1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="run_v1.html">Cloud Run Admin API</a> . <a href="run_v1.projects.html">projects</a> . <a href="run_v1.projects.locations.html">locations</a> . <a href="run_v1.projects.locations.services.html">services</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#close">close()</a></code></p> 79<p class="firstline">Close httplib2 connections.</p> 80<p class="toc_element"> 81 <code><a href="#create">create(parent, body=None, dryRun=None, x__xgafv=None)</a></code></p> 82<p class="firstline">Create a service.</p> 83<p class="toc_element"> 84 <code><a href="#delete">delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)</a></code></p> 85<p class="firstline">Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.</p> 86<p class="toc_element"> 87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 88<p class="firstline">Get information about a service.</p> 89<p class="toc_element"> 90 <code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p> 91<p class="firstline">Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.</p> 92<p class="toc_element"> 93 <code><a href="#list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</a></code></p> 94<p class="firstline">List services.</p> 95<p class="toc_element"> 96 <code><a href="#replaceService">replaceService(name, body=None, dryRun=None, x__xgafv=None)</a></code></p> 97<p class="firstline">Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.</p> 98<p class="toc_element"> 99 <code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p> 100<p class="firstline">Sets the IAM Access control policy for the specified Service. Overwrites any existing policy.</p> 101<p class="toc_element"> 102 <code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p> 103<p class="firstline">Returns permissions that a caller has on the specified Project. There are no permissions required for making this API call.</p> 104<h3>Method Details</h3> 105<div class="method"> 106 <code class="details" id="close">close()</code> 107 <pre>Close httplib2 connections.</pre> 108</div> 109 110<div class="method"> 111 <code class="details" id="create">create(parent, body=None, dryRun=None, x__xgafv=None)</code> 112 <pre>Create a service. 113 114Args: 115 parent: string, The namespace in which the service should be created. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required) 116 body: object, The request body. 117 The object takes the form of: 118 119{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 120 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 121 "kind": "A String", # The kind of resource, in this case "Service". 122 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 123 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 124 "a_key": "A String", 125 }, 126 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 127 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 128 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 129 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 130 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 131 "A String", 132 ], 133 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 134 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 135 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 136 "a_key": "A String", 137 }, 138 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 139 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 140 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 141 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 142 "apiVersion": "A String", # API version of the referent. 143 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 144 "controller": True or False, # If true, this reference points to the managing controller. +optional 145 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 146 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 147 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 148 }, 149 ], 150 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 151 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 152 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 153 }, 154 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 155 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 156 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 157 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 158 "a_key": "A String", 159 }, 160 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 161 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 162 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 163 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 164 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 165 "A String", 166 ], 167 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 168 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 169 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 170 "a_key": "A String", 171 }, 172 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 173 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 174 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 175 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 176 "apiVersion": "A String", # API version of the referent. 177 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 178 "controller": True or False, # If true, this reference points to the managing controller. +optional 179 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 180 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 181 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 182 }, 183 ], 184 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 185 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 186 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 187 }, 188 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 189 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 190 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 191 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 192 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 193 "A String", 194 ], 195 "command": [ 196 "A String", 197 ], 198 "env": [ # (Optional) List of environment variables to set in the container. 199 { # EnvVar represents an environment variable present in a Container. 200 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 201 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 202 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 203 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 204 "key": "A String", # The key to select. 205 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 206 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 207 }, 208 "name": "A String", # The ConfigMap to select from. 209 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 210 }, 211 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 212 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 213 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 214 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 215 }, 216 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 217 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 218 }, 219 }, 220 }, 221 ], 222 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 223 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 224 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 225 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 226 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 227 }, 228 "name": "A String", # The ConfigMap to select from. 229 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 230 }, 231 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 232 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 233 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 234 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 235 }, 236 "name": "A String", # The Secret to select from. 237 "optional": True or False, # (Optional) Specify whether the Secret must be defined 238 }, 239 }, 240 ], 241 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 242 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 243 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 244 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 245 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 246 "A String", 247 ], 248 }, 249 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 250 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 251 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 252 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 253 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 254 "name": "A String", # The header field name 255 "value": "A String", # The header field value 256 }, 257 ], 258 "path": "A String", # (Optional) Path to access on the HTTP server. 259 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 260 }, 261 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 262 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 263 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 264 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 265 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 266 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 267 }, 268 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 269 }, 270 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 271 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 272 { # ContainerPort represents a network port in a single container. 273 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 274 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 275 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 276 }, 277 ], 278 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 279 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 280 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 281 "A String", 282 ], 283 }, 284 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 285 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 286 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 287 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 288 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 289 "name": "A String", # The header field name 290 "value": "A String", # The header field value 291 }, 292 ], 293 "path": "A String", # (Optional) Path to access on the HTTP server. 294 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 295 }, 296 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 297 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 298 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 299 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 300 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 301 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 302 }, 303 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 304 }, 305 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 306 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 307 "a_key": "A String", 308 }, 309 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 310 "a_key": "A String", 311 }, 312 }, 313 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 314 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 315 }, 316 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 317 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 318 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 319 "A String", 320 ], 321 }, 322 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 323 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 324 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 325 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 326 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 327 "name": "A String", # The header field name 328 "value": "A String", # The header field value 329 }, 330 ], 331 "path": "A String", # (Optional) Path to access on the HTTP server. 332 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 333 }, 334 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 335 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 336 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 337 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 338 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 339 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 340 }, 341 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 342 }, 343 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 344 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 345 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 346 { # VolumeMount describes a mounting of a Volume within a container. 347 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 348 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 349 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 350 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 351 }, 352 ], 353 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 354 }, 355 ], 356 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 357 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 358 "volumes": [ 359 { # Volume represents a named volume in a container. 360 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 361 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 362 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 363 { # Maps a string key to a path within a volume. 364 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 365 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 366 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 367 }, 368 ], 369 "name": "A String", # Name of the config. 370 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 371 }, 372 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 373 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 374 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 375 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 376 { # Maps a string key to a path within a volume. 377 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 378 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 379 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 380 }, 381 ], 382 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 383 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 384 }, 385 }, 386 ], 387 }, 388 }, 389 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 390 { # TrafficTarget holds a single entry of the routing table for a Route. 391 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 392 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 393 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 394 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 395 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 396 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 397 }, 398 ], 399 }, 400 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 401 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 402 "url": "A String", 403 }, 404 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 405 { # Condition defines a generic condition for a Resource 406 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 407 "message": "A String", # Optional. Human readable message indicating details about the current status. 408 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 409 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 410 "status": "A String", # Status of the condition, one of True, False, Unknown. 411 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 412 }, 413 ], 414 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 415 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 416 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 417 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 418 { # TrafficTarget holds a single entry of the routing table for a Route. 419 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 420 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 421 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 422 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 423 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 424 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 425 }, 426 ], 427 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 428 }, 429} 430 431 dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all` 432 x__xgafv: string, V1 error format. 433 Allowed values 434 1 - v1 error format 435 2 - v2 error format 436 437Returns: 438 An object of the form: 439 440 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 441 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 442 "kind": "A String", # The kind of resource, in this case "Service". 443 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 444 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 445 "a_key": "A String", 446 }, 447 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 448 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 449 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 450 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 451 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 452 "A String", 453 ], 454 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 455 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 456 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 457 "a_key": "A String", 458 }, 459 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 460 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 461 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 462 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 463 "apiVersion": "A String", # API version of the referent. 464 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 465 "controller": True or False, # If true, this reference points to the managing controller. +optional 466 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 467 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 468 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 469 }, 470 ], 471 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 472 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 473 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 474 }, 475 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 476 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 477 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 478 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 479 "a_key": "A String", 480 }, 481 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 482 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 483 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 484 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 485 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 486 "A String", 487 ], 488 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 489 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 490 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 491 "a_key": "A String", 492 }, 493 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 494 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 495 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 496 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 497 "apiVersion": "A String", # API version of the referent. 498 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 499 "controller": True or False, # If true, this reference points to the managing controller. +optional 500 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 501 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 502 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 503 }, 504 ], 505 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 506 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 507 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 508 }, 509 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 510 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 511 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 512 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 513 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 514 "A String", 515 ], 516 "command": [ 517 "A String", 518 ], 519 "env": [ # (Optional) List of environment variables to set in the container. 520 { # EnvVar represents an environment variable present in a Container. 521 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 522 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 523 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 524 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 525 "key": "A String", # The key to select. 526 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 527 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 528 }, 529 "name": "A String", # The ConfigMap to select from. 530 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 531 }, 532 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 533 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 534 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 535 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 536 }, 537 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 538 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 539 }, 540 }, 541 }, 542 ], 543 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 544 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 545 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 546 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 547 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 548 }, 549 "name": "A String", # The ConfigMap to select from. 550 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 551 }, 552 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 553 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 554 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 555 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 556 }, 557 "name": "A String", # The Secret to select from. 558 "optional": True or False, # (Optional) Specify whether the Secret must be defined 559 }, 560 }, 561 ], 562 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 563 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 564 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 565 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 566 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 567 "A String", 568 ], 569 }, 570 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 571 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 572 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 573 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 574 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 575 "name": "A String", # The header field name 576 "value": "A String", # The header field value 577 }, 578 ], 579 "path": "A String", # (Optional) Path to access on the HTTP server. 580 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 581 }, 582 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 583 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 584 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 585 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 586 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 587 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 588 }, 589 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 590 }, 591 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 592 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 593 { # ContainerPort represents a network port in a single container. 594 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 595 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 596 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 597 }, 598 ], 599 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 600 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 601 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 602 "A String", 603 ], 604 }, 605 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 606 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 607 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 608 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 609 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 610 "name": "A String", # The header field name 611 "value": "A String", # The header field value 612 }, 613 ], 614 "path": "A String", # (Optional) Path to access on the HTTP server. 615 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 616 }, 617 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 618 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 619 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 620 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 621 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 622 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 623 }, 624 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 625 }, 626 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 627 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 628 "a_key": "A String", 629 }, 630 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 631 "a_key": "A String", 632 }, 633 }, 634 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 635 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 636 }, 637 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 638 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 639 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 640 "A String", 641 ], 642 }, 643 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 644 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 645 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 646 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 647 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 648 "name": "A String", # The header field name 649 "value": "A String", # The header field value 650 }, 651 ], 652 "path": "A String", # (Optional) Path to access on the HTTP server. 653 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 654 }, 655 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 656 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 657 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 658 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 659 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 660 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 661 }, 662 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 663 }, 664 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 665 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 666 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 667 { # VolumeMount describes a mounting of a Volume within a container. 668 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 669 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 670 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 671 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 672 }, 673 ], 674 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 675 }, 676 ], 677 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 678 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 679 "volumes": [ 680 { # Volume represents a named volume in a container. 681 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 682 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 683 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 684 { # Maps a string key to a path within a volume. 685 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 686 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 687 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 688 }, 689 ], 690 "name": "A String", # Name of the config. 691 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 692 }, 693 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 694 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 695 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 696 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 697 { # Maps a string key to a path within a volume. 698 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 699 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 700 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 701 }, 702 ], 703 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 704 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 705 }, 706 }, 707 ], 708 }, 709 }, 710 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 711 { # TrafficTarget holds a single entry of the routing table for a Route. 712 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 713 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 714 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 715 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 716 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 717 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 718 }, 719 ], 720 }, 721 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 722 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 723 "url": "A String", 724 }, 725 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 726 { # Condition defines a generic condition for a Resource 727 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 728 "message": "A String", # Optional. Human readable message indicating details about the current status. 729 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 730 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 731 "status": "A String", # Status of the condition, one of True, False, Unknown. 732 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 733 }, 734 ], 735 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 736 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 737 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 738 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 739 { # TrafficTarget holds a single entry of the routing table for a Route. 740 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 741 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 742 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 743 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 744 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 745 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 746 }, 747 ], 748 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 749 }, 750}</pre> 751</div> 752 753<div class="method"> 754 <code class="details" id="delete">delete(name, apiVersion=None, dryRun=None, kind=None, propagationPolicy=None, x__xgafv=None)</code> 755 <pre>Delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions. 756 757Args: 758 name: string, The name of the service to delete. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required) 759 apiVersion: string, Cloud Run currently ignores this parameter. 760 dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all` 761 kind: string, Cloud Run currently ignores this parameter. 762 propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information. 763 x__xgafv: string, V1 error format. 764 Allowed values 765 1 - v1 error format 766 2 - v2 error format 767 768Returns: 769 An object of the form: 770 771 { # Status is a return value for calls that don't return other objects 772 "code": 42, # Suggested HTTP return code for this status, 0 if not set. +optional 773 "details": { # StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined. # Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. +optional 774 "causes": [ # The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. +optional 775 { # StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered. 776 "field": "A String", # The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items" +optional 777 "message": "A String", # A human-readable description of the cause of the error. This field may be presented as-is to a reader. +optional 778 "reason": "A String", # A machine-readable description of the cause of the error. If this value is empty there is no information available. +optional 779 }, 780 ], 781 "group": "A String", # The group attribute of the resource associated with the status StatusReason. +optional 782 "kind": "A String", # The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional 783 "name": "A String", # The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). +optional 784 "retryAfterSeconds": 42, # If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. +optional 785 "uid": "A String", # UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 786 }, 787 "message": "A String", # A human-readable description of the status of this operation. +optional 788 "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds +optional 789 "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response. 790 "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 791 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional 792 }, 793 "reason": "A String", # A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. +optional 794 "status": "A String", # Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +optional 795}</pre> 796</div> 797 798<div class="method"> 799 <code class="details" id="get">get(name, x__xgafv=None)</code> 800 <pre>Get information about a service. 801 802Args: 803 name: string, The name of the service to retrieve. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required) 804 x__xgafv: string, V1 error format. 805 Allowed values 806 1 - v1 error format 807 2 - v2 error format 808 809Returns: 810 An object of the form: 811 812 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 813 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 814 "kind": "A String", # The kind of resource, in this case "Service". 815 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 816 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 817 "a_key": "A String", 818 }, 819 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 820 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 821 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 822 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 823 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 824 "A String", 825 ], 826 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 827 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 828 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 829 "a_key": "A String", 830 }, 831 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 832 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 833 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 834 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 835 "apiVersion": "A String", # API version of the referent. 836 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 837 "controller": True or False, # If true, this reference points to the managing controller. +optional 838 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 839 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 840 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 841 }, 842 ], 843 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 844 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 845 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 846 }, 847 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 848 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 849 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 850 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 851 "a_key": "A String", 852 }, 853 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 854 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 855 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 856 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 857 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 858 "A String", 859 ], 860 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 861 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 862 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 863 "a_key": "A String", 864 }, 865 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 866 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 867 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 868 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 869 "apiVersion": "A String", # API version of the referent. 870 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 871 "controller": True or False, # If true, this reference points to the managing controller. +optional 872 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 873 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 874 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 875 }, 876 ], 877 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 878 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 879 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 880 }, 881 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 882 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 883 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 884 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 885 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 886 "A String", 887 ], 888 "command": [ 889 "A String", 890 ], 891 "env": [ # (Optional) List of environment variables to set in the container. 892 { # EnvVar represents an environment variable present in a Container. 893 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 894 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 895 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 896 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 897 "key": "A String", # The key to select. 898 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 899 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 900 }, 901 "name": "A String", # The ConfigMap to select from. 902 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 903 }, 904 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 905 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 906 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 907 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 908 }, 909 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 910 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 911 }, 912 }, 913 }, 914 ], 915 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 916 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 917 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 918 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 919 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 920 }, 921 "name": "A String", # The ConfigMap to select from. 922 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 923 }, 924 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 925 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 926 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 927 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 928 }, 929 "name": "A String", # The Secret to select from. 930 "optional": True or False, # (Optional) Specify whether the Secret must be defined 931 }, 932 }, 933 ], 934 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 935 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 936 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 937 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 938 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 939 "A String", 940 ], 941 }, 942 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 943 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 944 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 945 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 946 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 947 "name": "A String", # The header field name 948 "value": "A String", # The header field value 949 }, 950 ], 951 "path": "A String", # (Optional) Path to access on the HTTP server. 952 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 953 }, 954 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 955 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 956 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 957 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 958 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 959 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 960 }, 961 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 962 }, 963 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 964 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 965 { # ContainerPort represents a network port in a single container. 966 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 967 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 968 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 969 }, 970 ], 971 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 972 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 973 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 974 "A String", 975 ], 976 }, 977 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 978 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 979 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 980 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 981 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 982 "name": "A String", # The header field name 983 "value": "A String", # The header field value 984 }, 985 ], 986 "path": "A String", # (Optional) Path to access on the HTTP server. 987 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 988 }, 989 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 990 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 991 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 992 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 993 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 994 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 995 }, 996 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 997 }, 998 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 999 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1000 "a_key": "A String", 1001 }, 1002 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1003 "a_key": "A String", 1004 }, 1005 }, 1006 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 1007 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1008 }, 1009 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1010 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1011 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1012 "A String", 1013 ], 1014 }, 1015 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1016 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1017 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1018 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1019 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1020 "name": "A String", # The header field name 1021 "value": "A String", # The header field value 1022 }, 1023 ], 1024 "path": "A String", # (Optional) Path to access on the HTTP server. 1025 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1026 }, 1027 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1028 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1029 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1030 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1031 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1032 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1033 }, 1034 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1035 }, 1036 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 1037 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 1038 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 1039 { # VolumeMount describes a mounting of a Volume within a container. 1040 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1041 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 1042 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 1043 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 1044 }, 1045 ], 1046 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 1047 }, 1048 ], 1049 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1050 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 1051 "volumes": [ 1052 { # Volume represents a named volume in a container. 1053 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1054 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1055 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1056 { # Maps a string key to a path within a volume. 1057 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1058 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1059 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1060 }, 1061 ], 1062 "name": "A String", # Name of the config. 1063 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1064 }, 1065 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 1066 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1067 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1068 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1069 { # Maps a string key to a path within a volume. 1070 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1071 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1072 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1073 }, 1074 ], 1075 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1076 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 1077 }, 1078 }, 1079 ], 1080 }, 1081 }, 1082 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 1083 { # TrafficTarget holds a single entry of the routing table for a Route. 1084 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1085 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1086 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1087 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1088 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1089 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1090 }, 1091 ], 1092 }, 1093 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 1094 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 1095 "url": "A String", 1096 }, 1097 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 1098 { # Condition defines a generic condition for a Resource 1099 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 1100 "message": "A String", # Optional. Human readable message indicating details about the current status. 1101 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 1102 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 1103 "status": "A String", # Status of the condition, one of True, False, Unknown. 1104 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 1105 }, 1106 ], 1107 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 1108 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 1109 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 1110 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 1111 { # TrafficTarget holds a single entry of the routing table for a Route. 1112 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1113 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1114 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1115 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1116 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1117 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1118 }, 1119 ], 1120 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 1121 }, 1122}</pre> 1123</div> 1124 1125<div class="method"> 1126 <code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code> 1127 <pre>Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies. 1128 1129Args: 1130 resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required) 1131 options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 1132 x__xgafv: string, V1 error format. 1133 Allowed values 1134 1 - v1 error format 1135 2 - v2 error format 1136 1137Returns: 1138 An object of the form: 1139 1140 { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). 1141 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 1142 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 1143 "auditLogConfigs": [ # The configuration for logging of each type of permission. 1144 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 1145 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 1146 "A String", 1147 ], 1148 "logType": "A String", # The log type that this config enables. 1149 }, 1150 ], 1151 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 1152 }, 1153 ], 1154 "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:[email protected]`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. 1155 { # Associates `members`, or principals, with a `role`. 1156 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 1157 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 1158 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 1159 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 1160 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 1161 }, 1162 "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 1163 "A String", 1164 ], 1165 "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 1166 }, 1167 ], 1168 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 1169 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 1170}</pre> 1171</div> 1172 1173<div class="method"> 1174 <code class="details" id="list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</code> 1175 <pre>List services. 1176 1177Args: 1178 parent: string, The namespace from which the services should be listed. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required) 1179 continue: string, Optional. Encoded string to continue paging. 1180 fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run. 1181 includeUninitialized: boolean, Not currently used by Cloud Run. 1182 labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn. 1183 limit: integer, Optional. The maximum number of records that should be returned. 1184 resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run. 1185 watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run. 1186 x__xgafv: string, V1 error format. 1187 Allowed values 1188 1 - v1 error format 1189 2 - v2 error format 1190 1191Returns: 1192 An object of the form: 1193 1194 { # A list of Service resources. 1195 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 1196 "items": [ # List of Services. 1197 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 1198 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 1199 "kind": "A String", # The kind of resource, in this case "Service". 1200 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 1201 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1202 "a_key": "A String", 1203 }, 1204 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1205 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1206 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1207 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1208 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1209 "A String", 1210 ], 1211 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1212 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1213 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1214 "a_key": "A String", 1215 }, 1216 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1217 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1218 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1219 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1220 "apiVersion": "A String", # API version of the referent. 1221 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1222 "controller": True or False, # If true, this reference points to the managing controller. +optional 1223 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1224 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1225 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1226 }, 1227 ], 1228 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1229 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1230 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1231 }, 1232 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 1233 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 1234 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 1235 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1236 "a_key": "A String", 1237 }, 1238 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1239 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1240 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1241 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1242 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1243 "A String", 1244 ], 1245 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1246 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1247 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1248 "a_key": "A String", 1249 }, 1250 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1251 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1252 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1253 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1254 "apiVersion": "A String", # API version of the referent. 1255 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1256 "controller": True or False, # If true, this reference points to the managing controller. +optional 1257 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1258 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1259 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1260 }, 1261 ], 1262 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1263 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1264 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1265 }, 1266 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1267 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1268 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 1269 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1270 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 1271 "A String", 1272 ], 1273 "command": [ 1274 "A String", 1275 ], 1276 "env": [ # (Optional) List of environment variables to set in the container. 1277 { # EnvVar represents an environment variable present in a Container. 1278 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1279 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 1280 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 1281 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 1282 "key": "A String", # The key to select. 1283 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1284 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1285 }, 1286 "name": "A String", # The ConfigMap to select from. 1287 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 1288 }, 1289 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 1290 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 1291 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1292 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1293 }, 1294 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 1295 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 1296 }, 1297 }, 1298 }, 1299 ], 1300 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 1301 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 1302 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 1303 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1304 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1305 }, 1306 "name": "A String", # The ConfigMap to select from. 1307 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 1308 }, 1309 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1310 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 1311 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1312 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1313 }, 1314 "name": "A String", # The Secret to select from. 1315 "optional": True or False, # (Optional) Specify whether the Secret must be defined 1316 }, 1317 }, 1318 ], 1319 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 1320 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 1321 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1322 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1323 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1324 "A String", 1325 ], 1326 }, 1327 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1328 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1329 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1330 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1331 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1332 "name": "A String", # The header field name 1333 "value": "A String", # The header field value 1334 }, 1335 ], 1336 "path": "A String", # (Optional) Path to access on the HTTP server. 1337 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1338 }, 1339 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1340 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1341 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1342 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1343 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1344 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1345 }, 1346 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1347 }, 1348 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 1349 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 1350 { # ContainerPort represents a network port in a single container. 1351 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 1352 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 1353 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 1354 }, 1355 ], 1356 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1357 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1358 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1359 "A String", 1360 ], 1361 }, 1362 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1363 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1364 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1365 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1366 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1367 "name": "A String", # The header field name 1368 "value": "A String", # The header field value 1369 }, 1370 ], 1371 "path": "A String", # (Optional) Path to access on the HTTP server. 1372 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1373 }, 1374 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1375 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1376 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1377 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1378 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1379 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1380 }, 1381 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1382 }, 1383 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 1384 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1385 "a_key": "A String", 1386 }, 1387 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1388 "a_key": "A String", 1389 }, 1390 }, 1391 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 1392 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1393 }, 1394 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1395 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1396 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1397 "A String", 1398 ], 1399 }, 1400 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1401 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1402 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1403 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1404 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1405 "name": "A String", # The header field name 1406 "value": "A String", # The header field value 1407 }, 1408 ], 1409 "path": "A String", # (Optional) Path to access on the HTTP server. 1410 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1411 }, 1412 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1413 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1414 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1415 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1416 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1417 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1418 }, 1419 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1420 }, 1421 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 1422 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 1423 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 1424 { # VolumeMount describes a mounting of a Volume within a container. 1425 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1426 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 1427 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 1428 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 1429 }, 1430 ], 1431 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 1432 }, 1433 ], 1434 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1435 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 1436 "volumes": [ 1437 { # Volume represents a named volume in a container. 1438 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1439 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1440 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1441 { # Maps a string key to a path within a volume. 1442 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1443 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1444 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1445 }, 1446 ], 1447 "name": "A String", # Name of the config. 1448 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1449 }, 1450 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 1451 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1452 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1453 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1454 { # Maps a string key to a path within a volume. 1455 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1456 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1457 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1458 }, 1459 ], 1460 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1461 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 1462 }, 1463 }, 1464 ], 1465 }, 1466 }, 1467 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 1468 { # TrafficTarget holds a single entry of the routing table for a Route. 1469 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1470 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1471 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1472 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1473 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1474 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1475 }, 1476 ], 1477 }, 1478 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 1479 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 1480 "url": "A String", 1481 }, 1482 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 1483 { # Condition defines a generic condition for a Resource 1484 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 1485 "message": "A String", # Optional. Human readable message indicating details about the current status. 1486 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 1487 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 1488 "status": "A String", # Status of the condition, one of True, False, Unknown. 1489 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 1490 }, 1491 ], 1492 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 1493 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 1494 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 1495 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 1496 { # TrafficTarget holds a single entry of the routing table for a Route. 1497 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1498 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1499 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1500 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1501 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1502 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1503 }, 1504 ], 1505 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 1506 }, 1507 }, 1508 ], 1509 "kind": "A String", # The kind of this resource, in this case "ServiceList". 1510 "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Service list. 1511 "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response. 1512 "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 1513 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional 1514 }, 1515 "unreachable": [ # Locations that could not be reached. 1516 "A String", 1517 ], 1518}</pre> 1519</div> 1520 1521<div class="method"> 1522 <code class="details" id="replaceService">replaceService(name, body=None, dryRun=None, x__xgafv=None)</code> 1523 <pre>Replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control. 1524 1525Args: 1526 name: string, The name of the service being replaced. For Cloud Run (fully managed), replace {namespace_id} with the project ID or number. (required) 1527 body: object, The request body. 1528 The object takes the form of: 1529 1530{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 1531 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 1532 "kind": "A String", # The kind of resource, in this case "Service". 1533 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 1534 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1535 "a_key": "A String", 1536 }, 1537 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1538 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1539 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1540 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1541 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1542 "A String", 1543 ], 1544 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1545 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1546 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1547 "a_key": "A String", 1548 }, 1549 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1550 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1551 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1552 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1553 "apiVersion": "A String", # API version of the referent. 1554 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1555 "controller": True or False, # If true, this reference points to the managing controller. +optional 1556 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1557 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1558 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1559 }, 1560 ], 1561 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1562 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1563 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1564 }, 1565 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 1566 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 1567 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 1568 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1569 "a_key": "A String", 1570 }, 1571 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1572 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1573 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1574 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1575 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1576 "A String", 1577 ], 1578 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1579 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1580 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1581 "a_key": "A String", 1582 }, 1583 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1584 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1585 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1586 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1587 "apiVersion": "A String", # API version of the referent. 1588 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1589 "controller": True or False, # If true, this reference points to the managing controller. +optional 1590 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1591 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1592 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1593 }, 1594 ], 1595 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1596 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1597 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1598 }, 1599 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1600 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1601 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 1602 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1603 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 1604 "A String", 1605 ], 1606 "command": [ 1607 "A String", 1608 ], 1609 "env": [ # (Optional) List of environment variables to set in the container. 1610 { # EnvVar represents an environment variable present in a Container. 1611 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1612 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 1613 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 1614 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 1615 "key": "A String", # The key to select. 1616 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1617 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1618 }, 1619 "name": "A String", # The ConfigMap to select from. 1620 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 1621 }, 1622 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 1623 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 1624 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1625 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1626 }, 1627 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 1628 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 1629 }, 1630 }, 1631 }, 1632 ], 1633 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 1634 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 1635 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 1636 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1637 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1638 }, 1639 "name": "A String", # The ConfigMap to select from. 1640 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 1641 }, 1642 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1643 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 1644 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1645 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1646 }, 1647 "name": "A String", # The Secret to select from. 1648 "optional": True or False, # (Optional) Specify whether the Secret must be defined 1649 }, 1650 }, 1651 ], 1652 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 1653 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 1654 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1655 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1656 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1657 "A String", 1658 ], 1659 }, 1660 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1661 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1662 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1663 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1664 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1665 "name": "A String", # The header field name 1666 "value": "A String", # The header field value 1667 }, 1668 ], 1669 "path": "A String", # (Optional) Path to access on the HTTP server. 1670 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1671 }, 1672 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1673 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1674 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1675 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1676 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1677 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1678 }, 1679 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1680 }, 1681 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 1682 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 1683 { # ContainerPort represents a network port in a single container. 1684 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 1685 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 1686 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 1687 }, 1688 ], 1689 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1690 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1691 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1692 "A String", 1693 ], 1694 }, 1695 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1696 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1697 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1698 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1699 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1700 "name": "A String", # The header field name 1701 "value": "A String", # The header field value 1702 }, 1703 ], 1704 "path": "A String", # (Optional) Path to access on the HTTP server. 1705 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1706 }, 1707 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1708 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1709 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1710 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1711 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1712 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1713 }, 1714 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1715 }, 1716 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 1717 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1718 "a_key": "A String", 1719 }, 1720 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1721 "a_key": "A String", 1722 }, 1723 }, 1724 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 1725 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 1726 }, 1727 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1728 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1729 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1730 "A String", 1731 ], 1732 }, 1733 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1734 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1735 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1736 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1737 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1738 "name": "A String", # The header field name 1739 "value": "A String", # The header field value 1740 }, 1741 ], 1742 "path": "A String", # (Optional) Path to access on the HTTP server. 1743 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1744 }, 1745 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1746 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1747 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1748 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1749 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1750 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1751 }, 1752 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1753 }, 1754 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 1755 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 1756 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 1757 { # VolumeMount describes a mounting of a Volume within a container. 1758 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1759 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 1760 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 1761 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 1762 }, 1763 ], 1764 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 1765 }, 1766 ], 1767 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1768 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 1769 "volumes": [ 1770 { # Volume represents a named volume in a container. 1771 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1772 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1773 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1774 { # Maps a string key to a path within a volume. 1775 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1776 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1777 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1778 }, 1779 ], 1780 "name": "A String", # Name of the config. 1781 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1782 }, 1783 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 1784 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1785 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1786 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 1787 { # Maps a string key to a path within a volume. 1788 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 1789 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1790 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1791 }, 1792 ], 1793 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 1794 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 1795 }, 1796 }, 1797 ], 1798 }, 1799 }, 1800 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 1801 { # TrafficTarget holds a single entry of the routing table for a Route. 1802 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1803 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1804 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1805 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1806 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1807 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1808 }, 1809 ], 1810 }, 1811 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 1812 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 1813 "url": "A String", 1814 }, 1815 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 1816 { # Condition defines a generic condition for a Resource 1817 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 1818 "message": "A String", # Optional. Human readable message indicating details about the current status. 1819 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 1820 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 1821 "status": "A String", # Status of the condition, one of True, False, Unknown. 1822 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 1823 }, 1824 ], 1825 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 1826 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 1827 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 1828 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 1829 { # TrafficTarget holds a single entry of the routing table for a Route. 1830 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 1831 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 1832 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 1833 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 1834 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 1835 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 1836 }, 1837 ], 1838 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 1839 }, 1840} 1841 1842 dryRun: string, Indicates that the server should validate the request and populate default values without persisting the request. Supported values: `all` 1843 x__xgafv: string, V1 error format. 1844 Allowed values 1845 1 - v1 error format 1846 2 - v2 error format 1847 1848Returns: 1849 An object of the form: 1850 1851 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service 1852 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1". 1853 "kind": "A String", # The kind of resource, in this case "Service". 1854 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. Cloud Run (fully managed) uses the following annotation keys to configure features on a Service: * `run.googleapis.com/ingress` sets the ingress settings for the Service. See [the ingress settings documentation](/run/docs/securing/ingress) for details on configuring ingress settings. * `run.googleapis.com/ingress-status` is output-only and contains the currently active ingress settings for the Service. `run.googleapis.com/ingress-status` may differ from `run.googleapis.com/ingress` while the system is processing a change to `run.googleapis.com/ingress` or if the system failed to process a change to `run.googleapis.com/ingress`. When the system has processed all changes successfully `run.googleapis.com/ingress-status` and `run.googleapis.com/ingress` are equal. 1855 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1856 "a_key": "A String", 1857 }, 1858 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1859 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1860 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1861 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1862 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1863 "A String", 1864 ], 1865 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1866 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1867 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1868 "a_key": "A String", 1869 }, 1870 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1871 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1872 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1873 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1874 "apiVersion": "A String", # API version of the referent. 1875 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1876 "controller": True or False, # If true, this reference points to the managing controller. +optional 1877 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1878 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1879 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1880 }, 1881 ], 1882 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1883 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1884 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1885 }, 1886 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 1887 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 1888 "metadata": { # k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. The following annotation keys set properties of the created revision: * `autoscaling.knative.dev/minScale` sets the minimum number of instances. * `autoscaling.knative.dev/maxScale` sets the maximum number of instances. * `run.googleapis.com/cloudsql-instances` sets Cloud SQL connections. Multiple values should be comma separated. * `run.googleapis.com/vpc-access-connector` sets a Serverless VPC Access connector. * `run.googleapis.com/vpc-access-egress` sets VPC egress. Supported values are `all-traffic`, `all` (deprecated), and `private-ranges-only`. `all-traffic` and `all` provide the same functionality. `all` is deprecated but will continue to be supported. Prefer `all-traffic`. 1889 "annotations": { # (Optional) Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations 1890 "a_key": "A String", 1891 }, 1892 "clusterName": "A String", # (Optional) Not supported by Cloud Run The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. 1893 "creationTimestamp": "A String", # (Optional) CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1894 "deletionGracePeriodSeconds": 42, # (Optional) Not supported by Cloud Run Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. 1895 "deletionTimestamp": "A String", # (Optional) Not supported by Cloud Run DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata 1896 "finalizers": [ # (Optional) Not supported by Cloud Run Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +patchStrategy=merge 1897 "A String", 1898 ], 1899 "generateName": "A String", # (Optional) Not supported by Cloud Run GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency string generateName = 2; 1900 "generation": 42, # (Optional) A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. 1901 "labels": { # (Optional) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels 1902 "a_key": "A String", 1903 }, 1904 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1905 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1906 "ownerReferences": [ # (Optional) Not supported by Cloud Run List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. 1907 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1908 "apiVersion": "A String", # API version of the referent. 1909 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1910 "controller": True or False, # If true, this reference points to the managing controller. +optional 1911 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1912 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1913 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1914 }, 1915 ], 1916 "resourceVersion": "A String", # Optional. An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server or omit the value to disable conflict-detection. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients or omitted. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 1917 "selfLink": "A String", # (Optional) SelfLink is a URL representing this object. Populated by the system. Read-only. string selfLink = 4; 1918 "uid": "A String", # (Optional) UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1919 }, 1920 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1921 "containerConcurrency": 42, # Optional. ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run for Anthos: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1922 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. The runtime contract is documented here: https://github.com/knative/serving/blob/main/docs/runtime-contract.md 1923 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1924 "args": [ # (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell 1925 "A String", 1926 ], 1927 "command": [ 1928 "A String", 1929 ], 1930 "env": [ # (Optional) List of environment variables to set in the container. 1931 { # EnvVar represents an environment variable present in a Container. 1932 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1933 "value": "A String", # (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". 1934 "valueFrom": { # EnvVarSource represents a source for the value of an EnvVar. # (Optional) Source for the environment variable's value. Only supports secret_key_ref. Source for the environment variable's value. Cannot be used if value is not empty. 1935 "configMapKeyRef": { # Not supported by Cloud Run Selects a key from a ConfigMap. # (Optional) Not supported by Cloud Run Selects a key of a ConfigMap. 1936 "key": "A String", # The key to select. 1937 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1938 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1939 }, 1940 "name": "A String", # The ConfigMap to select from. 1941 "optional": True or False, # (Optional) Specify whether the ConfigMap or its key must be defined 1942 }, 1943 "secretKeyRef": { # SecretKeySelector selects a key of a Secret. # (Optional) Selects a key (version) of a secret in Secret Manager. 1944 "key": "A String", # A Cloud Secret Manager secret version. Must be 'latest' for the latest version or an integer for a specific version. The key of the secret to select from. Must be a valid secret key. 1945 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1946 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1947 }, 1948 "name": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. The name of the secret in the pod's namespace to select from. 1949 "optional": True or False, # (Optional) Specify whether the Secret or its key must be defined 1950 }, 1951 }, 1952 }, 1953 ], 1954 "envFrom": [ # (Optional) List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. 1955 { # Not supported by Cloud Run EnvFromSource represents the source of a set of ConfigMaps 1956 "configMapRef": { # Not supported by Cloud Run ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # (Optional) The ConfigMap to select from 1957 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1958 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1959 }, 1960 "name": "A String", # The ConfigMap to select from. 1961 "optional": True or False, # (Optional) Specify whether the ConfigMap must be defined 1962 }, 1963 "prefix": "A String", # (Optional) An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. 1964 "secretRef": { # Not supported by Cloud Run SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # (Optional) The Secret to select from 1965 "localObjectReference": { # Not supported by Cloud Run LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1966 "name": "A String", # (Optional) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1967 }, 1968 "name": "A String", # The Secret to select from. 1969 "optional": True or False, # (Optional) Specify whether the Secret must be defined 1970 }, 1971 }, 1972 ], 1973 "image": "A String", # Only supports containers from Google Container Registry or Artifact Registry URL of the Container image. More info: https://kubernetes.io/docs/concepts/containers/images 1974 "imagePullPolicy": "A String", # (Optional) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images 1975 "livenessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1976 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 1977 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 1978 "A String", 1979 ], 1980 }, 1981 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 1982 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 1983 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 1984 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 1985 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 1986 "name": "A String", # The header field name 1987 "value": "A String", # The header field value 1988 }, 1989 ], 1990 "path": "A String", # (Optional) Path to access on the HTTP server. 1991 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 1992 }, 1993 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 1994 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 1995 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 1996 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 1997 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 1998 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 1999 }, 2000 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2001 }, 2002 "name": "A String", # (Optional) Name of the container specified as a DNS_LABEL. Currently unused in Cloud Run. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names 2003 "ports": [ # (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on. 2004 { # ContainerPort represents a network port in a single container. 2005 "containerPort": 42, # (Optional) Port number the container listens on. This must be a valid port number, 0 < x < 65536. 2006 "name": "A String", # (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". 2007 "protocol": "A String", # (Optional) Protocol for port. Must be "TCP". Defaults to "TCP". 2008 }, 2009 ], 2010 "readinessProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2011 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 2012 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2013 "A String", 2014 ], 2015 }, 2016 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2017 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 2018 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2019 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 2020 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 2021 "name": "A String", # The header field name 2022 "value": "A String", # The header field value 2023 }, 2024 ], 2025 "path": "A String", # (Optional) Path to access on the HTTP server. 2026 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 2027 }, 2028 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2029 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 2030 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 2031 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 2032 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 2033 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 2034 }, 2035 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2036 }, 2037 "resources": { # ResourceRequirements describes the compute resource requirements. # (Optional) Compute Resources required by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources 2038 "limits": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Setting 4 CPU requires at least 2Gi of memory. Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2039 "a_key": "A String", 2040 }, 2041 "requests": { # (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', and '4'. Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2042 "a_key": "A String", 2043 }, 2044 }, 2045 "securityContext": { # Not supported by Cloud Run SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # (Optional) Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ 2046 "runAsUser": 42, # (Optional) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. 2047 }, 2048 "startupProbe": { # Not supported by Cloud Run Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2049 "exec": { # Not supported by Cloud Run ExecAction describes a "run in container" action. # (Optional) One and only one of the following should be specified. Exec specifies the action to take. A field inlined from the Handler message. 2050 "command": [ # (Optional) Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. 2051 "A String", 2052 ], 2053 }, 2054 "failureThreshold": 42, # (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. 2055 "httpGet": { # Not supported by Cloud Run HTTPGetAction describes an action based on HTTP Get requests. # (Optional) HTTPGet specifies the http request to perform. A field inlined from the Handler message. 2056 "host": "A String", # (Optional) Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. 2057 "httpHeaders": [ # (Optional) Custom headers to set in the request. HTTP allows repeated headers. 2058 { # Not supported by Cloud Run HTTPHeader describes a custom header to be used in HTTP probes 2059 "name": "A String", # The header field name 2060 "value": "A String", # The header field value 2061 }, 2062 ], 2063 "path": "A String", # (Optional) Path to access on the HTTP server. 2064 "scheme": "A String", # (Optional) Scheme to use for connecting to the host. Defaults to HTTP. 2065 }, 2066 "initialDelaySeconds": 42, # (Optional) Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2067 "periodSeconds": 42, # (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. 2068 "successThreshold": 42, # (Optional) Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. 2069 "tcpSocket": { # Not supported by Cloud Run TCPSocketAction describes an action based on opening a socket # (Optional) TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported A field inlined from the Handler message. 2070 "host": "A String", # (Optional) Optional: Host name to connect to, defaults to the pod IP. 2071 "port": 42, # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. This field is currently limited to integer types only because of proto's inability to properly support the IntOrString golang type. 2072 }, 2073 "timeoutSeconds": 42, # (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes 2074 }, 2075 "terminationMessagePath": "A String", # (Optional) Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. 2076 "terminationMessagePolicy": "A String", # (Optional) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. 2077 "volumeMounts": [ # (Optional) Volume to mount into the container's filesystem. Only supports SecretVolumeSources. Pod volumes to mount into the container's filesystem. 2078 { # VolumeMount describes a mounting of a Volume within a container. 2079 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2080 "name": "A String", # The name of the volume. There must be a corresponding Volume with the same name. 2081 "readOnly": True or False, # (Optional) Only true is accepted. Defaults to true. 2082 "subPath": "A String", # (Optional) Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). 2083 }, 2084 ], 2085 "workingDir": "A String", # (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. 2086 }, 2087 ], 2088 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 2089 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Cloud Run fully managed: defaults to 300 seconds (5 minutes). Maximum allowed value is 3600 seconds (1 hour). Cloud Run for Anthos: defaults to 300 seconds (5 minutes). Maximum allowed value is configurable by the cluster operator. 2090 "volumes": [ 2091 { # Volume represents a named volume in a container. 2092 "configMap": { # Not supported by Cloud Run Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 2093 "defaultMode": 42, # (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2094 "items": [ # (Optional) If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 2095 { # Maps a string key to a path within a volume. 2096 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 2097 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2098 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2099 }, 2100 ], 2101 "name": "A String", # Name of the config. 2102 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 2103 }, 2104 "name": "A String", # Volume's name. In Cloud Run Fully Managed, the name 'cloudsql' is reserved. 2105 "secret": { # The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 2106 "defaultMode": 42, # Integer representation of mode bits to use on created files by default. Must be a value between 01 and 0777 (octal). If 0 or not set, it will default to 0644. Directories within the path are not affected by this setting. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2107 "items": [ # (Optional) If unspecified, the volume will expose a file whose name is the secret_name. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a key and a path. If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified that is not present in the Secret, the volume setup will error unless it is marked optional. 2108 { # Maps a string key to a path within a volume. 2109 "key": "A String", # The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version. The key to project. 2110 "mode": 42, # (Optional) Mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used. Notes * Internally, a umask of 0222 will be applied to any non-zero value. * This is an integer representation of the mode bits. So, the octal integer value should look exactly as the chmod numeric notation with a leading zero. Some examples: for chmod 777 (a=rwx), set to 0777 (octal) or 511 (base-10). For chmod 640 (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2111 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2112 }, 2113 ], 2114 "optional": True or False, # (Optional) Specify whether the Secret or its keys must be defined. 2115 "secretName": "A String", # The name of the secret in Cloud Secret Manager. By default, the secret is assumed to be in the same project. If the secret is in another project, you must define an alias. An alias definition has the form: :projects//secrets/. If multiple alias definitions are needed, they must be separated by commas. The alias definitions must be set on the run.googleapis.com/secrets annotation. Name of the secret in the container's namespace to use. 2116 }, 2117 }, 2118 ], 2119 }, 2120 }, 2121 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 2122 { # TrafficTarget holds a single entry of the routing table for a Route. 2123 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 2124 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 2125 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 2126 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 2127 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 2128 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 2129 }, 2130 ], 2131 }, 2132 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 2133 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 2134 "url": "A String", 2135 }, 2136 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. Service-specific conditions include: * "ConfigurationsReady": true when the underlying Configuration is ready. * "RoutesReady": true when the underlying Route is ready. * "Ready": true when both the underlying Route and Configuration are ready. 2137 { # Condition defines a generic condition for a Resource 2138 "lastTransitionTime": "A String", # Optional. Last time the condition transitioned from one status to another. 2139 "message": "A String", # Optional. Human readable message indicating details about the current status. 2140 "reason": "A String", # Optional. One-word CamelCase reason for the condition's last transition. 2141 "severity": "A String", # Optional. How to interpret failures of this condition, one of Error, Warning, Info 2142 "status": "A String", # Status of the condition, one of True, False, Unknown. 2143 "type": "A String", # type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. 2144 }, 2145 ], 2146 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 2147 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 2148 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 2149 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 2150 { # TrafficTarget holds a single entry of the routing table for a Route. 2151 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 2152 "latestRevision": True or False, # Optional. LatestRevision may be provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. 2153 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 2154 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 2155 "tag": "A String", # Optional. Tag is used to expose a dedicated url for referencing this target exclusively. 2156 "url": "A String", # Output only. URL displays the URL for accessing tagged traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) 2157 }, 2158 ], 2159 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 2160 }, 2161}</pre> 2162</div> 2163 2164<div class="method"> 2165 <code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code> 2166 <pre>Sets the IAM Access control policy for the specified Service. Overwrites any existing policy. 2167 2168Args: 2169 resource: string, REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. (required) 2170 body: object, The request body. 2171 The object takes the form of: 2172 2173{ # Request message for `SetIamPolicy` method. 2174 "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them. 2175 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 2176 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 2177 "auditLogConfigs": [ # The configuration for logging of each type of permission. 2178 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 2179 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 2180 "A String", 2181 ], 2182 "logType": "A String", # The log type that this config enables. 2183 }, 2184 ], 2185 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 2186 }, 2187 ], 2188 "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:[email protected]`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. 2189 { # Associates `members`, or principals, with a `role`. 2190 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 2191 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 2192 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 2193 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 2194 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 2195 }, 2196 "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 2197 "A String", 2198 ], 2199 "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 2200 }, 2201 ], 2202 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 2203 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 2204 }, 2205 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` 2206} 2207 2208 x__xgafv: string, V1 error format. 2209 Allowed values 2210 1 - v1 error format 2211 2 - v2 error format 2212 2213Returns: 2214 An object of the form: 2215 2216 { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). 2217 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 2218 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 2219 "auditLogConfigs": [ # The configuration for logging of each type of permission. 2220 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 2221 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 2222 "A String", 2223 ], 2224 "logType": "A String", # The log type that this config enables. 2225 }, 2226 ], 2227 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 2228 }, 2229 ], 2230 "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:[email protected]`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. 2231 { # Associates `members`, or principals, with a `role`. 2232 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 2233 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 2234 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 2235 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 2236 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 2237 }, 2238 "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 2239 "A String", 2240 ], 2241 "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 2242 }, 2243 ], 2244 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 2245 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 2246}</pre> 2247</div> 2248 2249<div class="method"> 2250 <code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code> 2251 <pre>Returns permissions that a caller has on the specified Project. There are no permissions required for making this API call. 2252 2253Args: 2254 resource: string, REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. (required) 2255 body: object, The request body. 2256 The object takes the form of: 2257 2258{ # Request message for `TestIamPermissions` method. 2259 "permissions": [ # The set of permissions to check for the `resource`. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). 2260 "A String", 2261 ], 2262} 2263 2264 x__xgafv: string, V1 error format. 2265 Allowed values 2266 1 - v1 error format 2267 2 - v2 error format 2268 2269Returns: 2270 An object of the form: 2271 2272 { # Response message for `TestIamPermissions` method. 2273 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed. 2274 "A String", 2275 ], 2276}</pre> 2277</div> 2278 2279</body></html>