1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.devtools.cloudbuild.v1; 18 19import "google/api/annotations.proto"; 20import "google/api/client.proto"; 21import "google/api/field_behavior.proto"; 22import "google/api/httpbody.proto"; 23import "google/api/resource.proto"; 24import "google/longrunning/operations.proto"; 25import "google/protobuf/duration.proto"; 26import "google/protobuf/empty.proto"; 27import "google/protobuf/field_mask.proto"; 28import "google/protobuf/timestamp.proto"; 29 30option csharp_namespace = "Google.Cloud.CloudBuild.V1"; 31option go_package = "cloud.google.com/go/cloudbuild/apiv1/v2/apiv1pb;apiv1pb"; 32option java_multiple_files = true; 33option java_package = "com.google.cloudbuild.v1"; 34option objc_class_prefix = "GCB"; 35option php_namespace = "Google\\Cloud\\Build\\V1"; 36option ruby_package = "Google::Cloud::Build::V1"; 37option (google.api.resource_definition) = { 38 type: "compute.googleapis.com/Network" 39 pattern: "projects/{project}/global/networks/{network}" 40}; 41option (google.api.resource_definition) = { 42 type: "iam.googleapis.com/ServiceAccount" 43 pattern: "projects/{project}/serviceAccounts/{service_account}" 44}; 45option (google.api.resource_definition) = { 46 type: "secretmanager.googleapis.com/Secret" 47 pattern: "projects/{project}/secrets/{secret}" 48}; 49option (google.api.resource_definition) = { 50 type: "secretmanager.googleapis.com/SecretVersion" 51 pattern: "projects/{project}/secrets/{secret}/versions/{version}" 52}; 53option (google.api.resource_definition) = { 54 type: "cloudkms.googleapis.com/CryptoKey" 55 pattern: "projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}" 56}; 57option (google.api.resource_definition) = { 58 type: "pubsub.googleapis.com/Subscription" 59 pattern: "projects/{project}/subscriptions/{subscription}" 60}; 61option (google.api.resource_definition) = { 62 type: "pubsub.googleapis.com/Topic" 63 pattern: "projects/{project}/topics/{topic}" 64}; 65 66// Creates and manages builds on Google Cloud Platform. 67// 68// The main concept used by this API is a `Build`, which describes the location 69// of the source to build, how to build the source, and where to store the 70// built artifacts, if any. 71// 72// A user can list previously-requested builds or get builds by their ID to 73// determine the status of the build. 74service CloudBuild { 75 option (google.api.default_host) = "cloudbuild.googleapis.com"; 76 option (google.api.oauth_scopes) = 77 "https://www.googleapis.com/auth/cloud-platform"; 78 79 // Starts a build with the specified configuration. 80 // 81 // This method returns a long-running `Operation`, which includes the build 82 // ID. Pass the build ID to `GetBuild` to determine the build status (such as 83 // `SUCCESS` or `FAILURE`). 84 rpc CreateBuild(CreateBuildRequest) returns (google.longrunning.Operation) { 85 option (google.api.http) = { 86 post: "/v1/projects/{project_id}/builds" 87 body: "build" 88 additional_bindings { 89 post: "/v1/{parent=projects/*/locations/*}/builds" 90 body: "build" 91 } 92 }; 93 option (google.api.method_signature) = "project_id,build"; 94 option (google.longrunning.operation_info) = { 95 response_type: "Build" 96 metadata_type: "BuildOperationMetadata" 97 }; 98 } 99 100 // Returns information about a previously requested build. 101 // 102 // The `Build` that is returned includes its status (such as `SUCCESS`, 103 // `FAILURE`, or `WORKING`), and timing information. 104 rpc GetBuild(GetBuildRequest) returns (Build) { 105 option (google.api.http) = { 106 get: "/v1/projects/{project_id}/builds/{id}" 107 additional_bindings { get: "/v1/{name=projects/*/locations/*/builds/*}" } 108 }; 109 option (google.api.method_signature) = "project_id,id"; 110 } 111 112 // Lists previously requested builds. 113 // 114 // Previously requested builds may still be in-progress, or may have finished 115 // successfully or unsuccessfully. 116 rpc ListBuilds(ListBuildsRequest) returns (ListBuildsResponse) { 117 option (google.api.http) = { 118 get: "/v1/projects/{project_id}/builds" 119 additional_bindings { get: "/v1/{parent=projects/*/locations/*}/builds" } 120 }; 121 option (google.api.method_signature) = "project_id,filter"; 122 } 123 124 // Cancels a build in progress. 125 rpc CancelBuild(CancelBuildRequest) returns (Build) { 126 option (google.api.http) = { 127 post: "/v1/projects/{project_id}/builds/{id}:cancel" 128 body: "*" 129 additional_bindings { 130 post: "/v1/{name=projects/*/locations/*/builds/*}:cancel" 131 body: "*" 132 } 133 }; 134 option (google.api.method_signature) = "project_id,id"; 135 } 136 137 // Creates a new build based on the specified build. 138 // 139 // This method creates a new build using the original build request, which may 140 // or may not result in an identical build. 141 // 142 // For triggered builds: 143 // 144 // * Triggered builds resolve to a precise revision; therefore a retry of a 145 // triggered build will result in a build that uses the same revision. 146 // 147 // For non-triggered builds that specify `RepoSource`: 148 // 149 // * If the original build built from the tip of a branch, the retried build 150 // will build from the tip of that branch, which may not be the same revision 151 // as the original build. 152 // * If the original build specified a commit sha or revision ID, the retried 153 // build will use the identical source. 154 // 155 // For builds that specify `StorageSource`: 156 // 157 // * If the original build pulled source from Google Cloud Storage without 158 // specifying the generation of the object, the new build will use the current 159 // object, which may be different from the original build source. 160 // * If the original build pulled source from Cloud Storage and specified the 161 // generation of the object, the new build will attempt to use the same 162 // object, which may or may not be available depending on the bucket's 163 // lifecycle management settings. 164 rpc RetryBuild(RetryBuildRequest) returns (google.longrunning.Operation) { 165 option (google.api.http) = { 166 post: "/v1/projects/{project_id}/builds/{id}:retry" 167 body: "*" 168 additional_bindings { 169 post: "/v1/{name=projects/*/locations/*/builds/*}:retry" 170 body: "*" 171 } 172 }; 173 option (google.api.method_signature) = "project_id,id"; 174 option (google.longrunning.operation_info) = { 175 response_type: "Build" 176 metadata_type: "BuildOperationMetadata" 177 }; 178 } 179 180 // Approves or rejects a pending build. 181 // 182 // If approved, the returned LRO will be analogous to the LRO returned from 183 // a CreateBuild call. 184 // 185 // If rejected, the returned LRO will be immediately done. 186 rpc ApproveBuild(ApproveBuildRequest) returns (google.longrunning.Operation) { 187 option (google.api.http) = { 188 post: "/v1/{name=projects/*/builds/*}:approve" 189 body: "*" 190 additional_bindings { 191 post: "/v1/{name=projects/*/locations/*/builds/*}:approve" 192 body: "*" 193 } 194 }; 195 option (google.api.method_signature) = "name,approval_result"; 196 option (google.longrunning.operation_info) = { 197 response_type: "Build" 198 metadata_type: "BuildOperationMetadata" 199 }; 200 } 201 202 // Creates a new `BuildTrigger`. 203 // 204 // This API is experimental. 205 rpc CreateBuildTrigger(CreateBuildTriggerRequest) returns (BuildTrigger) { 206 option (google.api.http) = { 207 post: "/v1/projects/{project_id}/triggers" 208 body: "trigger" 209 additional_bindings { 210 post: "/v1/{parent=projects/*/locations/*}/triggers" 211 body: "trigger" 212 } 213 }; 214 option (google.api.method_signature) = "project_id,trigger"; 215 } 216 217 // Returns information about a `BuildTrigger`. 218 // 219 // This API is experimental. 220 rpc GetBuildTrigger(GetBuildTriggerRequest) returns (BuildTrigger) { 221 option (google.api.http) = { 222 get: "/v1/projects/{project_id}/triggers/{trigger_id}" 223 additional_bindings { 224 get: "/v1/{name=projects/*/locations/*/triggers/*}" 225 } 226 }; 227 option (google.api.method_signature) = "project_id,trigger_id"; 228 } 229 230 // Lists existing `BuildTrigger`s. 231 // 232 // This API is experimental. 233 rpc ListBuildTriggers(ListBuildTriggersRequest) 234 returns (ListBuildTriggersResponse) { 235 option (google.api.http) = { 236 get: "/v1/projects/{project_id}/triggers" 237 additional_bindings { 238 get: "/v1/{parent=projects/*/locations/*}/triggers" 239 } 240 }; 241 option (google.api.method_signature) = "project_id"; 242 } 243 244 // Deletes a `BuildTrigger` by its project ID and trigger ID. 245 // 246 // This API is experimental. 247 rpc DeleteBuildTrigger(DeleteBuildTriggerRequest) 248 returns (google.protobuf.Empty) { 249 option (google.api.http) = { 250 delete: "/v1/projects/{project_id}/triggers/{trigger_id}" 251 additional_bindings { 252 delete: "/v1/{name=projects/*/locations/*/triggers/*}" 253 } 254 }; 255 option (google.api.method_signature) = "project_id,trigger_id"; 256 } 257 258 // Updates a `BuildTrigger` by its project ID and trigger ID. 259 // 260 // This API is experimental. 261 rpc UpdateBuildTrigger(UpdateBuildTriggerRequest) returns (BuildTrigger) { 262 option (google.api.http) = { 263 patch: "/v1/projects/{project_id}/triggers/{trigger_id}" 264 body: "trigger" 265 additional_bindings { 266 patch: "/v1/{trigger.resource_name=projects/*/locations/*/triggers/*}" 267 body: "trigger" 268 } 269 }; 270 option (google.api.method_signature) = "project_id,trigger_id,trigger"; 271 } 272 273 // Runs a `BuildTrigger` at a particular source revision. 274 rpc RunBuildTrigger(RunBuildTriggerRequest) 275 returns (google.longrunning.Operation) { 276 option (google.api.http) = { 277 post: "/v1/projects/{project_id}/triggers/{trigger_id}:run" 278 body: "source" 279 additional_bindings { 280 post: "/v1/{name=projects/*/locations/*/triggers/*}:run" 281 body: "*" 282 } 283 }; 284 option (google.api.method_signature) = "project_id,trigger_id,source"; 285 option (google.longrunning.operation_info) = { 286 response_type: "Build" 287 metadata_type: "BuildOperationMetadata" 288 }; 289 } 290 291 // ReceiveTriggerWebhook [Experimental] is called when the API receives a 292 // webhook request targeted at a specific trigger. 293 rpc ReceiveTriggerWebhook(ReceiveTriggerWebhookRequest) 294 returns (ReceiveTriggerWebhookResponse) { 295 option (google.api.http) = { 296 post: "/v1/projects/{project_id}/triggers/{trigger}:webhook" 297 body: "body" 298 additional_bindings { 299 post: "/v1/{name=projects/*/locations/*/triggers/*}:webhook" 300 body: "body" 301 } 302 }; 303 } 304 305 // Creates a `WorkerPool`. 306 rpc CreateWorkerPool(CreateWorkerPoolRequest) 307 returns (google.longrunning.Operation) { 308 option (google.api.http) = { 309 post: "/v1/{parent=projects/*/locations/*}/workerPools" 310 body: "worker_pool" 311 }; 312 option (google.api.method_signature) = "parent,worker_pool,worker_pool_id"; 313 option (google.longrunning.operation_info) = { 314 response_type: "WorkerPool" 315 metadata_type: "CreateWorkerPoolOperationMetadata" 316 }; 317 } 318 319 // Returns details of a `WorkerPool`. 320 rpc GetWorkerPool(GetWorkerPoolRequest) returns (WorkerPool) { 321 option (google.api.http) = { 322 get: "/v1/{name=projects/*/locations/*/workerPools/*}" 323 }; 324 option (google.api.method_signature) = "name"; 325 } 326 327 // Deletes a `WorkerPool`. 328 rpc DeleteWorkerPool(DeleteWorkerPoolRequest) 329 returns (google.longrunning.Operation) { 330 option (google.api.http) = { 331 delete: "/v1/{name=projects/*/locations/*/workerPools/*}" 332 }; 333 option (google.api.method_signature) = "name"; 334 option (google.longrunning.operation_info) = { 335 response_type: "google.protobuf.Empty" 336 metadata_type: "DeleteWorkerPoolOperationMetadata" 337 }; 338 } 339 340 // Updates a `WorkerPool`. 341 rpc UpdateWorkerPool(UpdateWorkerPoolRequest) 342 returns (google.longrunning.Operation) { 343 option (google.api.http) = { 344 patch: "/v1/{worker_pool.name=projects/*/locations/*/workerPools/*}" 345 body: "worker_pool" 346 }; 347 option (google.api.method_signature) = "worker_pool,update_mask"; 348 option (google.longrunning.operation_info) = { 349 response_type: "WorkerPool" 350 metadata_type: "UpdateWorkerPoolOperationMetadata" 351 }; 352 } 353 354 // Lists `WorkerPool`s. 355 rpc ListWorkerPools(ListWorkerPoolsRequest) 356 returns (ListWorkerPoolsResponse) { 357 option (google.api.http) = { 358 get: "/v1/{parent=projects/*/locations/*}/workerPools" 359 }; 360 option (google.api.method_signature) = "parent"; 361 } 362} 363 364// Specifies a build to retry. 365message RetryBuildRequest { 366 // The name of the `Build` to retry. 367 // Format: `projects/{project}/locations/{location}/builds/{build}` 368 string name = 3 [(google.api.resource_reference) = { 369 type: "cloudbuild.googleapis.com/Build" 370 }]; 371 372 // Required. ID of the project. 373 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 374 375 // Required. Build ID of the original build. 376 string id = 2 [(google.api.field_behavior) = REQUIRED]; 377} 378 379// Specifies a build trigger to run and the source to use. 380message RunBuildTriggerRequest { 381 // The name of the `Trigger` to run. 382 // Format: `projects/{project}/locations/{location}/triggers/{trigger}` 383 string name = 4 [(google.api.resource_reference) = { 384 type: "cloudbuild.googleapis.com/BuildTrigger" 385 }]; 386 387 // Required. ID of the project. 388 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 389 390 // Required. ID of the trigger. 391 string trigger_id = 2 [(google.api.field_behavior) = REQUIRED]; 392 393 // Source to build against this trigger. 394 RepoSource source = 3; 395} 396 397// Location of the source in an archive file in Google Cloud Storage. 398message StorageSource { 399 // Google Cloud Storage bucket containing the source (see 400 // [Bucket Name 401 // Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). 402 string bucket = 1; 403 404 // Google Cloud Storage object containing the source. 405 // 406 // This object must be a gzipped archive file (`.tar.gz`) containing source to 407 // build. 408 string object = 2; 409 410 // Google Cloud Storage generation for the object. If the generation is 411 // omitted, the latest generation will be used. 412 int64 generation = 3; 413} 414 415// Location of the source in any accessible Git repository. 416message GitSource { 417 // Location of the Git repo to build. 418 // 419 // This will be used as a `git remote`, see 420 // https://git-scm.com/docs/git-remote. 421 string url = 1; 422 423 // Directory, relative to the source root, in which to run the build. 424 // 425 // This must be a relative path. If a step's `dir` is specified and is an 426 // absolute path, this value is ignored for that step's execution. 427 string dir = 5; 428 429 // The revision to fetch from the Git repository such as a branch, a tag, a 430 // commit SHA, or any Git ref. 431 // 432 // Cloud Build uses `git fetch` to fetch the revision from the Git 433 // repository; therefore make sure that the string you provide for `revision` 434 // is parsable by the command. For information on string values accepted by 435 // `git fetch`, see 436 // https://git-scm.com/docs/gitrevisions#_specifying_revisions. For 437 // information on `git fetch`, see https://git-scm.com/docs/git-fetch. 438 string revision = 6; 439} 440 441// Location of the source in a Google Cloud Source Repository. 442message RepoSource { 443 // ID of the project that owns the Cloud Source Repository. If omitted, the 444 // project ID requesting the build is assumed. 445 string project_id = 1; 446 447 // Name of the Cloud Source Repository. 448 string repo_name = 2; 449 450 // A revision within the Cloud Source Repository must be specified in 451 // one of these ways. 452 oneof revision { 453 // Regex matching branches to build. 454 // 455 // The syntax of the regular expressions accepted is the syntax accepted by 456 // RE2 and described at https://github.com/google/re2/wiki/Syntax 457 string branch_name = 3; 458 459 // Regex matching tags to build. 460 // 461 // The syntax of the regular expressions accepted is the syntax accepted by 462 // RE2 and described at https://github.com/google/re2/wiki/Syntax 463 string tag_name = 4; 464 465 // Explicit commit SHA to build. 466 string commit_sha = 5; 467 } 468 469 // Directory, relative to the source root, in which to run the build. 470 // 471 // This must be a relative path. If a step's `dir` is specified and is an 472 // absolute path, this value is ignored for that step's execution. 473 string dir = 7; 474 475 // Only trigger a build if the revision regex does NOT match the revision 476 // regex. 477 bool invert_regex = 8; 478 479 // Substitutions to use in a triggered build. 480 // Should only be used with RunBuildTrigger 481 map<string, string> substitutions = 9; 482} 483 484// Location of the source manifest in Google Cloud Storage. 485// This feature is in Preview; see description 486// [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). 487message StorageSourceManifest { 488 // Google Cloud Storage bucket containing the source manifest (see [Bucket 489 // Name 490 // Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). 491 string bucket = 1; 492 493 // Google Cloud Storage object containing the source manifest. 494 // 495 // This object must be a JSON file. 496 string object = 2; 497 498 // Google Cloud Storage generation for the object. If the generation is 499 // omitted, the latest generation will be used. 500 int64 generation = 3; 501} 502 503// Location of the source in a supported storage service. 504message Source { 505 // Location of source. 506 oneof source { 507 // If provided, get the source from this location in Google Cloud Storage. 508 StorageSource storage_source = 2; 509 510 // If provided, get the source from this location in a Cloud Source 511 // Repository. 512 RepoSource repo_source = 3; 513 514 // If provided, get the source from this Git repository. 515 GitSource git_source = 5; 516 517 // If provided, get the source from this manifest in Google Cloud Storage. 518 // This feature is in Preview; see description 519 // [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). 520 StorageSourceManifest storage_source_manifest = 8; 521 } 522} 523 524// An image built by the pipeline. 525message BuiltImage { 526 // Name used to push the container image to Google Container Registry, as 527 // presented to `docker push`. 528 string name = 1; 529 530 // Docker Registry 2.0 digest. 531 string digest = 3; 532 533 // Output only. Stores timing information for pushing the specified image. 534 TimeSpan push_timing = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 535} 536 537// Artifact uploaded using the PythonPackage directive. 538message UploadedPythonPackage { 539 // URI of the uploaded artifact. 540 string uri = 1; 541 542 // Hash types and values of the Python Artifact. 543 FileHashes file_hashes = 2; 544 545 // Output only. Stores timing information for pushing the specified artifact. 546 TimeSpan push_timing = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 547} 548 549// A Maven artifact uploaded using the MavenArtifact directive. 550message UploadedMavenArtifact { 551 // URI of the uploaded artifact. 552 string uri = 1; 553 554 // Hash types and values of the Maven Artifact. 555 FileHashes file_hashes = 2; 556 557 // Output only. Stores timing information for pushing the specified artifact. 558 TimeSpan push_timing = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 559} 560 561// An npm package uploaded to Artifact Registry using the NpmPackage 562// directive. 563message UploadedNpmPackage { 564 // URI of the uploaded npm package. 565 string uri = 1; 566 567 // Hash types and values of the npm package. 568 FileHashes file_hashes = 2; 569 570 // Output only. Stores timing information for pushing the specified artifact. 571 TimeSpan push_timing = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 572} 573 574// A step in the build pipeline. 575message BuildStep { 576 // Required. The name of the container image that will run this particular 577 // build step. 578 // 579 // If the image is available in the host's Docker daemon's cache, it 580 // will be run directly. If not, the host will attempt to pull the image 581 // first, using the builder service account's credentials if necessary. 582 // 583 // The Docker daemon's cache will already have the latest versions of all of 584 // the officially supported build steps 585 // ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). 586 // The Docker daemon will also have cached many of the layers for some popular 587 // images, like "ubuntu", "debian", but they will be refreshed at the time you 588 // attempt to use them. 589 // 590 // If you built an image in a previous build step, it will be stored in the 591 // host's Docker daemon's cache and is available to use as the name for a 592 // later build step. 593 string name = 1; 594 595 // A list of environment variable definitions to be used when running a step. 596 // 597 // The elements are of the form "KEY=VALUE" for the environment variable "KEY" 598 // being given the value "VALUE". 599 repeated string env = 2; 600 601 // A list of arguments that will be presented to the step when it is started. 602 // 603 // If the image used to run the step's container has an entrypoint, the `args` 604 // are used as arguments to that entrypoint. If the image does not define 605 // an entrypoint, the first element in args is used as the entrypoint, 606 // and the remainder will be used as arguments. 607 repeated string args = 3; 608 609 // Working directory to use when running this step's container. 610 // 611 // If this value is a relative path, it is relative to the build's working 612 // directory. If this value is absolute, it may be outside the build's working 613 // directory, in which case the contents of the path may not be persisted 614 // across build step executions, unless a `volume` for that path is specified. 615 // 616 // If the build specifies a `RepoSource` with `dir` and a step with a `dir`, 617 // which specifies an absolute path, the `RepoSource` `dir` is ignored for 618 // the step's execution. 619 string dir = 4; 620 621 // Unique identifier for this build step, used in `wait_for` to 622 // reference this build step as a dependency. 623 string id = 5; 624 625 // The ID(s) of the step(s) that this build step depends on. 626 // This build step will not start until all the build steps in `wait_for` 627 // have completed successfully. If `wait_for` is empty, this build step will 628 // start when all previous build steps in the `Build.Steps` list have 629 // completed successfully. 630 repeated string wait_for = 6; 631 632 // Entrypoint to be used instead of the build step image's default entrypoint. 633 // If unset, the image's default entrypoint is used. 634 string entrypoint = 7; 635 636 // A list of environment variables which are encrypted using a Cloud Key 637 // Management Service crypto key. These values must be specified in the 638 // build's `Secret`. 639 repeated string secret_env = 8; 640 641 // List of volumes to mount into the build step. 642 // 643 // Each volume is created as an empty volume prior to execution of the 644 // build step. Upon completion of the build, volumes and their contents are 645 // discarded. 646 // 647 // Using a named volume in only one step is not valid as it is indicative 648 // of a build request with an incorrect configuration. 649 repeated Volume volumes = 9; 650 651 // Output only. Stores timing information for executing this build step. 652 TimeSpan timing = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 653 654 // Output only. Stores timing information for pulling this build step's 655 // builder image only. 656 TimeSpan pull_timing = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; 657 658 // Time limit for executing this build step. If not defined, the step has no 659 // time limit and will be allowed to continue to run until either it completes 660 // or the build itself times out. 661 google.protobuf.Duration timeout = 11; 662 663 // Output only. Status of the build step. At this time, build step status is 664 // only updated on build completion; step status is not updated in real-time 665 // as the build progresses. 666 Build.Status status = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; 667 668 // Allow this build step to fail without failing the entire build. 669 // 670 // If false, the entire build will fail if this step fails. Otherwise, the 671 // build will succeed, but this step will still have a failure status. 672 // Error information will be reported in the failure_detail field. 673 bool allow_failure = 14; 674 675 // Output only. Return code from running the step. 676 int32 exit_code = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; 677 678 // Allow this build step to fail without failing the entire build if and 679 // only if the exit code is one of the specified codes. If allow_failure 680 // is also specified, this field will take precedence. 681 repeated int32 allow_exit_codes = 18; 682 683 // A shell script to be executed in the step. 684 // 685 // When script is provided, the user cannot specify the entrypoint or args. 686 string script = 19; 687} 688 689// Volume describes a Docker container volume which is mounted into build steps 690// in order to persist files across build step execution. 691message Volume { 692 // Name of the volume to mount. 693 // 694 // Volume names must be unique per build step and must be valid names for 695 // Docker volumes. Each named volume must be used by at least two build steps. 696 string name = 1; 697 698 // Path at which to mount the volume. 699 // 700 // Paths must be absolute and cannot conflict with other volume paths on the 701 // same build step or with certain reserved volume paths. 702 string path = 2; 703} 704 705// Artifacts created by the build pipeline. 706message Results { 707 // Container images that were built as a part of the build. 708 repeated BuiltImage images = 2; 709 710 // List of build step digests, in the order corresponding to build step 711 // indices. 712 repeated string build_step_images = 3; 713 714 // Path to the artifact manifest for non-container artifacts uploaded to Cloud 715 // Storage. Only populated when artifacts are uploaded to Cloud Storage. 716 string artifact_manifest = 4; 717 718 // Number of non-container artifacts uploaded to Cloud Storage. Only populated 719 // when artifacts are uploaded to Cloud Storage. 720 int64 num_artifacts = 5; 721 722 // List of build step outputs, produced by builder images, in the order 723 // corresponding to build step indices. 724 // 725 // [Cloud Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) 726 // can produce this output by writing to `$BUILDER_OUTPUT/output`. 727 // Only the first 4KB of data is stored. 728 repeated bytes build_step_outputs = 6; 729 730 // Time to push all non-container artifacts to Cloud Storage. 731 TimeSpan artifact_timing = 7; 732 733 // Python artifacts uploaded to Artifact Registry at the end of the build. 734 repeated UploadedPythonPackage python_packages = 8; 735 736 // Maven artifacts uploaded to Artifact Registry at the end of the build. 737 repeated UploadedMavenArtifact maven_artifacts = 9; 738 739 // Npm packages uploaded to Artifact Registry at the end of the build. 740 repeated UploadedNpmPackage npm_packages = 12; 741} 742 743// An artifact that was uploaded during a build. This 744// is a single record in the artifact manifest JSON file. 745message ArtifactResult { 746 // The path of an artifact in a Google Cloud Storage bucket, with the 747 // generation number. For example, 748 // `gs://mybucket/path/to/output.jar#generation`. 749 string location = 1; 750 751 // The file hash of the artifact. 752 repeated FileHashes file_hash = 2; 753} 754 755// A build resource in the Cloud Build API. 756// 757// At a high level, a `Build` describes where to find source code, how to build 758// it (for example, the builder image to run on the source), and where to store 759// the built artifacts. 760// 761// Fields can include the following variables, which will be expanded when the 762// build is created: 763// 764// - $PROJECT_ID: the project ID of the build. 765// - $PROJECT_NUMBER: the project number of the build. 766// - $LOCATION: the location/region of the build. 767// - $BUILD_ID: the autogenerated ID of the build. 768// - $REPO_NAME: the source repository name specified by RepoSource. 769// - $BRANCH_NAME: the branch name specified by RepoSource. 770// - $TAG_NAME: the tag name specified by RepoSource. 771// - $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or 772// resolved from the specified branch or tag. 773// - $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA. 774message Build { 775 option (google.api.resource) = { 776 type: "cloudbuild.googleapis.com/Build" 777 pattern: "projects/{project}/builds/{build}" 778 pattern: "projects/{project}/locations/{location}/builds/{build}" 779 }; 780 781 // Possible status of a build or build step. 782 enum Status { 783 // Status of the build is unknown. 784 STATUS_UNKNOWN = 0; 785 786 // Build has been created and is pending execution and queuing. It has not 787 // been queued. 788 PENDING = 10; 789 790 // Build or step is queued; work has not yet begun. 791 QUEUED = 1; 792 793 // Build or step is being executed. 794 WORKING = 2; 795 796 // Build or step finished successfully. 797 SUCCESS = 3; 798 799 // Build or step failed to complete successfully. 800 FAILURE = 4; 801 802 // Build or step failed due to an internal cause. 803 INTERNAL_ERROR = 5; 804 805 // Build or step took longer than was allowed. 806 TIMEOUT = 6; 807 808 // Build or step was canceled by a user. 809 CANCELLED = 7; 810 811 // Build was enqueued for longer than the value of `queue_ttl`. 812 EXPIRED = 9; 813 } 814 815 // A non-fatal problem encountered during the execution of the build. 816 message Warning { 817 // The relative importance of this warning. 818 enum Priority { 819 // Should not be used. 820 PRIORITY_UNSPECIFIED = 0; 821 822 // e.g. deprecation warnings and alternative feature highlights. 823 INFO = 1; 824 825 // e.g. automated detection of possible issues with the build. 826 WARNING = 2; 827 828 // e.g. alerts that a feature used in the build is pending removal 829 ALERT = 3; 830 } 831 832 // Explanation of the warning generated. 833 string text = 1; 834 835 // The priority for this warning. 836 Priority priority = 2; 837 } 838 839 // A fatal problem encountered during the execution of the build. 840 message FailureInfo { 841 // The name of a fatal problem encountered during the execution of the 842 // build. 843 enum FailureType { 844 // Type unspecified 845 FAILURE_TYPE_UNSPECIFIED = 0; 846 847 // Unable to push the image to the repository. 848 PUSH_FAILED = 1; 849 850 // Final image not found. 851 PUSH_IMAGE_NOT_FOUND = 2; 852 853 // Unauthorized push of the final image. 854 PUSH_NOT_AUTHORIZED = 3; 855 856 // Backend logging failures. Should retry. 857 LOGGING_FAILURE = 4; 858 859 // A build step has failed. 860 USER_BUILD_STEP = 5; 861 862 // The source fetching has failed. 863 FETCH_SOURCE_FAILED = 6; 864 } 865 866 // The name of the failure. 867 FailureType type = 1; 868 869 // Explains the failure issue in more detail using hard-coded text. 870 string detail = 2; 871 } 872 873 // Output only. The 'Build' name with format: 874 // `projects/{project}/locations/{location}/builds/{build}`, where {build} 875 // is a unique identifier generated by the service. 876 string name = 45 [(google.api.field_behavior) = OUTPUT_ONLY]; 877 878 // Output only. Unique identifier of the build. 879 string id = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 880 881 // Output only. ID of the project. 882 string project_id = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; 883 884 // Output only. Status of the build. 885 Status status = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 886 887 // Output only. Customer-readable message about the current status. 888 string status_detail = 24 [(google.api.field_behavior) = OUTPUT_ONLY]; 889 890 // The location of the source files to build. 891 Source source = 3; 892 893 // Required. The operations to be performed on the workspace. 894 repeated BuildStep steps = 11; 895 896 // Output only. Results of the build. 897 Results results = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 898 899 // Output only. Time at which the request to create the build was received. 900 google.protobuf.Timestamp create_time = 6 901 [(google.api.field_behavior) = OUTPUT_ONLY]; 902 903 // Output only. Time at which execution of the build was started. 904 google.protobuf.Timestamp start_time = 7 905 [(google.api.field_behavior) = OUTPUT_ONLY]; 906 907 // Output only. Time at which execution of the build was finished. 908 // 909 // The difference between finish_time and start_time is the duration of the 910 // build's execution. 911 google.protobuf.Timestamp finish_time = 8 912 [(google.api.field_behavior) = OUTPUT_ONLY]; 913 914 // Amount of time that this build should be allowed to run, to second 915 // granularity. If this amount of time elapses, work on the build will cease 916 // and the build status will be `TIMEOUT`. 917 // 918 // `timeout` starts ticking from `startTime`. 919 // 920 // Default time is 60 minutes. 921 google.protobuf.Duration timeout = 12; 922 923 // A list of images to be pushed upon the successful completion of all build 924 // steps. 925 // 926 // The images are pushed using the builder service account's credentials. 927 // 928 // The digests of the pushed images will be stored in the `Build` resource's 929 // results field. 930 // 931 // If any of the images fail to be pushed, the build status is marked 932 // `FAILURE`. 933 repeated string images = 13; 934 935 // TTL in queue for this build. If provided and the build is enqueued longer 936 // than this value, the build will expire and the build status will be 937 // `EXPIRED`. 938 // 939 // The TTL starts ticking from create_time. 940 google.protobuf.Duration queue_ttl = 40; 941 942 // Artifacts produced by the build that should be uploaded upon 943 // successful completion of all build steps. 944 Artifacts artifacts = 37; 945 946 // Google Cloud Storage bucket where logs should be written (see 947 // [Bucket Name 948 // Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). 949 // Logs file names will be of the format `${logs_bucket}/log-${build_id}.txt`. 950 string logs_bucket = 19; 951 952 // Output only. A permanent fixed identifier for source. 953 SourceProvenance source_provenance = 21 954 [(google.api.field_behavior) = OUTPUT_ONLY]; 955 956 // Output only. The ID of the `BuildTrigger` that triggered this build, if it 957 // was triggered automatically. 958 string build_trigger_id = 22 [(google.api.field_behavior) = OUTPUT_ONLY]; 959 960 // Special options for this build. 961 BuildOptions options = 23; 962 963 // Output only. URL to logs for this build in Google Cloud Console. 964 string log_url = 25 [(google.api.field_behavior) = OUTPUT_ONLY]; 965 966 // Substitutions data for `Build` resource. 967 map<string, string> substitutions = 29; 968 969 // Tags for annotation of a `Build`. These are not docker tags. 970 repeated string tags = 31; 971 972 // Secrets to decrypt using Cloud Key Management Service. 973 // Note: Secret Manager is the recommended technique 974 // for managing sensitive data with Cloud Build. Use `available_secrets` to 975 // configure builds to access secrets from Secret Manager. For instructions, 976 // see: https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets 977 repeated Secret secrets = 32; 978 979 // Output only. Stores timing information for phases of the build. Valid keys 980 // are: 981 // 982 // * BUILD: time to execute all build steps. 983 // * PUSH: time to push all artifacts including docker images and non docker 984 // artifacts. 985 // * FETCHSOURCE: time to fetch source. 986 // * SETUPBUILD: time to set up build. 987 // 988 // If the build does not specify source or images, 989 // these keys will not be included. 990 map<string, TimeSpan> timing = 33 [(google.api.field_behavior) = OUTPUT_ONLY]; 991 992 // Output only. Describes this build's approval configuration, status, 993 // and result. 994 BuildApproval approval = 44 [(google.api.field_behavior) = OUTPUT_ONLY]; 995 996 // IAM service account whose credentials will be used at build runtime. 997 // Must be of the format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. 998 // ACCOUNT can be email address or uniqueId of the service account. 999 // 1000 string service_account = 42 [(google.api.resource_reference) = { 1001 type: "iam.googleapis.com/ServiceAccount" 1002 }]; 1003 1004 // Secrets and secret environment variables. 1005 Secrets available_secrets = 47; 1006 1007 // Output only. Non-fatal problems encountered during the execution of the 1008 // build. 1009 repeated Warning warnings = 49 [(google.api.field_behavior) = OUTPUT_ONLY]; 1010 1011 // Output only. Contains information about the build when status=FAILURE. 1012 FailureInfo failure_info = 51 [(google.api.field_behavior) = OUTPUT_ONLY]; 1013} 1014 1015// Artifacts produced by a build that should be uploaded upon 1016// successful completion of all build steps. 1017message Artifacts { 1018 // Files in the workspace to upload to Cloud Storage upon successful 1019 // completion of all build steps. 1020 message ArtifactObjects { 1021 // Cloud Storage bucket and optional object path, in the form 1022 // "gs://bucket/path/to/somewhere/". (see [Bucket Name 1023 // Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). 1024 // 1025 // Files in the workspace matching any path pattern will be uploaded to 1026 // Cloud Storage with this location as a prefix. 1027 string location = 1; 1028 1029 // Path globs used to match files in the build's workspace. 1030 repeated string paths = 2; 1031 1032 // Output only. Stores timing information for pushing all artifact objects. 1033 TimeSpan timing = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 1034 } 1035 1036 // A Maven artifact to upload to Artifact Registry upon successful completion 1037 // of all build steps. 1038 message MavenArtifact { 1039 // Artifact Registry repository, in the form 1040 // "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" 1041 // 1042 // Artifact in the workspace specified by path will be uploaded to 1043 // Artifact Registry with this location as a prefix. 1044 string repository = 1; 1045 1046 // Path to an artifact in the build's workspace to be uploaded to 1047 // Artifact Registry. 1048 // This can be either an absolute path, 1049 // e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar 1050 // or a relative path from /workspace, 1051 // e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. 1052 string path = 2; 1053 1054 // Maven `artifactId` value used when uploading the artifact to Artifact 1055 // Registry. 1056 string artifact_id = 3; 1057 1058 // Maven `groupId` value used when uploading the artifact to Artifact 1059 // Registry. 1060 string group_id = 4; 1061 1062 // Maven `version` value used when uploading the artifact to Artifact 1063 // Registry. 1064 string version = 5; 1065 } 1066 1067 // Python package to upload to Artifact Registry upon successful completion 1068 // of all build steps. A package can encapsulate multiple objects to be 1069 // uploaded to a single repository. 1070 message PythonPackage { 1071 // Artifact Registry repository, in the form 1072 // "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" 1073 // 1074 // Files in the workspace matching any path pattern will be uploaded to 1075 // Artifact Registry with this location as a prefix. 1076 string repository = 1; 1077 1078 // Path globs used to match files in the build's workspace. For Python/ 1079 // Twine, this is usually `dist/*`, and sometimes additionally an `.asc` 1080 // file. 1081 repeated string paths = 2; 1082 } 1083 1084 // Npm package to upload to Artifact Registry upon successful completion 1085 // of all build steps. 1086 message NpmPackage { 1087 // Artifact Registry repository, in the form 1088 // "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" 1089 // 1090 // Npm package in the workspace specified by path will be zipped and 1091 // uploaded to Artifact Registry with this location as a prefix. 1092 string repository = 1; 1093 1094 // Path to the package.json. 1095 // e.g. workspace/path/to/package 1096 string package_path = 2; 1097 } 1098 1099 // A list of images to be pushed upon the successful completion of all build 1100 // steps. 1101 // 1102 // The images will be pushed using the builder service account's credentials. 1103 // 1104 // The digests of the pushed images will be stored in the Build resource's 1105 // results field. 1106 // 1107 // If any of the images fail to be pushed, the build is marked FAILURE. 1108 repeated string images = 1; 1109 1110 // A list of objects to be uploaded to Cloud Storage upon successful 1111 // completion of all build steps. 1112 // 1113 // Files in the workspace matching specified paths globs will be uploaded to 1114 // the specified Cloud Storage location using the builder service account's 1115 // credentials. 1116 // 1117 // The location and generation of the uploaded objects will be stored in the 1118 // Build resource's results field. 1119 // 1120 // If any objects fail to be pushed, the build is marked FAILURE. 1121 ArtifactObjects objects = 2; 1122 1123 // A list of Maven artifacts to be uploaded to Artifact Registry upon 1124 // successful completion of all build steps. 1125 // 1126 // Artifacts in the workspace matching specified paths globs will be uploaded 1127 // to the specified Artifact Registry repository using the builder service 1128 // account's credentials. 1129 // 1130 // If any artifacts fail to be pushed, the build is marked FAILURE. 1131 repeated MavenArtifact maven_artifacts = 3; 1132 1133 // A list of Python packages to be uploaded to Artifact Registry upon 1134 // successful completion of all build steps. 1135 // 1136 // The build service account credentials will be used to perform the upload. 1137 // 1138 // If any objects fail to be pushed, the build is marked FAILURE. 1139 repeated PythonPackage python_packages = 5; 1140 1141 // A list of npm packages to be uploaded to Artifact Registry upon 1142 // successful completion of all build steps. 1143 // 1144 // Npm packages in the specified paths will be uploaded 1145 // to the specified Artifact Registry repository using the builder service 1146 // account's credentials. 1147 // 1148 // If any packages fail to be pushed, the build is marked FAILURE. 1149 repeated NpmPackage npm_packages = 6; 1150} 1151 1152// Start and end times for a build execution phase. 1153message TimeSpan { 1154 // Start of time span. 1155 google.protobuf.Timestamp start_time = 1; 1156 1157 // End of time span. 1158 google.protobuf.Timestamp end_time = 2; 1159} 1160 1161// Metadata for build operations. 1162message BuildOperationMetadata { 1163 // The build that the operation is tracking. 1164 Build build = 1; 1165} 1166 1167// Provenance of the source. Ways to find the original source, or verify that 1168// some source was used for this build. 1169message SourceProvenance { 1170 // A copy of the build's `source.storage_source`, if exists, with any 1171 // generations resolved. 1172 StorageSource resolved_storage_source = 3; 1173 1174 // A copy of the build's `source.repo_source`, if exists, with any 1175 // revisions resolved. 1176 RepoSource resolved_repo_source = 6; 1177 1178 // A copy of the build's `source.storage_source_manifest`, if exists, with any 1179 // revisions resolved. 1180 // This feature is in Preview. 1181 StorageSourceManifest resolved_storage_source_manifest = 9; 1182 1183 // Output only. Hash(es) of the build source, which can be used to verify that 1184 // the original source integrity was maintained in the build. Note that 1185 // `FileHashes` will only be populated if `BuildOptions` has requested a 1186 // `SourceProvenanceHash`. 1187 // 1188 // The keys to this map are file paths used as build source and the values 1189 // contain the hash values for those files. 1190 // 1191 // If the build source came in a single package such as a gzipped tarfile 1192 // (`.tar.gz`), the `FileHash` will be for the single path to that file. 1193 map<string, FileHashes> file_hashes = 4 1194 [(google.api.field_behavior) = OUTPUT_ONLY]; 1195} 1196 1197// Container message for hashes of byte content of files, used in 1198// SourceProvenance messages to verify integrity of source input to the build. 1199message FileHashes { 1200 // Collection of file hashes. 1201 repeated Hash file_hash = 1; 1202} 1203 1204// Container message for hash values. 1205message Hash { 1206 // Specifies the hash algorithm, if any. 1207 enum HashType { 1208 // No hash requested. 1209 NONE = 0; 1210 1211 // Use a sha256 hash. 1212 SHA256 = 1; 1213 1214 // Use a md5 hash. 1215 MD5 = 2; 1216 1217 // Use a sha512 hash. 1218 SHA512 = 4; 1219 } 1220 1221 // The type of hash that was performed. 1222 HashType type = 1; 1223 1224 // The hash value. 1225 bytes value = 2; 1226} 1227 1228// Secrets and secret environment variables. 1229message Secrets { 1230 // Secrets in Secret Manager and associated secret environment variable. 1231 repeated SecretManagerSecret secret_manager = 1; 1232 1233 // Secrets encrypted with KMS key and the associated secret environment 1234 // variable. 1235 repeated InlineSecret inline = 2; 1236} 1237 1238// Pairs a set of secret environment variables mapped to encrypted 1239// values with the Cloud KMS key to use to decrypt the value. 1240message InlineSecret { 1241 // Resource name of Cloud KMS crypto key to decrypt the encrypted value. 1242 // In format: projects/*/locations/*/keyRings/*/cryptoKeys/* 1243 string kms_key_name = 1 [(google.api.resource_reference) = { 1244 type: "cloudkms.googleapis.com/CryptoKey" 1245 }]; 1246 1247 // Map of environment variable name to its encrypted value. 1248 // 1249 // Secret environment variables must be unique across all of a build's 1250 // secrets, and must be used by at least one build step. Values can be at most 1251 // 64 KB in size. There can be at most 100 secret values across all of a 1252 // build's secrets. 1253 map<string, bytes> env_map = 2; 1254} 1255 1256// Pairs a secret environment variable with a SecretVersion in Secret Manager. 1257message SecretManagerSecret { 1258 // Resource name of the SecretVersion. In format: 1259 // projects/*/secrets/*/versions/* 1260 string version_name = 1 [(google.api.resource_reference) = { 1261 type: "secretmanager.googleapis.com/SecretVersion" 1262 }]; 1263 1264 // Environment variable name to associate with the secret. 1265 // Secret environment variables must be unique across all of a build's 1266 // secrets, and must be used by at least one build step. 1267 string env = 2; 1268} 1269 1270// Pairs a set of secret environment variables containing encrypted 1271// values with the Cloud KMS key to use to decrypt the value. 1272// Note: Use `kmsKeyName` with `available_secrets` instead of using 1273// `kmsKeyName` with `secret`. For instructions see: 1274// https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials. 1275message Secret { 1276 // Cloud KMS key name to use to decrypt these envs. 1277 string kms_key_name = 1; 1278 1279 // Map of environment variable name to its encrypted value. 1280 // 1281 // Secret environment variables must be unique across all of a build's 1282 // secrets, and must be used by at least one build step. Values can be at most 1283 // 64 KB in size. There can be at most 100 secret values across all of a 1284 // build's secrets. 1285 map<string, bytes> secret_env = 3; 1286} 1287 1288// Request to create a new build. 1289message CreateBuildRequest { 1290 // The parent resource where this build will be created. 1291 // Format: `projects/{project}/locations/{location}` 1292 string parent = 4 [(google.api.resource_reference) = { 1293 child_type: "cloudbuild.googleapis.com/Build" 1294 }]; 1295 1296 // Required. ID of the project. 1297 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1298 1299 // Required. Build resource to create. 1300 Build build = 2 [(google.api.field_behavior) = REQUIRED]; 1301} 1302 1303// Request to get a build. 1304message GetBuildRequest { 1305 // The name of the `Build` to retrieve. 1306 // Format: `projects/{project}/locations/{location}/builds/{build}` 1307 string name = 4 [(google.api.resource_reference) = { 1308 type: "cloudbuild.googleapis.com/Build" 1309 }]; 1310 1311 // Required. ID of the project. 1312 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1313 1314 // Required. ID of the build. 1315 string id = 2 [(google.api.field_behavior) = REQUIRED]; 1316} 1317 1318// Request to list builds. 1319message ListBuildsRequest { 1320 // The parent of the collection of `Builds`. 1321 // Format: `projects/{project}/locations/{location}` 1322 string parent = 9 [(google.api.resource_reference) = { 1323 child_type: "cloudbuild.googleapis.com/Build" 1324 }]; 1325 1326 // Required. ID of the project. 1327 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1328 1329 // Number of results to return in the list. 1330 int32 page_size = 2; 1331 1332 // The page token for the next page of Builds. 1333 // 1334 // If unspecified, the first page of results is returned. 1335 // 1336 // If the token is rejected for any reason, INVALID_ARGUMENT will be thrown. 1337 // In this case, the token should be discarded, and pagination should be 1338 // restarted from the first page of results. 1339 // 1340 // See https://google.aip.dev/158 for more. 1341 string page_token = 3; 1342 1343 // The raw filter text to constrain the results. 1344 string filter = 8; 1345} 1346 1347// Response including listed builds. 1348message ListBuildsResponse { 1349 // Builds will be sorted by `create_time`, descending. 1350 repeated Build builds = 1; 1351 1352 // Token to receive the next page of results. 1353 // This will be absent if the end of the response list has been reached. 1354 string next_page_token = 2; 1355} 1356 1357// Request to cancel an ongoing build. 1358message CancelBuildRequest { 1359 // The name of the `Build` to cancel. 1360 // Format: `projects/{project}/locations/{location}/builds/{build}` 1361 string name = 4 [(google.api.resource_reference) = { 1362 type: "cloudbuild.googleapis.com/Build" 1363 }]; 1364 1365 // Required. ID of the project. 1366 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1367 1368 // Required. ID of the build. 1369 string id = 2 [(google.api.field_behavior) = REQUIRED]; 1370} 1371 1372// Request to approve or reject a pending build. 1373message ApproveBuildRequest { 1374 // Required. Name of the target build. 1375 // For example: "projects/{$project_id}/builds/{$build_id}" 1376 string name = 1 [(google.api.field_behavior) = REQUIRED]; 1377 1378 // Approval decision and metadata. 1379 ApprovalResult approval_result = 2; 1380} 1381 1382// BuildApproval describes a build's approval configuration, state, and 1383// result. 1384message BuildApproval { 1385 // Specifies the current state of a build's approval. 1386 enum State { 1387 // Default enum type. This should not be used. 1388 STATE_UNSPECIFIED = 0; 1389 1390 // Build approval is pending. 1391 PENDING = 1; 1392 1393 // Build approval has been approved. 1394 APPROVED = 2; 1395 1396 // Build approval has been rejected. 1397 REJECTED = 3; 1398 1399 // Build was cancelled while it was still pending approval. 1400 CANCELLED = 5; 1401 } 1402 1403 // Output only. The state of this build's approval. 1404 State state = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 1405 1406 // Output only. Configuration for manual approval of this build. 1407 ApprovalConfig config = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 1408 1409 // Output only. Result of manual approval for this Build. 1410 ApprovalResult result = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 1411} 1412 1413// ApprovalConfig describes configuration for manual approval of a build. 1414message ApprovalConfig { 1415 // Whether or not approval is needed. If this is set on a build, it will 1416 // become pending when created, and will need to be explicitly approved 1417 // to start. 1418 bool approval_required = 1; 1419} 1420 1421// ApprovalResult describes the decision and associated metadata of a manual 1422// approval of a build. 1423message ApprovalResult { 1424 // Specifies whether or not this manual approval result is to approve 1425 // or reject a build. 1426 enum Decision { 1427 // Default enum type. This should not be used. 1428 DECISION_UNSPECIFIED = 0; 1429 1430 // Build is approved. 1431 APPROVED = 1; 1432 1433 // Build is rejected. 1434 REJECTED = 2; 1435 } 1436 1437 // Output only. Email of the user that called the ApproveBuild API to 1438 // approve or reject a build at the time that the API was called. 1439 string approver_account = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 1440 1441 // Output only. The time when the approval decision was made. 1442 google.protobuf.Timestamp approval_time = 3 1443 [(google.api.field_behavior) = OUTPUT_ONLY]; 1444 1445 // Required. The decision of this manual approval. 1446 Decision decision = 4 [(google.api.field_behavior) = REQUIRED]; 1447 1448 // Optional. An optional comment for this manual approval result. 1449 string comment = 5 [(google.api.field_behavior) = OPTIONAL]; 1450 1451 // Optional. An optional URL tied to this manual approval result. This field 1452 // is essentially the same as comment, except that it will be rendered by the 1453 // UI differently. An example use case is a link to an external job that 1454 // approved this Build. 1455 string url = 6 [(google.api.field_behavior) = OPTIONAL]; 1456} 1457 1458// Configuration for an automated build in response to source repository 1459// changes. 1460message BuildTrigger { 1461 option (google.api.resource) = { 1462 type: "cloudbuild.googleapis.com/BuildTrigger" 1463 plural: "triggers" 1464 singular: "trigger" 1465 pattern: "projects/{project}/triggers/{trigger}" 1466 pattern: "projects/{project}/locations/{location}/triggers/{trigger}" 1467 }; 1468 1469 // The `Trigger` name with format: 1470 // `projects/{project}/locations/{location}/triggers/{trigger}`, where 1471 // {trigger} is a unique identifier generated by the service. 1472 string resource_name = 34; 1473 1474 // Output only. Unique identifier of the trigger. 1475 string id = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 1476 1477 // Human-readable description of this trigger. 1478 string description = 10; 1479 1480 // User-assigned name of the trigger. Must be unique within the project. 1481 // Trigger names must meet the following requirements: 1482 // 1483 // + They must contain only alphanumeric characters and dashes. 1484 // + They can be 1-64 characters long. 1485 // + They must begin and end with an alphanumeric character. 1486 string name = 21; 1487 1488 // Tags for annotation of a `BuildTrigger` 1489 repeated string tags = 19; 1490 1491 // Template describing the types of source changes to trigger a build. 1492 // 1493 // Branch and tag names in trigger templates are interpreted as regular 1494 // expressions. Any branch or tag change that matches that regular expression 1495 // will trigger a build. 1496 // 1497 // Mutually exclusive with `github`. 1498 RepoSource trigger_template = 7; 1499 1500 // GitHubEventsConfig describes the configuration of a trigger that creates 1501 // a build whenever a GitHub event is received. 1502 // 1503 // Mutually exclusive with `trigger_template`. 1504 GitHubEventsConfig github = 13; 1505 1506 // PubsubConfig describes the configuration of a trigger that 1507 // creates a build whenever a Pub/Sub message is published. 1508 PubsubConfig pubsub_config = 29; 1509 1510 // WebhookConfig describes the configuration of a trigger that 1511 // creates a build whenever a webhook is sent to a trigger's webhook URL. 1512 WebhookConfig webhook_config = 31; 1513 1514 // Template describing the Build request to make when the trigger is matched. 1515 oneof build_template { 1516 // Autodetect build configuration. The following precedence is used (case 1517 // insensitive): 1518 // 1519 // 1. cloudbuild.yaml 1520 // 2. cloudbuild.yml 1521 // 3. cloudbuild.json 1522 // 4. Dockerfile 1523 // 1524 // Currently only available for GitHub App Triggers. 1525 bool autodetect = 18; 1526 1527 // Contents of the build template. 1528 Build build = 4; 1529 1530 // Path, from the source root, to the build configuration file 1531 // (i.e. cloudbuild.yaml). 1532 string filename = 8; 1533 } 1534 1535 // Output only. Time when the trigger was created. 1536 google.protobuf.Timestamp create_time = 5 1537 [(google.api.field_behavior) = OUTPUT_ONLY]; 1538 1539 // If true, the trigger will never automatically execute a build. 1540 bool disabled = 9; 1541 1542 // Substitutions for Build resource. The keys must match the following 1543 // regular expression: `^_[A-Z0-9_]+$`. 1544 map<string, string> substitutions = 11; 1545 1546 // ignored_files and included_files are file glob matches using 1547 // https://golang.org/pkg/path/filepath/#Match extended with support for "**". 1548 // 1549 // If ignored_files and changed files are both empty, then they are 1550 // not used to determine whether or not to trigger a build. 1551 // 1552 // If ignored_files is not empty, then we ignore any files that match 1553 // any of the ignored_file globs. If the change has no files that are 1554 // outside of the ignored_files globs, then we do not trigger a build. 1555 repeated string ignored_files = 15; 1556 1557 // If any of the files altered in the commit pass the ignored_files 1558 // filter and included_files is empty, then as far as this filter is 1559 // concerned, we should trigger the build. 1560 // 1561 // If any of the files altered in the commit pass the ignored_files 1562 // filter and included_files is not empty, then we make sure that at 1563 // least one of those files matches a included_files glob. If not, 1564 // then we do not trigger a build. 1565 repeated string included_files = 16; 1566 1567 // Optional. A Common Expression Language string. 1568 string filter = 30 [(google.api.field_behavior) = OPTIONAL]; 1569 1570 // The service account used for all user-controlled operations including 1571 // UpdateBuildTrigger, RunBuildTrigger, CreateBuild, and CancelBuild. 1572 // If no service account is set, then the standard Cloud Build service account 1573 // ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead. 1574 // Format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_ID_OR_EMAIL}` 1575 string service_account = 33 [(google.api.resource_reference) = { 1576 type: "iam.googleapis.com/ServiceAccount" 1577 }]; 1578} 1579 1580// GitHubEventsConfig describes the configuration of a trigger that creates a 1581// build whenever a GitHub event is received. 1582// 1583// This message is experimental. 1584message GitHubEventsConfig { 1585 // The installationID that emits the GitHub event. 1586 int64 installation_id = 1 [deprecated = true]; 1587 1588 // Owner of the repository. For example: The owner for 1589 // https://github.com/googlecloudplatform/cloud-builders is 1590 // "googlecloudplatform". 1591 string owner = 6; 1592 1593 // Name of the repository. For example: The name for 1594 // https://github.com/googlecloudplatform/cloud-builders is "cloud-builders". 1595 string name = 7; 1596 1597 // Filter describing the types of events to trigger a build. 1598 // Currently supported event types: push, pull_request. 1599 oneof event { 1600 // filter to match changes in pull requests. 1601 PullRequestFilter pull_request = 4; 1602 1603 // filter to match changes in refs like branches, tags. 1604 PushFilter push = 5; 1605 } 1606} 1607 1608// PubsubConfig describes the configuration of a trigger that 1609// creates a build whenever a Pub/Sub message is published. 1610message PubsubConfig { 1611 // Enumerates potential issues with the underlying Pub/Sub subscription 1612 // configuration. 1613 enum State { 1614 // The subscription configuration has not been checked. 1615 STATE_UNSPECIFIED = 0; 1616 1617 // The Pub/Sub subscription is properly configured. 1618 OK = 1; 1619 1620 // The subscription has been deleted. 1621 SUBSCRIPTION_DELETED = 2; 1622 1623 // The topic has been deleted. 1624 TOPIC_DELETED = 3; 1625 1626 // Some of the subscription's field are misconfigured. 1627 SUBSCRIPTION_MISCONFIGURED = 4; 1628 } 1629 1630 // Output only. Name of the subscription. Format is 1631 // `projects/{project}/subscriptions/{subscription}`. 1632 string subscription = 1 [ 1633 (google.api.field_behavior) = OUTPUT_ONLY, 1634 (google.api.resource_reference) = { 1635 type: "pubsub.googleapis.com/Subscription" 1636 } 1637 ]; 1638 1639 // The name of the topic from which this subscription is receiving messages. 1640 // Format is `projects/{project}/topics/{topic}`. 1641 string topic = 2 [ 1642 (google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" } 1643 ]; 1644 1645 // Service account that will make the push request. 1646 string service_account_email = 3 [(google.api.resource_reference) = { 1647 type: "iam.googleapis.com/ServiceAccount" 1648 }]; 1649 1650 // Potential issues with the underlying Pub/Sub subscription configuration. 1651 // Only populated on get requests. 1652 State state = 4; 1653} 1654 1655// WebhookConfig describes the configuration of a trigger that 1656// creates a build whenever a webhook is sent to a trigger's webhook URL. 1657message WebhookConfig { 1658 // Enumerates potential issues with the Secret Manager secret provided by the 1659 // user. 1660 enum State { 1661 // The webhook auth configuration not been checked. 1662 STATE_UNSPECIFIED = 0; 1663 1664 // The auth configuration is properly setup. 1665 OK = 1; 1666 1667 // The secret provided in auth_method has been deleted. 1668 SECRET_DELETED = 2; 1669 } 1670 1671 // Auth method specifies how the webhook authenticates with GCP. 1672 oneof auth_method { 1673 // Required. Resource name for the secret required as a URL parameter. 1674 string secret = 3 [ 1675 (google.api.field_behavior) = REQUIRED, 1676 (google.api.resource_reference) = { 1677 type: "secretmanager.googleapis.com/SecretVersion" 1678 } 1679 ]; 1680 } 1681 1682 // Potential issues with the underlying Pub/Sub subscription configuration. 1683 // Only populated on get requests. 1684 State state = 4; 1685} 1686 1687// PullRequestFilter contains filter properties for matching GitHub Pull 1688// Requests. 1689message PullRequestFilter { 1690 // Controls behavior of Pull Request comments. 1691 enum CommentControl { 1692 // Do not require comments on Pull Requests before builds are triggered. 1693 COMMENTS_DISABLED = 0; 1694 1695 // Enforce that repository owners or collaborators must comment on Pull 1696 // Requests before builds are triggered. 1697 COMMENTS_ENABLED = 1; 1698 1699 // Enforce that repository owners or collaborators must comment on external 1700 // contributors' Pull Requests before builds are triggered. 1701 COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY = 2; 1702 } 1703 1704 // Target refs to match. 1705 // A target ref is the git reference where the pull request will be applied. 1706 oneof git_ref { 1707 // Regex of branches to match. 1708 // 1709 // The syntax of the regular expressions accepted is the syntax accepted by 1710 // RE2 and described at https://github.com/google/re2/wiki/Syntax 1711 string branch = 2; 1712 } 1713 1714 // Configure builds to run whether a repository owner or collaborator need to 1715 // comment `/gcbrun`. 1716 CommentControl comment_control = 5; 1717 1718 // If true, branches that do NOT match the git_ref will trigger a build. 1719 bool invert_regex = 6; 1720} 1721 1722// Push contains filter properties for matching GitHub git pushes. 1723message PushFilter { 1724 // Modified refs to match. 1725 // A modified refs are the refs modified by a git push operation. 1726 oneof git_ref { 1727 // Regexes matching branches to build. 1728 // 1729 // The syntax of the regular expressions accepted is the syntax accepted by 1730 // RE2 and described at https://github.com/google/re2/wiki/Syntax 1731 string branch = 2; 1732 1733 // Regexes matching tags to build. 1734 // 1735 // The syntax of the regular expressions accepted is the syntax accepted by 1736 // RE2 and described at https://github.com/google/re2/wiki/Syntax 1737 string tag = 3; 1738 } 1739 1740 // When true, only trigger a build if the revision regex does NOT match the 1741 // git_ref regex. 1742 bool invert_regex = 4; 1743} 1744 1745// Request to create a new `BuildTrigger`. 1746message CreateBuildTriggerRequest { 1747 // The parent resource where this trigger will be created. 1748 // Format: `projects/{project}/locations/{location}` 1749 string parent = 3 [(google.api.resource_reference) = { 1750 child_type: "cloudbuild.googleapis.com/BuildTrigger" 1751 }]; 1752 1753 // Required. ID of the project for which to configure automatic builds. 1754 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1755 1756 // Required. `BuildTrigger` to create. 1757 BuildTrigger trigger = 2 [(google.api.field_behavior) = REQUIRED]; 1758} 1759 1760// Returns the `BuildTrigger` with the specified ID. 1761message GetBuildTriggerRequest { 1762 // The name of the `Trigger` to retrieve. 1763 // Format: `projects/{project}/locations/{location}/triggers/{trigger}` 1764 string name = 3 [(google.api.resource_reference) = { 1765 type: "cloudbuild.googleapis.com/BuildTrigger" 1766 }]; 1767 1768 // Required. ID of the project that owns the trigger. 1769 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1770 1771 // Required. Identifier (`id` or `name`) of the `BuildTrigger` to get. 1772 string trigger_id = 2 [(google.api.field_behavior) = REQUIRED]; 1773} 1774 1775// Request to list existing `BuildTriggers`. 1776message ListBuildTriggersRequest { 1777 // The parent of the collection of `Triggers`. 1778 // Format: `projects/{project}/locations/{location}` 1779 string parent = 4 [(google.api.resource_reference) = { 1780 child_type: "cloudbuild.googleapis.com/BuildTrigger" 1781 }]; 1782 1783 // Required. ID of the project for which to list BuildTriggers. 1784 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1785 1786 // Number of results to return in the list. 1787 int32 page_size = 2; 1788 1789 // Token to provide to skip to a particular spot in the list. 1790 string page_token = 3; 1791} 1792 1793// Response containing existing `BuildTriggers`. 1794message ListBuildTriggersResponse { 1795 // `BuildTriggers` for the project, sorted by `create_time` descending. 1796 repeated BuildTrigger triggers = 1; 1797 1798 // Token to receive the next page of results. 1799 string next_page_token = 2; 1800} 1801 1802// Request to delete a `BuildTrigger`. 1803message DeleteBuildTriggerRequest { 1804 // The name of the `Trigger` to delete. 1805 // Format: `projects/{project}/locations/{location}/triggers/{trigger}` 1806 string name = 3 [(google.api.resource_reference) = { 1807 type: "cloudbuild.googleapis.com/BuildTrigger" 1808 }]; 1809 1810 // Required. ID of the project that owns the trigger. 1811 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1812 1813 // Required. ID of the `BuildTrigger` to delete. 1814 string trigger_id = 2 [(google.api.field_behavior) = REQUIRED]; 1815} 1816 1817// Request to update an existing `BuildTrigger`. 1818message UpdateBuildTriggerRequest { 1819 // Required. ID of the project that owns the trigger. 1820 string project_id = 1 [(google.api.field_behavior) = REQUIRED]; 1821 1822 // Required. ID of the `BuildTrigger` to update. 1823 string trigger_id = 2 [(google.api.field_behavior) = REQUIRED]; 1824 1825 // Required. `BuildTrigger` to update. 1826 BuildTrigger trigger = 3 [(google.api.field_behavior) = REQUIRED]; 1827} 1828 1829// Optional arguments to enable specific features of builds. 1830message BuildOptions { 1831 // Details about how a build should be executed on a `WorkerPool`. 1832 // 1833 // See [running builds in a private 1834 // pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) 1835 // for more information. 1836 message PoolOption { 1837 // The `WorkerPool` resource to execute the build on. 1838 // You must have `cloudbuild.workerpools.use` on the project hosting the 1839 // WorkerPool. 1840 // 1841 // Format projects/{project}/locations/{location}/workerPools/{workerPoolId} 1842 string name = 1 [(google.api.resource_reference) = { 1843 type: "cloudbuild.googleapis.com/WorkerPool" 1844 }]; 1845 } 1846 1847 // Specifies the manner in which the build should be verified, if at all. 1848 enum VerifyOption { 1849 // Not a verifiable build (the default). 1850 NOT_VERIFIED = 0; 1851 1852 // Build must be verified. 1853 VERIFIED = 1; 1854 } 1855 1856 // Supported Compute Engine machine types. 1857 // For more information, see [Machine 1858 // types](https://cloud.google.com/compute/docs/machine-types). 1859 enum MachineType { 1860 // Standard machine type. 1861 UNSPECIFIED = 0; 1862 1863 // Highcpu machine with 8 CPUs. 1864 N1_HIGHCPU_8 = 1; 1865 1866 // Highcpu machine with 32 CPUs. 1867 N1_HIGHCPU_32 = 2; 1868 1869 // Highcpu e2 machine with 8 CPUs. 1870 E2_HIGHCPU_8 = 5; 1871 1872 // Highcpu e2 machine with 32 CPUs. 1873 E2_HIGHCPU_32 = 6; 1874 } 1875 1876 // Specifies the behavior when there is an error in the substitution checks. 1877 enum SubstitutionOption { 1878 // Fails the build if error in substitutions checks, like missing 1879 // a substitution in the template or in the map. 1880 MUST_MATCH = 0; 1881 1882 // Do not fail the build if error in substitutions checks. 1883 ALLOW_LOOSE = 1; 1884 } 1885 1886 // Specifies the behavior when writing build logs to Google Cloud Storage. 1887 enum LogStreamingOption { 1888 // Service may automatically determine build log streaming behavior. 1889 STREAM_DEFAULT = 0; 1890 1891 // Build logs should be streamed to Google Cloud Storage. 1892 STREAM_ON = 1; 1893 1894 // Build logs should not be streamed to Google Cloud Storage; they will be 1895 // written when the build is completed. 1896 STREAM_OFF = 2; 1897 } 1898 1899 // Specifies the logging mode. 1900 enum LoggingMode { 1901 // The service determines the logging mode. The default is `LEGACY`. Do not 1902 // rely on the default logging behavior as it may change in the future. 1903 LOGGING_UNSPECIFIED = 0; 1904 1905 // Build logs are stored in Cloud Logging and Cloud Storage. 1906 LEGACY = 1; 1907 1908 // Build logs are stored in Cloud Storage. 1909 GCS_ONLY = 2; 1910 1911 // This option is the same as CLOUD_LOGGING_ONLY. 1912 STACKDRIVER_ONLY = 3 [deprecated = true]; 1913 1914 // Build logs are stored in Cloud Logging. Selecting this option will not 1915 // allow [logs 1916 // streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log). 1917 CLOUD_LOGGING_ONLY = 5; 1918 1919 // Turn off all logging. No build logs will be captured. 1920 NONE = 4; 1921 } 1922 1923 // Default GCS log bucket behavior options. 1924 enum DefaultLogsBucketBehavior { 1925 // Unspecified. 1926 DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED = 0; 1927 1928 // Bucket is located in user-owned project in the same region as the 1929 // build. The builder service account must have access to create and write 1930 // to GCS buckets in the build project. 1931 REGIONAL_USER_OWNED_BUCKET = 1; 1932 } 1933 1934 // Requested hash for SourceProvenance. 1935 repeated Hash.HashType source_provenance_hash = 1; 1936 1937 // Requested verifiability options. 1938 VerifyOption requested_verify_option = 2; 1939 1940 // Compute Engine machine type on which to run the build. 1941 MachineType machine_type = 3; 1942 1943 // Requested disk size for the VM that runs the build. Note that this is *NOT* 1944 // "disk free"; some of the space will be used by the operating system and 1945 // build utilities. Also note that this is the minimum disk size that will be 1946 // allocated for the build -- the build may run with a larger disk than 1947 // requested. At present, the maximum disk size is 2000GB; builds that request 1948 // more than the maximum are rejected with an error. 1949 int64 disk_size_gb = 6; 1950 1951 // Option to specify behavior when there is an error in the substitution 1952 // checks. 1953 // 1954 // NOTE: this is always set to ALLOW_LOOSE for triggered builds and cannot 1955 // be overridden in the build configuration file. 1956 SubstitutionOption substitution_option = 4; 1957 1958 // Option to specify whether or not to apply bash style string 1959 // operations to the substitutions. 1960 // 1961 // NOTE: this is always enabled for triggered builds and cannot be 1962 // overridden in the build configuration file. 1963 bool dynamic_substitutions = 17; 1964 1965 // Option to define build log streaming behavior to Google Cloud 1966 // Storage. 1967 LogStreamingOption log_streaming_option = 5; 1968 1969 // This field deprecated; please use `pool.name` instead. 1970 string worker_pool = 7 [deprecated = true]; 1971 1972 // Optional. Specification for execution on a `WorkerPool`. 1973 // 1974 // See [running builds in a private 1975 // pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) 1976 // for more information. 1977 PoolOption pool = 19 [(google.api.field_behavior) = OPTIONAL]; 1978 1979 // Option to specify the logging mode, which determines if and where build 1980 // logs are stored. 1981 LoggingMode logging = 11; 1982 1983 // A list of global environment variable definitions that will exist for all 1984 // build steps in this build. If a variable is defined in both globally and in 1985 // a build step, the variable will use the build step value. 1986 // 1987 // The elements are of the form "KEY=VALUE" for the environment variable "KEY" 1988 // being given the value "VALUE". 1989 repeated string env = 12; 1990 1991 // A list of global environment variables, which are encrypted using a Cloud 1992 // Key Management Service crypto key. These values must be specified in the 1993 // build's `Secret`. These variables will be available to all build steps 1994 // in this build. 1995 repeated string secret_env = 13; 1996 1997 // Global list of volumes to mount for ALL build steps 1998 // 1999 // Each volume is created as an empty volume prior to starting the build 2000 // process. Upon completion of the build, volumes and their contents are 2001 // discarded. Global volume names and paths cannot conflict with the volumes 2002 // defined a build step. 2003 // 2004 // Using a global volume in a build with only one step is not valid as 2005 // it is indicative of a build request with an incorrect configuration. 2006 repeated Volume volumes = 14; 2007 2008 // Optional. Option to specify how default logs buckets are setup. 2009 DefaultLogsBucketBehavior default_logs_bucket_behavior = 21 2010 [(google.api.field_behavior) = OPTIONAL]; 2011} 2012 2013// ReceiveTriggerWebhookRequest [Experimental] is the request object accepted by 2014// the ReceiveTriggerWebhook method. 2015message ReceiveTriggerWebhookRequest { 2016 // The name of the `ReceiveTriggerWebhook` to retrieve. 2017 // Format: `projects/{project}/locations/{location}/triggers/{trigger}` 2018 string name = 5; 2019 2020 // HTTP request body. 2021 google.api.HttpBody body = 1; 2022 2023 // Project in which the specified trigger lives 2024 string project_id = 2; 2025 2026 // Name of the trigger to run the payload against 2027 string trigger = 3; 2028 2029 // Secret token used for authorization if an OAuth token isn't provided. 2030 string secret = 4; 2031} 2032 2033// ReceiveTriggerWebhookResponse [Experimental] is the response object for the 2034// ReceiveTriggerWebhook method. 2035message ReceiveTriggerWebhookResponse {} 2036 2037// Configuration for a `WorkerPool`. 2038// 2039// Cloud Build owns and maintains a pool of workers for general use and have no 2040// access to a project's private network. By default, builds submitted to 2041// Cloud Build will use a worker from this pool. 2042// 2043// If your build needs access to resources on a private network, 2044// create and use a `WorkerPool` to run your builds. Private `WorkerPool`s give 2045// your builds access to any single VPC network that you 2046// administer, including any on-prem resources connected to that VPC 2047// network. For an overview of private pools, see 2048// [Private pools 2049// overview](https://cloud.google.com/build/docs/private-pools/private-pools-overview). 2050message WorkerPool { 2051 option (google.api.resource) = { 2052 type: "cloudbuild.googleapis.com/WorkerPool" 2053 pattern: "projects/{project}/locations/{location}/workerPools/{worker_pool}" 2054 plural: "workerPools" 2055 singular: "workerPool" 2056 style: DECLARATIVE_FRIENDLY 2057 }; 2058 2059 // State of the `WorkerPool`. 2060 enum State { 2061 // State of the `WorkerPool` is unknown. 2062 STATE_UNSPECIFIED = 0; 2063 2064 // `WorkerPool` is being created. 2065 CREATING = 1; 2066 2067 // `WorkerPool` is running. 2068 RUNNING = 2; 2069 2070 // `WorkerPool` is being deleted: cancelling builds and draining workers. 2071 DELETING = 3; 2072 2073 // `WorkerPool` is deleted. 2074 DELETED = 4; 2075 } 2076 2077 // Output only. The resource name of the `WorkerPool`, with format 2078 // `projects/{project}/locations/{location}/workerPools/{worker_pool}`. 2079 // The value of `{worker_pool}` is provided by `worker_pool_id` in 2080 // `CreateWorkerPool` request and the value of `{location}` is determined by 2081 // the endpoint accessed. 2082 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 2083 2084 // A user-specified, human-readable name for the `WorkerPool`. If provided, 2085 // this value must be 1-63 characters. 2086 string display_name = 2; 2087 2088 // Output only. A unique identifier for the `WorkerPool`. 2089 string uid = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 2090 2091 // User specified annotations. See https://google.aip.dev/128#annotations 2092 // for more details such as format and size limitations. 2093 map<string, string> annotations = 4; 2094 2095 // Output only. Time at which the request to create the `WorkerPool` was 2096 // received. 2097 google.protobuf.Timestamp create_time = 5 2098 [(google.api.field_behavior) = OUTPUT_ONLY]; 2099 2100 // Output only. Time at which the request to update the `WorkerPool` was 2101 // received. 2102 google.protobuf.Timestamp update_time = 6 2103 [(google.api.field_behavior) = OUTPUT_ONLY]; 2104 2105 // Output only. Time at which the request to delete the `WorkerPool` was 2106 // received. 2107 google.protobuf.Timestamp delete_time = 7 2108 [(google.api.field_behavior) = OUTPUT_ONLY]; 2109 2110 // Output only. `WorkerPool` state. 2111 State state = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; 2112 2113 // Configuration for the `WorkerPool`. 2114 oneof config { 2115 // Legacy Private Pool configuration. 2116 PrivatePoolV1Config private_pool_v1_config = 12; 2117 } 2118 2119 // Output only. Checksum computed by the server. May be sent on update and 2120 // delete requests to ensure that the client has an up-to-date value before 2121 // proceeding. 2122 string etag = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; 2123} 2124 2125// Configuration for a V1 `PrivatePool`. 2126message PrivatePoolV1Config { 2127 // Defines the configuration to be used for creating workers in 2128 // the pool. 2129 message WorkerConfig { 2130 // Machine type of a worker, such as `e2-medium`. 2131 // See [Worker pool config 2132 // file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). 2133 // If left blank, Cloud Build will use a sensible default. 2134 string machine_type = 1; 2135 2136 // Size of the disk attached to the worker, in GB. 2137 // See [Worker pool config 2138 // file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). 2139 // Specify a value of up to 2000. If `0` is specified, Cloud Build will use 2140 // a standard disk size. 2141 int64 disk_size_gb = 2; 2142 } 2143 2144 // Defines the network configuration for the pool. 2145 message NetworkConfig { 2146 // Defines the egress option for the pool. 2147 enum EgressOption { 2148 // If set, defaults to PUBLIC_EGRESS. 2149 EGRESS_OPTION_UNSPECIFIED = 0; 2150 2151 // If set, workers are created without any public address, which prevents 2152 // network egress to public IPs unless a network proxy is configured. 2153 NO_PUBLIC_EGRESS = 1; 2154 2155 // If set, workers are created with a public address which allows for 2156 // public internet egress. 2157 PUBLIC_EGRESS = 2; 2158 } 2159 2160 // Required. Immutable. The network definition that the workers are peered 2161 // to. If this section is left empty, the workers will be peered to 2162 // `WorkerPool.project_id` on the service producer network. Must be in the 2163 // format `projects/{project}/global/networks/{network}`, where `{project}` 2164 // is a project number, such as `12345`, and `{network}` is the name of a 2165 // VPC network in the project. See 2166 // [Understanding network configuration 2167 // options](https://cloud.google.com/build/docs/private-pools/set-up-private-pool-environment) 2168 string peered_network = 1 [ 2169 (google.api.field_behavior) = IMMUTABLE, 2170 (google.api.field_behavior) = REQUIRED, 2171 (google.api.resource_reference) = { 2172 type: "compute.googleapis.com/Network" 2173 } 2174 ]; 2175 2176 // Option to configure network egress for the workers. 2177 EgressOption egress_option = 2; 2178 2179 // Immutable. Subnet IP range within the peered network. This is specified 2180 // in CIDR notation with a slash and the subnet prefix size. You can 2181 // optionally specify an IP address before the subnet prefix value. e.g. 2182 // `192.168.0.0/29` would specify an IP range starting at 192.168.0.0 with a 2183 // prefix size of 29 bits. 2184 // `/16` would specify a prefix size of 16 bits, with an automatically 2185 // determined IP within the peered VPC. 2186 // If unspecified, a value of `/24` will be used. 2187 string peered_network_ip_range = 3 2188 [(google.api.field_behavior) = IMMUTABLE]; 2189 } 2190 2191 // Machine configuration for the workers in the pool. 2192 WorkerConfig worker_config = 1; 2193 2194 // Network configuration for the pool. 2195 NetworkConfig network_config = 2; 2196} 2197 2198// Request to create a new `WorkerPool`. 2199message CreateWorkerPoolRequest { 2200 // Required. The parent resource where this worker pool will be created. 2201 // Format: `projects/{project}/locations/{location}`. 2202 string parent = 1 [ 2203 (google.api.field_behavior) = REQUIRED, 2204 (google.api.resource_reference) = { 2205 type: "locations.googleapis.com/Location" 2206 } 2207 ]; 2208 2209 // Required. `WorkerPool` resource to create. 2210 WorkerPool worker_pool = 2 [(google.api.field_behavior) = REQUIRED]; 2211 2212 // Required. Immutable. The ID to use for the `WorkerPool`, which will become 2213 // the final component of the resource name. 2214 // 2215 // This value should be 1-63 characters, and valid characters 2216 // are /[a-z][0-9]-/. 2217 string worker_pool_id = 3 [ 2218 (google.api.field_behavior) = IMMUTABLE, 2219 (google.api.field_behavior) = REQUIRED 2220 ]; 2221 2222 // If set, validate the request and preview the response, but do not actually 2223 // post it. 2224 bool validate_only = 4; 2225} 2226 2227// Request to get a `WorkerPool` with the specified name. 2228message GetWorkerPoolRequest { 2229 // Required. The name of the `WorkerPool` to retrieve. 2230 // Format: `projects/{project}/locations/{location}/workerPools/{workerPool}`. 2231 string name = 1 [ 2232 (google.api.field_behavior) = REQUIRED, 2233 (google.api.resource_reference) = { 2234 type: "cloudbuild.googleapis.com/WorkerPool" 2235 } 2236 ]; 2237} 2238 2239// Request to delete a `WorkerPool`. 2240message DeleteWorkerPoolRequest { 2241 // Required. The name of the `WorkerPool` to delete. 2242 // Format: 2243 // `projects/{project}/locations/{location}/workerPools/{workerPool}`. 2244 string name = 1 [ 2245 (google.api.field_behavior) = REQUIRED, 2246 (google.api.resource_reference) = { 2247 type: "cloudbuild.googleapis.com/WorkerPool" 2248 } 2249 ]; 2250 2251 // Optional. If this is provided, it must match the server's etag on the 2252 // workerpool for the request to be processed. 2253 string etag = 2; 2254 2255 // If set to true, and the `WorkerPool` is not found, the request will succeed 2256 // but no action will be taken on the server. 2257 bool allow_missing = 3; 2258 2259 // If set, validate the request and preview the response, but do not actually 2260 // post it. 2261 bool validate_only = 4; 2262} 2263 2264// Request to update a `WorkerPool`. 2265message UpdateWorkerPoolRequest { 2266 // Required. The `WorkerPool` to update. 2267 // 2268 // The `name` field is used to identify the `WorkerPool` to update. 2269 // Format: `projects/{project}/locations/{location}/workerPools/{workerPool}`. 2270 WorkerPool worker_pool = 1 [(google.api.field_behavior) = REQUIRED]; 2271 2272 // A mask specifying which fields in `worker_pool` to update. 2273 google.protobuf.FieldMask update_mask = 2; 2274 2275 // If set, validate the request and preview the response, but do not actually 2276 // post it. 2277 bool validate_only = 4; 2278} 2279 2280// Request to list `WorkerPool`s. 2281message ListWorkerPoolsRequest { 2282 // Required. The parent of the collection of `WorkerPools`. 2283 // Format: `projects/{project}/locations/{location}`. 2284 string parent = 1 [ 2285 (google.api.field_behavior) = REQUIRED, 2286 (google.api.resource_reference) = { 2287 type: "locations.googleapis.com/Location" 2288 } 2289 ]; 2290 2291 // The maximum number of `WorkerPool`s to return. The service may return 2292 // fewer than this value. If omitted, the server will use a sensible default. 2293 int32 page_size = 2; 2294 2295 // A page token, received from a previous `ListWorkerPools` call. Provide this 2296 // to retrieve the subsequent page. 2297 string page_token = 3; 2298} 2299 2300// Response containing existing `WorkerPools`. 2301message ListWorkerPoolsResponse { 2302 // `WorkerPools` for the specified project. 2303 repeated WorkerPool worker_pools = 1; 2304 2305 // Continuation token used to page through large result sets. Provide this 2306 // value in a subsequent ListWorkerPoolsRequest to return the next page of 2307 // results. 2308 string next_page_token = 2; 2309} 2310 2311// Metadata for the `CreateWorkerPool` operation. 2312message CreateWorkerPoolOperationMetadata { 2313 // The resource name of the `WorkerPool` to create. 2314 // Format: 2315 // `projects/{project}/locations/{location}/workerPools/{worker_pool}`. 2316 string worker_pool = 1 [(google.api.resource_reference) = { 2317 type: "cloudbuild.googleapis.com/WorkerPool" 2318 }]; 2319 2320 // Time the operation was created. 2321 google.protobuf.Timestamp create_time = 2; 2322 2323 // Time the operation was completed. 2324 google.protobuf.Timestamp complete_time = 3; 2325} 2326 2327// Metadata for the `UpdateWorkerPool` operation. 2328message UpdateWorkerPoolOperationMetadata { 2329 // The resource name of the `WorkerPool` being updated. 2330 // Format: 2331 // `projects/{project}/locations/{location}/workerPools/{worker_pool}`. 2332 string worker_pool = 1 [(google.api.resource_reference) = { 2333 type: "cloudbuild.googleapis.com/WorkerPool" 2334 }]; 2335 2336 // Time the operation was created. 2337 google.protobuf.Timestamp create_time = 2; 2338 2339 // Time the operation was completed. 2340 google.protobuf.Timestamp complete_time = 3; 2341} 2342 2343// Metadata for the `DeleteWorkerPool` operation. 2344message DeleteWorkerPoolOperationMetadata { 2345 // The resource name of the `WorkerPool` being deleted. 2346 // Format: 2347 // `projects/{project}/locations/{location}/workerPools/{worker_pool}`. 2348 string worker_pool = 1 [(google.api.resource_reference) = { 2349 type: "cloudbuild.googleapis.com/WorkerPool" 2350 }]; 2351 2352 // Time the operation was created. 2353 google.protobuf.Timestamp create_time = 2; 2354 2355 // Time the operation was completed. 2356 google.protobuf.Timestamp complete_time = 3; 2357} 2358