
repeated Artifact artifacts = 3;
// Actions to be taken for installing this recipe. On failure it stops
// executing steps and does not attempt another installation. Any steps taken
// (including partially completed steps) are not rolled back.
repeated Step install_steps = 4;
// Actions to be taken for updating this recipe. On failure it stops
// executing steps and does not attempt another update for this recipe. Any
// steps taken (including partially completed steps) are not rolled back.
repeated Step update_steps = 5;
// Default is INSTALLED. The desired state the agent should maintain for this
// recipe.
//
// INSTALLED: The software recipe is installed on the instance but
// won't be updated to new versions.
// INSTALLED_KEEP_UPDATED: The software recipe is installed on the
// instance. The recipe is updated to a higher
// version, if a higher version of the recipe is
// assigned to this instance.
// REMOVE: Remove is unsupported for software recipes and attempts to
// create or update a recipe to the REMOVE state is rejected.
DesiredState desired_state = 6;
}
// A request message for creating a guest policy.
message CreateGuestPolicyRequest {
// Required. The resource name of the parent using one of the following forms:
// `projects/{project_number}`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
child_type: "osconfig.googleapis.com/GuestPolicy"
}
];
// Required. The logical name of the guest policy in the project
// with the following restrictions:
//
// * Must contain only lowercase letters, numbers, and hyphens.
// * Must start with a letter.
// * Must be between 1-63 characters.
// * Must end with a number or a letter.
// * Must be unique within the project.
string guest_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
// Required. The GuestPolicy to create.
GuestPolicy guest_policy = 3 [(google.api.field_behavior) = REQUIRED];
}
// A request message for retrieving a guest policy.
message GetGuestPolicyRequest {
// Required. The resource name of the guest policy using one of the following
// forms: `projects/{project_number}/guestPolicies/{guest_policy_id}`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "osconfig.googleapis.com/GuestPolicy"
}
];
}
// A request message for listing guest policies.
message ListGuestPoliciesRequest {
// Required. The resource name of the parent using one of the following forms:
// `projects/{project_number}`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
child_type: "osconfig.googleapis.com/GuestPolicy"
}
];
// The maximum number of guest policies to return.
int32 page_size = 2;
// A pagination token returned from a previous call to `ListGuestPolicies`
// that indicates where this listing should continue from.
string page_token = 3;
}
// A response message for listing guest policies.
message ListGuestPoliciesResponse {
// The list of GuestPolicies.
repeated GuestPolicy guest_policies = 1;
// A pagination token that can be used to get the next page
// of guest policies.
string next_page_token = 2;
}
// A request message for updating a guest policy.
message UpdateGuestPolicyRequest {
// Required. The updated GuestPolicy.
GuestPolicy guest_policy = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "osconfig.googleapis.com/GuestPolicy"
}
];
// Field mask that controls which fields of the guest policy should be
// updated.
google.protobuf.FieldMask update_mask = 2;
}
// A request message for deleting a guest policy.
message DeleteGuestPolicyRequest {
// Required. The resource name of the guest policy using one of the following
// forms: `projects/{project_number}/guestPolicies/{guest_policy_id}`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "osconfig.googleapis.com/GuestPolicy"
}
];
}
// A request message for getting the effective guest policy assigned to the
// instance.
message LookupEffectiveGuestPolicyRequest {
// Required. The VM instance whose policies are being looked up.
string instance = 1 [(google.api.field_behavior) = REQUIRED];
// Short name of the OS running on the instance. The OS Config agent only
// provideS this field for targeting if OS Inventory is enabled for that
// instance.
string os_short_name = 2;
// Version of the OS running on the instance. The OS Config agent only
// provide this field for targeting if OS Inventory is enabled for that
// VM instance.
string os_version = 3;
// Architecture of OS running on the instance. The OS Config agent only
// provide this field for targeting if OS Inventory is enabled for that
// instance.
string os_architecture = 4;
}
// The effective guest policy that applies to a VM instance.
message EffectiveGuestPolicy {
// A guest policy package including its source.
message SourcedPackage {
// Name of the guest policy providing this config.
string source = 1;
// A software package to configure on the VM instance.
Package package = 2;
}
// A guest policy package repository including its source.
message SourcedPackageRepository {
// Name of the guest policy providing this config.
string source = 1;
// A software package repository to configure on the VM instance.
PackageRepository package_repository = 2;
}
// A guest policy recipe including its source.
message SourcedSoftwareRecipe {
// Name of the guest policy providing this config.
string source = 1;
// A software recipe to configure on the VM instance.
SoftwareRecipe software_recipe = 2;
}
// List of package configurations assigned to the VM instance.
repeated SourcedPackage packages = 1;
// List of package repository configurations assigned to the VM instance.
repeated SourcedPackageRepository package_repositories = 2;
// List of recipes assigned to the VM instance.
repeated SourcedSoftwareRecipe software_recipes = 3;
}

337
google/cloud/osconfig/v1beta/osconfig_gapic.yaml
Unescape View File

@ -0,0 +1,337 @@
type: com.google.api.codegen.ConfigProto
config_schema_version: 1.0.0
# The settings of generated code in a specific language.
language_settings:
java:
package_name: com.google.cloud.osconfig.v1beta
python:
package_name: google.cloud.osconfig_v1beta.gapic
go:
package_name: cloud.google.com/go/osconfig/apiv1beta
csharp:
package_name: Google.Cloud.OsConfig.V1beta
ruby:
package_name: Google::Cloud::OsConfig::V1beta
php:
package_name: Google\Cloud\OsConfig\V1beta
nodejs:
package_name: osconfig.v1beta
# A list of API interface configurations.
interfaces:
# The fully qualified name of the API interface.
- name: google.cloud.osconfig.v1beta.OsConfigService
# A list of resource collection configurations.
# Consists of a name_pattern and an entity_name.
# The name_pattern is a pattern to describe the names of the resources of this
# collection, using the platform's conventions for URI patterns. A generator
# may use this to generate methods to compose and decompose such names. The
# pattern should use named placeholders as in `shelves/{shelf}/books/{book}`;
# those will be taken as hints for the parameter names of the generated
# methods. If empty, no name methods are generated.
# The entity_name is the name to be used as a basis for generated methods and
# classes.
collections:
- name_pattern: projects/{project}
entity_name: project
- name_pattern: projects/{project}/guestPolicies/{guest_policy}
entity_name: guest_policy
- name_pattern: projects/{project}/patchDeployments/{patch_deployment}
entity_name: patch_deployment
- name_pattern: projects/{project}/patchJobs/{patch_job}
entity_name: patch_job
- name_pattern: projects/{project}/zones/{zone}/instances/{instance}
entity_name: instance
# Definition for retryable codes.
retry_codes_def:
- name: idempotent
retry_codes:
- DEADLINE_EXCEEDED
- UNAVAILABLE
- name: non_idempotent
retry_codes: []
# Definition for retry/backoff parameters.
retry_params_def:
- name: default
initial_retry_delay_millis: 100
retry_delay_multiplier: 1.3
max_retry_delay_millis: 60000
initial_rpc_timeout_millis: 20000
rpc_timeout_multiplier: 1
max_rpc_timeout_millis: 20000
total_timeout_millis: 600000
# A list of method configurations.
# Common properties:
#
# name - The simple name of the method.
#
# flattening - Specifies the configuration for parameter flattening.
# Describes the parameter groups for which a generator should produce method
# overloads which allow a client to directly pass request message fields as
# method parameters. This information may or may not be used, depending on
# the target language.
# Consists of groups, which each represent a list of parameters to be
# flattened. Each parameter listed must be a field of the request message.
#
# required_fields - Fields that are always required for a request to be
# valid.
#
# page_streaming - Specifies the configuration for paging.
# Describes information for generating a method which transforms a paging
# list RPC into a stream of resources.
# Consists of a request and a response.
# The request specifies request information of the list method. It defines
# which fields match the paging pattern in the request. The request consists
# of a page_size_field and a token_field. The page_size_field is the name of
# the optional field specifying the maximum number of elements to be
# returned in the response. The token_field is the name of the field in the
# request containing the page token.
# The response specifies response information of the list method. It defines
# which fields match the paging pattern in the response. The response
# consists of a token_field and a resources_field. The token_field is the
# name of the field in the response containing the next page token. The
# resources_field is the name of the field in the response containing the
# list of resources belonging to the page.
#
# retry_codes_name - Specifies the configuration for retryable codes. The
# name must be defined in interfaces.retry_codes_def.
#
# retry_params_name - Specifies the configuration for retry/backoff
# parameters. The name must be defined in interfaces.retry_params_def.
#
# field_name_patterns - Maps the field name of the request type to
# entity_name of interfaces.collections.
# Specifies the string pattern that the field must follow.
#
# timeout_millis - Specifies the default timeout for a non-retrying call. If
# the call is retrying, refer to retry_params_name instead.
methods:
- name: ExecutePatchJob
required_fields:
- parent
- description
- instance_filter
- patch_config
- duration
- dry_run
- display_name
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: GetPatchJob
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
name: patch_job
timeout_millis: 60000
- name: CancelPatchJob
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
name: patch_job
timeout_millis: 60000
- name: ListPatchJobs
flattening:
groups:
- parameters:
- parent
- filter
required_fields:
- parent
- filter
page_streaming:
request:
page_size_field: page_size
token_field: page_token
response:
token_field: next_page_token
resources_field: patch_jobs
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: ListPatchJobInstanceDetails
flattening:
groups:
- parameters:
- parent
- filter
required_fields:
- parent
- filter
page_streaming:
request:
page_size_field: page_size
token_field: page_token
response:
token_field: next_page_token
resources_field: patch_job_instance_details
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
parent: patch_job
timeout_millis: 60000
- name: CreatePatchDeployment
flattening:
groups:
- parameters:
- parent
- patch_deployment_id
- patch_deployment
required_fields:
- parent
- patch_deployment_id
- patch_deployment
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: GetPatchDeployment
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
name: patch_deployment
timeout_millis: 60000
- name: ListPatchDeployments
flattening:
groups:
- parameters:
- parent
required_fields:
- parent
page_streaming:
request:
page_size_field: page_size
token_field: page_token
response:
token_field: next_page_token
resources_field: patch_deployments
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: DeletePatchDeployment
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
name: patch_deployment
timeout_millis: 60000
- name: CreateGuestPolicy
flattening:
groups:
- parameters:
- parent
- guest_policy_id
- guest_policy
required_fields:
- parent
- guest_policy_id
- guest_policy
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: GetGuestPolicy
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
name: guest_policy
timeout_millis: 60000
- name: ListGuestPolicies
flattening:
groups:
- parameters:
- parent
required_fields:
- parent
page_streaming:
request:
page_size_field: page_size
token_field: page_token
response:
token_field: next_page_token
resources_field: guest_policies
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
parent: project
timeout_millis: 60000
- name: UpdateGuestPolicy
flattening:
groups:
- parameters:
- guest_policy
- update_mask
required_fields:
- guest_policy
- update_mask
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
guest_policy.name: guest_policy
timeout_millis: 60000
- name: DeleteGuestPolicy
flattening:
groups:
- parameters:
- name
required_fields:
- name
retry_codes_name: idempotent
retry_params_name: default
field_name_patterns:
name: guest_policy
timeout_millis: 60000
- name: LookupEffectiveGuestPolicy
flattening:
groups:
- parameters:
- instance
- os_short_name
- os_version
- os_architecture
required_fields:
- instance
- os_short_name
- os_version
- os_architecture
retry_codes_name: non_idempotent
retry_params_name: default
field_name_patterns:
instance: instance
timeout_millis: 60000

33
google/cloud/osconfig/v1beta/osconfig_grpc_service_config.json
Unescape View File

@ -0,0 +1,33 @@
{
"methodConfig": [{
"name": [{ "service": "google.cloud.osconfig.v1beta.OsConfigService" }],
"timeout": "60s",
"retryPolicy": {
"maxAttempts": 5,
"initialBackoff": "1s",
"maxBackoff": "60s",
"backoffMultiplier": 1.3,
"retryableStatusCodes": ["UNAVAILABLE", "DEADLINE_EXCEEDED"]
}
},
{
"name": [
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "ExecutePatchJob" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "GetPatchJob" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "CancelPatchJob" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "ListPatchJobs" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "ListPatchJobInstanceDetails" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "CreatePatchDeployment" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "GetPatchDeployment" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "ListPatchDeployments" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "DeletePatchDeployment" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "CreateGuestPolicy" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "GetGuestPolicy" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "ListGuestPolicies" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "UpdateGuestPolicy" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "DeleteGuestPolicy" },
{ "service": "google.cloud.osconfig.v1beta.OsConfigService", "method": "LookupEffectiveGuestPolicy" }
],
"timeout": "60s"
}]
}

167
google/cloud/osconfig/v1beta/osconfig_service.proto
Unescape View File

@ -0,0 +1,167 @@
// Copyright 2019 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
syntax = "proto3";
package google.cloud.osconfig.v1beta;
import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/cloud/osconfig/v1beta/guest_policies.proto";
import "google/cloud/osconfig/v1beta/patch_deployments.proto";
import "google/cloud/osconfig/v1beta/patch_jobs.proto";
import "google/protobuf/empty.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1beta;osconfig";
option java_outer_classname = "OsConfigProto";
option java_package = "com.google.cloud.osconfig.v1beta";
// OS Config API
//
// The OS Config service is a server-side component that you can use to
// manage package installations and patch jobs for virtual machine instances.
service OsConfigService {
option (google.api.default_host) = "osconfig.googleapis.com";
option (google.api.oauth_scopes) =
"https://www.googleapis.com/auth/cloud-platform,"
"https://www.googleapis.com/auth/compute";
// Patch VM instances by creating and running a patch job.
rpc ExecutePatchJob(ExecutePatchJobRequest) returns (PatchJob) {
option (google.api.http) = {
post: "/v1beta/{parent=projects/*}/patchJobs:execute"
body: "*"
};
}
// Get the patch job. This can be used to track the progress of an
// ongoing patch job or review the details of completed jobs.
rpc GetPatchJob(GetPatchJobRequest) returns (PatchJob) {
option (google.api.http) = {
get: "/v1beta/{name=projects/*/patchJobs/*}"
};
}
// Cancel a patch job. The patch job must be active. Canceled patch jobs
// cannot be restarted.
rpc CancelPatchJob(CancelPatchJobRequest) returns (PatchJob) {
option (google.api.http) = {
post: "/v1beta/{name=projects/*/patchJobs/*}:cancel"
body: "*"
};
}
// Get a list of patch jobs.
rpc ListPatchJobs(ListPatchJobsRequest) returns (ListPatchJobsResponse) {
option (google.api.http) = {
get: "/v1beta/{parent=projects/*}/patchJobs"
};
}
// Get a list of instance details for a given patch job.
rpc ListPatchJobInstanceDetails(ListPatchJobInstanceDetailsRequest)
returns (ListPatchJobInstanceDetailsResponse) {
option (google.api.http) = {
get: "/v1beta/{parent=projects/*/patchJobs/*}/instanceDetails"
};
option (google.api.method_signature) = "parent";
}
// Create an OS Config patch deployment.
rpc CreatePatchDeployment(CreatePatchDeploymentRequest)
returns (PatchDeployment) {
option (google.api.http) = {
post: "/v1beta/{parent=projects/*}/patchDeployments"
body: "patch_deployment"
};
}
// Get an OS Config patch deployment.
rpc GetPatchDeployment(GetPatchDeploymentRequest) returns (PatchDeployment) {
option (google.api.http) = {
get: "/v1beta/{name=projects/*/patchDeployments/*}"
};
}
// Get a page of OS Config patch deployments.
rpc ListPatchDeployments(ListPatchDeploymentsRequest)
returns (ListPatchDeploymentsResponse) {
option (google.api.http) = {
get: "/v1beta/{parent=projects/*}/patchDeployments"
};
}
// Delete an OS Config patch deployment.
rpc DeletePatchDeployment(DeletePatchDeploymentRequest)
returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1beta/{name=projects/*/patchDeployments/*}"
};
}
// Create an OS Config guest policy.
rpc CreateGuestPolicy(CreateGuestPolicyRequest) returns (GuestPolicy) {
option (google.api.http) = {
post: "/v1beta/{parent=projects/*}/guestPolicies"
body: "guest_policy"
};
option (google.api.method_signature) = "parent, guest_policy";
}
// Get an OS Config guest policy.
rpc GetGuestPolicy(GetGuestPolicyRequest) returns (GuestPolicy) {
option (google.api.http) = {
get: "/v1beta/{name=projects/*/guestPolicies/*}"
};
option (google.api.method_signature) = "name";
}
// Get a page of OS Config guest policies.
rpc ListGuestPolicies(ListGuestPoliciesRequest)
returns (ListGuestPoliciesResponse) {
option (google.api.http) = {
get: "/v1beta/{parent=projects/*}/guestPolicies"
};
option (google.api.method_signature) = "parent";
}
// Update an OS Config guest policy.
rpc UpdateGuestPolicy(UpdateGuestPolicyRequest) returns (GuestPolicy) {
option (google.api.http) = {
patch: "/v1beta/{guest_policy.name=projects/*/guestPolicies/*}"
body: "guest_policy"
};
option (google.api.method_signature) = "guest_policy,update_mask";
}
// Delete an OS Config guest policy.
rpc DeleteGuestPolicy(DeleteGuestPolicyRequest)
returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1beta/{name=projects/*/guestPolicies/*}"
};
option (google.api.method_signature) = "name";
}
// Lookup the effective guest policy that applies to a VM instance. This
// lookup merges all policies that are assigned to the instance ancestry.
rpc LookupEffectiveGuestPolicy(LookupEffectiveGuestPolicyRequest)
returns (EffectiveGuestPolicy) {
option (google.api.http) = {
post: "/v1beta/{instance=projects/*/zones/*/instances/*}:lookupEffectiveGuestPolicy"
body: "*"
};
}
}

25
google/cloud/osconfig/v1beta/osconfig_v1beta.yaml
Unescape View File

@ -0,0 +1,25 @@
type: google.api.Service
config_version: 3
name: osconfig.googleapis.com
title: Cloud OS Config API
apis:
- name: google.cloud.osconfig.v1beta.OsConfigService
documentation:
summary: |-
OS management tools that can be used for patch management, patch
compliance, and configuration management on VM instances.
backend:
rules:
- selector: 'google.cloud.osconfig.v1beta.OsConfigService.*'
deadline: 30.0
authentication:
rules:
- selector: 'google.cloud.osconfig.v1beta.OsConfigService.*'
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform,
https://www.googleapis.com/auth/compute

246
google/cloud/osconfig/v1beta/patch_deployments.proto
Unescape View File

@ -0,0 +1,246 @@
// Copyright 2019 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
syntax = "proto3";
package google.cloud.osconfig.v1beta;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/cloud/osconfig/v1beta/patch_jobs.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/timestamp.proto";
import "google/type/datetime.proto";
import "google/type/dayofweek.proto";
import "google/type/timeofday.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1beta;osconfig";
option java_outer_classname = "PatchDeployments";
option java_package = "com.google.cloud.osconfig.v1beta";
// Patch deployments are configurations that individual patch jobs use to
// complete a patch. These configurations include instance filter, package
// repository settings, and a schedule.
message PatchDeployment {
// Unique name for the patch deployment resource in a project. The patch
// deployment name is in the form:
// `projects/{project_id}/patchDeployments/{patch_deployment_id}`.
// This field is ignored when you create a new patch deployment.
string name = 1;
// Optional. Description of the patch deployment. Length of the description is
// limited to 1024 characters.
string description = 2 [(google.api.field_behavior) = OPTIONAL];
// Required. VM instances to patch.
PatchInstanceFilter instance_filter = 3
[(google.api.field_behavior) = REQUIRED];
// Optional. Patch configuration that is applied.
PatchConfig patch_config = 4 [(google.api.field_behavior) = OPTIONAL];
// Optional. Duration of the patch. After the duration ends, the patch times
// out.
google.protobuf.Duration duration = 5
[(google.api.field_behavior) = OPTIONAL];
// Schedule for the patch.
oneof schedule {
// Required. Schedule a one-time execution.
OneTimeSchedule one_time_schedule = 6
[(google.api.field_behavior) = REQUIRED];
// Required. Schedule recurring executions.
RecurringSchedule recurring_schedule = 7
[(google.api.field_behavior) = REQUIRED];
}
// Output only. Time the patch deployment was created. Timestamp is in
// <a href="https://www.ietf.org/rfc/rfc3339.txt" target="_blank">RFC3339</a>
// text format.
google.protobuf.Timestamp create_time = 8
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Time the patch deployment was last updated. Timestamp is in
// <a href="https://www.ietf.org/rfc/rfc3339.txt" target="_blank">RFC3339</a>
// text format.
google.protobuf.Timestamp update_time = 9
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The last time a patch job was started by this deployment.
// Timestamp is in
// <a href="https://www.ietf.org/rfc/rfc3339.txt" target="_blank">RFC3339</a>
// text format.
google.protobuf.Timestamp last_execute_time = 10
[(google.api.field_behavior) = OUTPUT_ONLY];
}
// Sets the time for a one time patch deployment. Timestamp is in
// <a href="https://www.ietf.org/rfc/rfc3339.txt" target="_blank">RFC3339</a>
// text format.
message OneTimeSchedule {
// Required. The desired patch job execution time.
google.protobuf.Timestamp execute_time = 1
[(google.api.field_behavior) = REQUIRED];
}
// Sets the time for recurring patch deployments.
message RecurringSchedule {
// Specifies the frequency of the recurring patch deployments.
enum Frequency {
// Invalid. A frequency must be specified.
FREQUENCY_UNSPECIFIED = 0;
// Indicates that the frequency should be expressed in terms of
// weeks.
WEEKLY = 1;
// Indicates that the frequency should be expressed in terms of
// months.
MONTHLY = 2;
}
// Required. Defines the time zone that `time_of_day` is relative to.
// The rules for daylight saving time are determined by the chosen time zone.
google.type.TimeZone time_zone = 1 [(google.api.field_behavior) = REQUIRED];
// Optional. The time that the recurring schedule becomes effective.
// Defaults to `create_time` of the patch deployment.
google.protobuf.Timestamp start_time = 2
[(google.api.field_behavior) = OPTIONAL];
// Optional. The end time at which a recurring patch deployment schedule is no
// longer active.
google.protobuf.Timestamp end_time = 3
[(google.api.field_behavior) = OPTIONAL];
// Required. Time of the day to run a recurring deployment.
google.type.TimeOfDay time_of_day = 4
[(google.api.field_behavior) = REQUIRED];
// Required. The frequency unit of this recurring schedule.
Frequency frequency = 5 [(google.api.field_behavior) = REQUIRED];
// Configurations for this recurring schedule.
// Configurations must match frequency.
oneof schedule_config {
// Required. Schedule with weekly executions.
WeeklySchedule weekly = 6 [(google.api.field_behavior) = REQUIRED];
// Required. Schedule with monthly executions.
MonthlySchedule monthly = 7 [(google.api.field_behavior) = REQUIRED];
}
// Output only. The time the last patch job ran successfully.
google.protobuf.Timestamp last_execute_time = 9
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The time the next patch job is scheduled to run.
google.protobuf.Timestamp next_execute_time = 10
[(google.api.field_behavior) = OUTPUT_ONLY];
}
// Represents a weekly schedule.
message WeeklySchedule {
// Required. Day of the week.
google.type.DayOfWeek day_of_week = 1
[(google.api.field_behavior) = REQUIRED];
}
// Represents a monthly schedule. An example of a valid monthly schedule is
// "on the third Tuesday of the month" or "on the 15th of the month".
message MonthlySchedule {
// One day in a month.
oneof day_of_month {
// Required. Week day in a month.
WeekDayOfMonth week_day_of_month = 1
[(google.api.field_behavior) = REQUIRED];
// Required. One day of the month. 1-31 indicates the 1st to the 31st day.
// -1 indicates the last day of the month. Months without the target day
// will be skipped. For example, a schedule to run "every month on the 31st"
// will not run in February, April, June, etc.
int32 month_day = 2 [(google.api.field_behavior) = REQUIRED];
}
}
// Represents one week day in a month. An example is "the 4th Sunday".
message WeekDayOfMonth {
// Required. Week number in a month. 1-4 indicates the 1st to 4th week of the
// month. -1 indicates the last week of the month.
int32 week_ordinal = 1 [(google.api.field_behavior) = REQUIRED];
// Required. A day of the week.
google.type.DayOfWeek day_of_week = 2
[(google.api.field_behavior) = REQUIRED];
}
// A request message for creating a patch deployment.
message CreatePatchDeploymentRequest {
// Required. The project to apply this patch deployment to in the form
// `projects/*`.
string parent = 1 [(google.api.field_behavior) = REQUIRED];
// Required. A name for the patch deployment in the project. When creating a
// name the following rules apply:
// * Must contain only lowercase letters, numbers, and hyphens.
// * Must start with a letter.
// * Must be between 1-63 characters.
// * Must end with a number or a letter.
// * Must be unique within the project.
string patch_deployment_id = 2 [(google.api.field_behavior) = REQUIRED];
// Required. The patch deployment to create.
PatchDeployment patch_deployment = 3 [(google.api.field_behavior) = REQUIRED];
}
// A request message for retrieving a patch deployment.
message GetPatchDeploymentRequest {
// Required. The resource name of the patch deployment in the form
// `projects/*/patchDeployments/*`.
string name = 1 [(google.api.field_behavior) = REQUIRED];
}
// A request message for listing patch deployments.
message ListPatchDeploymentsRequest {
// Required. The resource name of the parent in the form `projects/*`.
string parent = 1 [(google.api.field_behavior) = REQUIRED];
// Optional. The maximum number of patch deployments to return. Default is
// 100.
int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL];
// Optional. A pagination token returned from a previous call to
// ListPatchDeployments that indicates where this listing should continue
// from.
string page_token = 3 [(google.api.field_behavior) = OPTIONAL];
}
// A response message for listing patch deployments.
message ListPatchDeploymentsResponse {
// The list of patch deployments.
repeated PatchDeployment patch_deployments = 1;
// A pagination token that can be used to get the next page of patch
// deployments.
string next_page_token = 2;
}
// A request message for deleting a patch deployment.
message DeletePatchDeploymentRequest {
// Required. The resource name of the patch deployment in the form
// `projects/*/patchDeployments/*`.
string name = 1 [(google.api.field_behavior) = REQUIRED];
}

630
google/cloud/osconfig/v1beta/patch_jobs.proto
Unescape View File

@ -0,0 +1,630 @@
// Copyright 2019 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
syntax = "proto3";
package google.cloud.osconfig.v1beta;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/timestamp.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1beta;osconfig";
option java_outer_classname = "PatchJobs";
option java_package = "com.google.cloud.osconfig.v1beta";
// A request message to initiate patching across GCE instances.
message ExecutePatchJobRequest {
// Required. The project in which to run this patch in the form `projects/*`
string parent = 1 [(google.api.field_behavior) = REQUIRED];
// Description of the patch job. Length of the description is limited
// to 1024 characters.
string description = 2;
// Required. Instances to patch, either explicitly or filtered by some
// criteria such as zone or labels.
PatchInstanceFilter instance_filter = 7
[(google.api.field_behavior) = REQUIRED];
// Patch configuration being applied. If omitted, instances are
// patched using the default configurations.
PatchConfig patch_config = 4;
// Duration of the patch job. After the duration ends, the patch job
// times out.
google.protobuf.Duration duration = 5;
// If this patch is a dry-run only, instances are contacted but
// will do nothing.
bool dry_run = 6;
// Display name for this patch job. This does not have to be unique.
string display_name = 8;
}
// Request to get an active or completed patch job.
message GetPatchJobRequest {
// Required. Name of the patch in the form `projects/*/patchJobs/*`
string name = 1 [(google.api.field_behavior) = REQUIRED];
}
// Request to list details for all instances that are part of a patch job.
message ListPatchJobInstanceDetailsRequest {
// Required. The parent for the instances are in the form of
// `projects/*/patchJobs/*`.
string parent = 1 [(google.api.field_behavior) = REQUIRED];
// The maximum number of instance details records to return. Default is 100.
int32 page_size = 2;
// A pagination token returned from a previous call
// that indicates where this listing should continue from.
string page_token = 3;
// A filter expression that filters results listed in the response. This
// field supports filtering results by instance zone, name, state, or
// `failure_reason`.
string filter = 4;
}
// A response message for listing the instances details for a patch job.
message ListPatchJobInstanceDetailsResponse {
// A list of instance status.
repeated PatchJobInstanceDetails patch_job_instance_details = 1;
// A pagination token that can be used to get the next page of results.
string next_page_token = 2;
}
// Patch details for a VM instance.
message PatchJobInstanceDetails {
// The instance name in the form `projects/*/zones/*/instances/*`
string name = 1;
// The unique identifier for the instance. This identifier is
// defined by the server.
string instance_system_id = 2;
// Current state of instance patch.
Instance.PatchState state = 3;
// If the patch fails, this field provides the reason.
string failure_reason = 4;
// The number of times the agent that the agent attempts to apply the patch.
int64 attempt_count = 5;
}
// A request message for listing patch jobs.
message ListPatchJobsRequest {
// Required. In the form of `projects/*`
string parent = 1 [(google.api.field_behavior) = REQUIRED];
// The maximum number of instance status to return.
int32 page_size = 2;
// A pagination token returned from a previous call
// that indicates where this listing should continue from.
string page_token = 3;
// If provided, this field specifies the criteria that must be met by patch
// jobs to be included in the response.
// Currently, filtering is only available on the patch_deployment field.
string filter = 4;
}
// A response message for listing patch jobs.
message ListPatchJobsResponse {
// The list of patch jobs.
repeated PatchJob patch_jobs = 1;
// A pagination token that can be used to get the next page of results.
string next_page_token = 2;
}
// A high level representation of a patch job that is either in progress
// or has completed.
//
// Instances details are not included in the job. To paginate through instance
// details, use ListPatchJobInstanceDetails.
message PatchJob {
// A summary of the current patch state across all instances that this patch
// job affects. Contains counts of instances in different states. These states
// map to `InstancePatchState`. List patch job instance details to see the
// specific states of each instance.
message InstanceDetailsSummary {
// Number of instances pending patch job.
int64 pending_instance_count = 1;
// Number of instances that are inactive.
int64 inactive_instance_count = 2;
// Number of instances notified about patch job.
int64 notified_instance_count = 3;
// Number of instances that have started.
int64 started_instance_count = 4;
// Number of instances that are downloading patches.
int64 downloading_patches_instance_count = 5;
// Number of instances that are applying patches.
int64 applying_patches_instance_count = 6;
// Number of instances rebooting.
int64 rebooting_instance_count = 7;
// Number of instances that have completed successfully.
int64 succeeded_instance_count = 8;
// Number of instances that require reboot.
int64 succeeded_reboot_required_instance_count = 9;
// Number of instances that failed.
int64 failed_instance_count = 10;
// Number of instances that have acked and will start shortly.
int64 acked_instance_count = 11;
// Number of instances that exceeded the time out while applying the patch.
int64 timed_out_instance_count = 12;
// Number of instances that are running the pre-patch step.
int64 pre_patch_step_instance_count = 13;
// Number of instances that are running the post-patch step.
int64 post_patch_step_instance_count = 14;
// Number of instances that do not appear to be running the agent. Check to
// ensure that the agent is installed, running, and able to communicate with
// the service.
int64 no_agent_detected_instance_count = 15;
}
// Enumeration of the various states a patch job passes through as it
// executes.
enum State {
// State must be specified.
STATE_UNSPECIFIED = 0;
// The patch job was successfully initiated.
STARTED = 1;
// The patch job is looking up instances to run the patch on.
INSTANCE_LOOKUP = 2;
// Instances are being patched.
PATCHING = 3;
// Patch job completed successfully.
SUCCEEDED = 4;
// Patch job completed but there were errors.
COMPLETED_WITH_ERRORS = 5;
// The patch job was canceled.
CANCELED = 6;
// The patch job timed out.
TIMED_OUT = 7;
}
// Unique identifier for this patch job in the form
// `projects/*/patchJobs/*`
string name = 1;
// Display name for this patch job. This is not a unique identifier.
string display_name = 14;
// Description of the patch job. Length of the description is limited
// to 1024 characters.
string description = 2;
// Time this patch job was created.
google.protobuf.Timestamp create_time = 3;
// Last time this patch job was updated.
google.protobuf.Timestamp update_time = 4;
// The current state of the PatchJob .
State state = 5;
// Instances to patch.
PatchInstanceFilter instance_filter = 13;
// Patch configuration being applied.
PatchConfig patch_config = 7;
// Duration of the patch job. After the duration ends, the
// patch job times out.
google.protobuf.Duration duration = 8;
// Summary of instance details.
InstanceDetailsSummary instance_details_summary = 9;
// If this patch job is a dry run, the agent reports that it has
// finished without running any updates on the VM instance.
bool dry_run = 10;
// If this patch job failed, this message provides information about the
// failure.
string error_message = 11;
// Reflects the overall progress of the patch job in the range of
// 0.0 being no progress to 100.0 being complete.
double percent_complete = 12;
// Output only. Name of the patch deployment that created this patch job.
string patch_deployment = 15 [(google.api.field_behavior) = OUTPUT_ONLY];
}
// Patch configuration specifications. Contains details on how to apply the
// patch(es) to a VM instance.
message PatchConfig {
// Post-patch reboot settings.
enum RebootConfig {
// The default behavior is DEFAULT.
REBOOT_CONFIG_UNSPECIFIED = 0;
// The agent decides if a reboot is necessary by checking signals such as
// registry keys on Windows or `/var/run/reboot-required` on APT based
// systems. On RPM based systems, a set of core system package install times
// are compared with system boot time.
DEFAULT = 1;
// Always reboot the machine after the update completes.
ALWAYS = 2;
// Never reboot the machine after the update completes.
NEVER = 3;
}
// Post-patch reboot settings.
RebootConfig reboot_config = 1;
// Apt update settings. Use this setting to override the default `apt` patch
// rules.
AptSettings apt = 3;
// Yum update settings. Use this setting to override the default `yum` patch
// rules.
YumSettings yum = 4;
// Goo update settings. Use this setting to override the default `goo` patch
// rules.
GooSettings goo = 5;
// Zypper update settings. Use this setting to override the default `zypper`
// patch rules.
ZypperSettings zypper = 6;
// Windows update settings. Use this override the default windows patch rules.
WindowsUpdateSettings windows_update = 7;
// The `ExecStep` to run before the patch update.
ExecStep pre_step = 8;
// The `ExecStep` to run after the patch update.
ExecStep post_step = 9;
}
// Namespace for instance state enums.
message Instance {
// Patch state of an instance.
enum PatchState {
// Unspecified.
PATCH_STATE_UNSPECIFIED = 0;
// The instance is not yet notified.
PENDING = 1;
// Instance is inactive and cannot be patched.
INACTIVE = 2;
// The instance is notified that it should be patched.
NOTIFIED = 3;
// The instance has started the patching process.
STARTED = 4;
// The instance is downloading patches.
DOWNLOADING_PATCHES = 5;
// The instance is applying patches.
APPLYING_PATCHES = 6;
// The instance is rebooting.
REBOOTING = 7;
// The instance has completed applying patches.
SUCCEEDED = 8;
// The instance has completed applying patches but a reboot is required.
SUCCEEDED_REBOOT_REQUIRED = 9;
// The instance has failed to apply the patch.
FAILED = 10;
// The instance acked the notification and will start shortly.
ACKED = 11;
// The instance exceeded the time out while applying the patch.
TIMED_OUT = 12;
// The instance is running the pre-patch step.
RUNNING_PRE_PATCH_STEP = 13;
// The instance is running the post-patch step.
RUNNING_POST_PATCH_STEP = 14;
// The service could not detect the presence of the agent. Check to ensure
// that the agent is installed, running, and able to communicate with the
// service.
NO_AGENT_DETECTED = 15;
}
}
// Message for canceling a patch job.
message CancelPatchJobRequest {
// Required. Name of the patch in the form `projects/*/patchJobs/*`
string name = 1 [(google.api.field_behavior) = REQUIRED];
}
// Apt patching is completed by executing `apt-get update && apt-get
// upgrade`. Additional options can be set to control how this is executed.
message AptSettings {
// Apt patch type.
enum Type {
// By default, upgrade will be performed.
TYPE_UNSPECIFIED = 0;
// Runs `apt-get dist-upgrade`.
DIST = 1;
// Runs `apt-get upgrade`.
UPGRADE = 2;
}
// By changing the type to DIST, the patching is performed
// using `apt-get dist-upgrade` instead.
Type type = 1;
// List of packages to exclude from update. These packages will be excluded
repeated string excludes = 2;
// An exclusive list of packages to be updated. These are the only packages
// that will be updated. If these packages are not installed, they will be
// ignored. This field cannot be specified with any other patch configuration
// fields.
repeated string exclusive_packages = 3;
}
// Yum patching is performed by executing `yum update`. Additional options
// can be set to control how this is executed.
//
// Note that not all settings are supported on all platforms.
message YumSettings {
// Adds the `--security` flag to `yum update`. Not supported on
// all platforms.
bool security = 1;
// Will cause patch to run `yum update-minimal` instead.
bool minimal = 2;
// List of packages to exclude from update. These packages are excluded by
// using the yum `--exclude` flag.
repeated string excludes = 3;
// An exclusive list of packages to be updated. These are the only packages
// that will be updated. If these packages are not installed, they will be
// ignored. This field must not be specified with any other patch
// configuration fields.
repeated string exclusive_packages = 4;
}
// Googet patching is performed by running `googet update`.
message GooSettings {}
// Zypper patching is performed by running `zypper patch`.
// See also https://en.opensuse.org/SDB:Zypper_manual.
message ZypperSettings {
// Adds the `--with-optional` flag to `zypper patch`.
bool with_optional = 1;
// Adds the `--with-update` flag, to `zypper patch`.
bool with_update = 2;
// Install only patches with these categories.
// Common categories include security, recommended, and feature.
repeated string categories = 3;
// Install only patches with these severities.
// Common severities include critical, important, moderate, and low.
repeated string severities = 4;
// List of patches to exclude from update.
repeated string excludes = 5;
// An exclusive list of patches to be updated. These are the only patches
// that will be installed using 'zypper patch patch:<patch_name>' command.
// This field must not be used with any other patch configuration fields.
repeated string exclusive_patches = 6;
}
// Windows patching is performed using the Windows Update Agent.
message WindowsUpdateSettings {
// Microsoft Windows update classifications as defined in
// [1]
// https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro
enum Classification {
// Invalid. If classifications are included, they must be specified.
CLASSIFICATION_UNSPECIFIED = 0;
// "A widely released fix for a specific problem that addresses a critical,
// non-security-related bug." [1]
CRITICAL = 1;
// "A widely released fix for a product-specific, security-related
// vulnerability. Security vulnerabilities are rated by their severity. The
// severity rating is indicated in the Microsoft security bulletin as
// critical, important, moderate, or low." [1]
SECURITY = 2;
// "A widely released and frequent software update that contains additions
// to a products definition database. Definition databases are often used
// to detect objects that have specific attributes, such as malicious code,
// phishing websites, or junk mail." [1]
DEFINITION = 3;
// "Software that controls the input and output of a device." [1]
DRIVER = 4;
// "New product functionality that is first distributed outside the context
// of a product release and that is typically included in the next full
// product release." [1]
FEATURE_PACK = 5;
// "A tested, cumulative set of all hotfixes, security updates, critical
// updates, and updates. Additionally, service packs may contain additional
// fixes for problems that are found internally since the release of the
// product. Service packs my also contain a limited number of
// customer-requested design changes or features." [1]
SERVICE_PACK = 6;
// "A utility or feature that helps complete a task or set of tasks." [1]
TOOL = 7;
// "A tested, cumulative set of hotfixes, security updates, critical
// updates, and updates that are packaged together for easy deployment. A
// rollup generally targets a specific area, such as security, or a
// component of a product, such as Internet Information Services (IIS)." [1]
UPDATE_ROLLUP = 8;
// "A widely released fix for a specific problem. An update addresses a
// noncritical, non-security-related bug." [1]
UPDATE = 9;
}
// Only apply updates of these windows update classifications. If empty, all
// updates are applied.
repeated Classification classifications = 1;
// List of KBs to exclude from update.
repeated string excludes = 2;
// An exclusive list of kbs to be updated. These are the only patches
// that will be updated. This field must not be used with other
// patch configurations.
repeated string exclusive_patches = 3;
}
// A step that runs an executable for a PatchJob.
message ExecStep {
// The ExecStepConfig for all Linux VMs targeted by the PatchJob.
ExecStepConfig linux_exec_step_config = 1;
// The ExecStepConfig for all Windows VMs targeted by the PatchJob.
ExecStepConfig windows_exec_step_config = 2;
}
// Common configurations for an ExecStep.
message ExecStepConfig {
// The interpreter used to execute the a file.
enum Interpreter {
// Invalid for a Windows ExecStepConfig. For a Linux ExecStepConfig, the
// interpreter will be parsed from the shebang line of the script if
// unspecified.
INTERPRETER_UNSPECIFIED = 0;
// Indicates that the script is run with `/bin/sh` on Linux and `cmd`
// on Windows.
SHELL = 1;
// Indicates that the file is run with PowerShell flags
// `-NonInteractive`, `-NoProfile`, and `-ExecutionPolicy Bypass`.
POWERSHELL = 2;
}
// Location of the executable.
oneof executable {
// An absolute path to the executable on the VM.
string local_path = 1;
// A GCS object containing the executable.
GcsObject gcs_object = 2;
}
// Defaults to [0]. A list of possible return values that the
// execution can return to indicate a success.
repeated int32 allowed_success_codes = 3;
// The script interpreter to use to run the script. If no interpreter is
// specified the script will be executed directly, which will likely
// only succeed for scripts with shebang lines.
// [Wikipedia shebang](https://en.wikipedia.org/wiki/Shebang_(Unix)).
Interpreter interpreter = 4;
}
// GCS object representation.
message GcsObject {
// Required. Bucket of the GCS object.
string bucket = 1 [(google.api.field_behavior) = REQUIRED];
// Required. Name of the GCS object.
string object = 2 [(google.api.field_behavior) = REQUIRED];
// Required. Generation number of the GCS object. This is used to ensure that
// the ExecStep specified by this PatchJob does not change.
int64 generation_number = 3 [(google.api.field_behavior) = REQUIRED];
}
// A filter to target VM instances for patching. The targeted
// VMs must meet all criteria specified. So if both labels and zones are
// specified, the patch job targets only VMs with those labels and in those
// zones.
message PatchInstanceFilter {
// Represents a group of VMs that can be identified as having all these
// labels, for example "env=prod and app=web".
message GroupLabel {
// GCE instance labels that must be present for a VM instance to be targeted
// by this filter.
map<string, string> labels = 1;
}
// Target all VM instances in the project. If true, no other criteria is
// permitted.
bool all = 1;
// Targets VM instances matching at least one of these label sets. This allows
// targeting of disparate groups, for example "env=prod or env=staging".
repeated GroupLabel group_labels = 2;
// Targets VM instances in ANY of these zones. Leave empty to target VM
// instances in any zone.
repeated string zones = 3;
// Targets any of the VM instances specified. Instances are specified by their
// URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME],
// `projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]`, or
// `https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]`
repeated string instances = 4;
// Targets VMs whose name starts with one of these prefixes. Similar to
// labels, this is another way to group VMs when targeting configs, for
// example prefix=prod-.
repeated string instance_name_prefixes = 5;
}
Write Preview
Loading…
Cancel
Save