diff --git a/google/cloud/osconfig/v1/BUILD.bazel b/google/cloud/osconfig/v1/BUILD.bazel
new file mode 100644
index 000000000..b9b6e5900
--- /dev/null
+++ b/google/cloud/osconfig/v1/BUILD.bazel
@@ -0,0 +1,376 @@
+# This file was automatically generated by BuildFileGenerator
+
+# This is an API workspace, having public visibility by default makes perfect sense.
+package(default_visibility = ["//visibility:public"])
+
+##############################################################################
+# Common
+##############################################################################
+load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info")
+
+proto_library(
+ name = "osconfig_proto",
+ srcs = [
+ "osconfig_service.proto",
+ "patch_deployments.proto",
+ "patch_jobs.proto",
+ ],
+ deps = [
+ "//google/api:annotations_proto",
+ "//google/api:client_proto",
+ "//google/api:field_behavior_proto",
+ "//google/api:resource_proto",
+ "//google/type:datetime_proto",
+ "//google/type:dayofweek_proto",
+ "//google/type:timeofday_proto",
+ "@com_google_protobuf//:duration_proto",
+ "@com_google_protobuf//:empty_proto",
+ "@com_google_protobuf//:timestamp_proto",
+ ],
+)
+
+proto_library_with_info(
+ name = "osconfig_proto_with_info",
+ deps = [
+ ":osconfig_proto",
+ "//google/cloud:common_resources_proto",
+ ],
+)
+
+##############################################################################
+# Java
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "java_gapic_assembly_gradle_pkg",
+ "java_gapic_library",
+ "java_gapic_test",
+ "java_grpc_library",
+ "java_proto_library",
+)
+
+java_proto_library(
+ name = "osconfig_java_proto",
+ deps = [":osconfig_proto"],
+)
+
+java_grpc_library(
+ name = "osconfig_java_grpc",
+ srcs = [":osconfig_proto"],
+ deps = [":osconfig_java_proto"],
+)
+
+java_gapic_library(
+ name = "osconfig_java_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ test_deps = [
+ ":osconfig_java_grpc",
+ ],
+ deps = [
+ ":osconfig_java_proto",
+ ],
+)
+
+java_gapic_test(
+ name = "osconfig_java_gapic_test_suite",
+ test_classes = [
+ "com.google.cloud.osconfig.v1.OsConfigServiceClientTest",
+ ],
+ runtime_deps = [":osconfig_java_gapic_test"],
+)
+
+# Open Source Packages
+java_gapic_assembly_gradle_pkg(
+ name = "google-cloud-osconfig-v1-java",
+ deps = [
+ ":osconfig_java_gapic",
+ ":osconfig_java_grpc",
+ ":osconfig_java_proto",
+ ":osconfig_proto",
+ ],
+)
+
+##############################################################################
+# Go
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "go_gapic_assembly_pkg",
+ "go_gapic_library",
+ "go_proto_library",
+ "go_test",
+)
+
+go_proto_library(
+ name = "osconfig_go_proto",
+ compilers = ["@io_bazel_rules_go//proto:go_grpc"],
+ importpath = "google.golang.org/genproto/googleapis/cloud/osconfig/v1",
+ protos = [":osconfig_proto"],
+ deps = [
+ "//google/api:annotations_go_proto",
+ "//google/type:datetime_go_proto",
+ "//google/type:dayofweek_go_proto",
+ "//google/type:timeofday_go_proto",
+ ],
+)
+
+go_gapic_library(
+ name = "osconfig_go_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ importpath = "cloud.google.com/go/osconfig/apiv1",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [
+ ":osconfig_go_proto",
+ "@io_bazel_rules_go//proto/wkt:duration_go_proto",
+ ],
+)
+
+go_test(
+ name = "osconfig_go_gapic_test",
+ srcs = [":osconfig_go_gapic_srcjar_test"],
+ embed = [":osconfig_go_gapic"],
+ importpath = "cloud.google.com/go/osconfig/apiv1",
+)
+
+# Open Source Packages
+go_gapic_assembly_pkg(
+ name = "gapi-cloud-osconfig-v1-go",
+ deps = [
+ ":osconfig_go_gapic",
+ ":osconfig_go_gapic_srcjar-smoke-test.srcjar",
+ ":osconfig_go_gapic_srcjar-test.srcjar",
+ ":osconfig_go_proto",
+ ],
+)
+
+##############################################################################
+# Python
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "moved_proto_library",
+ "py_gapic_assembly_pkg",
+ "py_gapic_library",
+ "py_grpc_library",
+ "py_proto_library",
+)
+
+moved_proto_library(
+ name = "osconfig_moved_proto",
+ srcs = [":osconfig_proto"],
+ deps = [
+ "//google/api:annotations_proto",
+ "//google/api:client_proto",
+ "//google/api:field_behavior_proto",
+ "//google/api:resource_proto",
+ "//google/type:datetime_proto",
+ "//google/type:dayofweek_proto",
+ "//google/type:timeofday_proto",
+ "@com_google_protobuf//:duration_proto",
+ "@com_google_protobuf//:empty_proto",
+ "@com_google_protobuf//:timestamp_proto",
+ ],
+)
+
+py_proto_library(
+ name = "osconfig_py_proto",
+ plugin = "@protoc_docs_plugin//:docs_plugin",
+ deps = [":osconfig_moved_proto"],
+)
+
+py_grpc_library(
+ name = "osconfig_py_grpc",
+ srcs = [":osconfig_moved_proto"],
+ deps = [":osconfig_py_proto"],
+)
+
+py_gapic_library(
+ name = "osconfig_py_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [
+ ":osconfig_py_grpc",
+ ":osconfig_py_proto",
+ ],
+)
+
+# Open Source Packages
+py_gapic_assembly_pkg(
+ name = "osconfig-v1-py",
+ deps = [
+ ":osconfig_py_gapic",
+ ":osconfig_py_grpc",
+ ":osconfig_py_proto",
+ ],
+)
+
+##############################################################################
+# PHP
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "php_gapic_assembly_pkg",
+ "php_gapic_library",
+ "php_grpc_library",
+ "php_proto_library",
+)
+
+php_proto_library(
+ name = "osconfig_php_proto",
+ deps = [":osconfig_proto"],
+)
+
+php_grpc_library(
+ name = "osconfig_php_grpc",
+ srcs = [":osconfig_proto"],
+ deps = [":osconfig_php_proto"],
+)
+
+php_gapic_library(
+ name = "osconfig_php_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [
+ ":osconfig_php_grpc",
+ ":osconfig_php_proto",
+ ],
+)
+
+# Open Source Packages
+php_gapic_assembly_pkg(
+ name = "google-cloud-osconfig-v1-php",
+ deps = [
+ ":osconfig_php_gapic",
+ ":osconfig_php_grpc",
+ ":osconfig_php_proto",
+ ],
+)
+
+##############################################################################
+# Node.js
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "nodejs_gapic_assembly_pkg",
+ "nodejs_gapic_library",
+)
+
+nodejs_gapic_library(
+ name = "osconfig_nodejs_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [],
+)
+
+nodejs_gapic_assembly_pkg(
+ name = "osconfig-v1-nodejs",
+ deps = [
+ ":osconfig_nodejs_gapic",
+ ":osconfig_proto",
+ ],
+)
+
+##############################################################################
+# Ruby
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "ruby_gapic_assembly_pkg",
+ "ruby_gapic_library",
+ "ruby_grpc_library",
+ "ruby_proto_library",
+)
+
+ruby_proto_library(
+ name = "osconfig_ruby_proto",
+ deps = [":osconfig_proto"],
+)
+
+ruby_grpc_library(
+ name = "osconfig_ruby_grpc",
+ srcs = [":osconfig_proto"],
+ deps = [":osconfig_ruby_proto"],
+)
+
+ruby_gapic_library(
+ name = "osconfig_ruby_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [
+ ":osconfig_ruby_grpc",
+ ":osconfig_ruby_proto",
+ ],
+)
+
+# Open Source Packages
+ruby_gapic_assembly_pkg(
+ name = "google-cloud-osconfig-v1-ruby",
+ deps = [
+ ":osconfig_ruby_gapic",
+ ":osconfig_ruby_grpc",
+ ":osconfig_ruby_proto",
+ ],
+)
+
+##############################################################################
+# C#
+##############################################################################
+load(
+ "@com_google_googleapis_imports//:imports.bzl",
+ "csharp_gapic_assembly_pkg",
+ "csharp_gapic_library",
+ "csharp_grpc_library",
+ "csharp_proto_library",
+)
+
+csharp_proto_library(
+ name = "osconfig_csharp_proto",
+ deps = [":osconfig_proto"],
+)
+
+csharp_grpc_library(
+ name = "osconfig_csharp_grpc",
+ srcs = [":osconfig_proto"],
+ deps = [":osconfig_csharp_proto"],
+)
+
+csharp_gapic_library(
+ name = "osconfig_csharp_gapic",
+ src = ":osconfig_proto_with_info",
+ gapic_yaml = "osconfig_gapic.yaml",
+ package = "google.cloud.osconfig.v1",
+ service_yaml = "osconfig_v1.yaml",
+ deps = [
+ ":osconfig_csharp_grpc",
+ ":osconfig_csharp_proto",
+ ],
+)
+
+# Open Source Packages
+csharp_gapic_assembly_pkg(
+ name = "google-cloud-osconfig-v1-csharp",
+ deps = [
+ ":osconfig_csharp_gapic",
+ ":osconfig_csharp_grpc",
+ ":osconfig_csharp_proto",
+ ],
+)
+
+##############################################################################
+# C++
+##############################################################################
+# Put your C++ rules here
diff --git a/google/cloud/osconfig/v1/osconfig_gapic.yaml b/google/cloud/osconfig/v1/osconfig_gapic.yaml
new file mode 100644
index 000000000..099916fbe
--- /dev/null
+++ b/google/cloud/osconfig/v1/osconfig_gapic.yaml
@@ -0,0 +1,19 @@
+type: com.google.api.codegen.ConfigProto
+config_schema_version: 1.0.0
+# The settings of generated code in a specific language.
+language_settings:
+ java:
+ package_name: com.google.cloud.osconfig.v1
+ python:
+ package_name: google.cloud.osconfig_v1.gapic
+ go:
+ package_name: cloud.google.com/go/osconfig/apiv1
+ csharp:
+ package_name: Google.Cloud.OsConfig.V1
+ ruby:
+ package_name: Google::Cloud::OsConfig::V1
+ php:
+ package_name: Google\Cloud\OsConfig\V1
+ nodejs:
+ package_name: osconfig.v1
+ domain_layer_location: google-cloud
diff --git a/google/cloud/osconfig/v1/osconfig_grpc_service_config.json b/google/cloud/osconfig/v1/osconfig_grpc_service_config.json
new file mode 100644
index 000000000..10822f8af
--- /dev/null
+++ b/google/cloud/osconfig/v1/osconfig_grpc_service_config.json
@@ -0,0 +1,27 @@
+{
+ "methodConfig": [{
+ "name": [{ "service": "google.cloud.osconfig.v1.OsConfigService" }],
+ "timeout": "60s",
+ "retryPolicy": {
+ "maxAttempts": 5,
+ "initialBackoff": "1s",
+ "maxBackoff": "60s",
+ "backoffMultiplier": 1.3,
+ "retryableStatusCodes": ["UNAVAILABLE", "DEADLINE_EXCEEDED"]
+ }
+ },
+ {
+ "name": [
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "ExecutePatchJob" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "GetPatchJob" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "CancelPatchJob" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "ListPatchJobs" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "ListPatchJobInstanceDetails" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "CreatePatchDeployment" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "GetPatchDeployment" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "ListPatchDeployments" },
+ { "service": "google.cloud.osconfig.v1.OsConfigService", "method": "DeletePatchDeployment" }
+ ],
+ "timeout": "60s"
+ }]
+}
diff --git a/google/cloud/osconfig/v1/osconfig_service.proto b/google/cloud/osconfig/v1/osconfig_service.proto
new file mode 100644
index 000000000..956874618
--- /dev/null
+++ b/google/cloud/osconfig/v1/osconfig_service.proto
@@ -0,0 +1,111 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.osconfig.v1;
+
+import "google/api/annotations.proto";
+import "google/api/client.proto";
+import "google/cloud/osconfig/v1/patch_deployments.proto";
+import "google/cloud/osconfig/v1/patch_jobs.proto";
+import "google/protobuf/empty.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1;osconfig";
+option java_outer_classname = "OsConfigProto";
+option java_package = "com.google.cloud.osconfig.v1";
+
+// OS Config API
+//
+// The OS Config service is a server-side component that you can use to
+// manage package installations and patch jobs for virtual machine instances.
+service OsConfigService {
+ option (google.api.default_host) = "osconfig.googleapis.com";
+ option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
+
+ // Patch VM instances by creating and running a patch job.
+ rpc ExecutePatchJob(ExecutePatchJobRequest) returns (PatchJob) {
+ option (google.api.http) = {
+ post: "/v1/{parent=projects/*}/patchJobs:execute"
+ body: "*"
+ };
+ }
+
+ // Get the patch job. This can be used to track the progress of an
+ // ongoing patch job or review the details of completed jobs.
+ rpc GetPatchJob(GetPatchJobRequest) returns (PatchJob) {
+ option (google.api.http) = {
+ get: "/v1/{name=projects/*/patchJobs/*}"
+ };
+ option (google.api.method_signature) = "name";
+ }
+
+ // Cancel a patch job. The patch job must be active. Canceled patch jobs
+ // cannot be restarted.
+ rpc CancelPatchJob(CancelPatchJobRequest) returns (PatchJob) {
+ option (google.api.http) = {
+ post: "/v1/{name=projects/*/patchJobs/*}:cancel"
+ body: "*"
+ };
+ }
+
+ // Get a list of patch jobs.
+ rpc ListPatchJobs(ListPatchJobsRequest) returns (ListPatchJobsResponse) {
+ option (google.api.http) = {
+ get: "/v1/{parent=projects/*}/patchJobs"
+ };
+ option (google.api.method_signature) = "parent";
+ }
+
+ // Get a list of instance details for a given patch job.
+ rpc ListPatchJobInstanceDetails(ListPatchJobInstanceDetailsRequest) returns (ListPatchJobInstanceDetailsResponse) {
+ option (google.api.http) = {
+ get: "/v1/{parent=projects/*/patchJobs/*}/instanceDetails"
+ };
+ option (google.api.method_signature) = "parent";
+ }
+
+ // Create an OS Config patch deployment.
+ rpc CreatePatchDeployment(CreatePatchDeploymentRequest) returns (PatchDeployment) {
+ option (google.api.http) = {
+ post: "/v1/{parent=projects/*}/patchDeployments"
+ body: "patch_deployment"
+ };
+ option (google.api.method_signature) = "parent,patch_deployment,patch_deployment_id";
+ }
+
+ // Get an OS Config patch deployment.
+ rpc GetPatchDeployment(GetPatchDeploymentRequest) returns (PatchDeployment) {
+ option (google.api.http) = {
+ get: "/v1/{name=projects/*/patchDeployments/*}"
+ };
+ option (google.api.method_signature) = "name";
+ }
+
+ // Get a page of OS Config patch deployments.
+ rpc ListPatchDeployments(ListPatchDeploymentsRequest) returns (ListPatchDeploymentsResponse) {
+ option (google.api.http) = {
+ get: "/v1/{parent=projects/*}/patchDeployments"
+ };
+ option (google.api.method_signature) = "parent";
+ }
+
+ // Delete an OS Config patch deployment.
+ rpc DeletePatchDeployment(DeletePatchDeploymentRequest) returns (google.protobuf.Empty) {
+ option (google.api.http) = {
+ delete: "/v1/{name=projects/*/patchDeployments/*}"
+ };
+ option (google.api.method_signature) = "name";
+ }
+}
diff --git a/google/cloud/osconfig/v1/osconfig_v1.yaml b/google/cloud/osconfig/v1/osconfig_v1.yaml
new file mode 100644
index 000000000..32fa1aeaa
--- /dev/null
+++ b/google/cloud/osconfig/v1/osconfig_v1.yaml
@@ -0,0 +1,24 @@
+type: google.api.Service
+config_version: 3
+name: osconfig.googleapis.com
+title: Cloud OS Config API
+
+apis:
+- name: google.cloud.osconfig.v1.OsConfigService
+
+documentation:
+ summary: |-
+ OS management tools that can be used for patch management, patch
+ compliance, and configuration management on VM instances.
+
+backend:
+ rules:
+ - selector: 'google.cloud.osconfig.v1.OsConfigService.*'
+ deadline: 30.0
+
+authentication:
+ rules:
+ - selector: 'google.cloud.osconfig.v1.OsConfigService.*'
+ oauth:
+ canonical_scopes: |-
+ https://www.googleapis.com/auth/cloud-platform
diff --git a/google/cloud/osconfig/v1/patch_deployments.proto b/google/cloud/osconfig/v1/patch_deployments.proto
new file mode 100644
index 000000000..2ad1fc75c
--- /dev/null
+++ b/google/cloud/osconfig/v1/patch_deployments.proto
@@ -0,0 +1,252 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.osconfig.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/cloud/osconfig/v1/patch_jobs.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/timestamp.proto";
+import "google/type/datetime.proto";
+import "google/type/dayofweek.proto";
+import "google/type/timeofday.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1;osconfig";
+option java_outer_classname = "PatchDeployments";
+option java_package = "com.google.cloud.osconfig.v1";
+
+// Patch deployments are configurations that individual patch jobs use to
+// complete a patch. These configurations include instance filter, package
+// repository settings, and a schedule. For more information about creating and
+// managing patch deployments, see [Scheduling patch
+// jobs](/compute/docs/os-patch-management/schedule-patch-jobs).
+message PatchDeployment {
+ option (google.api.resource) = {
+ type: "osconfig.googleapis.com/PatchDeployment"
+ pattern: "projects/{project}/patchDeployments/{patch_deployment}"
+ };
+
+ // Unique name for the patch deployment resource in a project. The patch
+ // deployment name is in the form:
+ // `projects/{project_id}/patchDeployments/{patch_deployment_id}`.
+ // This field is ignored when you create a new patch deployment.
+ string name = 1;
+
+ // Optional. Description of the patch deployment. Length of the description is limited
+ // to 1024 characters.
+ string description = 2 [(google.api.field_behavior) = OPTIONAL];
+
+ // Required. VM instances to patch.
+ PatchInstanceFilter instance_filter = 3 [(google.api.field_behavior) = REQUIRED];
+
+ // Optional. Patch configuration that is applied.
+ PatchConfig patch_config = 4 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. Duration of the patch. After the duration ends, the patch times out.
+ google.protobuf.Duration duration = 5 [(google.api.field_behavior) = OPTIONAL];
+
+ // Schedule for the patch.
+ oneof schedule {
+ // Required. Schedule a one-time execution.
+ OneTimeSchedule one_time_schedule = 6 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. Schedule recurring executions.
+ RecurringSchedule recurring_schedule = 7 [(google.api.field_behavior) = REQUIRED];
+ }
+
+ // Output only. Time the patch deployment was created. Timestamp is in
+ // RFC3339
+ // text format.
+ google.protobuf.Timestamp create_time = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. Time the patch deployment was last updated. Timestamp is in
+ // RFC3339
+ // text format.
+ google.protobuf.Timestamp update_time = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. The last time a patch job was started by this deployment.
+ // Timestamp is in
+ // RFC3339
+ // text format.
+ google.protobuf.Timestamp last_execute_time = 10 [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
+// Sets the time for a one time patch deployment. Timestamp is in
+// RFC3339
+// text format.
+message OneTimeSchedule {
+ // Required. The desired patch job execution time.
+ google.protobuf.Timestamp execute_time = 1 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Sets the time for recurring patch deployments.
+message RecurringSchedule {
+ // Specifies the frequency of the recurring patch deployments.
+ enum Frequency {
+ // Invalid. A frequency must be specified.
+ FREQUENCY_UNSPECIFIED = 0;
+
+ // Indicates that the frequency should be expressed in terms of
+ // weeks.
+ WEEKLY = 1;
+
+ // Indicates that the frequency should be expressed in terms of
+ // months.
+ MONTHLY = 2;
+ }
+
+ // Required. Defines the time zone that `time_of_day` is relative to.
+ // The rules for daylight saving time are determined by the chosen time zone.
+ google.type.TimeZone time_zone = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Optional. The time that the recurring schedule becomes effective.
+ // Defaults to `create_time` of the patch deployment.
+ google.protobuf.Timestamp start_time = 2 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. The end time at which a recurring patch deployment schedule is no longer
+ // active.
+ google.protobuf.Timestamp end_time = 3 [(google.api.field_behavior) = OPTIONAL];
+
+ // Required. Time of the day to run a recurring deployment.
+ google.type.TimeOfDay time_of_day = 4 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. The frequency unit of this recurring schedule.
+ Frequency frequency = 5 [(google.api.field_behavior) = REQUIRED];
+
+ // Configurations for this recurring schedule.
+ // Configurations must match frequency.
+ oneof schedule_config {
+ // Required. Schedule with weekly executions.
+ WeeklySchedule weekly = 6 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. Schedule with monthly executions.
+ MonthlySchedule monthly = 7 [(google.api.field_behavior) = REQUIRED];
+ }
+
+ // Output only. The time the last patch job ran successfully.
+ google.protobuf.Timestamp last_execute_time = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. The time the next patch job is scheduled to run.
+ google.protobuf.Timestamp next_execute_time = 10 [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
+// Represents a weekly schedule.
+message WeeklySchedule {
+ // Required. Day of the week.
+ google.type.DayOfWeek day_of_week = 1 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Represents a monthly schedule. An example of a valid monthly schedule is
+// "on the third Tuesday of the month" or "on the 15th of the month".
+message MonthlySchedule {
+ // One day in a month.
+ oneof day_of_month {
+ // Required. Week day in a month.
+ WeekDayOfMonth week_day_of_month = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. One day of the month. 1-31 indicates the 1st to the 31st day. -1
+ // indicates the last day of the month.
+ // Months without the target day will be skipped. For example, a schedule to
+ // run "every month on the 31st" will not run in February, April, June, etc.
+ int32 month_day = 2 [(google.api.field_behavior) = REQUIRED];
+ }
+}
+
+// Represents one week day in a month. An example is "the 4th Sunday".
+message WeekDayOfMonth {
+ // Required. Week number in a month. 1-4 indicates the 1st to 4th week of the month. -1
+ // indicates the last week of the month.
+ int32 week_ordinal = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. A day of the week.
+ google.type.DayOfWeek day_of_week = 2 [(google.api.field_behavior) = REQUIRED];
+}
+
+// A request message for creating a patch deployment.
+message CreatePatchDeploymentRequest {
+ // Required. The project to apply this patch deployment to in the form `projects/*`.
+ string parent = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "cloudresourcemanager.googleapis.com/Project"
+ }
+ ];
+
+ // Required. A name for the patch deployment in the project. When creating a name
+ // the following rules apply:
+ // * Must contain only lowercase letters, numbers, and hyphens.
+ // * Must start with a letter.
+ // * Must be between 1-63 characters.
+ // * Must end with a number or a letter.
+ // * Must be unique within the project.
+ string patch_deployment_id = 2 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. The patch deployment to create.
+ PatchDeployment patch_deployment = 3 [(google.api.field_behavior) = REQUIRED];
+}
+
+// A request message for retrieving a patch deployment.
+message GetPatchDeploymentRequest {
+ // Required. The resource name of the patch deployment in the form
+ // `projects/*/patchDeployments/*`.
+ string name = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchDeployment"
+ }
+ ];
+}
+
+// A request message for listing patch deployments.
+message ListPatchDeploymentsRequest {
+ // Required. The resource name of the parent in the form `projects/*`.
+ string parent = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "cloudresourcemanager.googleapis.com/Project"
+ }
+ ];
+
+ // Optional. The maximum number of patch deployments to return. Default is 100.
+ int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. A pagination token returned from a previous call to ListPatchDeployments
+ // that indicates where this listing should continue from.
+ string page_token = 3 [(google.api.field_behavior) = OPTIONAL];
+}
+
+// A response message for listing patch deployments.
+message ListPatchDeploymentsResponse {
+ // The list of patch deployments.
+ repeated PatchDeployment patch_deployments = 1;
+
+ // A pagination token that can be used to get the next page of patch
+ // deployments.
+ string next_page_token = 2;
+}
+
+// A request message for deleting a patch deployment.
+message DeletePatchDeploymentRequest {
+ // Required. The resource name of the patch deployment in the form
+ // `projects/*/patchDeployments/*`.
+ string name = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchDeployment"
+ }
+ ];
+}
diff --git a/google/cloud/osconfig/v1/patch_jobs.proto b/google/cloud/osconfig/v1/patch_jobs.proto
new file mode 100644
index 000000000..6f8aaa4ca
--- /dev/null
+++ b/google/cloud/osconfig/v1/patch_jobs.proto
@@ -0,0 +1,675 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.osconfig.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/timestamp.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/osconfig/v1;osconfig";
+option java_outer_classname = "PatchJobs";
+option java_package = "com.google.cloud.osconfig.v1";
+
+// A request message to initiate patching across Google Compute Engine
+// instances.
+message ExecutePatchJobRequest {
+ // Required. The project in which to run this patch in the form `projects/*`
+ string parent = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "cloudresourcemanager.googleapis.com/Project"
+ }
+ ];
+
+ // Description of the patch job. Length of the description is limited
+ // to 1024 characters.
+ string description = 2;
+
+ // Required. Instances to patch, either explicitly or filtered by some criteria such
+ // as zone or labels.
+ PatchInstanceFilter instance_filter = 7 [(google.api.field_behavior) = REQUIRED];
+
+ // Patch configuration being applied. If omitted, instances are
+ // patched using the default configurations.
+ PatchConfig patch_config = 4;
+
+ // Duration of the patch job. After the duration ends, the patch job
+ // times out.
+ google.protobuf.Duration duration = 5;
+
+ // If this patch is a dry-run only, instances are contacted but
+ // will do nothing.
+ bool dry_run = 6;
+
+ // Display name for this patch job. This does not have to be unique.
+ string display_name = 8;
+}
+
+// Request to get an active or completed patch job.
+message GetPatchJobRequest {
+ // Required. Name of the patch in the form `projects/*/patchJobs/*`
+ string name = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchJob"
+ }
+ ];
+}
+
+// Request to list details for all instances that are part of a patch job.
+message ListPatchJobInstanceDetailsRequest {
+ // Required. The parent for the instances are in the form of `projects/*/patchJobs/*`.
+ string parent = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchJob"
+ }
+ ];
+
+ // The maximum number of instance details records to return. Default is 100.
+ int32 page_size = 2;
+
+ // A pagination token returned from a previous call
+ // that indicates where this listing should continue from.
+ string page_token = 3;
+
+ // A filter expression that filters results listed in the response. This
+ // field supports filtering results by instance zone, name, state, or
+ // `failure_reason`.
+ string filter = 4;
+}
+
+// A response message for listing the instances details for a patch job.
+message ListPatchJobInstanceDetailsResponse {
+ // A list of instance status.
+ repeated PatchJobInstanceDetails patch_job_instance_details = 1;
+
+ // A pagination token that can be used to get the next page of results.
+ string next_page_token = 2;
+}
+
+// Patch details for a VM instance. For more information about reviewing VM
+// instance details, see
+// [Listing all VM instance details for a specific patch
+// job](/compute/docs/os-patch-management/manage-patch-jobs#list-instance-details).
+message PatchJobInstanceDetails {
+ // The instance name in the form `projects/*/zones/*/instances/*`
+ string name = 1 [(google.api.resource_reference) = {
+ type: "compute.googleapis.com/Instance"
+ }];
+
+ // The unique identifier for the instance. This identifier is
+ // defined by the server.
+ string instance_system_id = 2;
+
+ // Current state of instance patch.
+ Instance.PatchState state = 3;
+
+ // If the patch fails, this field provides the reason.
+ string failure_reason = 4;
+
+ // The number of times the agent that the agent attempts to apply the patch.
+ int64 attempt_count = 5;
+}
+
+// A request message for listing patch jobs.
+message ListPatchJobsRequest {
+ // Required. In the form of `projects/*`
+ string parent = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "cloudresourcemanager.googleapis.com/Project"
+ }
+ ];
+
+ // The maximum number of instance status to return.
+ int32 page_size = 2;
+
+ // A pagination token returned from a previous call
+ // that indicates where this listing should continue from.
+ string page_token = 3;
+
+ // If provided, this field specifies the criteria that must be met by patch
+ // jobs to be included in the response.
+ // Currently, filtering is only available on the patch_deployment field.
+ string filter = 4;
+}
+
+// A response message for listing patch jobs.
+message ListPatchJobsResponse {
+ // The list of patch jobs.
+ repeated PatchJob patch_jobs = 1;
+
+ // A pagination token that can be used to get the next page of results.
+ string next_page_token = 2;
+}
+
+// A high level representation of a patch job that is either in progress
+// or has completed.
+//
+// Instances details are not included in the job. To paginate through instance
+// details, use ListPatchJobInstanceDetails.
+//
+// For more information about patch jobs, see
+// [Creating patch jobs](/compute/docs/os-patch-management/create-patch-job).
+message PatchJob {
+ option (google.api.resource) = {
+ type: "osconfig.googleapis.com/PatchJob"
+ pattern: "projects/{project}/patchJobs/{patch_job}"
+ };
+
+ // A summary of the current patch state across all instances that this patch
+ // job affects. Contains counts of instances in different states. These states
+ // map to `InstancePatchState`. List patch job instance details to see the
+ // specific states of each instance.
+ message InstanceDetailsSummary {
+ // Number of instances pending patch job.
+ int64 pending_instance_count = 1;
+
+ // Number of instances that are inactive.
+ int64 inactive_instance_count = 2;
+
+ // Number of instances notified about patch job.
+ int64 notified_instance_count = 3;
+
+ // Number of instances that have started.
+ int64 started_instance_count = 4;
+
+ // Number of instances that are downloading patches.
+ int64 downloading_patches_instance_count = 5;
+
+ // Number of instances that are applying patches.
+ int64 applying_patches_instance_count = 6;
+
+ // Number of instances rebooting.
+ int64 rebooting_instance_count = 7;
+
+ // Number of instances that have completed successfully.
+ int64 succeeded_instance_count = 8;
+
+ // Number of instances that require reboot.
+ int64 succeeded_reboot_required_instance_count = 9;
+
+ // Number of instances that failed.
+ int64 failed_instance_count = 10;
+
+ // Number of instances that have acked and will start shortly.
+ int64 acked_instance_count = 11;
+
+ // Number of instances that exceeded the time out while applying the patch.
+ int64 timed_out_instance_count = 12;
+
+ // Number of instances that are running the pre-patch step.
+ int64 pre_patch_step_instance_count = 13;
+
+ // Number of instances that are running the post-patch step.
+ int64 post_patch_step_instance_count = 14;
+
+ // Number of instances that do not appear to be running the agent. Check to
+ // ensure that the agent is installed, running, and able to communicate with
+ // the service.
+ int64 no_agent_detected_instance_count = 15;
+ }
+
+ // Enumeration of the various states a patch job passes through as it
+ // executes.
+ enum State {
+ // State must be specified.
+ STATE_UNSPECIFIED = 0;
+
+ // The patch job was successfully initiated.
+ STARTED = 1;
+
+ // The patch job is looking up instances to run the patch on.
+ INSTANCE_LOOKUP = 2;
+
+ // Instances are being patched.
+ PATCHING = 3;
+
+ // Patch job completed successfully.
+ SUCCEEDED = 4;
+
+ // Patch job completed but there were errors.
+ COMPLETED_WITH_ERRORS = 5;
+
+ // The patch job was canceled.
+ CANCELED = 6;
+
+ // The patch job timed out.
+ TIMED_OUT = 7;
+ }
+
+ // Unique identifier for this patch job in the form
+ // `projects/*/patchJobs/*`
+ string name = 1;
+
+ // Display name for this patch job. This is not a unique identifier.
+ string display_name = 14;
+
+ // Description of the patch job. Length of the description is limited
+ // to 1024 characters.
+ string description = 2;
+
+ // Time this patch job was created.
+ google.protobuf.Timestamp create_time = 3;
+
+ // Last time this patch job was updated.
+ google.protobuf.Timestamp update_time = 4;
+
+ // The current state of the PatchJob .
+ State state = 5;
+
+ // Instances to patch.
+ PatchInstanceFilter instance_filter = 13;
+
+ // Patch configuration being applied.
+ PatchConfig patch_config = 7;
+
+ // Duration of the patch job. After the duration ends, the
+ // patch job times out.
+ google.protobuf.Duration duration = 8;
+
+ // Summary of instance details.
+ InstanceDetailsSummary instance_details_summary = 9;
+
+ // If this patch job is a dry run, the agent reports that it has
+ // finished without running any updates on the VM instance.
+ bool dry_run = 10;
+
+ // If this patch job failed, this message provides information about the
+ // failure.
+ string error_message = 11;
+
+ // Reflects the overall progress of the patch job in the range of
+ // 0.0 being no progress to 100.0 being complete.
+ double percent_complete = 12;
+
+ // Output only. Name of the patch deployment that created this patch job.
+ string patch_deployment = 15 [
+ (google.api.field_behavior) = OUTPUT_ONLY,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchDeployment"
+ }
+ ];
+}
+
+// Patch configuration specifications. Contains details on how to apply the
+// patch(es) to a VM instance.
+message PatchConfig {
+ // Post-patch reboot settings.
+ enum RebootConfig {
+ // The default behavior is DEFAULT.
+ REBOOT_CONFIG_UNSPECIFIED = 0;
+
+ // The agent decides if a reboot is necessary by checking signals such as
+ // registry keys on Windows or `/var/run/reboot-required` on APT based
+ // systems. On RPM based systems, a set of core system package install times
+ // are compared with system boot time.
+ DEFAULT = 1;
+
+ // Always reboot the machine after the update completes.
+ ALWAYS = 2;
+
+ // Never reboot the machine after the update completes.
+ NEVER = 3;
+ }
+
+ // Post-patch reboot settings.
+ RebootConfig reboot_config = 1;
+
+ // Apt update settings. Use this setting to override the default `apt` patch
+ // rules.
+ AptSettings apt = 3;
+
+ // Yum update settings. Use this setting to override the default `yum` patch
+ // rules.
+ YumSettings yum = 4;
+
+ // Goo update settings. Use this setting to override the default `goo` patch
+ // rules.
+ GooSettings goo = 5;
+
+ // Zypper update settings. Use this setting to override the default `zypper`
+ // patch rules.
+ ZypperSettings zypper = 6;
+
+ // Windows update settings. Use this override the default windows patch rules.
+ WindowsUpdateSettings windows_update = 7;
+
+ // The `ExecStep` to run before the patch update.
+ ExecStep pre_step = 8;
+
+ // The `ExecStep` to run after the patch update.
+ ExecStep post_step = 9;
+}
+
+// Namespace for instance state enums.
+message Instance {
+ // Patch state of an instance.
+ enum PatchState {
+ // Unspecified.
+ PATCH_STATE_UNSPECIFIED = 0;
+
+ // The instance is not yet notified.
+ PENDING = 1;
+
+ // Instance is inactive and cannot be patched.
+ INACTIVE = 2;
+
+ // The instance is notified that it should be patched.
+ NOTIFIED = 3;
+
+ // The instance has started the patching process.
+ STARTED = 4;
+
+ // The instance is downloading patches.
+ DOWNLOADING_PATCHES = 5;
+
+ // The instance is applying patches.
+ APPLYING_PATCHES = 6;
+
+ // The instance is rebooting.
+ REBOOTING = 7;
+
+ // The instance has completed applying patches.
+ SUCCEEDED = 8;
+
+ // The instance has completed applying patches but a reboot is required.
+ SUCCEEDED_REBOOT_REQUIRED = 9;
+
+ // The instance has failed to apply the patch.
+ FAILED = 10;
+
+ // The instance acked the notification and will start shortly.
+ ACKED = 11;
+
+ // The instance exceeded the time out while applying the patch.
+ TIMED_OUT = 12;
+
+ // The instance is running the pre-patch step.
+ RUNNING_PRE_PATCH_STEP = 13;
+
+ // The instance is running the post-patch step.
+ RUNNING_POST_PATCH_STEP = 14;
+
+ // The service could not detect the presence of the agent. Check to ensure
+ // that the agent is installed, running, and able to communicate with the
+ // service.
+ NO_AGENT_DETECTED = 15;
+ }
+
+
+}
+
+// Message for canceling a patch job.
+message CancelPatchJobRequest {
+ // Required. Name of the patch in the form `projects/*/patchJobs/*`
+ string name = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "osconfig.googleapis.com/PatchJob"
+ }
+ ];
+}
+
+// Apt patching is completed by executing `apt-get update && apt-get
+// upgrade`. Additional options can be set to control how this is executed.
+message AptSettings {
+ // Apt patch type.
+ enum Type {
+ // By default, upgrade will be performed.
+ TYPE_UNSPECIFIED = 0;
+
+ // Runs `apt-get dist-upgrade`.
+ DIST = 1;
+
+ // Runs `apt-get upgrade`.
+ UPGRADE = 2;
+ }
+
+ // By changing the type to DIST, the patching is performed
+ // using `apt-get dist-upgrade` instead.
+ Type type = 1;
+
+ // List of packages to exclude from update. These packages will be excluded
+ repeated string excludes = 2;
+
+ // An exclusive list of packages to be updated. These are the only packages
+ // that will be updated. If these packages are not installed, they will be
+ // ignored. This field cannot be specified with any other patch configuration
+ // fields.
+ repeated string exclusive_packages = 3;
+}
+
+// Yum patching is performed by executing `yum update`. Additional options
+// can be set to control how this is executed.
+//
+// Note that not all settings are supported on all platforms.
+message YumSettings {
+ // Adds the `--security` flag to `yum update`. Not supported on
+ // all platforms.
+ bool security = 1;
+
+ // Will cause patch to run `yum update-minimal` instead.
+ bool minimal = 2;
+
+ // List of packages to exclude from update. These packages are excluded by
+ // using the yum `--exclude` flag.
+ repeated string excludes = 3;
+
+ // An exclusive list of packages to be updated. These are the only packages
+ // that will be updated. If these packages are not installed, they will be
+ // ignored. This field must not be specified with any other patch
+ // configuration fields.
+ repeated string exclusive_packages = 4;
+}
+
+// Googet patching is performed by running `googet update`.
+message GooSettings {
+
+}
+
+// Zypper patching is performed by running `zypper patch`.
+// See also https://en.opensuse.org/SDB:Zypper_manual.
+message ZypperSettings {
+ // Adds the `--with-optional` flag to `zypper patch`.
+ bool with_optional = 1;
+
+ // Adds the `--with-update` flag, to `zypper patch`.
+ bool with_update = 2;
+
+ // Install only patches with these categories.
+ // Common categories include security, recommended, and feature.
+ repeated string categories = 3;
+
+ // Install only patches with these severities.
+ // Common severities include critical, important, moderate, and low.
+ repeated string severities = 4;
+
+ // List of patches to exclude from update.
+ repeated string excludes = 5;
+
+ // An exclusive list of patches to be updated. These are the only patches
+ // that will be installed using 'zypper patch patch:' command.
+ // This field must not be used with any other patch configuration fields.
+ repeated string exclusive_patches = 6;
+}
+
+// Windows patching is performed using the Windows Update Agent.
+message WindowsUpdateSettings {
+ // Microsoft Windows update classifications as defined in
+ // [1]
+ // https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro
+ enum Classification {
+ // Invalid. If classifications are included, they must be specified.
+ CLASSIFICATION_UNSPECIFIED = 0;
+
+ // "A widely released fix for a specific problem that addresses a critical,
+ // non-security-related bug." [1]
+ CRITICAL = 1;
+
+ // "A widely released fix for a product-specific, security-related
+ // vulnerability. Security vulnerabilities are rated by their severity. The
+ // severity rating is indicated in the Microsoft security bulletin as
+ // critical, important, moderate, or low." [1]
+ SECURITY = 2;
+
+ // "A widely released and frequent software update that contains additions
+ // to a product's definition database. Definition databases are often used
+ // to detect objects that have specific attributes, such as malicious code,
+ // phishing websites, or junk mail." [1]
+ DEFINITION = 3;
+
+ // "Software that controls the input and output of a device." [1]
+ DRIVER = 4;
+
+ // "New product functionality that is first distributed outside the context
+ // of a product release and that is typically included in the next full
+ // product release." [1]
+ FEATURE_PACK = 5;
+
+ // "A tested, cumulative set of all hotfixes, security updates, critical
+ // updates, and updates. Additionally, service packs may contain additional
+ // fixes for problems that are found internally since the release of the
+ // product. Service packs my also contain a limited number of
+ // customer-requested design changes or features." [1]
+ SERVICE_PACK = 6;
+
+ // "A utility or feature that helps complete a task or set of tasks." [1]
+ TOOL = 7;
+
+ // "A tested, cumulative set of hotfixes, security updates, critical
+ // updates, and updates that are packaged together for easy deployment. A
+ // rollup generally targets a specific area, such as security, or a
+ // component of a product, such as Internet Information Services (IIS)." [1]
+ UPDATE_ROLLUP = 8;
+
+ // "A widely released fix for a specific problem. An update addresses a
+ // noncritical, non-security-related bug." [1]
+ UPDATE = 9;
+ }
+
+ // Only apply updates of these windows update classifications. If empty, all
+ // updates are applied.
+ repeated Classification classifications = 1;
+
+ // List of KBs to exclude from update.
+ repeated string excludes = 2;
+
+ // An exclusive list of kbs to be updated. These are the only patches
+ // that will be updated. This field must not be used with other
+ // patch configurations.
+ repeated string exclusive_patches = 3;
+}
+
+// A step that runs an executable for a PatchJob.
+message ExecStep {
+ // The ExecStepConfig for all Linux VMs targeted by the PatchJob.
+ ExecStepConfig linux_exec_step_config = 1;
+
+ // The ExecStepConfig for all Windows VMs targeted by the PatchJob.
+ ExecStepConfig windows_exec_step_config = 2;
+}
+
+// Common configurations for an ExecStep.
+message ExecStepConfig {
+ // The interpreter used to execute the a file.
+ enum Interpreter {
+ // Invalid for a Windows ExecStepConfig. For a Linux ExecStepConfig, the
+ // interpreter will be parsed from the shebang line of the script if
+ // unspecified.
+ INTERPRETER_UNSPECIFIED = 0;
+
+ // Indicates that the script is run with `/bin/sh` on Linux and `cmd`
+ // on Windows.
+ SHELL = 1;
+
+ // Indicates that the file is run with PowerShell flags
+ // `-NonInteractive`, `-NoProfile`, and `-ExecutionPolicy Bypass`.
+ POWERSHELL = 2;
+ }
+
+ // Location of the executable.
+ oneof executable {
+ // An absolute path to the executable on the VM.
+ string local_path = 1;
+
+ // A Google Cloud Storage object containing the executable.
+ GcsObject gcs_object = 2;
+ }
+
+ // Defaults to [0]. A list of possible return values that the
+ // execution can return to indicate a success.
+ repeated int32 allowed_success_codes = 3;
+
+ // The script interpreter to use to run the script. If no interpreter is
+ // specified the script will be executed directly, which will likely
+ // only succeed for scripts with [shebang lines]
+ // (https://en.wikipedia.org/wiki/Shebang_\(Unix\)).
+ Interpreter interpreter = 4;
+}
+
+// Google Cloud Storage object representation.
+message GcsObject {
+ // Required. Bucket of the Google Cloud Storage object.
+ string bucket = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. Name of the Google Cloud Storage object.
+ string object = 2 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. Generation number of the Google Cloud Storage object. This is used to
+ // ensure that the ExecStep specified by this PatchJob does not change.
+ int64 generation_number = 3 [(google.api.field_behavior) = REQUIRED];
+}
+
+// A filter to target VM instances for patching. The targeted
+// VMs must meet all criteria specified. So if both labels and zones are
+// specified, the patch job targets only VMs with those labels and in those
+// zones.
+message PatchInstanceFilter {
+ // Represents a group of VMs that can be identified as having all these
+ // labels, for example "env=prod and app=web".
+ message GroupLabel {
+ // Google Compute Engine instance labels that must be present for a VM
+ // instance to be targeted by this filter.
+ map labels = 1;
+ }
+
+ // Target all VM instances in the project. If true, no other criteria is
+ // permitted.
+ bool all = 1;
+
+ // Targets VM instances matching at least one of these label sets. This allows
+ // targeting of disparate groups, for example "env=prod or env=staging".
+ repeated GroupLabel group_labels = 2;
+
+ // Targets VM instances in ANY of these zones. Leave empty to target VM
+ // instances in any zone.
+ repeated string zones = 3;
+
+ // Targets any of the VM instances specified. Instances are specified by their
+ // URI in the form `zones/[ZONE]/instances/[INSTANCE_NAME],
+ // `projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]`, or
+ // `https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]`
+ repeated string instances = 4;
+
+ // Targets VMs whose name starts with one of these prefixes. Similar to
+ // labels, this is another way to group VMs when targeting configs, for
+ // example prefix="prod-".
+ repeated string instance_name_prefixes = 5;
+}